This is an automated email from the ASF dual-hosted git repository.
sebb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/whimsy.git
The following commit(s) were added to refs/heads/master by this push:
new 99d9d01 Hack to get round gem path issue
99d9d01 is described below
commit 99d9d0151f006fdfcd22498938c0ac201a6d74b4
Author: Sebb <[email protected]>
AuthorDate: Wed Mar 23 15:16:30 2022 +0000
Hack to get round gem path issue
---
.github/workflows/unittestagenda.yml | 8 ++++-
lib/whimsy/asf/ldap_setup.rb | 61 ++++++++++++++++++++++++++++++++++++
2 files changed, 68 insertions(+), 1 deletion(-)
diff --git a/.github/workflows/unittestagenda.yml
b/.github/workflows/unittestagenda.yml
index 63a9872..322e35d 100644
--- a/.github/workflows/unittestagenda.yml
+++ b/.github/workflows/unittestagenda.yml
@@ -40,9 +40,15 @@ jobs:
- name: setup agenda 2
run: |
ruby -e '$:.each {|l| puts l}'
+ echo '---------'
sudo ruby -e '$:.each {|l| puts l}'
+ echo '---------'
sudo -E ruby -e '$:.each {|l| puts l}'
- sudo -E ruby -I $PWD/lib -r whimsy/asf -e "ASF::LDAP.configure"
+ echo '---------'
+ # Fails to find wunderbar:
+ # sudo -E ruby -I $PWD/lib -r whimsy/asf -e "ASF::LDAP.configure"
+ # try this instead
+ sudo ruby $PWD/lib/whimsy/asf/ldap_setup.rb
- name: test agenda code
run: |
cd www/board/agenda
diff --git a/lib/whimsy/asf/ldap_setup.rb b/lib/whimsy/asf/ldap_setup.rb
new file mode 100644
index 0000000..95ff71e
--- /dev/null
+++ b/lib/whimsy/asf/ldap_setup.rb
@@ -0,0 +1,61 @@
+# update /etc/ldap.conf. Usage:
+#
+# TEMP HACK for use with github actions to get round gem path issue under
sudo
+#
+# sudo ruby /srv/whimsy/lib/whimsy/asf/ldap_setup.rb
+#
+
+HOSTS = %w(
+ ldaps://ldap-us-ro.apache.org:636
+ ldaps://ldap-eu-ro.apache.org:636
+)
+
+ETCLDAP = case
+ when Dir.exist?('/etc/openldap') then '/etc/openldap'
+ when Dir.exist?('/usr/local/etc/openldap') then '/user/local//etc/openldap'
+ else '/etc/ldap'
+end
+
+def configure
+ cert = Dir["#{ETCLDAP}/asf*-ldap-client.pem"].first
+
+ # verify/obtain/write the cert
+ unless cert
+ cert = "#{ETCLDAP}/asf-ldap-client.pem"
+ File.write cert, self.extract_cert
+ end
+
+ # read the current configuration file
+ ldap_conf = "#{ETCLDAP}/ldap.conf"
+ content = File.read(ldap_conf)
+
+ # ensure that the right cert is used
+ unless content =~ /asf.*-ldap-client\.pem/
+ content.gsub!(/^TLS_CACERT/i, '# TLS_CACERT')
+ content += "TLS_CACERT #{ETCLDAP}/asf-ldap-client.pem\n"
+ end
+
+ # provide the URIs of the ldap HOSTS
+ content.gsub!(/^URI/, '# URI')
+ content += "uri \n" unless content =~ /^uri /
+ content[/uri (.*)\n/, 1] = HOSTS.join(' ')
+
+ # verify/set the base
+ unless content.include? 'base dc=apache'
+ content.gsub!(/^BASE/i, '# BASE')
+ content += "base dc=apache,dc=org\n"
+ end
+
+ # ensure TLS_REQCERT is allow (Mac OS/X only)
+ if ETCLDAP.include? 'openldap' and not content.include? 'REQCERT allow'
+ content.gsub!(/^TLS_REQCERT/i, '# TLS_REQCERT')
+ content += "TLS_REQCERT allow\n"
+ end
+
+ # write the configuration if there were any changes
+ File.write(ldap_conf, content) unless content == File.read(ldap_conf)
+end
+
+if __FILE__ == $0
+ configure
+end
