def build_waptupgrade_package(waptconfigfile,
target_directory=None,
wapt_server_user=None,
wapt_server_passwd=None,
key_password=None,
sign_digests=None):
if target_directory is None:
target_directory = tempfile.gettempdir()
if not wapt_server_user:
wapt_server_user = raw_input('WAPT Server user :'******'WAPT Server password :'******'ascii')
wapt = common.Wapt(config_filename=waptconfigfile,
disable_update_server_status=True)
wapt.dbpath = r':memory:'
wapt.use_hostpackages = False
if sign_digests is None:
sign_digests = wapt.sign_digests
if not wapt.personal_certificate_path or not os.path.isfile(
wapt.personal_certificate_path):
raise Exception(
u'No personal certificate provided or not found (%s) for signing waptupgrade package'
% wapt.personal_certificate_path)
waptget = get_file_properties('wapt-get.exe')
entry = PackageEntry(waptfile=makepath(wapt.wapt_base_dir, 'waptupgrade'))
patchs_dir = makepath(entry.sourcespath, 'patchs')
mkdirs(patchs_dir)
filecopyto(makepath(wapt.wapt_base_dir, 'waptdeploy.exe'),
makepath(patchs_dir, 'waptdeploy.exe'))
entry.package = '%s-waptupgrade' % wapt.config.get(
'global', 'default_package_prefix')
rev = entry.version.split('-')[1]
entry.version = '%s-%s' % (waptget['FileVersion'], rev)
entry.inc_build()
entry.save_control_to_wapt()
entry.build_package(target_directory=target_directory)
certs = wapt.personal_certificate()
key = wapt.private_key(private_key_password=key_password)
if not certs[0].is_code_signing:
raise Exception(u'%s is not a code signing certificate' %
wapt.personal_certificate_path)
entry.sign_package(private_key=key,
certificate=certs,
private_key_password=key_password,
mds=ensure_list(sign_digests))
wapt.http_upload_package(entry.localpath,
wapt_server_user=wapt_server_user,
wapt_server_passwd=wapt_server_passwd)
return entry.as_dict()
def build_waptupgrade_package(waptconfigfile,target_directory=None,wapt_server_user=None,wapt_server_passwd=None,key_password=None,sign_digests=None,priority='critical'):
if target_directory is None:
target_directory = tempfile.gettempdir()
if not wapt_server_user:
wapt_server_user = raw_input('WAPT Server user :'******'WAPT Server password :'******'ascii')
wapt = common.Wapt(config_filename=waptconfigfile,disable_update_server_status=True)
wapt.dbpath = r':memory:'
wapt.use_hostpackages = False
# try to get a progress hook inside waptconsole
try:
import waptconsole
progress_hook = waptconsole.UpdateProgress
except ImportError:
def print_progress(show=False,n=0,max=100,msg=''):
if show:
print('%s %s/%s\r' % (msg,n,max),end='')
else:
if not msg:
msg='Done'
print("%s%s"%(msg,' '*(80-len(msg))))
progress_hook = print_progress
wapt.progress_hook = progress_hook
if sign_digests is None:
sign_digests = wapt.sign_digests
if not wapt.personal_certificate_path or not os.path.isfile(wapt.personal_certificate_path):
raise Exception(u'No personal certificate provided or not found (%s) for signing waptupgrade package' % wapt.personal_certificate_path)
waptget = get_file_properties('wapt-get.exe')
entry = PackageEntry(waptfile = makepath(wapt.wapt_base_dir,'waptupgrade'))
patchs_dir = makepath(entry.sourcespath,'patchs')
mkdirs(patchs_dir)
filecopyto(makepath(wapt.wapt_base_dir,'waptdeploy.exe'),makepath(patchs_dir,'waptdeploy.exe'))
entry.package = '%s-waptupgrade' % wapt.config.get('global','default_package_prefix')
rev = entry.version.split('-')[1]
entry.version = '%s-%s' % (waptget['FileVersion'],rev)
entry.inc_build()
entry.save_control_to_wapt()
entry.build_package(target_directory=target_directory)
entry.priority = priority
certs = wapt.personal_certificate()
key = wapt.private_key(private_key_password=key_password)
if not certs[0].is_code_signing:
raise Exception(u'%s is not a code signing certificate' % wapt.personal_certificate_path)
entry.sign_package(private_key=key,certificate = certs,private_key_password=key_password,mds = ensure_list(sign_digests))
wapt.http_upload_package(entry.localpath,wapt_server_user=wapt_server_user,wapt_server_passwd=wapt_server_passwd,progress_hook=progress_hook)
return entry.as_dict()
def edit_hosts_depends(
waptconfigfile,
hosts_list,
append_depends=[],
remove_depends=[],
append_conflicts=[],
remove_conflicts=[],
sign_certs=None,
sign_key=None,
key_password=None,
wapt_server_user=None,
wapt_server_passwd=None,
cabundle=None,
):
"""Add or remove packages from host packages
Args:
Returns:
dict: { updated: of uuid of machines actually updated
unchanged : list of uuid skipped because of no change needed
discarded : list of uuid discarded due to errors}
>>> edit_hosts_depends('c:/wapt/wapt-get.ini','htlaptop.tranquilit.local','toto','tis-7zip','admin','password')
"""
if sign_certs is None:
sign_bundle_fn = inifile_readstring(waptconfigfile, u'global',
u'personal_certificate_path')
sign_bundle = SSLCABundle(sign_bundle_fn)
sign_certs = sign_bundle.certificates()
# we assume a unique signer.
if cabundle is None:
cabundle = sign_bundle
if not sign_certs:
raise Exception(u'No personal signer certificate found in %s' %
sign_bundle_fn)
try:
import waptconsole
progress_hook = waptconsole.UpdateProgress
private_key_password_callback = waptconsole.GetPrivateKeyPassword
except ImportError as e:
def print_progress(show=False, n=0, max=100, msg=''):
if show:
print('%s %s/%s\r' % (msg, n, max), end='')
else:
if not msg:
msg = 'Done'
print("%s%s" % (msg, ' ' * (80 - len(msg))))
progress_hook = print_progress
private_key_password_callback = None
if sign_key is None:
sign_key = sign_certs[0].matching_key_in_dirs(
private_key_password=key_password,
password_callback=private_key_password_callback)
progress_hook(True, 0, len(hosts_list),
'Loading %s hosts packages' % len(hosts_list))
host_repo = WaptHostRepo(name='wapt-host',
host_id=[h['uuid'] for h in hosts_list],
cabundle=cabundle)
host_repo.private_key_password_callback = private_key_password_callback
host_repo.load_config_from_file(waptconfigfile)
total_hosts = len(host_repo.packages())
discarded_uuids = [p.package for p in host_repo.discarded]
append_depends = ensure_list(append_depends)
remove_depends = ensure_list(remove_depends)
append_conflicts = ensure_list(append_conflicts)
remove_conflicts = ensure_list(remove_conflicts)
packages = []
discarded = []
unchanged = []
progress_hook(True, 0, len(hosts_list),
'Editing %s hosts' % len(hosts_list))
i = 0
try:
for hostrec in hosts_list:
host_id = hostrec['uuid']
i += 1
# don't change discarded packages.
if host_id in discarded_uuids:
discarded.append(host_id)
else:
host = host_repo.get(host_id)
if host is None:
host = PackageEntry(package=host_id, section='host')
if progress_hook(True, i, len(hosts_list),
'Editing %s' % host.package):
break
logger.debug(u'Edit host %s : +%s -%s' %
(host.package, append_depends, remove_depends))
depends = host.depends
conflicts = host.conflicts
conflicts = add_to_csv_list(conflicts, append_conflicts)
conflicts = remove_from_csv_list(conflicts, remove_conflicts)
depends = remove_from_csv_list(depends, ensure_list(conflicts))
depends = add_to_csv_list(depends, append_depends)
depends = remove_from_csv_list(depends, remove_depends)
conflicts = remove_from_csv_list(conflicts,
ensure_list(depends))
if depends != host.depends or conflicts != host.conflicts:
host.depends = depends
host.conflicts = conflicts
host.inc_build()
host_file = host.build_management_package()
host.sign_package(sign_certs, sign_key)
packages.append(host)
else:
unchanged.append(host.package)
# upload all in one step...
progress_hook(True, 3, 3, 'Upload %s host packages' % len(packages))
server = WaptServer().load_config_from_file(waptconfigfile)
server.private_key_password_callback = private_key_password_callback
server.upload_packages(packages,
auth=(wapt_server_user, wapt_server_passwd),
progress_hook=progress_hook)
return dict(updated=[p.package for p in packages],
discarded=discarded,
unchanged=unchanged)
finally:
logger.debug('Cleanup')
try:
i = 0
for s in packages:
i += 1
progress_hook(True, i, len(packages), 'Cleanup')
if os.path.isfile(s.localpath):
os.remove(s.localpath)
progress_hook(False)
except WindowsError as e:
logger.critical('Unable to remove temporary directory %s: %s' %
(s, repr(e)))
progress_hook(False)
def build_waptupgrade_package(wapt,
mainrepo,
sources_directory=None,
target_directory=None,
wapt_server_user=None,
wapt_server_passwd=None,
key_password=None,
sign_digests=None,
priority='critical'):
if target_directory is None:
target_directory = tempfile.gettempdir()
if not wapt_server_user:
wapt_server_user = raw_input('WAPT Server user :'******'WAPT Server password :'******'ascii')
if sign_digests is None:
sign_digests = wapt.sign_digests
if not wapt.personal_certificate_path or not os.path.isfile(
wapt.personal_certificate_path):
raise Exception(
u'No personal certificate provided or not found (%s) for signing waptupgrade package'
% wapt.personal_certificate_path)
waptget = get_file_properties('wapt-get.exe')
if sources_directory is None:
sources_directory = makepath(wapt.wapt_base_dir, 'waptupgrade')
entry = PackageEntry(waptfile=sources_directory)
patchs_dir = makepath(entry.sourcespath, 'patchs')
mkdirs(patchs_dir)
filecopyto(makepath(wapt.wapt_base_dir, 'waptdeploy.exe'),
makepath(patchs_dir, 'waptdeploy.exe'))
mainrepo.update()
entry.package = '%s-waptupgrade' % wapt.config.get(
'global', 'default_package_prefix')
existing = mainrepo.packages_matching(PackageRequest(entry.package))
if existing:
rev = sorted(existing)[-1].version.split('-')[1]
else:
rev = entry.version.split('-')[1]
entry.version = '%s-%s' % (waptget['FileVersion'], rev)
entry.inc_build()
entry.priority = priority
entry.save_control_to_wapt()
entry.build_package(target_directory=target_directory)
certs = wapt.personal_certificate()
key = wapt.private_key(private_key_password=key_password)
if not certs[0].is_code_signing:
raise Exception(u'%s is not a code signing certificate' %
wapt.personal_certificate_path)
entry.sign_package(private_key=key,
certificate=certs,
private_key_password=key_password,
mds=ensure_list(sign_digests))
wapt.http_upload_package(entry.localpath,
wapt_server_user=wapt_server_user,
wapt_server_passwd=wapt_server_passwd,
progress_hook=wapt.progress_hook)
mainrepo.update()
return entry.as_dict()
def duplicate_from_file(package_filename,
new_prefix='test',
target_directory=None,
authorized_certs=None,
set_maturity=None):
r"""Duplicate a downloaded package to match prefix defined in waptconfigfile
renames all dependencies
Returns:
str: source directory
>>> from common import Wapt
>>> wapt = Wapt(config_filename = r'C:\Users\htouvet\AppData\Local\waptconsole\waptconsole.ini')
>>> sources = duplicate_from_external_repo(wapt.config_filename,r'C:\tranquilit\wapt\tests\packages\tis-wapttest.wapt')
>>> res = wapt.build_upload(sources,wapt_server_user='******',wapt_server_passwd='password')
>>> res[0]['package'].depends
u'test-wapttestsub,test-7zip'
"""
def rename_package(oldname, prefix):
sp = oldname.split('-', 1)
if len(sp) == 2:
return "%s-%s" % (prefix, sp[-1])
else:
return oldname
source_package = PackageEntry(waptfile=package_filename)
# authorized_certs is a directoyr instead a list of certificates.
if authorized_certs is not None and authorized_certs != '' and not isinstance(
authorized_certs, list):
bundle = SSLCABundle()
bundle.add_pems(makepath(authorized_certs, '*.crt'), trust_first=True)
bundle.add_pems(makepath(authorized_certs, '*.cer'), trust_first=True)
bundle.add_pems(makepath(authorized_certs, '*.pem'), trust_all=True)
else:
bundle = authorized_certs or None
source_package.unzip_package(target_dir=target_directory, cabundle=bundle)
source_package.invalidate_signature()
package = PackageEntry(waptfile=source_package.sourcespath)
oldname = source_package.package
package.package = rename_package(oldname, new_prefix)
package.inc_build()
if set_maturity is not None:
package.maturity = set_maturity
result = package['sourcespath']
# renames dependencies
if package.depends:
newdepends = []
depends = ensure_list(package.depends)
for dependname in depends:
newname = rename_package(dependname, new_prefix)
newdepends.append(newname)
package.depends = ','.join(newdepends)
# renames conflicts
if package.conflicts:
newconflicts = []
conflicts = ensure_list(package.conflicts)
for dependname in conflicts:
newname = rename_package(dependname, new_prefix)
newconflicts.append(newname)
package.conflicts = ','.join(newconflicts)
package.save_control_to_wapt()
return result
ca_bundle = SSLCABundle()
signers_bundle = SSLCABundle()
signers_bundle.add_certificates_from_pem(pem_filename=certpub)
key = SSLPrivateKey(privatekey)
#selection de l'ordinateur à modifier
pe = PackageEntry(waptfile = "/var/www/html/wapt-host/%s.wapt" % uuid_machine)
depends = pe.depends.split(',')
conflicts = pe.conflicts.split(',')
if len(adddepend)>0:
for dep in adddepend:
if dep in pe.conflicts:
conflicts.remove(dep)
if not dep in depends:
depends.append(dep)
if not len(removedepend)<=0:
for dep in removedepend:
if not dep in pe.conflicts:
conflicts.append(dep)
if dep in depends:
depends.remove(dep)
pe.depends = ','.join(depends)
pe.conflicts = ','.join(conflicts)
pe.inc_build()
pe.sign_package(private_key=key,certificate = signers_bundle.certificates(),private_key_password=passwordkey)
print("Modification réussite")
else:
print("Erreur pas assez d'arguments ont été saisis")
def main():
parser=OptionParser(usage=__doc__,prog = 'wapt-signpackage')
parser.add_option("-c","--certificate", dest="public_key", default='', help="Path to the PEM RSA certificate to embed identitiy in control. (default: %default)")
parser.add_option("-k","--private-key", dest="private_key", default='', help="Path to the PEM RSA private key to sign packages. (default: %default)")
#parser.add_option("-w","--private-key-passwd", dest="private_key_passwd", default='', help="Path to the password of the private key. (default: %default)")
parser.add_option("-l","--loglevel", dest="loglevel", default=None, type='choice', choices=['debug','warning','info','error','critical'], metavar='LOGLEVEL',help="Loglevel (default: warning)")
parser.add_option("-m","--message-digest", dest="md", default='sha256', help="Message digest type for signatures. (default: %default)")
parser.add_option("-s","--scan-packages", dest="doscan", default=False, action='store_true', help="Rescan packages and update local Packages index after signing. (default: %default)")
parser.add_option("-r","--remove-setup", dest="removesetup", default=False, action='store_true', help="Remove setup.py. (default: %default)")
parser.add_option("-i","--inc-release", dest="increlease", default=False, action='store_true', help="Increase release number when building package (default: %default)")
parser.add_option("--maturity", dest="set_maturity", default=None, help="Set/change package maturity when signing package. (default: None)")
parser.add_option( "--keep-signature-date", dest="keep_signature_date",default=False, action='store_true', help="Keep the current package signature date, and file changetime (default: %default)")
parser.add_option( "--if-needed", dest="if_needed", default=False, action='store_true',help="Re-sign package only if needed (default: warning)")
(options,args) = parser.parse_args()
loglevel = options.loglevel
if len(logger.handlers) < 1:
hdlr = logging.StreamHandler(sys.stderr)
hdlr.setFormatter(logging.Formatter(
u'%(asctime)s %(levelname)s %(message)s'))
logger.addHandler(hdlr)
if loglevel:
setloglevel(logger,loglevel)
else:
setloglevel(logger,'warning')
if len(args) < 1:
print(parser.usage)
sys.exit(1)
if not options.public_key and not options.private_key:
print('ERROR: No certificate found or specified')
sys.exit(1)
if options.private_key and os.path.isfile(options.private_key):
key = SSLPrivateKey(options.private_key)
else:
cert = SSLCertificate(options.public_key or options.private_key)
key = cert.matching_key_in_dirs()
if not key:
print('ERROR: No private key found or specified')
sys.exit(1)
args = ensure_list(args)
ca_bundle = SSLCABundle()
signers_bundle = SSLCABundle()
signers_bundle.add_certificates_from_pem(pem_filename=options.public_key)
waptpackages = []
for arg in args:
waptpackages.extend(glob.glob(arg))
errors = []
package_dirs = []
for waptpackage in waptpackages:
package_dir = os.path.abspath(os.path.dirname(waptpackage))
if not package_dir in package_dirs:
package_dirs.append(package_dir)
print('Processing %s'%waptpackage)
try:
sign_needed=False
pe = PackageEntry(waptfile = waptpackage)
if options.removesetup:
if pe.has_file('setup.py'):
with pe.as_zipfile(mode='a') as waptfile:
waptfile.remove('setup.py')
sign_needed=True
if not sign_needed and options.if_needed:
try:
pe.check_control_signature(trusted_bundle=signers_bundle,signers_bundle=signers_bundle)
for md in ensure_list(options.md):
if not pe.has_file(pe.get_signature_filename(md)):
raise Exception('Missing signature for md %s' % md)
logger.info('Skipping %s, already signed properly' % pe.asrequirement())
sign_needed = False
except Exception as e:
logger.info('Sign is needed for %s because %s' % (pe.asrequirement(),e))
sign_needed = True
if options.increlease:
pe.inc_build()
sign_needed = True
if options.set_maturity is not None and pe.maturity != options.set_maturity:
pe.maturity = options.set_maturity
sign_needed = True
if not options.if_needed or sign_needed:
pe.sign_package(private_key=key,certificate = signers_bundle.certificates(),mds = ensure_list(options.md),keep_signature_date=options.keep_signature_date)
newfn = pe.make_package_filename()
if newfn != pe.filename:
newfn_path = os.path.join(package_dir,newfn)
if not os.path.isfile(newfn_path):
print(u"Renaming file from %s to %s to match new package's properties" % (pe.filename,newfn))
shutil.move(os.path.join(package_dir,pe.filename),newfn_path)
else:
print('WARNING: unable to rename file from %s to %s because target already exists' % (pe.filename,newfn))
print('Done')
except Exception as e:
print(u'Error: %s'%ensure_unicode(e.message))
errors.append([waptpackage,repr(e)])
if options.doscan:
for package_dir in package_dirs:
if os.path.isfile(os.path.join(package_dir,'Packages')):
print(u'Launching the update of Packages index in %s ...'% ensure_unicode(package_dir))
repo = WaptLocalRepo(package_dir)
repo.update_packages_index()
print('Done')
else:
print("Don't forget to rescan your repository with wapt-scanpackages %s" % os.path.dirname(waptpackages[0]))
if errors:
print('Package not processed properly: ')
for fn,error in errors:
print(u'%s : %s' % (fn,error))
sys.exit(1)
else:
sys.exit(0)
def main():
parser=OptionParser(usage=__doc__,prog = 'wapt-signpackage')
parser.add_option("-c","--certificate", dest="public_key", default='', help="Path to the PEM RSA certificate to embed identitiy in control. (default: %default)")
parser.add_option("-k","--private-key", dest="private_key", default='', help="Path to the PEM RSA private key to sign packages. (default: %default)")
#parser.add_option("-w","--private-key-passwd", dest="private_key_passwd", default='', help="Path to the password of the private key. (default: %default)")
parser.add_option("-l","--loglevel", dest="loglevel", default=None, type='choice', choices=['debug','warning','info','error','critical'], metavar='LOGLEVEL',help="Loglevel (default: warning)")
parser.add_option("-m","--message-digest", dest="md", default='sha256', help="Message digest type for signatures. (default: %default)")
parser.add_option("-s","--scan-packages", dest="doscan", default=False, action='store_true', help="Rescan packages and update local Packages index after signing. (default: %default)")
parser.add_option("-r","--remove-setup", dest="removesetup", default=False, action='store_true', help="Remove setup.py. (default: %default)")
parser.add_option("-i","--inc-release", dest="increlease", default=False, action='store_true', help="Increase release number when building package (default: %default)")
parser.add_option("--maturity", dest="set_maturity", default=None, help="Set/change package maturity when signing package. (default: None)")
parser.add_option( "--keep-signature-date", dest="keep_signature_date",default=False, action='store_true', help="Keep the current package signature date, and file changetime (default: %default)")
parser.add_option( "--if-needed", dest="if_needed", default=False, action='store_true',help="Re-sign package only if needed (default: warning)")
(options,args) = parser.parse_args()
loglevel = options.loglevel
if len(logger.handlers) < 1:
hdlr = logging.StreamHandler(sys.stderr)
hdlr.setFormatter(logging.Formatter(
u'%(asctime)s %(levelname)s %(message)s'))
logger.addHandler(hdlr)
if loglevel:
setloglevel(logger,loglevel)
else:
setloglevel(logger,'warning')
if len(args) < 1:
print(parser.usage)
sys.exit(1)
if not options.public_key and not options.private_key:
print('ERROR: No certificate found or specified')
sys.exit(1)
if options.private_key and os.path.isfile(options.private_key):
key = SSLPrivateKey(options.private_key)
else:
cert = SSLCertificate(options.public_key or options.private_key)
key = cert.matching_key_in_dirs()
if not key:
print('ERROR: No private key found or specified')
sys.exit(1)
args = ensure_list(args)
ca_bundle = SSLCABundle()
signers_bundle = SSLCABundle()
signers_bundle.add_certificates_from_pem(pem_filename=options.public_key)
waptpackages = []
for arg in args:
waptpackages.extend(glob.glob(arg))
errors = []
package_dirs = []
for waptpackage in waptpackages:
package_dir = os.path.abspath(os.path.dirname(waptpackage))
if not package_dir in package_dirs:
package_dirs.append(package_dir)
print('Processing %s'%waptpackage)
try:
sign_needed=False
pe = PackageEntry(waptfile = waptpackage)
if options.removesetup:
if pe.has_file('setup.py'):
with pe.as_zipfile(mode='a') as waptfile:
waptfile.remove('setup.py')
sign_needed=True
if not sign_needed and options.if_needed:
try:
pe.check_control_signature(trusted_bundle=signers_bundle,signers_bundle=signers_bundle)
for md in ensure_list(options.md):
if not pe.has_file(pe.get_signature_filename(md)):
raise Exception('Missing signature for md %s' % md)
logger.info('Skipping %s, already signed properly' % pe.asrequirement())
sign_needed = False
except Exception as e:
logger.info('Sign is needed for %s because %s' % (pe.asrequirement(),e))
sign_needed = True
if options.increlease:
pe.inc_build()
sign_needed = True
if options.set_maturity is not None and pe.maturity != options.set_maturity:
pe.maturity = options.set_maturity
sign_needed = True
if not options.if_needed or sign_needed:
pe.sign_package(private_key=key,certificate = signers_bundle.certificates(),mds = ensure_list(options.md),keep_signature_date=options.keep_signature_date)
newfn = pe.make_package_filename()
if newfn != pe.filename:
newfn_path = os.path.join(package_dir,newfn)
if not os.path.isfile(newfn_path):
print(u"Renaming file from %s to %s to match new package's properties" % (pe.filename,newfn))
os.rename(os.path.join(package_dir,pe.filename),newfn_path)
else:
print('WARNING: unable to rename file from %s to %s because target already exists' % (pe.filename,newfn))
print('Done')
except Exception as e:
print(u'Error: %s'%ensure_unicode(e.message))
errors.append([waptpackage,repr(e)])
if options.doscan:
for package_dir in package_dirs:
if os.path.isfile(os.path.join(package_dir,'Packages')):
print(u'Launching the update of Packages index in %s ...'% ensure_unicode(package_dir))
repo = WaptLocalRepo(package_dir)
repo.update_packages_index()
print('Done')
else:
print("Don't forget to rescan your repository with wapt-scanpackages %s" % os.path.dirname(waptpackages[0]))
if errors:
print('Package not processed properly: ')
for fn,error in errors:
print(u'%s : %s' % (fn,error))
sys.exit(1)
else:
sys.exit(0)
def edit_hosts_depends(waptconfigfile,hosts_list,
append_depends=[],
remove_depends=[],
append_conflicts=[],
remove_conflicts=[],
sign_certs=None,
sign_key=None,
key_password=None,
wapt_server_user=None,wapt_server_passwd=None,
cabundle = None,
):
"""Add or remove packages from host packages
Args:
Returns:
dict: { updated: of uuid of machines actually updated
unchanged : list of uuid skipped because of no change needed
discarded : list of uuid discarded due to errors}
>>> edit_hosts_depends('c:/wapt/wapt-get.ini','htlaptop.tranquilit.local','toto','tis-7zip','admin','password')
"""
if sign_certs is None:
sign_bundle_fn = inifile_readstring(waptconfigfile,u'global',u'personal_certificate_path')
sign_bundle = SSLCABundle(sign_bundle_fn)
sign_certs = sign_bundle.certificates()
# we assume a unique signer.
if cabundle is None:
cabundle = sign_bundle
if not sign_certs:
raise Exception(u'No personal signer certificate found in %s' % sign_bundle_fn)
if sign_key is None:
sign_key = sign_certs[0].matching_key_in_dirs(private_key_password=key_password)
try:
import waptconsole
progress_hook = waptconsole.UpdateProgress
except ImportError as e:
def print_progress(show=False,n=0,max=100,msg=''):
if show:
print('%s %s/%s\r' % (msg,n,max),end='')
else:
if not msg:
msg='Done'
print("%s%s"%(msg,' '*(80-len(msg))))
progress_hook = print_progress
hosts_list = ensure_list(hosts_list)
progress_hook(True,0,len(hosts_list),'Loading %s hosts packages' % len(hosts_list))
host_repo = WaptHostRepo(name='wapt-host',host_id=hosts_list,cabundle = cabundle)
host_repo.load_config_from_file(waptconfigfile)
total_hosts = len(host_repo.packages())
discarded_uuids = [p.package for p in host_repo.discarded]
hosts_list = ensure_list(hosts_list)
append_depends = ensure_list(append_depends)
remove_depends = ensure_list(remove_depends)
append_conflicts = ensure_list(append_conflicts)
remove_conflicts = ensure_list(remove_conflicts)
packages = []
discarded = []
unchanged = []
progress_hook(True,0,len(hosts_list),'Editing %s hosts' % len(hosts_list))
i = 0
try:
for host_id in hosts_list:
i+=1
# don't change discarded packages.
if host_id in discarded_uuids:
discarded.append(host_id)
else:
host = host_repo.get(host_id)
if host is None:
host = PackageEntry(package=host_id,section='host')
if progress_hook(True,i,len(hosts_list),'Editing %s' % host.package):
break
logger.debug(u'Edit host %s : +%s -%s'%(
host.package,
append_depends,
remove_depends))
depends = host.depends
conflicts = host.conflicts
conflicts = add_to_csv_list(conflicts,append_conflicts)
conflicts = remove_from_csv_list(conflicts,remove_conflicts)
depends = remove_from_csv_list(depends,ensure_list(conflicts))
depends = add_to_csv_list(depends,append_depends)
depends = remove_from_csv_list(depends,remove_depends)
conflicts = remove_from_csv_list(conflicts,ensure_list(depends))
if depends != host.depends or conflicts != host.conflicts:
host.depends = depends
host.conflicts = conflicts
host.inc_build()
host_file = host.build_management_package()
host.sign_package(sign_certs,sign_key)
packages.append(host)
else:
unchanged.append(host.package)
# upload all in one step...
progress_hook(True,3,3,'Upload %s host packages' % len(packages))
server = WaptServer().load_config_from_file(waptconfigfile)
server.upload_packages(packages,auth=(wapt_server_user,wapt_server_passwd),progress_hook=progress_hook)
return dict(updated = [p.package for p in packages],
discarded = discarded,
unchanged = unchanged)
finally:
logger.debug('Cleanup')
try:
i = 0
for s in packages:
i+=1
progress_hook(True,i,len(packages),'Cleanup')
if os.path.isfile(s.localpath):
os.remove(s.localpath)
progress_hook(False)
except WindowsError as e:
logger.critical('Unable to remove temporary directory %s: %s'% (s,repr(e)))
progress_hook(False)
def duplicate_from_file(package_filename,new_prefix='test',target_directory=None,authorized_certs=None,set_maturity=None):
r"""Duplicate a downloaded package to match prefix defined in waptconfigfile
renames all dependencies
Returns:
str: source directory
>>> from common import Wapt
>>> wapt = Wapt(config_filename = r'C:\Users\htouvet\AppData\Local\waptconsole\waptconsole.ini')
>>> sources = duplicate_from_external_repo(wapt.config_filename,r'C:\tranquilit\wapt\tests\packages\tis-wapttest.wapt')
>>> res = wapt.build_upload(sources,wapt_server_user='******',wapt_server_passwd='password')
>>> res[0]['package'].depends
u'test-wapttestsub,test-7zip'
"""
def rename_package(oldname,prefix):
sp = oldname.split('-',1)
if len(sp) == 2:
return "%s-%s" % (prefix,sp[-1])
else:
return oldname
source_package = PackageEntry(waptfile = package_filename)
# authorized_certs is a directoyr instead a list of certificates.
if authorized_certs is not None and authorized_certs != '' and not isinstance(authorized_certs,list):
bundle = SSLCABundle()
bundle.add_pems(makepath(authorized_certs,'*.crt'))
bundle.add_pems(makepath(authorized_certs,'*.cer'))
bundle.add_pems(makepath(authorized_certs,'*.pem'))
else:
bundle = authorized_certs or None
source_package.unzip_package(target_dir=target_directory,cabundle=bundle)
source_package.invalidate_signature()
package = PackageEntry(waptfile = source_package.sourcespath)
oldname = source_package.package
package.package = rename_package(oldname,new_prefix)
package.inc_build()
if set_maturity is not None:
package.maturity = set_maturity
result = package['sourcespath']
# renames dependencies
if package.depends:
newdepends = []
depends = ensure_list(package.depends)
for dependname in depends:
newname = rename_package(dependname,new_prefix)
newdepends.append(newname)
package.depends = ','.join(newdepends)
# renames conflicts
if package.conflicts:
newconflicts = []
conflicts = ensure_list(package.conflicts)
for dependname in conflicts:
newname = rename_package(dependname,new_prefix)
newconflicts.append(newname)
package.conflicts = ','.join(newconflicts)
package.save_control_to_wapt()
return result
