From 80be18162921268be9c8981495c9e8a4de0c85cd Mon Sep 17 00:00:00 2001 From: Christian Heimes Date: Thu, 2 Mar 2017 16:09:53 +0100 Subject: [PATCH] Move csrgen templates into ipaclient package csrgen broke packaging of ipaclient for PyPI. All csrgen related resources are now package data of ipaclient package. Package data is accessed with Jinja's PackageLoader() or through pkg_resources. https://pagure.io/freeipa/issue/6714 Signed-off-by: Christian Heimes Reviewed-By: Ben Lipton Reviewed-By: Martin Basti --- configure.ac | 1 - freeipa.spec.in | 13 ++++--- install/share/Makefile.am | 1 - install/share/csrgen/Makefile.am | 35 ------------------- ipaclient/csrgen.py | 21 +++++++---- .../csrgen/profiles/caIPAserviceCert.json | 0 .../csrgen/profiles/userCert.json | 0 .../csrgen/rules/dataDNS.json | 0 .../csrgen/rules/dataEmail.json | 0 .../csrgen/rules/dataHostCN.json | 0 .../csrgen/rules/dataSubjectBase.json | 0 .../csrgen/rules/dataUsernameCN.json | 0 .../csrgen/rules/syntaxSAN.json | 0 .../csrgen/rules/syntaxSubject.json | 0 .../csrgen/templates/certutil_base.tmpl | 0 .../csrgen/templates/openssl_base.tmpl | 0 .../csrgen/templates/openssl_macros.tmpl | 0 ipaclient/setup.py | 10 +++++- ipaplatform/base/paths.py | 1 - 19 files changed, 30 insertions(+), 52 deletions(-) delete mode 100644 install/share/csrgen/Makefile.am rename {install/share => ipaclient}/csrgen/profiles/caIPAserviceCert.json (100%) rename {install/share => ipaclient}/csrgen/profiles/userCert.json (100%) rename {install/share => ipaclient}/csrgen/rules/dataDNS.json (100%) rename {install/share => ipaclient}/csrgen/rules/dataEmail.json (100%) rename {install/share => ipaclient}/csrgen/rules/dataHostCN.json (100%) rename {install/share => ipaclient}/csrgen/rules/dataSubjectBase.json (100%) rename {install/share => ipaclient}/csrgen/rules/dataUsernameCN.json (100%) rename {install/share => ipaclient}/csrgen/rules/syntaxSAN.json (100%) rename {install/share => ipaclient}/csrgen/rules/syntaxSubject.json (100%) rename {install/share => ipaclient}/csrgen/templates/certutil_base.tmpl (100%) rename {install/share => ipaclient}/csrgen/templates/openssl_base.tmpl (100%) rename {install/share => ipaclient}/csrgen/templates/openssl_macros.tmpl (100%) diff --git a/configure.ac b/configure.ac index 31bfa8aaf..4a3ba15a5 100644 --- a/configure.ac +++ b/configure.ac @@ -463,7 +463,6 @@ AC_CONFIG_FILES([ install/share/Makefile install/share/advise/Makefile install/share/advise/legacy/Makefile - install/share/csrgen/Makefile install/share/profiles/Makefile install/share/schema.d/Makefile install/ui/Makefile diff --git a/freeipa.spec.in b/freeipa.spec.in index cc7422aad..db591e09b 100644 --- a/freeipa.spec.in +++ b/freeipa.spec.in @@ -1231,13 +1231,6 @@ fi %{_usr}/share/ipa/advise/legacy/*.template %dir %{_usr}/share/ipa/profiles %{_usr}/share/ipa/profiles/*.cfg -%dir %{_usr}/share/ipa/csrgen -%dir %{_usr}/share/ipa/csrgen/templates -%{_usr}/share/ipa/csrgen/templates/*.tmpl -%dir %{_usr}/share/ipa/csrgen/profiles -%{_usr}/share/ipa/csrgen/profiles/*.json -%dir %{_usr}/share/ipa/csrgen/rules -%{_usr}/share/ipa/csrgen/rules/*.json %dir %{_usr}/share/ipa/html %{_usr}/share/ipa/html/ffconfig.js %{_usr}/share/ipa/html/ffconfig_page.js @@ -1364,6 +1357,9 @@ fi %{python_sitelib}/ipaclient/plugins/*.py* %{python_sitelib}/ipaclient/remote_plugins/*.py* %{python_sitelib}/ipaclient/remote_plugins/2_*/*.py* +%{python_sitelib}/ipaclient/csrgen/profiles/*.json +%{python_sitelib}/ipaclient/csrgen/rules/*.json +%{python_sitelib}/ipaclient/csrgen/templates/*.tmpl %{python_sitelib}/ipaclient-*.egg-info @@ -1384,6 +1380,9 @@ fi %{python3_sitelib}/ipaclient/remote_plugins/__pycache__/*.py* %{python3_sitelib}/ipaclient/remote_plugins/2_*/*.py %{python3_sitelib}/ipaclient/remote_plugins/2_*/__pycache__/*.py* +%{python3_sitelib}/ipaclient/csrgen/profiles/*.json +%{python3_sitelib}/ipaclient/csrgen/rules/*.json +%{python3_sitelib}/ipaclient/csrgen/templates/*.tmpl %{python3_sitelib}/ipaclient-*.egg-info %endif # with_python3 diff --git a/install/share/Makefile.am b/install/share/Makefile.am index bbf6ce10a..1e8f0d572 100644 --- a/install/share/Makefile.am +++ b/install/share/Makefile.am @@ -2,7 +2,6 @@ NULL = SUBDIRS = \ advise \ - csrgen \ profiles \ schema.d \ $(NULL) diff --git a/install/share/csrgen/Makefile.am b/install/share/csrgen/Makefile.am deleted file mode 100644 index 12c62c4d9..000000000 --- a/install/share/csrgen/Makefile.am +++ /dev/null @@ -1,35 +0,0 @@ -NULL = - -profiledir = $(IPA_DATA_DIR)/csrgen/profiles -profile_DATA = \ - profiles/caIPAserviceCert.json \ - profiles/userCert.json \ - $(NULL) - -ruledir = $(IPA_DATA_DIR)/csrgen/rules -rule_DATA = \ - rules/dataDNS.json \ - rules/dataEmail.json \ - rules/dataHostCN.json \ - rules/dataUsernameCN.json \ - rules/dataSubjectBase.json \ - rules/syntaxSAN.json \ - rules/syntaxSubject.json \ - $(NULL) - -templatedir = $(IPA_DATA_DIR)/csrgen/templates -template_DATA = \ - templates/certutil_base.tmpl \ - templates/openssl_base.tmpl \ - templates/openssl_macros.tmpl \ - $(NULL) - -EXTRA_DIST = \ - $(profile_DATA) \ - $(rule_DATA) \ - $(template_DATA) \ - $(NULL) - -MAINTAINERCLEANFILES = \ - *~ \ - Makefile.in diff --git a/ipaclient/csrgen.py b/ipaclient/csrgen.py index 96100ae82..8c41e3985 100644 --- a/ipaclient/csrgen.py +++ b/ipaclient/csrgen.py @@ -8,6 +8,8 @@ import os.path import pipes import traceback +import pkg_resources + import jinja2 import jinja2.ext import jinja2.sandbox @@ -15,7 +17,6 @@ import six from ipalib import errors from ipalib.text import _ -from ipaplatform.paths import paths from ipapython.ipa_log_manager import log_mgr if six.PY3: @@ -72,10 +73,14 @@ class Formatter(object): """ base_template_name = None - def __init__(self, csr_data_dir=paths.CSR_DATA_DIR): + def __init__(self, csr_data_dir=None): + if csr_data_dir is not None: + loader = jinja2.FileSystemLoader( + os.path.join(csr_data_dir, 'templates')) + else: + loader = jinja2.PackageLoader('ipaclient', 'csrgen/templates') self.jinja2 = jinja2.sandbox.SandboxedEnvironment( - loader=jinja2.FileSystemLoader( - os.path.join(csr_data_dir, 'templates')), + loader=loader, extensions=[jinja2.ext.ExprStmtExtension, IPAExtension], keep_trailing_newline=True, undefined=IndexableUndefined) @@ -277,9 +282,13 @@ class RuleProvider(object): class FileRuleProvider(RuleProvider): - def __init__(self, csr_data_dir=paths.CSR_DATA_DIR): + def __init__(self, csr_data_dir=None): self.rules = {} - self.csr_data_dir = csr_data_dir + if csr_data_dir is None: + self.csr_data_dir = pkg_resources.resource_filename( + 'ipaclient', 'csrgen') + else: + self.csr_data_dir = csr_data_dir def _rule(self, rule_name, helper): if (rule_name, helper) not in self.rules: diff --git a/install/share/csrgen/profiles/caIPAserviceCert.json b/ipaclient/csrgen/profiles/caIPAserviceCert.json similarity index 100% rename from install/share/csrgen/profiles/caIPAserviceCert.json rename to ipaclient/csrgen/profiles/caIPAserviceCert.json diff --git a/install/share/csrgen/profiles/userCert.json b/ipaclient/csrgen/profiles/userCert.json similarity index 100% rename from install/share/csrgen/profiles/userCert.json rename to ipaclient/csrgen/profiles/userCert.json diff --git a/install/share/csrgen/rules/dataDNS.json b/ipaclient/csrgen/rules/dataDNS.json similarity index 100% rename from install/share/csrgen/rules/dataDNS.json rename to ipaclient/csrgen/rules/dataDNS.json diff --git a/install/share/csrgen/rules/dataEmail.json b/ipaclient/csrgen/rules/dataEmail.json similarity index 100% rename from install/share/csrgen/rules/dataEmail.json rename to ipaclient/csrgen/rules/dataEmail.json diff --git a/install/share/csrgen/rules/dataHostCN.json b/ipaclient/csrgen/rules/dataHostCN.json similarity index 100% rename from install/share/csrgen/rules/dataHostCN.json rename to ipaclient/csrgen/rules/dataHostCN.json diff --git a/install/share/csrgen/rules/dataSubjectBase.json b/ipaclient/csrgen/rules/dataSubjectBase.json similarity index 100% rename from install/share/csrgen/rules/dataSubjectBase.json rename to ipaclient/csrgen/rules/dataSubjectBase.json diff --git a/install/share/csrgen/rules/dataUsernameCN.json b/ipaclient/csrgen/rules/dataUsernameCN.json similarity index 100% rename from install/share/csrgen/rules/dataUsernameCN.json rename to ipaclient/csrgen/rules/dataUsernameCN.json diff --git a/install/share/csrgen/rules/syntaxSAN.json b/ipaclient/csrgen/rules/syntaxSAN.json similarity index 100% rename from install/share/csrgen/rules/syntaxSAN.json rename to ipaclient/csrgen/rules/syntaxSAN.json diff --git a/install/share/csrgen/rules/syntaxSubject.json b/ipaclient/csrgen/rules/syntaxSubject.json similarity index 100% rename from install/share/csrgen/rules/syntaxSubject.json rename to ipaclient/csrgen/rules/syntaxSubject.json diff --git a/install/share/csrgen/templates/certutil_base.tmpl b/ipaclient/csrgen/templates/certutil_base.tmpl similarity index 100% rename from install/share/csrgen/templates/certutil_base.tmpl rename to ipaclient/csrgen/templates/certutil_base.tmpl diff --git a/install/share/csrgen/templates/openssl_base.tmpl b/ipaclient/csrgen/templates/openssl_base.tmpl similarity index 100% rename from install/share/csrgen/templates/openssl_base.tmpl rename to ipaclient/csrgen/templates/openssl_base.tmpl diff --git a/install/share/csrgen/templates/openssl_macros.tmpl b/ipaclient/csrgen/templates/openssl_macros.tmpl similarity index 100% rename from install/share/csrgen/templates/openssl_macros.tmpl rename to ipaclient/csrgen/templates/openssl_macros.tmpl diff --git a/ipaclient/setup.py b/ipaclient/setup.py index 93cb1e8fb..f5be7ea61 100644 --- a/ipaclient/setup.py +++ b/ipaclient/setup.py @@ -43,6 +43,13 @@ if __name__ == '__main__': "ipaclient.remote_plugins.2_156", "ipaclient.remote_plugins.2_164", ], + package_data={ + 'ipaclient': [ + 'csrgen/profiles/*.json', + 'csrgen/rules/*.json', + 'csrgen/templates/*.tmpl', + ], + }, install_requires=[ "cryptography", "ipalib", @@ -56,5 +63,6 @@ if __name__ == '__main__': extras_require={ "install": ["ipaplatform"], "otptoken_yubikey": ["yubico", "usb"] - } + }, + zip_safe=False, ) diff --git a/ipaplatform/base/paths.py b/ipaplatform/base/paths.py index e4d4f2edc..de4ea23d3 100644 --- a/ipaplatform/base/paths.py +++ b/ipaplatform/base/paths.py @@ -238,7 +238,6 @@ class BasePathNamespace(object): SCHEMA_COMPAT_ULDIF = "/usr/share/ipa/schema_compat.uldif" IPA_JS_PLUGINS_DIR = "/usr/share/ipa/ui/js/plugins" UPDATES_DIR = "/usr/share/ipa/updates/" - CSR_DATA_DIR = "/usr/share/ipa/csrgen" DICT_WORDS = "/usr/share/dict/words" CACHE_IPA_SESSIONS = "/var/cache/ipa/sessions" VAR_KERBEROS_KRB5KDC_DIR = "/var/kerberos/krb5kdc/"