feat: use pyphonebook (#6)

* update docker image * hostkey checking * fix make * fix output * switch to using ubi8 instead?
kratsg · Jul 21, 2023 · 5025467 · 5025467
1 parent d087b6f
commit 5025467
Show file tree

Hide file tree

Showing 6 changed files with 62 additions and 746 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -93,6 +93,14 @@ jobs:
 
     steps:
     - uses: actions/checkout@v2
+    - name: Login to CERN GitLab
+      uses: webfactory/[email protected]
+      with:
+        ssh-private-key: ${{ secrets.GITLAB_SSH_KEY }}
+    - name: Clone pyphonebook
+      run: |
+        git -c core.sshCommand='ssh -o StrictHostKeyChecking=accept-new' clone --depth 1 --branch v2.1.5-1 ssh://[email protected]:7999/linuxsupport/rpms/pyphonebook.git cern-phonebook/pyphonebook
+        make -C cern-phonebook/pyphonebook setversion
     - name: Build Docker image
       if: "!(startsWith(github.ref, 'refs/tags/'))"
       uses: docker/build-push-action@v1

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -109,6 +109,14 @@ jobs:
         registry: ghcr.io
         username: ${{ github.repository_owner }}
         password: ${{ secrets.GITHUB_TOKEN }}
+    - name: Login to CERN GitLab
+      uses: webfactory/[email protected]
+      with:
+        ssh-private-key: ${{ secrets.GITLAB_SSH_KEY }}
+    - name: Clone pyphonebook
+      run: |
+        git -c core.sshCommand='ssh -o StrictHostKeyChecking=accept-new' clone --depth 1 --branch v2.1.5-1 ssh://[email protected]:7999/linuxsupport/rpms/pyphonebook.git cern-phonebook/pyphonebook
+        make -C cern-phonebook/pyphonebook setversion
     - name: Build and Publish to Registry
       if: "!(startsWith(github.ref, 'refs/tags/'))"
       uses: docker/build-push-action@v4

diff --git a/cern-phonebook/.gitignore b/cern-phonebook/.gitignore
@@ -0,0 +1 @@
+pyphonebook
diff --git a/cern-phonebook/Dockerfile b/cern-phonebook/Dockerfile
@@ -1,28 +1,31 @@
-ARG BASE_IMAGE=perl
+ARG BASE_IMAGE=registry.access.redhat.com/ubi8/python-39
 FROM ${BASE_IMAGE} as builder
+USER root
 WORKDIR /code/
 
-RUN apt-get update && \
-    apt-get install -y golang && \
+RUN dnf clean expire-cache && \
+    dnf install -y golang && \
     go install github.com/msoap/shell2http@latest && \
     cp $(go env GOPATH)/bin/shell2http .
 
 FROM ${BASE_IMAGE}
+USER root
 WORKDIR /app
 COPY --from=builder /code/shell2http .
 
-RUN apt-get update && \
-    apt-get install -y jq && \
-    apt-get clean autoclean && \
-    apt-get autoremove --yes && \
-    rm -rf /var/lib/{apt,dpkg,cache,log}/ && \
-    cpanm install Date::Manip Net::LDAP && \
-    rm -rf /root/.cpanm
-
 COPY entrypoint.sh /entrypoint.sh
-COPY phonebook /bin/phonebook
+COPY pyphonebook pyphonebook/
 COPY lookup.sh .
 
+RUN dnf clean expire-cache && \
+    dnf install -y cronie jq && \
+    dnf clean all && \
+    rm -rf /var/cache/dnf && \
+    python -m venv venv && \
+    ./venv/bin/python -m pip install -U pip && \
+    ./venv/bin/python -m pip install ldap3 && \
+    ./venv/bin/python -m pip install ./pyphonebook
+
 EXPOSE 8080
 ENTRYPOINT ["/entrypoint.sh"]
 CMD ["-form", "-cgi", \

diff --git a/cern-phonebook/lookup.sh b/cern-phonebook/lookup.sh
@@ -15,17 +15,40 @@ if [ ! ${v_pattern+x} ]; then
   exit 0
 fi
 
-OUTPUT=$((phonebook --all "${v_pattern}") 2>&1)
+OUTPUT=$((/app/venv/bin/pyphonebook \
+  --json "surname" \
+  --json "firstname" \
+  --json "login" \
+  --json "department" \
+  --json "group" \
+  --json "cerngroup" \
+  --json "cernsection" \
+  --json "displayname" \
+  --json "phone" \
+  --json "otherphone" \
+  --json "mobile" \
+  --json "fax" \
+  --json "office" \
+  --json "pobox" \
+  --json "email" \
+  --json "organization" \
+  --json "ccid" \
+  --json "homedir" \
+  --json "last" \
+  --json "uid" \
+  --json "gid" \
+  --json "uac" \
+  --json "type" \
+  --json "emailnick" \
+  --json "company" \
+  --json "shell" \
+  --json "secid" \
+  "${v_pattern}") 2>&1)
 
 if [ $? -ne 0 ]
 then
   STATUS=500
-  MESSAGE="${OUTPUT}"
-  CONTENT=""
-else
-  CONTENT=$(printf "${OUTPUT}" | grep -v '^#' | grep -v '^Login' | tr -s '\n' | jq -sR 'split("\n") | map(split(":")) | map(select(length > 0)) | map({(.[0]): (.[1:] | join(":") | sub("^[[:space:]]+"; "") | sub("[[:space:]]+$"; ""))}) | add' | jq '."Computer account(s)" = (to_entries[(to_entries | map(.key == "Computer account(s)") | index(true))+1:] | map([.key, .value] | join(":")))' | jq 'with_entries(select(.key | test("^[a-z]") | not))')
-  OUTPUT=$(printf '%s\n' ${OUTPUT} | perl -e 'chomp(@a=<>); print join ("\\\\n", @a), "\n"')
 fi
 
 print_header
-printf "{\"content\": ${CONTENT}, \"pattern\": \"${v_pattern}\", \"message\": \"${MESSAGE}\", \"output\": \"${OUTPUT}\"}"
+printf "{\"pattern\": \"${v_pattern}\", \"message\": \"${MESSAGE}\", \"output\": ${OUTPUT}}"