diff options
| author |   khilman <khilman@users.noreply.github.com> | 2018-01-25 11:52:03 -0800 |
|---|---|---|
| committer |   GitHub <noreply@github.com> | 2018-01-25 11:52:03 -0800 |
| commit | 3177c39ace236c22bf7d29ebac13e0b73f4ae39f (patch) | |
| tree | 8ba7d5048778d8335c4444584d68ca96e352266a | |
| parent | f14d69b382978069321acdec9a434ca85ac137da (diff) | |
| parent | 01f55d2fd3ea0e9620bb631dd91e475444393099 (diff) | |
Merge pull request #14 from montjoie/stafftokens
Permit to create staff/superuser users
| -rw-r--r-- | README.md | 2 | ||||
| -rw-r--r-- | lava-master/Dockerfile | 5 | ||||
| -rwxr-xr-x | lava-master/scripts/setup.sh | 13 | ||||
| -rwxr-xr-x | lavalab-gen.py | 11 | ||||
| -rw-r--r-- | tokens.yaml | 5 |
5 files changed, 28 insertions, 8 deletions
@@ -45,6 +45,8 @@ lava_server_users: - name: LAVA username token: The token of this use password: Password the this user (generated if not provided) + superuser: yes/no (default no) + staff: yes/no (default no) callback_tokens: - filename: The filename for storing the informations below, the name should be unique along other callback tokens username: The LAVA user owning the token below. (This user should be created via lava_server_users:) diff --git a/lava-master/Dockerfile b/lava-master/Dockerfile index be8a3b7..1e396d4 100644 --- a/lava-master/Dockerfile +++ b/lava-master/Dockerfile @@ -45,11 +45,6 @@ RUN service postgresql start \ && a2ensite lava-server \ && /stop.sh -# Create a admin user (Insecure note, this creates a default user, username: admin/admin) -RUN /start.sh \ - && lava-server manage users add --passwd admin --staff --superuser --email admin@example.com admin \ - && /stop.sh - # Install latest #RUN /start.sh \ # && git clone https://github.com/kernelci/lava-dispatcher.git -b master /root/lava-dispatcher \ diff --git a/lava-master/scripts/setup.sh b/lava-master/scripts/setup.sh index b60c93b..5b62c45 100755 --- a/lava-master/scripts/setup.sh +++ b/lava-master/scripts/setup.sh @@ -5,14 +5,23 @@ if [ -e /root/lava-users ];then do # User is the filename USER=$ut + USER_OPTION="" + STAFF=0 + SUPERUSER=0 . /root/lava-users/$ut if [ -z "$PASSWORD" -o "$PASSWORD" = "$TOKEN" ];then echo "Generating password..." #Could be very long, should be avoided PASSWORD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1) fi - echo "Adding username $USER DEBUG(with $TOKEN / $PASSWORD)" - lava-server manage users add --passwd $PASSWORD $USER || exit 1 + if [ $STAFF -eq 1 ];then + USER_OPTION="$USER_OPTION --staff" + fi + if [ $SUPERUSER -eq 1 ];then + USER_OPTION="$USER_OPTION --superuser" + fi + echo "Adding username $USER DEBUG(with $TOKEN / $PASSWORD / $USER_OPTION)" + lava-server manage users add --passwd $PASSWORD $USER_OPTION $USER || exit 1 if [ ! -z "$TOKEN" ];then lava-server manage tokens add --user $USER --secret $TOKEN || exit 1 fi diff --git a/lavalab-gen.py b/lavalab-gen.py index 64a4b0b..e5f5db0 100755 --- a/lavalab-gen.py +++ b/lavalab-gen.py @@ -120,7 +120,16 @@ def main(args): ftok.write("TOKEN=" + token + "\n") if user.has_key("password"): password = user["password"] - ftok.write("PASSWORD=" + password) + ftok.write("PASSWORD=" + password + "\n") + # libyaml convert yes/no to true/false... + if user.has_key("staff"): + value = user["staff"] + if value is True: + ftok.write("STAFF=1\n") + if user.has_key("superuser"): + value = user["superuser"] + if value is True: + ftok.write("SUPERUSER=1\n") ftok.close() if section_name == "callback_tokens": for token in section: diff --git a/tokens.yaml b/tokens.yaml index c6a430f..d3a8760 100644 --- a/tokens.yaml +++ b/tokens.yaml @@ -1,4 +1,9 @@ lava_server_users: + - name: admin + token: longrandomtokenadmin + password: admin + superuser: yes + staff: yes - name: example token: longrandomtoken password: examplepassword |