# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#==============================================================================
-import sys, os, subprocess
-import configparser, itertools, json, re
+import sys, os, os.path, subprocess
+import configparser, itertools, re
+import hmac, hashlib
import email.mime.text, email.utils, smtplib
mail_sender = "null@localhost"
s.sendmail(sender, recipients, msg.as_string())
s.quit()
-def get_github_payload():
- '''Reeturn the github-style JSON encoded payload (as if we were called as a github webhook)'''
- try:
- data = sys.stdin.buffer.read()
- data = json.loads(data.decode('utf-8'))
- return data
- except:
- return {} # nothing read
-
class Repo:
def __init__(self, name, conf):
'''Creates a repository from a section of the git-mirror configuration file'''
self.name = name
self.local = conf['local']
self.owner = conf['owner'] # email address to notify in case of problems
+ self.hmac_secret = conf['hmac-secret'].encode('utf-8')
+ self.deploy_key = conf['deploy-key'] # the SSH ky used for authenticating against remote hosts
self.mirrors = {} # maps mirrors to their URLs
mirror_prefix = 'mirror-'
for name in filter(lambda s: s.startswith(mirror_prefix), conf.keys()):
def mail_owner(self, msg):
global mail_sender
send_mail("git-mirror {0}".format(self.name), msg, recipients = [self.owner], sender = mail_sender)
+
+ def compute_hmac(self, data):
+ h = hmac.new(self.hmac_secret, digestmod = hashlib.sha1)
+ h.update(data)
+ return h.hexdigest()
def find_mirror_by_url(self, match_urls):
for mirror, url in self.mirrors.items():
return mirror
return None
+ def setup_env(self):
+ '''Setup the environment to work with this repository'''
+ os.chdir(self.local)
+ ssh_set_ident = os.path.join(os.path.dirname(__file__), 'ssh-set-ident.sh')
+ os.putenv('GIT_SSH', ssh_set_ident)
+ ssh_ident = os.path.join(os.path.expanduser('~/.ssh'), self.deploy_key)
+ os.putenv('SSH_IDENT', ssh_ident)
+
def update_mirrors(self, ref, oldsha, newsha, except_mirrors = [], suppress_stderr = False):
'''Update the <ref> from <oldsha> to <newsha> on all mirrors. The update must already have happened locally.'''
assert len(oldsha) == 40 and len(newsha) == 40, "These are not valid SHAs."
- os.chdir(self.local)
+ self.setup_env()
# check for a forced update
is_forced = newsha != git_nullsha and oldsha != git_nullsha and git_is_forced_update(oldsha, newsha)
# tell all the mirrors
def update_ref_from_mirror(self, ref, oldsha, newsha, mirror, suppress_stderr = False):
'''Update the local version of this <ref> to what's currently on the given <mirror>. <oldsha> and <newsha> are checked. Then update all the other mirrors.'''
- os.chdir(self.local)
+ self.setup_env()
url = self.mirrors[mirror]
# first check whether the remote really is at newsha
remote_state, code = git.ls_remote(url, ref)
global mail_sender
conffile = os.path.join(os.path.dirname(__file__), 'git-mirror.conf')
conf = read_config(conffile)
- mail_sender = conf['mail-sender']
+ mail_sender = conf['DEFAULT']['mail-sender']
repos = {}
for name, section in conf.items():