From 47497d0cfd905714b88880358c20be46f3e49775 Mon Sep 17 00:00:00 2001 From: Ryan Lerch Date: Mon, 20 Jul 2020 21:01:00 +1000 Subject: [PATCH] Remove unused sync-openshift-keys.py Signed-off-by: Ryan Lerch --- roles/batcave/files/sync-openshift-keys.py | 142 --------------------- 1 file changed, 142 deletions(-) delete mode 100755 roles/batcave/files/sync-openshift-keys.py diff --git a/roles/batcave/files/sync-openshift-keys.py b/roles/batcave/files/sync-openshift-keys.py deleted file mode 100755 index 007be415ea..0000000000 --- a/roles/batcave/files/sync-openshift-keys.py +++ /dev/null @@ -1,142 +0,0 @@ -#!/usr/bin/python -# Copyright 2012 Patrick Uiterwijk -# This file has been released as LGPLv3+, see COPYING for the complete license -import sys -import string -import ConfigParser -from argparse import ArgumentParser -from fedora.client import AccountSystem -from oshift_mod import Openshift -from getpass import getpass -import os - -os.environ['OPENSHIFT_REST_API'] = '1.5' - -def get_keys(host,user,passwd): - os = Openshift(host=host,user=user,passwd=passwd) - (resp, content) = os.keys_list() - if resp != 200: - print('ERROR! Result: %(resp)s' % {'resp': resp}) - sys.exit(1) - return os.rest.response.json()['data'] - -def add_key(host,user,passwd,key_name,key_type,key_contents, verbose=False): - if verbose: - print('Adding key %(keyname)s' % {'keyname': key_name}) - os = Openshift(host=host,user=user,passwd=passwd) - (resp, content) = os.key_add(name=key_name, type=key_type, key_str=key_contents) - # 200 = ok, 201 = created, 422 = error in key format - # The latest one is an error, but shouldn't break adding the rest of the keys - if resp != 200 and resp != 201 and resp != 422: - print('ERROR! Result: %(resp)s' % {'resp': resp}) - sys.exit(2) - if verbose: - print('Done') - return os.rest.response.json()['data'] - -def remove_key(host,user,passwd,key_name, verbose=False): - if verbose: - print('Removing key %(keyname)s' % {'keyname': key_name}) - os = Openshift(host=host,user=user,passwd=passwd) - (resp, content) = os.key_delete(key_name) - if resp != 200: - print 'ERROR! Result: %(resp)s' % {'resp': resp} - sys.exit(3) - if verbose: - print('Done') - return os.rest.response.json()['data'] - -def get_users_to_have_access(fas, groups): - all_users = set() - for group in groups: - new_users = fas.group_members(group) - for new_user in new_users: - all_users.add(new_user['username']) - return all_users - -def get_users_ssh_keys(fas, users): - keys = {} - user_data = fas.user_data() - for userid in user_data.keys(): - if user_data[userid]['username'] in users: - if user_data[userid]['ssh_key']: - contents = user_data[userid]['ssh_key'] - if contents.split(' ') > 1: - key_type = contents.split(' ')[0] - key_contents = contents.split(' ')[1] - keys[user_data[userid]['username']] = {'type': key_type, - 'contents': key_contents, - 'username': user_data[userid]['username']} - return keys - -def get_keys_to_remove(keys_in_openshift, keys_in_fas): - keys_to_remove = set() - for key in keys_in_openshift: - keys_to_remove.add(key['name']) - for key_in_fas in keys_in_fas: - if keys_in_fas[key_in_fas]['contents'] == key['content']: - keys_to_remove.remove(key['name']) - return keys_to_remove - -def get_keys_to_add(keys_in_openshift, keys_in_fas): - usernames_to_add = set() - for username in keys_in_fas: - usernames_to_add.add(username) - for key in keys_in_openshift: - if key['content'] == keys_in_fas[username]['contents']: - usernames_to_add.remove(username) - keys_to_add = [] - for username in usernames_to_add: - keys_to_add.append(keys_in_fas[username]) - return keys_to_add - -def remove_keys(openshift_host, openshift_user, openshift_pass, to_remove, verbose=False): - if verbose: - print('Removing the following keys:') - print(to_remove) - for key in to_remove: - remove_key(openshift_host, openshift_user, openshift_pass, key, verbose=verbose) - if verbose: - print('Done') - -def add_keys(openshift_host, openshift_user, openshift_pass, to_add, prefix, verbose=False): - if verbose: - print('Adding the following keys:') - print(to_add) - for key in to_add: - add_key(openshift_host, openshift_user, openshift_pass, '%(prefix)s%(username)s' % {'prefix': prefix, 'username': key['username']}, key['type'], key['contents'], verbose=verbose) - if verbose: - print('Done') - -if __name__ == '__main__': - parser = ArgumentParser() - parser.add_argument('-config_file', help='The configuration file to use', default='/etc/sync-openshift-keys.conf') - parser.add_argument('--verbose', '-v', help='Make the script more verbose', action='store_true') - args = parser.parse_args() - config = ConfigParser.ConfigParser() - config.read(args.config_file) - fas = AccountSystem(config.get('fas', 'url'), username=config.get('fas', 'user'), password=config.get('fas', 'pass')) - fas.insecure = True - if args.verbose: - print('Getting users...') - users = get_users_to_have_access(fas, string.split(config.get('general', 'groups'), ',')) - if args.verbose: - print('Done: %s' % users) - print('Getting keys in FAS...') - keys_fas = get_users_ssh_keys(fas, users) - if args.verbose: - print('Done: %s') - print('Getting keys in Openshift...') - keys_openshift = get_keys(config.get('openshift', 'host'), config.get('openshift', 'user'), config.get('openshift', 'pass')) - if args.verbose: - print('Done') - print('Getting keys to remove...') - keys_to_remove = get_keys_to_remove(keys_openshift, keys_fas) - if args.verbose: - print('Done') - print('Getting keys to add...') - keys_to_add = get_keys_to_add(keys_openshift, keys_fas) - if args.verbose: - print('Done') - remove_keys(config.get('openshift', 'host'), config.get('openshift', 'user'), config.get('openshift', 'pass'), keys_to_remove, verbose=args.verbose) - add_keys(config.get('openshift', 'host'), config.get('openshift', 'user'), config.get('openshift', 'pass'), keys_to_add, config.get('general', 'keyname_prefix'), verbose=args.verbose)