diff options
Diffstat (limited to 'tools/upgrade/1.4')
| -rw-r--r-- | tools/upgrade/1.4/README | 14 | ||||
| -rwxr-xr-x | tools/upgrade/1.4/convert_bundles.py | 32 | ||||
| -rwxr-xr-x | tools/upgrade/1.4/migrate_decisions.py | 82 | ||||
| -rwxr-xr-x | tools/upgrade/1.4/migrate_sslca.py | 44 |
4 files changed, 172 insertions, 0 deletions
diff --git a/tools/upgrade/1.4/README b/tools/upgrade/1.4/README new file mode 100644 index 000000000..b03cb9b74 --- /dev/null +++ b/tools/upgrade/1.4/README @@ -0,0 +1,14 @@ +This directory contains scripts to help with upgrading from Bcfg2 1.3 +to 1.4. + +migrate_decisions.py + - Convert old group- and host-specific whitelist and blacklist + files into structured XML + +convert_bundles.py + - Remove deprecated explicit bundle names, rename .genshi bundles + to .xml + +migrate_sslca.py + - Migrate from the standalone SSLCA plugin to the built-in SSL + certificate generation abilities of the Cfg plugin
\ No newline at end of file diff --git a/tools/upgrade/1.4/convert_bundles.py b/tools/upgrade/1.4/convert_bundles.py new file mode 100755 index 000000000..b9cb483f2 --- /dev/null +++ b/tools/upgrade/1.4/convert_bundles.py @@ -0,0 +1,32 @@ +#!/usr/bin/env python + +import os +import sys +import lxml.etree +import Bcfg2.Options + + +def main(): + parser = Bcfg2.Options.get_parser("Tool to remove bundle names") + parser.add_options([Bcfg2.Options.Common.repository]) + parser.parse() + + bundler_dir = os.path.join(Bcfg2.Options.setup.repository, "Bundler") + if os.path.exists(bundler_dir): + for root, _, files in os.walk(bundler_dir): + for fname in files: + bpath = os.path.join(root, fname) + newpath = bpath + if newpath.endswith(".genshi"): + newpath = newpath[:-6] + "xml" + print("Converting %s to %s" % (bpath, newpath)) + else: + print("Converting %s" % bpath) + xroot = lxml.etree.parse(bpath) + xdata = xroot.getroot() + if 'name' in xdata.attrib: + del xdata.attrib['name'] + xroot.write(bpath) + +if __name__ == '__main__': + sys.exit(main()) diff --git a/tools/upgrade/1.4/migrate_decisions.py b/tools/upgrade/1.4/migrate_decisions.py new file mode 100755 index 000000000..d0915f202 --- /dev/null +++ b/tools/upgrade/1.4/migrate_decisions.py @@ -0,0 +1,82 @@ +#!/usr/bin/env python + +import os +import re +import sys +import glob +import lxml.etree +import Bcfg2.Options + + +SPECIFIC = re.compile(r'.*\/(white|black)list' + r'(\.(H_(?P<host>.*)|G\d+_(?P<group>.*)))?$') + + +def convert(files, xdata): + hosts = [] + groups = [] + for oldfile in files: + spec = SPECIFIC.match(oldfile) + if spec and spec.group('host'): + hosts.append(spec.group('host')) + elif spec and spec.group('group'): + groups.append(spec.group('group')) + + for oldfile in files: + print("Converting %s" % oldfile) + spec = SPECIFIC.match(oldfile) + if not spec: + print("Skipping unknown file %s" % oldfile) + continue + + parent = xdata + if spec.group('host'): + for host in hosts: + if host != spec.group('host'): + parent = lxml.etree.SubElement(parent, "Client", + name=host, negate="true") + parent = lxml.etree.SubElement(parent, "Client", + name=spec.group('host')) + elif spec.group('group'): + for host in hosts: + parent = lxml.etree.SubElement(parent, "Client", + name=host, negate="true") + for group in groups: + if group != spec.group('group'): + parent = lxml.etree.SubElement(parent, "Group", + name=group, negate="true") + parent = lxml.etree.SubElement(parent, "Group", + name=spec.group('group')) + parent.append(lxml.etree.Comment("Converted from %s" % oldfile)) + olddata = lxml.etree.parse(oldfile, parser=Bcfg2.Server.XMLParser) + for decision in olddata.xpath('//Decision'): + parent.append(decision) + return xdata + + +def main(): + parser = Bcfg2.Options.get_parser( + description="Migrate from Bcfg2 1.3 Decisions list format to 1.4 " + "format") + parser.add_options([Bcfg2.Options.Common.repository]) + parser.parse() + + datadir = os.path.join(Bcfg2.Options.setup.repository, 'Decisions') + whitelist = lxml.etree.Element("Decisions") + blacklist = lxml.etree.Element("Decisions") + if os.path.exists(datadir): + convert(glob.glob(os.path.join(datadir, 'whitelist*')), + whitelist) + convert(glob.glob(os.path.join(datadir, 'blacklist*')), + blacklist) + + print("Writing %s" % os.path.join(datadir, "whitelist.xml")) + open(os.path.join(datadir, "whitelist.xml"), + 'w').write(lxml.etree.tostring(whitelist, pretty_print=True)) + print("Writing %s" % os.path.join(datadir, "blacklist.xml")) + open(os.path.join(datadir, "blacklist.xml"), + 'w').write(lxml.etree.tostring(blacklist, pretty_print=True)) + + +if __name__ == '__main__': + sys.exit(main()) diff --git a/tools/upgrade/1.4/migrate_sslca.py b/tools/upgrade/1.4/migrate_sslca.py new file mode 100755 index 000000000..958228c86 --- /dev/null +++ b/tools/upgrade/1.4/migrate_sslca.py @@ -0,0 +1,44 @@ +#!/usr/bin/env python + +import os +import sys +import shutil +import Bcfg2.Options + + +def main(): + parser = Bcfg2.Options.get_parser( + description="Migrate from the SSLCA plugin to built-in Cfg SSL cert " + "generation") + parser.add_options([Bcfg2.Options.Common.repository]) + parser.parse() + + sslcadir = os.path.join(Bcfg2.Options.setup.repository, 'SSLCA') + cfgdir = os.path.join(Bcfg2.Options.setup.repository, 'Cfg') + for root, _, files in os.walk(sslcadir): + if not files: + continue + newpath = cfgdir + root[len(sslcadir):] + if not os.path.exists(newpath): + print("Creating %s and copying contents from %s" % (newpath, root)) + shutil.copytree(root, newpath) + else: + print("Copying contents from %s to %s" % (root, newpath)) + for fname in files: + newfpath = os.path.exists(os.path.join(newpath, fname)) + if newfpath: + print("%s already exists, skipping" % newfpath) + else: + shutil.copy(os.path.join(root, fname), newpath) + cert = os.path.join(newpath, "cert.xml") + newcert = os.path.join(newpath, "sslcert.xml") + key = os.path.join(newpath, "key.xml") + newkey = os.path.join(newpath, "sslkey.xml") + if os.path.exists(cert): + os.rename(cert, newcert) + if os.path.exists(key): + os.rename(key, newkey) + + +if __name__ == '__main__': + sys.exit(main()) |