releng

Clone

#6572 Kerberize all the tooling
Closed 7 years ago by ausil. Opened 7 years ago by puiterwijk.
puiterwijk/releng kerberize  into  master

file modified
+2 -2 
@@ -84,8 +84,8 @@ 
 

      Get a list of all blocked and unblocked packages in a branch.
 

      """
 

      url = PRODUCTION_KOJI if not staging else STAGING_KOJI
 

-     kojisession = koji.ClientSession(url)
 

-     kojisession.ssl_login(CLIENTCERT, CLIENTCA, SERVERCA)
 

+     kojisession = koji.ClientSession(url, {'krb_rdns': False})
 

+     kojisession.krb_login()
 

      pkglist = kojisession.listPackages(tagID=tag, inherited=True)
 

      blocked = []
 

      unblocked = []

file modified
+3 -8 
@@ -19,11 +19,6 @@ 
 

  REMOTEKOJIHUB = 'http://koji.fedoraproject.org/kojihub'
 

  PACKAGEURL = 'http://kojipkgs.fedoraproject.org/'
 

  

- # Should probably set these from a koji config file
 

- SERVERCA = os.path.expanduser('~/.fedora-server-ca.cert')
 

- CLIENTCA = os.path.expanduser('~/.fedora-server-ca.cert')
 

- CLIENTCERT = os.path.expanduser('~/.fedora.cert')
 

- 

  workpath = '/tmp/build-recent'
 

  

  loglevel = logging.DEBUG
 
@@ -139,9 +134,9 @@ 
 

  

  # setup the koji session
 

  logging.info('Setting up koji session')
 

- localkojisession = koji.ClientSession(LOCALKOJIHUB)
 

- remotekojisession = koji.ClientSession(REMOTEKOJIHUB)
 

- localkojisession.ssl_login(CLIENTCERT, CLIENTCA, SERVERCA)
 

+ localkojisession = koji.ClientSession(LOCALKOJIHUB, {'krb_rdns': False})
 

+ remotekojisession = koji.ClientSession(REMOTEKOJIHUB, {'krb_rdns': False})
 

+ localkojisession.krb_login()
 

  

  tag = 'f18-rebuild'

file modified
+3 -3 
@@ -130,9 +130,9 @@ 
 

  

  # setup the koji session
 

  logging.info('Setting up koji session')
 

- localkojisession = koji.ClientSession(LOCALKOJIHUB)
 

- remotekojisession = koji.ClientSession(REMOTEKOJIHUB)
 

- localkojisession.ssl_login(CLIENTCERT, CLIENTCA, SERVERCA)
 

+ localkojisession = koji.ClientSession(LOCALKOJIHUB, {'krb_rdns': False})
 

+ remotekojisession = koji.ClientSession(REMOTEKOJIHUB, {'krb_rdns': False})
 

+ localkojisession.krb_login()
 

  

  tag = 'dist-f16'

file modified
+2 -2 
@@ -62,8 +62,8 @@ 
 

          return -1
 

  

  

- kojisession = koji.ClientSession(KOJIHUB)
 

- kojisession.ssl_login(CLIENTCERT, CLIENTCA, SERVERCA)
 

+ kojisession = koji.ClientSession(KOJIHUB, {'krb_rdns': False})
 

+ kojisession.krb_login()
 

  

  if args.package == []:
 

      latest_builds = sorted(kojisession.listTagged(args.tag, latest=True),

file modified
+2 -6 
@@ -16,13 +16,9 @@ 
 

  tag = 'f25'
 

  oldtag = 'f24'
 

  # Create a koji session
 

- kojisession = koji.ClientSession('http://ppc.koji.fedoraproject.org/kojihub')
 

+ kojisession = koji.ClientSession('http://ppc.koji.fedoraproject.org/kojihub', {'krb_rdns': False})
 

  

- # Log into koji
 

- clientcert = os.path.expanduser('~/.fedora.cert')
 

- clientca = os.path.expanduser('~/.fedora-upload-ca.cert')
 

- serverca = os.path.expanduser('~/.fedora-server-ca.cert')
 

- kojisession.ssl_login(clientcert, clientca, serverca)
 

+ kojisession.krb_login()
 

  

  # Get all builds tagged into the tag w/o inherited builds
 

  builds = kojisession.listTagged(tag, latest=True)

file modified
+4 -12 
@@ -35,11 +35,6 @@ 
 

  REMOTEKOJIHUB = 'https://koji.fedoraproject.org/kojihub'
 

  PACKAGEURL = 'http://kojipkgs.fedoraproject.org/'
 

  

- # Should probably set these from a koji config file
 

- SERVERCA = os.path.expanduser('~/.fedora-server-ca.cert')
 

- CLIENTCA = os.path.expanduser('~/.fedora-upload-ca.cert')
 

- CLIENTCERT = os.path.expanduser('~/.fedora.cert')
 

- 

  session_opts = {}
 

  session_opts['krbservice'] = 'host'
 

  session_opts['krb_rdns'] = False
 
@@ -69,14 +64,11 @@ 
 

  # setup the koji session
 

  logging.info('Setting up koji session')
 

  localkojisession = koji.ClientSession(LOCALKOJIHUB, session_opts)
 

- remotekojisession = koji.ClientSession(REMOTEKOJIHUB)
 

- if os.path.isfile(CLIENTCERT):
 

-     localckojisession.ssl_login(CLIENTCERT, CLIENTCA, SERVERCA)
 

+ remotekojisession = koji.ClientSession(REMOTEKOJIHUB, {'krb_rdns': False})
 

+ if args.keytab and args.principal:
 

+     localkojisession.krb_login(principal=args.principal, keytab=args.keytab)
 

  else:
 

-     if args.keytab and args.principal:
 

-         localkojisession.krb_login(principal=args.principal, keytab=args.keytab)
 

-     else:
 

-         localkojisession.krb_login()
 

+     localkojisession.krb_login()
 

  

  pg = progress.TextMeter()

file modified
+4 -7 
@@ -148,14 +148,11 @@ 
 

  # setup the koji session
 

  logging.info('Setting up koji session')
 

  localkojisession = koji.ClientSession(LOCALKOJIHUB, session_opts)
 

- remotekojisession = koji.ClientSession(REMOTEKOJIHUB)
 

- if os.path.isfile(CLIENTCERT):
 

-     localckojisession.ssl_login(CLIENTCERT, CLIENTCA, SERVERCA)
 

+ remotekojisession = koji.ClientSession(REMOTEKOJIHUB, {'krb_rdns': False})
 

+ if args.keytab and args.principal:
 

+     localkojisession.krb_login(principal=args.principal, keytab=args.keytab)
 

  else:
 

-     if args.keytab and args.principal:
 

-         localkojisession.krb_login(principal=args.principal, keytab=args.keytab)
 

-     else:
 

-         localkojisession.krb_login()
 

+     localkojisession.krb_login()
 

  

  for build in args.build:
 

      buildinfo = remotekojisession.getBuild(build)

file modified
+3 -3 
@@ -28,9 +28,9 @@ 
 

  clientcrt = os.path.expanduser('~/.fedora.cert')
 

  primarykoji = 'https://koji.fedoraproject.org/kojihub'
 

  secondarykoji = 'https://ppc.koji.fedoraproject.org/kojihub' 

- primary = koji.ClientSession(primarykoji)
 

- secondary = koji.ClientSession(secondarykoji)
 

- secondary.ssl_login(clientcrt, clientca, serverca) 

+ primary = koji.ClientSession(primarykoji, {'krb_rdns': False})
 

+ secondary = koji.ClientSession(secondarykoji, {'krb_rdns': False})
 

+ secondary.krb_login()
 

  

  # do the thing:

file modified
+2 -2 
@@ -95,8 +95,8 @@ 
 

  # parse the koji-shadow config file, login to our koji:
 

  ks_config = ConfigParser.ConfigParser()
 

  ks_config.read(shadowconfig)
 

- local = koji.ClientSession(ks_config.get("main", "server"))
 

- local.ssl_login(auth_cert, auth_ca, serverca)
 

+ local = koji.ClientSession(ks_config.get("main", "server"), {'krb_rdns': False})
 

+ local.krb_login()
 

  

  # set up the queues
 

  buildqueue = deque()

file modified
+2 -5 
@@ -21,13 +21,10 @@ 
 

  tasks = {} # dict of new build task info
 

  

  # Create a koji session
 

- kojisession = koji.ClientSession('https://koji.fedoraproject.org/kojihub')
 

+ kojisession = koji.ClientSession('https://koji.fedoraproject.org/kojihub', {'krb_rdns': False})
 

  

  # Log into koji
 

- clientcert = os.path.expanduser('~/.fedora.cert')
 

- clientca = os.path.expanduser('~/.fedora-upload-ca.cert')
 

- serverca = os.path.expanduser('~/.fedora-server-ca.cert')
 

- kojisession.ssl_login(clientcert, clientca, serverca)
 

+ kojisession.krb_login()
 

  

  # Generate a list of builds to iterate over, sorted by package name
 

  builds = sorted(kojisession.listTagged(holdingtag, latest=True),

file modified
+2 -2 
@@ -60,8 +60,8 @@ 
 

  

  # setup the koji session
 

  logging.info('Setting up koji session')
 

- kojisession = koji.ClientSession(KOJIHUB)
 

- if not kojisession.ssl_login(CLIENTCERT, CLIENTCA, SERVERCA):
 

+ kojisession = koji.ClientSession(KOJIHUB, {'krb_rdns': False})
 

+ if not kojisession.krb_login():
 

      logging.error('Unable to log into koji')
 

      sys.exit(1)

file modified
+2 -4 
@@ -315,6 +315,7 @@ 
 

          self.options.kojihub = 'http://koji.fedoraproject.org/kojihub'
 

          self.options.regex = False
 

          self.options.ignore = []
 

+         self.options.krb_rdns = False
 

  

      def create_koji_session(self):
 

          # used options: debug, debug_xmlrpc, user, password
 
@@ -742,10 +743,7 @@ 
 

  

      def cmd_default(self):
 

          self.tweak_options()
 

-         clientcert = '/etc/pki/pkgsigner/pkgsigner.pem'
 

-         clientca = '/etc/pki/pkgsigner/fedora-upload-ca.cert'
 

-         serverca = '/etc/pki/pkgsigner/fedora-server-ca.cert'
 

-         self.koji_session.ssl_login(clientcert, clientca, serverca) # NEEDSWORK
 

+         self.koji_session.krb_login()
 

          self.print_msg("Getting rpm list from koji")
 

          if self.options.builds:
 

              rpms = self.get_build_rpms(self.options.builds)

file modified
+2 -2 
@@ -51,8 +51,8 @@ 
 

  for arch in arches:
 

      print "== Working on Arch: %s" % arch
 

      # Create a koji session
 

-     seckojisession = koji.ClientSession('https://%s.koji.fedoraproject.org/kojihub' % arch )
 

-     seckojisession.ssl_login(CLIENTCERT, CLIENTCA, SERVERCA)
 

+     seckojisession = koji.ClientSession('https://%s.koji.fedoraproject.org/kojihub' % arch, {'krb_rdns': False})
 

+     seckojisession.krb_login()
 

  

      for tag in tags:
 

          print "=== Working on tag: %s" % tag

file modified
+3 -6 
@@ -65,13 +65,10 @@ 
 

  # Create a koji session
 

  kojisession = koji.ClientSession('https://koji.fedoraproject.org/kojihub')
 

  seckojisession = koji.ClientSession('https://%s.koji.fedoraproject.org/kojihub' % args.arch, session_opts)
 

- if os.path.isfile(CLIENTCERT):
 

-     seckojisession.ssl_login(CLIENTCERT, CLIENTCA, SERVERCA)
 

+ if args.keytab and args.principal:
 

+     seckojisession.krb_login(principal=args.principal, keytab=args.keytab)
 

  else:
 

-     if args.keytab and args.principal:
 

-         seckojisession.krb_login(principal=args.principal, keytab=args.keytab)
 

-     else:
 

-         seckojisession.krb_login()
 

+     seckojisession.krb_login()
 

  

  for tag in args.tag:
 

      print "=== Working on tag: %s ====" % tag

Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.