This is an automated email from the ASF dual-hosted git repository. sebb pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/whimsy.git
The following commit(s) were added to refs/heads/master by this push: new 99d9d01 Hack to get round gem path issue 99d9d01 is described below commit 99d9d0151f006fdfcd22498938c0ac201a6d74b4 Author: Sebb <s...@apache.org> AuthorDate: Wed Mar 23 15:16:30 2022 +0000 Hack to get round gem path issue --- .github/workflows/unittestagenda.yml | 8 ++++- lib/whimsy/asf/ldap_setup.rb | 61 ++++++++++++++++++++++++++++++++++++ 2 files changed, 68 insertions(+), 1 deletion(-) diff --git a/.github/workflows/unittestagenda.yml b/.github/workflows/unittestagenda.yml index 63a9872..322e35d 100644 --- a/.github/workflows/unittestagenda.yml +++ b/.github/workflows/unittestagenda.yml @@ -40,9 +40,15 @@ jobs: - name: setup agenda 2 run: | ruby -e '$:.each {|l| puts l}' + echo '---------' sudo ruby -e '$:.each {|l| puts l}' + echo '---------' sudo -E ruby -e '$:.each {|l| puts l}' - sudo -E ruby -I $PWD/lib -r whimsy/asf -e "ASF::LDAP.configure" + echo '---------' + # Fails to find wunderbar: + # sudo -E ruby -I $PWD/lib -r whimsy/asf -e "ASF::LDAP.configure" + # try this instead + sudo ruby $PWD/lib/whimsy/asf/ldap_setup.rb - name: test agenda code run: | cd www/board/agenda diff --git a/lib/whimsy/asf/ldap_setup.rb b/lib/whimsy/asf/ldap_setup.rb new file mode 100644 index 0000000..95ff71e --- /dev/null +++ b/lib/whimsy/asf/ldap_setup.rb @@ -0,0 +1,61 @@ +# update /etc/ldap.conf. Usage: +# +# TEMP HACK for use with github actions to get round gem path issue under sudo +# +# sudo ruby /srv/whimsy/lib/whimsy/asf/ldap_setup.rb +# + +HOSTS = %w( + ldaps://ldap-us-ro.apache.org:636 + ldaps://ldap-eu-ro.apache.org:636 +) + +ETCLDAP = case + when Dir.exist?('/etc/openldap') then '/etc/openldap' + when Dir.exist?('/usr/local/etc/openldap') then '/user/local//etc/openldap' + else '/etc/ldap' +end + +def configure + cert = Dir["#{ETCLDAP}/asf*-ldap-client.pem"].first + + # verify/obtain/write the cert + unless cert + cert = "#{ETCLDAP}/asf-ldap-client.pem" + File.write cert, self.extract_cert + end + + # read the current configuration file + ldap_conf = "#{ETCLDAP}/ldap.conf" + content = File.read(ldap_conf) + + # ensure that the right cert is used + unless content =~ /asf.*-ldap-client\.pem/ + content.gsub!(/^TLS_CACERT/i, '# TLS_CACERT') + content += "TLS_CACERT #{ETCLDAP}/asf-ldap-client.pem\n" + end + + # provide the URIs of the ldap HOSTS + content.gsub!(/^URI/, '# URI') + content += "uri \n" unless content =~ /^uri / + content[/uri (.*)\n/, 1] = HOSTS.join(' ') + + # verify/set the base + unless content.include? 'base dc=apache' + content.gsub!(/^BASE/i, '# BASE') + content += "base dc=apache,dc=org\n" + end + + # ensure TLS_REQCERT is allow (Mac OS/X only) + if ETCLDAP.include? 'openldap' and not content.include? 'REQCERT allow' + content.gsub!(/^TLS_REQCERT/i, '# TLS_REQCERT') + content += "TLS_REQCERT allow\n" + end + + # write the configuration if there were any changes + File.write(ldap_conf, content) unless content == File.read(ldap_conf) +end + +if __FILE__ == $0 + configure +end