gerrit_account and gerrit_group states and formula integration
diff --git a/README.rst b/README.rst
index 19e0df9..620ac0d 100644
--- a/README.rst
+++ b/README.rst
@@ -68,6 +68,36 @@
user: gerrit
password: ${_param:postgresql_gerrit_password}
+
+Gerrit client enforcing groups
+
+.. code-block:: yaml
+
+ gerrit:
+ client:
+ group:
+ Admin001:
+ description: admin 01
+ Admin002:
+ description: admin 02
+
+
+Gerrit client enforcing users
+
+.. code-block:: yaml
+
+ gerrit:
+ client:
+ user:
+ jdoe:
+ fullname: John Doe
+ email: "jdoe@domain.com"
+ ssh_key: ssh-rsa
+ http_password: password
+ groups:
+ - Admin001
+
+
Gerrit client enforcing projects
.. code-block:: yaml
diff --git a/_modules/gerrit.py b/_modules/gerrit.py
index c067cfd..2f520b9 100644
--- a/_modules/gerrit.py
+++ b/_modules/gerrit.py
@@ -224,12 +224,20 @@
return gerrit
-def _name2id(gerrit, username=None):
+def _account_name2id(gerrit, name=None):
# Although we could pass an AccountInput entry here to set details in one
# go, it's left up to the _update_group() function, to avoid having a
# totally separate code path for create vs. update.
- account_info = gerrit.put('/accounts/%s' % quote(username))
- return account_info['_account_id']
+ info = gerrit.get('/accounts/%s' % quote(name))
+ return info['_account_id']
+
+
+def _group_name2id(gerrit, name=None):
+ # Although we could pass an AccountInput entry here to set details in one
+ # go, it's left up to the _update_group() function, to avoid having a
+ # totally separate code path for create vs. update.
+ info = gerrit.get('/groups/%s' % quote(name))
+ return info['id']
def _create_group(gerrit, name=None):
@@ -276,6 +284,8 @@
def create_group_membership(gerrit, account_id, group_id):
logging.info('Creating membership of %s in group %s', account_id, group_id)
+# group_id = _group_name2id(gerrit, group_id)
+ print group_id
path = 'groups/%s/members/%s' % (quote(group_id), account_id)
gerrit.put(path)
@@ -417,11 +427,11 @@
output['email'] = email
change |= emails_changed
-# if params.get('groups') is not None:
-# groups, groups_changed = ensure_only_member_of_these_groups(
-# gerrit, account_id, params['groups'])
-# output['groups'] = groups
-# change |= groups_changed
+ if params.get('groups') is not None:
+ groups, groups_changed = ensure_only_member_of_these_groups(
+ gerrit, account_info.get('name'), params['groups'])
+ output['groups'] = groups
+ change |= groups_changed
if params.get('http_password') is not None:
http_password = get_string(gerrit, path + '/password.http')
@@ -550,7 +560,7 @@
return ret
-def account_get(username, **kwargs):
+def account_get(name, **kwargs):
'''
Get gerrit account
@@ -558,12 +568,15 @@
.. code-block:: bash
- salt '*' gerrit.account_get username
+ salt '*' gerrit.account_get name
'''
gerrit_client = _gerrit_http_connection(**kwargs)
- item, change = _update_account(gerrit_client, username, **{})
- ret = item
+ accounts = account_list(**kwargs)
+ if(name in accounts):
+ ret = accounts.pop(name)
+ else:
+ ret = {'Error': 'Error in retrieving account'}
return ret
@@ -602,7 +615,7 @@
return ret
-def group_create(name, **kwargs):
+def group_create(name, description=None, **kwargs):
'''
Create a gerrit group
@@ -612,12 +625,12 @@
.. code-block:: bash
- salt '*' gerrit.group_create group-name
+ salt '*' gerrit.group_create group-name fsdfgwegfe
'''
gerrit_client = _gerrit_http_connection(**kwargs)
ret, changed = _update_group(
- gerrit_client, **{'name': name})
+ gerrit_client, **{'name': name, 'description': description})
return ret
diff --git a/_states/gerrit.py b/_states/gerrit.py
index d46a092..c869d6e 100644
--- a/_states/gerrit.py
+++ b/_states/gerrit.py
@@ -22,11 +22,11 @@
return 'gerrit' if 'gerrit.account_create' in __salt__ else False
-def account_present(username, fullname=None, email=None, active=None, groups=[], ssh_key=None, http_password=None, **kwargs):
+def account_present(name, fullname, email=None, active=None, groups=[], ssh_key=None, http_password=None, **kwargs):
'''
Ensures that the gerrit account exists
- :param username: username
+ :param name: username
:param fullname: fullname
:param email: email
:param active: active
@@ -38,26 +38,26 @@
:param http_password: http password
'''
- ret = {'name': username,
+ ret = {'name': name,
'changes': {},
'result': True,
- 'comment': 'Account "{0}" already exists'.format(username)}
+ 'comment': 'Account "{0}" already exists'.format(name)}
# Check if account is already present
- group = __salt__['gerrit.account_get'](username, **kwargs)
+ account = __salt__['gerrit.account_get'](name, **kwargs)
- if 'Error' not in group:
- #update group
+ if 'Error' not in account:
+ #update account
pass
else:
- # Create group
- __salt__['gerrit.project_create'](username, **kwargs)
- ret['comment'] = 'Account "{0}" has been added'.format(username)
+ # Create account
+ __salt__['gerrit.account_create'](name, fullname, email, active, groups, ssh_key, http_password, **kwargs)
+ ret['comment'] = 'Account "{0}" has been added'.format(name)
ret['changes']['Account'] = 'Created'
return ret
-def group_present(name, **kwargs):
+def group_present(name, description=None, **kwargs):
'''
Ensures that the gerrit group exists
@@ -69,14 +69,14 @@
'comment': 'Group "{0}" already exists'.format(name)}
# Check if group is already present
- group = __salt__['gerrit.group_get'](name=name, **kwargs)
+ group = __salt__['gerrit.group_get'](name, **kwargs)
if 'Error' not in group:
#update group
pass
else:
# Create group
- __salt__['gerrit.project_create'](name, **kwargs)
+ __salt__['gerrit.group_create'](name, description, **kwargs)
ret['comment'] = 'Group "{0}" has been added'.format(name)
ret['changes']['Group'] = 'Created'
return ret
diff --git a/gerrit/client/user.sls b/gerrit/client/user.sls
index 1c0ce5c..3b704c6 100644
--- a/gerrit/client/user.sls
+++ b/gerrit/client/user.sls
@@ -1,26 +1,33 @@
{% from "gerrit/map.jinja" import client with context %}
{%- if client.enabled %}
-{%- for group_name in client.get('groups', []) %}
+{%- for group_name, group in client.group.iteritems() %}
gerrit_client_group_{{ group_name }}:
gerrit.group_present:
- name: {{ group_name }}
+ {%- if group.description is defined %}
+ - description: {{ group.description }}
+ {%- endif %}
{%- endfor %}
-{%- for account_name, account in client.get('user', {}).iteritems() %}
+{%- for account_name, account in client.user.iteritems() %}
gerrit_client_account_{{ account_name }}:
gerrit.account_present:
- name: {{ account_name }}
- fullname: {{ account.fullname }}
- {%- if account.active is defined %}
- - active: {{ account.active }}
+ - active: {{ account.get('active', True) }}
+ {%- if account.email is defined %}
+ - email: {{ account.email }}
{%- endif %}
{%- if account.http_password is defined %}
- http_password: {{ account.http_password }}
{%- endif %}
+ {%- if account.ssh_key is defined %}
+ - ssh_key: {{ account.ssh_key }}
+ {%- endif %}
{%- if account.groups is defined %}
- groups:
{%- for group in account.groups %}
@@ -30,4 +37,4 @@
{%- endfor %}
-{%- endif %}
+{%- endif %}
\ No newline at end of file