Add SSH key syncing to user sync
Previously the user update script only synced the SSH keys upon adding a user.
This will make it add new keys to gerrit on every run.
Fixes bug #1001180
Also added a lock file since it is sometimes taking longer than 15 minutes to
execute (especially now we are pulling SSH keys) and has jammed up StackForge.
Change-Id: I28fd0f557568c20a07e724bcd3d9c789a62fff42
diff --git a/update_gerrit_users.py b/update_gerrit_users.py
index 6816291..9389829 100755
--- a/update_gerrit_users.py
+++ b/update_gerrit_users.py
@@ -17,6 +17,7 @@
import os
import sys
+import fcntl
import uuid
import os
import subprocess
@@ -36,6 +37,14 @@
DEBUG = False
+pid_file = '/tmp/update_gerrit_users.pid'
+fp = open(pid_file, 'w')
+try:
+ fcntl.lockf(fp, fcntl.LOCK_EX | fcntl.LOCK_NB)
+except IOError:
+ # another instance is running
+ sys.exit(0)
+
parser = argparse.ArgumentParser()
parser.add_argument('user', help='The gerrit admin user')
parser.add_argument('ssh_key', help='The gerrit admin SSH key file')
@@ -244,7 +253,7 @@
print "\t", new_groups
for (username, user_details) in users.items():
-
+ member = launchpad.people[username]
# accounts
account_id = None
if cur.execute("""select account_id from account_external_ids where
@@ -253,9 +262,7 @@
# We have this bad boy - all we need to do is update his group membership
else:
-
# We need details
- member = launchpad.people[username]
if not member.is_team:
openid_consumer = consumer.Consumer(dict(id=randomString(16, '0123456789abcdef')), None)
@@ -272,9 +279,6 @@
and account_id = %s""",
('username:%s' % username, account_id))
else:
- user_details['ssh_keys'] = ["%s %s %s" % (get_type(key.keytype), key.keytext, key.comment) for key in member.sshkeys]
-
-
email = None
try:
email = member.preferred_email_address.email
@@ -290,25 +294,6 @@
cur.execute("""insert into accounts (account_id, full_name, preferred_email) values
(%s, %s, %s)""", (account_id, username, user_details['email']))
- # account_ssh_keys
- for key in user_details['ssh_keys']:
-
- cur.execute("""select ssh_public_key from account_ssh_keys where
- account_id = %s""", account_id)
- db_keys = [r[0].strip() for r in cur.fetchall()]
- if key.strip() not in db_keys:
-
- cur.execute("""select max(seq)+1 from account_ssh_keys
- where account_id = %s""", account_id)
- seq = cur.fetchall()[0][0]
- if seq is None:
- seq = 1
- cur.execute("""insert into account_ssh_keys
- (ssh_public_key, valid, account_id, seq)
- values
- (%s, 'Y', %s, %s)""",
- (key.strip(), account_id, seq))
-
# account_external_ids
## external_id
if not cur.execute("""select account_id from account_external_ids
@@ -336,6 +321,27 @@
user_details['email']))
if account_id is not None:
+ # account_ssh_keys
+ user_details['ssh_keys'] = ["%s %s %s" % (get_type(key.keytype), key.keytext, key.comment) for key in member.sshkeys]
+
+ for key in user_details['ssh_keys']:
+
+ cur.execute("""select ssh_public_key from account_ssh_keys where
+ account_id = %s""", account_id)
+ db_keys = [r[0].strip() for r in cur.fetchall()]
+ if key.strip() not in db_keys:
+
+ cur.execute("""select max(seq)+1 from account_ssh_keys
+ where account_id = %s""", account_id)
+ seq = cur.fetchall()[0][0]
+ if seq is None:
+ seq = 1
+ cur.execute("""insert into account_ssh_keys
+ (ssh_public_key, valid, account_id, seq)
+ values
+ (%s, 'Y', %s, %s)""",
+ (key.strip(), account_id, seq))
+
# account_group_members
# user_details['add_groups'] is a list of group names for which the
# user is either "Approved" or "Administrator"