From 296bc5fbc5d08ed91771a39f47f02ae90164aa6b Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Thu, 11 Oct 2018 09:50:49 +0200 Subject: Permit to give board to user By default LAVA give owning of boards to admin, this patch permit to give board to a specific user. --- README.md | 1 + lava-slave/Dockerfile | 1 + lava-slave/deviceinfo/.empty | 0 lava-slave/scripts/setup.sh | 13 +++++++++++-- lavalab-gen.py | 4 ++++ 5 files changed, 17 insertions(+), 2 deletions(-) create mode 100644 lava-slave/deviceinfo/.empty diff --git a/README.md b/README.md index 902b517..df92777 100644 --- a/README.md +++ b/README.md @@ -263,6 +263,7 @@ boards: tags: (optional) List of tag to set on this device - tag1 - tag2 + user: (optional) Name of user owning the board (LAVA default is admin) # One of uart or connection_command must be choosen uart: idvendor: The VID of the UART (Formated as 0xXXXX) diff --git a/lava-slave/Dockerfile b/lava-slave/Dockerfile index c029e47..7b811bf 100644 --- a/lava-slave/Dockerfile +++ b/lava-slave/Dockerfile @@ -39,6 +39,7 @@ COPY scripts/setup.sh . COPY devices/ /root/devices/ COPY tags/ /root/tags/ +COPY deviceinfo/ /root/deviceinfo/ RUN if [ -x /root/extra_actions ] ; then /root/extra_actions ; fi diff --git a/lava-slave/deviceinfo/.empty b/lava-slave/deviceinfo/.empty new file mode 100644 index 0000000..e69de29 diff --git a/lava-slave/scripts/setup.sh b/lava-slave/scripts/setup.sh index f281f6b..ef20790 100755 --- a/lava-slave/scripts/setup.sh +++ b/lava-slave/scripts/setup.sh @@ -80,6 +80,15 @@ do fi touch /root/.lavadocker/devicetype-$devicetype fi + DEVICE_OPTS="" + if [ -e /root/deviceinfo/$devicename ];then + echo "Found customization for $devicename" + . /root/deviceinfo/$devicename + if [ ! -z "$DEVICE_USER" ];then + echo "DEBUG: give $devicename to $DEVICE_USER" + DEVICE_OPTS="$DEVICE_OPTS --user $DEVICE_USER" + fi + fi echo "Add device $devicename on $worker" grep -q "$devicename[[:space:]]" /tmp/devices.list if [ $? -eq 0 ];then @@ -106,11 +115,11 @@ do DEVICE_HEALTH='UNKNOWN' ;; esac - lavacli $LAVACLIOPTS devices update --worker $worker --health $DEVICE_HEALTH $devicename || exit $? + lavacli $LAVACLIOPTS devices update --worker $worker --health $DEVICE_HEALTH $DEVICE_OPTS $devicename || exit $? # always reset the device dict in case of update of it lavacli $LAVACLIOPTS devices dict set $devicename /root/devices/$worker/$device || exit $? else - lavacli $LAVACLIOPTS devices add --type $devicetype --worker $worker $devicename || exit $? + lavacli $LAVACLIOPTS devices add --type $devicetype --worker $worker $DEVICE_OPTS $devicename || exit $? lavacli $LAVACLIOPTS devices dict set $devicename /root/devices/$worker/$device || exit $? fi if [ -e /root/tags/$devicename ];then diff --git a/lavalab-gen.py b/lavalab-gen.py index ce24e2d..12b4807 100755 --- a/lavalab-gen.py +++ b/lavalab-gen.py @@ -465,6 +465,10 @@ def main(): for tag in board["tags"]: ftag.write("%s\n" % tag) ftag.close() + if "user" in board: + deviceinfo = open("%s/deviceinfo/%s" % (workerdir, board_name), 'w') + deviceinfo.write("DEVICE_USER=%s\n" % board["user"]) + deviceinfo.close() if "custom_option" in board: for coption in board["custom_option"]: device_line += "{%% %s %%}\n" % coption -- cgit 1.2.3-korg From 033ceaa64ad89cdedb45f3fc3b6269063402b1bd Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Tue, 16 Oct 2018 16:08:31 +0200 Subject: Permit to create groups This patch adds support for creating groups --- README.md | 5 +++++ lava-master/Dockerfile | 1 + lava-master/scripts/setup.sh | 24 ++++++++++++++++++++++++ lavalab-gen.py | 25 +++++++++++++++++++++++-- 4 files changed, 53 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index df92777..07139d7 100644 --- a/README.md +++ b/README.md @@ -228,6 +228,11 @@ masters: email: email of the user (optional) superuser: yes/no (default no) staff: yes/no (default no) + groups: + - name: Name of the group this user should join + groups: + - name: LAVA group name + submitter: True/False Can this group can submit jobs tokens: - username: The LAVA user owning the token below. (This user should be created via users:) token: The token for this callback diff --git a/lava-master/Dockerfile b/lava-master/Dockerfile index d824135..cf47c39 100644 --- a/lava-master/Dockerfile +++ b/lava-master/Dockerfile @@ -11,6 +11,7 @@ COPY health-checks/* /etc/lava-server/dispatcher-config/health-checks/ COPY devices/ /root/devices/ COPY device-types/ /root/device-types/ COPY users/ /root/lava-users/ +COPY groups/ /root/lava-groups/ COPY tokens/ /root/lava-callback-tokens/ COPY scripts/setup.sh / diff --git a/lava-master/scripts/setup.sh b/lava-master/scripts/setup.sh index 426876f..b362d16 100755 --- a/lava-master/scripts/setup.sh +++ b/lava-master/scripts/setup.sh @@ -66,6 +66,30 @@ if [ -e /root/lava-users ];then done fi +if [ -e /root/lava-groups ];then + for group in $(ls /root/lava-groups/*group) + do + GROUPNAME="" + SUBMIT=0 + OPTION_SUBMIT="" + . $group + if [ $SUBMIT -eq 1 ];then + echo "DEBUG: $GROUPNAME can submit jobs" + OPTION_SUBMIT="--submitting" + fi + echo "DEBUG: Add group $GROUPNAME" + lava-server manage groups add $OPTION_SUBMIT $GROUPNAME || exit 1 + if [ -e ${group}.list ];then + echo "DEBUG: Found ${group}.list" + while read username + do + echo "DEBUG: Add user $username to group $GROUPNAME" + lava-server manage groups update --username $username $GROUPNAME || exit 1 + done < ${group}.list + fi + done +fi + if [ -e /root/lava-callback-tokens ];then for ct in $(ls /root/lava-callback-tokens) do diff --git a/lavalab-gen.py b/lavalab-gen.py index 12b4807..17eba31 100755 --- a/lavalab-gen.py +++ b/lavalab-gen.py @@ -90,7 +90,7 @@ def main(): else: masters = workers["masters"] for master in masters: - keywords_master = [ "name", "type", "host", "users", "tokens", "webadmin_https", "persistent_db", "zmq_auth", "zmq_auth_key", "zmq_auth_key_secret", "http_fqdn" ] + keywords_master = [ "name", "type", "host", "users", "groups", "tokens", "webadmin_https", "persistent_db", "zmq_auth", "zmq_auth_key", "zmq_auth_key_secret", "http_fqdn" ] for keyword in master: if not keyword in keywords_master: print("WARNING: unknown keyword %s" % keyword) @@ -131,6 +131,8 @@ def main(): # handle users / tokens userdir = "%s/users" % workerdir os.mkdir(userdir) + groupdir = "%s/groups" % workerdir + os.mkdir(groupdir) worker = master webadmin_https = False if "webadmin_https" in worker: @@ -163,7 +165,7 @@ def main(): need_zmq_auth_gen = True if "users" in worker: for user in worker["users"]: - keywords_users = [ "name", "staff", "superuser", "password", "token", "email" ] + keywords_users = [ "name", "staff", "superuser", "password", "token", "email", "groups" ] for keyword in user: if not keyword in keywords_users: print("WARNING: unknown keyword %s" % keyword) @@ -188,6 +190,25 @@ def main(): if value is True: ftok.write("SUPERUSER=1\n") ftok.close() + if "groups" in user: + for group in user["groups"]: + groupname = group["name"] + print("\tAdd user %s to %s" % (username, groupname)) + fgrp_userlist = open("%s/%s.group.list" % (groupdir, groupname), "a") + fgrp_userlist.write("%s\n" % username) + fgrp_userlist.close() + if "groups" in worker: + for group in worker["groups"]: + groupname = group["name"] + print("\tAdding group %s" % groupname) + fgrp = open("%s/%s.group" % (groupdir, groupname), "w") + fgrp.write("GROUPNAME=%s\n" % groupname) + submitter = False + if "submitter" in group: + submitter = group["submitter"] + if submitter: + fgrp.write("SUBMIT=1\n") + fgrp.close() tokendir = "%s/tokens" % workerdir os.mkdir(tokendir) if "tokens" in worker: -- cgit 1.2.3-korg From 135f1dca856775d0d365c0c1045a7add8626da01 Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Tue, 16 Oct 2018 11:20:59 +0200 Subject: Permit to set a group on boards This patch permit to add a group on boards --- README.md | 3 ++- lava-slave/scripts/setup.sh | 4 ++++ lavalab-gen.py | 7 +++++++ 3 files changed, 13 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 07139d7..32f53ed 100644 --- a/README.md +++ b/README.md @@ -268,7 +268,8 @@ boards: tags: (optional) List of tag to set on this device - tag1 - tag2 - user: (optional) Name of user owning the board (LAVA default is admin) + user: (optional) Name of user owning the board (LAVA default is admin) user is exclusive with group + group: (optional) Name of group owning the board (no LAVA default) group is exclusive with user # One of uart or connection_command must be choosen uart: idvendor: The VID of the UART (Formated as 0xXXXX) diff --git a/lava-slave/scripts/setup.sh b/lava-slave/scripts/setup.sh index ef20790..9fbd796 100755 --- a/lava-slave/scripts/setup.sh +++ b/lava-slave/scripts/setup.sh @@ -88,6 +88,10 @@ do echo "DEBUG: give $devicename to $DEVICE_USER" DEVICE_OPTS="$DEVICE_OPTS --user $DEVICE_USER" fi + if [ ! -z "$DEVICE_GROUP" ];then + echo "DEBUG: give $devicename to group $DEVICE_GROUP" + DEVICE_OPTS="$DEVICE_OPTS --group $DEVICE_GROUP" + fi fi echo "Add device $devicename on $worker" grep -q "$devicename[[:space:]]" /tmp/devices.list diff --git a/lavalab-gen.py b/lavalab-gen.py index 17eba31..9af872b 100755 --- a/lavalab-gen.py +++ b/lavalab-gen.py @@ -490,6 +490,13 @@ def main(): deviceinfo = open("%s/deviceinfo/%s" % (workerdir, board_name), 'w') deviceinfo.write("DEVICE_USER=%s\n" % board["user"]) deviceinfo.close() + if "group" in board: + if "user" in board: + print("user and group are exclusive") + sys.exit(1) + deviceinfo = open("%s/deviceinfo/%s" % (workerdir, board_name), 'w') + deviceinfo.write("DEVICE_GROUP=%s\n" % board["group"]) + deviceinfo.close() if "custom_option" in board: for coption in board["custom_option"]: device_line += "{%% %s %%}\n" % coption -- cgit 1.2.3-korg