added a mechanism to verify that debops controller doesn't use other controller's files
this should prevent problems such as https://bugzilla.ipr.univ-rennes.fr/show_bug.cgi?id=3719 work related to https://bugzilla.ipr.univ-rennes.fr/show_bug.cgi?id=3719
This commit is contained in:
parent
20bac19c84
commit
b3e9fec9a2
|
|
@ -161,6 +161,57 @@ controller__get_debops_env_path()
|
||||||
echo "${local_repos_path}/.env" # see the allowed locations in man debops-config
|
echo "${local_repos_path}/.env" # see the allowed locations in man debops-config
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
path__as_regular_path()
|
||||||
|
{
|
||||||
|
local path="$1"
|
||||||
|
echo $path | sed "s|~|$home_dir|g"
|
||||||
|
}
|
||||||
|
|
||||||
|
# checks the validity of the given debops controller
|
||||||
|
|
||||||
|
controller__check_integrity()
|
||||||
|
{
|
||||||
|
local debops_controller_path="$1"
|
||||||
|
|
||||||
|
local local_repos_path=$(controller__get_local_repos_path "$debops_controller_path")
|
||||||
|
local virtual_env_path=$(controller__get_virtualenv_path "$debops_controller_path")
|
||||||
|
local debops_exit_code=''
|
||||||
|
|
||||||
|
# (debops.venv) debopsupdater@mazinger:~/debops/controllers/alambix/ansible.debops.git$ debops env
|
||||||
|
# DEBOPS_ANSIBLE_COLLECTIONS_PATH=~/debops/controllers/alambix/debops.venv/lib/python3.11/site-packages/debops/_data/ansible/collections
|
||||||
|
# DEBOPS_VENV=/home/debopsupdater/debops/controllers/alambix/debops.venv
|
||||||
|
# DEBOPS_VENV_PLAYBOOKS=/home/debopsupdater/debops/controllers/alambix/debops.venv/lib/python3.11/site-packages/debops/_data/ansible/collections/ansible_collections/debops/debops/playbooks
|
||||||
|
# DEBOPS_VENV_ROLES=/home/debopsupdater/debops/controllers/alambix/debops.venv/lib/python3.11/site-packages/debops/_data/ansible/collections/ansible_collections/debops/debops/roles
|
||||||
|
# DEBOPS_PROJECT_PATH=~/debops/controllers/alambix/ansible.debops.git
|
||||||
|
# DEBOPS_ANSIBLE_INVENTORY=~/debops/controllers/alambix/ansible.debops.git/ansible/inventory
|
||||||
|
# ANSIBLE_CONFIG=~/debops/controllers/alambix/ansible.debops.git/ansible.cfg
|
||||||
|
pushd "$local_repos_path"
|
||||||
|
source "$virtual_env_path/bin/activate"
|
||||||
|
eval "$(debops env)"
|
||||||
|
local home_dir=$(echo ~)
|
||||||
|
local var_name=''
|
||||||
|
for var_name in DEBOPS_ANSIBLE_COLLECTIONS_PATH DEBOPS_VENV DEBOPS_VENV_PLAYBOOKS DEBOPS_VENV_ROLES DEBOPS_PROJECT_PATH DEBOPS_ANSIBLE_INVENTORY ANSIBLE_CONFIG
|
||||||
|
do
|
||||||
|
local var_value=''
|
||||||
|
var_value=${!var_name}
|
||||||
|
var_value=$(path__as_regular_path $var_value)
|
||||||
|
if [ $? != 0 ]
|
||||||
|
then
|
||||||
|
log 'error' "failed to get the regular path from $var_value"
|
||||||
|
return "$RETURNCODE_ERROR"
|
||||||
|
fi
|
||||||
|
echo $var_value | grep -q "^$debops_controller_path"
|
||||||
|
if [ $? != 0 ]
|
||||||
|
then
|
||||||
|
log 'error' "the path for $var_name ($var_value) is expected to start with the path of the debops controller $debops_controller_path"
|
||||||
|
return "$RETURNCODE_ERROR"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
deactivate
|
||||||
|
popd
|
||||||
|
}
|
||||||
|
|
||||||
deboco__init()
|
deboco__init()
|
||||||
{
|
{
|
||||||
local debops_controller_path="$1"
|
local debops_controller_path="$1"
|
||||||
|
|
@ -241,6 +292,12 @@ deboco__init()
|
||||||
local virtual_env_path=$(controller__get_virtualenv_path "$debops_controller_path")
|
local virtual_env_path=$(controller__get_virtualenv_path "$debops_controller_path")
|
||||||
# no need to call update-debops.sh since update-dev.sh does it
|
# no need to call update-debops.sh since update-dev.sh does it
|
||||||
DEBOPS_VENV="$virtual_env_path" "$local_repos_path/bin/update-dev.sh"
|
DEBOPS_VENV="$virtual_env_path" "$local_repos_path/bin/update-dev.sh"
|
||||||
|
|
||||||
|
controller__check_integrity "$debops_controller_path"
|
||||||
|
if [ $? != "$RETURNCODE_SUCCESS" ]
|
||||||
|
then
|
||||||
|
return $RETURNCODE_ERROR
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
deboco__update()
|
deboco__update()
|
||||||
|
|
@ -248,6 +305,13 @@ deboco__update()
|
||||||
local debops_controller_path="$1"
|
local debops_controller_path="$1"
|
||||||
log 'info' "updating debobs controller in $debops_controller_path"
|
log 'info' "updating debobs controller in $debops_controller_path"
|
||||||
|
|
||||||
|
controller__check_integrity "$debops_controller_path"
|
||||||
|
if [ $? != "$RETURNCODE_SUCCESS" ]
|
||||||
|
then
|
||||||
|
return $RETURNCODE_ERROR
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
reports_path="$(controller__get_reports_path "$debops_controller_path")"
|
reports_path="$(controller__get_reports_path "$debops_controller_path")"
|
||||||
mkdir -p "${reports_path}"
|
mkdir -p "${reports_path}"
|
||||||
report_file_path=${reports_path}/$(date --iso=seconds)-init-${target_host_fqdn}
|
report_file_path=${reports_path}/$(date --iso=seconds)-init-${target_host_fqdn}
|
||||||
|
|
@ -262,6 +326,13 @@ deboco__update()
|
||||||
|
|
||||||
log info "updating debops itself in $virtual_env_path"
|
log info "updating debops itself in $virtual_env_path"
|
||||||
DEBOPS_VENV="$virtual_env_path" "$local_repos_path/bin/update-dev.sh" | tee --append ${report_file_path}
|
DEBOPS_VENV="$virtual_env_path" "$local_repos_path/bin/update-dev.sh" | tee --append ${report_file_path}
|
||||||
|
|
||||||
|
controller__check_integrity "$debops_controller_path"
|
||||||
|
if [ $? != "$RETURNCODE_SUCCESS" ]
|
||||||
|
then
|
||||||
|
return $RETURNCODE_ERROR
|
||||||
|
fi
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
deboco__configure_machine()
|
deboco__configure_machine()
|
||||||
|
|
@ -296,6 +367,14 @@ deboco__init_machine()
|
||||||
local target_host_fqdn="$2" # the machine on which we want to install debops bootstrap, eg alambix-108.ipr.univ-rennes.fr
|
local target_host_fqdn="$2" # the machine on which we want to install debops bootstrap, eg alambix-108.ipr.univ-rennes.fr
|
||||||
log 'info' "installing debops bootstrap on $target_host_fqdn using debobs controller $debops_controller_path"
|
log 'info' "installing debops bootstrap on $target_host_fqdn using debobs controller $debops_controller_path"
|
||||||
|
|
||||||
|
|
||||||
|
controller__check_integrity "$debops_controller_path"
|
||||||
|
if [ $? != "$RETURNCODE_SUCCESS" ]
|
||||||
|
then
|
||||||
|
return $RETURNCODE_ERROR
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
local error_code=$RETURNCODE_SUCCESS
|
local error_code=$RETURNCODE_SUCCESS
|
||||||
|
|
||||||
reports_path="$(controller__get_reports_path "$debops_controller_path")"
|
reports_path="$(controller__get_reports_path "$debops_controller_path")"
|
||||||
|
|
@ -330,6 +409,14 @@ deboco__update_machine()
|
||||||
local target_host_fqdn="$2" # eg alambix-108.ipr.univ-rennes.fr
|
local target_host_fqdn="$2" # eg alambix-108.ipr.univ-rennes.fr
|
||||||
log 'info' "updating $target_host_fqdn using debobs controller $debops_controller_path"
|
log 'info' "updating $target_host_fqdn using debobs controller $debops_controller_path"
|
||||||
|
|
||||||
|
|
||||||
|
controller__check_integrity "$debops_controller_path"
|
||||||
|
if [ $? != "$RETURNCODE_SUCCESS" ]
|
||||||
|
then
|
||||||
|
return $RETURNCODE_ERROR
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
local error_code=$RETURNCODE_SUCCESS
|
local error_code=$RETURNCODE_SUCCESS
|
||||||
|
|
||||||
reports_path="$(controller__get_reports_path "$debops_controller_path")"
|
reports_path="$(controller__get_reports_path "$debops_controller_path")"
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue