From 871729a3c75946ea5072a1148d0040d89e6bb667 Mon Sep 17 00:00:00 2001 From: Dan Horák Date: Dec 19 2016 15:41:55 +0000 Subject: koji-build-srpm.py - add kerberos auth Signed-off-by: Dan Horák --- diff --git a/scripts/koji-build-srpm.py b/scripts/koji-build-srpm.py index 9096eff..3ce86f3 100755 --- a/scripts/koji-build-srpm.py +++ b/scripts/koji-build-srpm.py @@ -21,6 +21,8 @@ import argparse # get architecture, tag/target and build from command line parser = argparse.ArgumentParser(description='Build srpm from primary koji in secondary koji.') +parser.add_argument("--keytab", help="specify a Kerberos keytab to use") +parser.add_argument("--principal", help="specify a Kerberos principal to use") parser.add_argument('--scratch', action='store_true', help='scratch build') parser.add_argument('--verbose', action='store_true', help='enables additional output, overrides --quiet') parser.add_argument('--quiet', action='store_true', help='suppresses non error related output') @@ -38,6 +40,10 @@ SERVERCA = os.path.expanduser('~/.fedora-server-ca.cert') CLIENTCA = os.path.expanduser('~/.fedora-upload-ca.cert') CLIENTCERT = os.path.expanduser('~/.fedora.cert') +session_opts = {} +session_opts['krbservice'] = 'host' +session_opts['krb_rdns'] = False + if args.verbose: loglevel = logging.DEBUG elif args.quiet: @@ -62,9 +68,15 @@ def _unique_path(prefix): # setup the koji session logging.info('Setting up koji session') -localkojisession = koji.ClientSession(LOCALKOJIHUB) +localkojisession = koji.ClientSession(LOCALKOJIHUB, session_opts) remotekojisession = koji.ClientSession(REMOTEKOJIHUB) -localkojisession.ssl_login(CLIENTCERT, CLIENTCA, SERVERCA) +if os.path.isfile(CLIENTCERT): + localckojisession.ssl_login(CLIENTCERT, CLIENTCA, SERVERCA) +else: + if args.keytab and args.principal: + localkojisession.krb_login(principal=args.principal, keytab=args.keytab) + else: + localkojisession.krb_login() pg = progress.TextMeter()