Renamed generate commands to build

2025-08-29 15:06:26 +02:00 · 2025-07-12 17:11:41 +02:00
parent 3eb8b54a1a
commit adec2aed84
17 changed files with 14 additions and 14 deletions
--- a/cli/build/defaults/init.py
+++ b/cli/build/defaults/init.py
--- a/cli/build/defaults/applications.py
+++ b/cli/build/defaults/applications.py
@@ -0,0 +1,106 @@
+#!/usr/bin/env python3
+
+import argparse
+import os
+import yaml
+import sys
+from pathlib import Path
+
+plugin_path = Path(__file__).resolve().parent / ".." / ".." / ".." /"lookup_plugins"
+sys.path.insert(0, str(plugin_path))
+
+from application_gid import LookupModule
+
+def load_yaml_file(path):
+    """Load a YAML file if it exists, otherwise return an empty dict."""
+    if not path.exists():
+        return {}
+    with path.open("r", encoding="utf-8") as f:
+        return yaml.safe_load(f) or {}
+
+
+def main():
+    parser = argparse.ArgumentParser(
+        description="Generate defaults_applications YAML from docker roles and include users meta data for each role."
+    )
+    parser.add_argument(
+        "--roles-dir",
+        help="Path to the roles directory (default: roles)"
+    )
+    parser.add_argument(
+        "--output-file",
+        help="Path to output YAML file"
+    )
+
+    args = parser.parse_args()
+    cwd = Path.cwd()
+    roles_dir = (cwd / args.roles_dir).resolve()
+    output_file = (cwd / args.output_file).resolve()
+    # Ensure output directory exists
+    output_file.parent.mkdir(parents=True, exist_ok=True)
+
+    # Initialize result structure
+    result = {"defaults_applications": {}}
+
+    gid_lookup = LookupModule()
+    # Process each role for application configs
+    for role_dir in sorted(roles_dir.iterdir()):
+        role_name = role_dir.name
+        vars_main = role_dir / "vars" / "main.yml"
+        config_file = role_dir / "config" / "main.yml"
+
+        if not vars_main.exists():
+            print(f"[!] Skipping {role_name}: vars/main.yml missing")
+            continue
+
+        vars_data = load_yaml_file(vars_main)
+        try:
+            application_id = vars_data.get("application_id")
+        except Exception as e:
+            print(
+                f"Warning: failed to read application_id from {vars_main}\nException: {e}",
+                file=sys.stderr
+            )
+            sys.exit(1)
+
+        if not application_id:
+            print(f"[!] Skipping {role_name}: application_id not defined in vars/main.yml")
+            continue
+
+        if not config_file.exists():
+            print(f"[!] Skipping {role_name}: config/main.yml missing")
+            continue
+
+        config_data = load_yaml_file(config_file)
+        if config_data:
+            try:
+                gid_number = gid_lookup.run([application_id], roles_dir=str(roles_dir))[0]
+            except Exception as e:
+                print(f"Warning: failed to determine gid for '{application_id}': {e}", file=sys.stderr)
+                sys.exit(1)
+            config_data["group_id"] = gid_number
+            result["defaults_applications"][application_id] = config_data
+            users_meta_file = role_dir / "users" / "main.yml"
+            transformed_users = {}
+            if users_meta_file.exists():
+                users_meta = load_yaml_file(users_meta_file)
+                users_data = users_meta.get("users", {})
+                for user, role_user_attrs in users_data.items():
+                    transformed_users[user] = f"{{{{ users[\"{user}\"] }}}}"
+
+            # Attach transformed users under each application
+            if transformed_users:
+                result["defaults_applications"][application_id]["users"] = transformed_users
+
+    # Write out result YAML
+    with output_file.open("w", encoding="utf-8") as f:
+        yaml.dump(result, f, sort_keys=False)
+
+    try:
+        print(f"✅ Generated: {output_file.relative_to(cwd)}")
+    except ValueError:
+        print(f"✅ Generated: {output_file}")
+
+
+if __name__ == "__main__":
+    main()
--- a/cli/build/defaults/users.py
+++ b/cli/build/defaults/users.py
@@ -0,0 +1,241 @@
+#!/usr/bin/env python3
+import os
+import sys
+import argparse
+import yaml
+import glob
+from collections import OrderedDict
+
+
+def represent_str(dumper, data):
+    """
+    Custom YAML string representer that forces double quotes around any string
+    containing a Jinja2 placeholder ({{ ... }}).
+    """
+    if isinstance(data, str) and '{{' in data:
+        return dumper.represent_scalar(
+            'tag:yaml.org,2002:str',
+            data,
+            style='"'
+        )
+    return dumper.represent_scalar(
+        'tag:yaml.org,2002:str',
+        data
+    )
+
+
+def build_users(defs, primary_domain, start_id, become_pwd):
+    """
+    Construct user entries with auto-incremented UID/GID, default username/email,
+    and optional description.
+
+    Args:
+        defs (OrderedDict): Mapping of user keys to their override settings.
+        primary_domain (str): The primary domain for email addresses (e.g. 'example.com').
+        start_id (int): Starting number for UID/GID allocation (e.g. 1001).
+        become_pwd (str): Default password string for users without an override.
+
+    Returns:
+        OrderedDict: Complete user definitions with all required fields filled in.
+
+    Raises:
+        ValueError: If there are duplicate UIDs, usernames, or emails.
+    """
+    users = OrderedDict()
+    used_uids = set()
+
+    # Collect any preset UIDs to avoid collisions
+    for key, overrides in defs.items():
+        if 'uid' in overrides:
+            uid = overrides['uid']
+            if uid in used_uids:
+                raise ValueError(f"Duplicate uid {uid} for user '{key}'")
+            used_uids.add(uid)
+
+    next_uid = start_id
+    def allocate_uid():
+        nonlocal next_uid
+        # Find the next free UID not already used
+        while next_uid in used_uids:
+            next_uid += 1
+        free_uid = next_uid
+        used_uids.add(free_uid)
+        next_uid += 1
+        return free_uid
+
+    # Build each user entry
+    for key, overrides in defs.items():
+        username = overrides.get('username', key)
+        email = overrides.get('email', f"{username}@{primary_domain}")
+        description = overrides.get('description')
+        roles = overrides.get('roles', [])
+        password = overrides.get('password', become_pwd)
+
+        # Determine UID and GID
+        if 'uid' in overrides:
+            uid = overrides['uid']
+        else:
+            uid = allocate_uid()
+        gid = overrides.get('gid', uid)
+
+        entry = {
+            'username': username,
+            'email': email,
+            'password': password,
+            'uid': uid,
+            'gid': gid,
+            'roles': roles
+        }
+        if description is not None:
+            entry['description'] = description
+
+        users[key] = entry
+
+    # Ensure uniqueness of usernames and emails
+    seen_usernames = set()
+    seen_emails = set()
+
+    for key, entry in users.items():
+        un = entry['username']
+        em = entry['email']
+        if un in seen_usernames:
+            raise ValueError(f"Duplicate username '{un}' in merged users")
+        if em in seen_emails:
+            raise ValueError(f"Duplicate email '{em}' in merged users")
+        seen_usernames.add(un)
+        seen_emails.add(em)
+
+    return users
+
+
+def load_user_defs(roles_directory):
+    """
+    Scan all roles/*/users/main.yml files and merge any 'users:' sections.
+
+    Args:
+        roles_directory (str): Path to the directory containing role subdirectories.
+
+    Returns:
+        OrderedDict: Merged user definitions from all roles.
+
+    Raises:
+        ValueError: On invalid format or conflicting override values.
+    """
+    pattern = os.path.join(roles_directory, '*/users/main.yml')
+    files = sorted(glob.glob(pattern))
+    merged = OrderedDict()
+
+    for filepath in files:
+        with open(filepath, 'r') as f:
+            data = yaml.safe_load(f) or {}
+        users = data.get('users', {})
+        if not isinstance(users, dict):
+            continue
+
+        for key, overrides in users.items():
+            if not isinstance(overrides, dict):
+                raise ValueError(f"Invalid definition for user '{key}' in {filepath}")
+
+            if key not in merged:
+                merged[key] = overrides.copy()
+            else:
+                existing = merged[key]
+                for field, value in overrides.items():
+                    if field in existing and existing[field] != value:
+                        raise ValueError(
+                            f"Conflict for user '{key}': field '{field}' has existing value '{existing[field]}', tried to set '{value}' in {filepath}"
+                        )
+                existing.update(overrides)
+
+    return merged
+
+
+def dictify(data):
+    """
+    Recursively convert OrderedDict to regular dict for YAML dumping.
+    """
+    if isinstance(data, OrderedDict):
+        return {k: dictify(v) for k, v in data.items()}
+    if isinstance(data, dict):
+        return {k: dictify(v) for k, v in data.items()}
+    if isinstance(data, list):
+        return [dictify(v) for v in data]
+    return data
+
+
+def parse_args():
+    parser = argparse.ArgumentParser(
+        description='Generate a users.yml by merging all roles/*/users/main.yml definitions.'
+    )
+    parser.add_argument(
+        '--roles-dir', '-r', required=True,
+        help='Directory containing roles (e.g., roles/*/users/main.yml).'
+    )
+    parser.add_argument(
+        '--output', '-o', required=True,
+        help='Path to the output YAML file (e.g., users.yml).'
+    )
+    parser.add_argument(
+        '--start-id', '-s', type=int, default=1001,
+        help='Starting UID/GID number (default: 1001).'
+    )
+    parser.add_argument(
+        '--extra-users', '-e',
+        help='Comma-separated list of additional usernames to include.',
+        default=None
+    )
+    return parser.parse_args()
+
+
+def main():
+    args = parse_args()
+    primary_domain = '{{ primary_domain }}'
+    become_pwd = '{{ lookup("password", "/dev/null length=42 chars=ascii_letters,digits") }}'
+
+    try:
+        definitions = load_user_defs(args.roles_dir)
+    except ValueError as e:
+        print(f"Error merging user definitions: {e}", file=sys.stderr)
+        sys.exit(1)
+
+    # Add extra users if specified
+    if args.extra_users:
+        for name in args.extra_users.split(','):
+            user_key = name.strip()
+            if not user_key:
+                continue
+            if user_key in definitions:
+                print(f"Warning: extra user '{user_key}' already defined; skipping.", file=sys.stderr)
+            else:
+                definitions[user_key] = {}
+
+    try:
+        users = build_users(
+            definitions,
+            primary_domain,
+            args.start_id,
+            become_pwd
+        )
+    except ValueError as e:
+        print(f"Error building user entries: {e}", file=sys.stderr)
+        sys.exit(1)
+
+    # Convert OrderedDict into plain dict for YAML
+    default_users = {'default_users': users}
+    plain_data = dictify(default_users)
+
+    # Register custom string representer
+    yaml.SafeDumper.add_representer(str, represent_str)
+
+    # Dump the YAML file
+    with open(args.output, 'w') as f:
+        yaml.safe_dump(
+            plain_data,
+            f,
+            default_flow_style=False,
+            sort_keys=False,
+            width=120
+        )
+
+if __name__ == '__main__':
+    main()