From f10834b0022916ef895f86d76ca1f27799b3d971 Mon Sep 17 00:00:00 2001 From: Benjamin Bohard Date: Mon, 11 Apr 2022 08:40:46 +0200 Subject: [PATCH 1/2] =?UTF-8?q?=C3=89tiquetage=20selinux=20pour=20une=20ut?= =?UTF-8?q?ilisation=20non-root?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- package | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/package b/package index 64c88c4..8ef64e1 100755 --- a/package +++ b/package @@ -108,16 +108,16 @@ if __name__ == "__main__": # volumes definition docker_args += [ - "-v", "{:s}:/src:ro".format(project_dir), - "-v", "{:s}:/dist".format(output_dir), + "-v", "{:s}:/src:z,ro".format(project_dir), + "-v", "{:s}:/dist:z".format(output_dir), ] if not args.no_lib_mounts: docker_args += [ - "-v", "{:s}:/tamarin/hooks:ro".format(tamarin.get_hooks_dir()), - "-v", "{:s}:/tamarin/lib:ro".format(tamarin.get_lib_dir()), - "-v", "{:s}:/tamarin/profiles:ro".format(tamarin.get_profiles_dir()), - "-v", "{:s}:/tamarin/utils:ro".format(tamarin.get_utils_dir()) + "-v", "{:s}:/tamarin/hooks:z,ro".format(tamarin.get_hooks_dir()), + "-v", "{:s}:/tamarin/lib:z,ro".format(tamarin.get_lib_dir()), + "-v", "{:s}:/tamarin/profiles:z,ro".format(tamarin.get_profiles_dir()), + "-v", "{:s}:/tamarin/utils:z,ro".format(tamarin.get_utils_dir()) ] # Use environment proxy if defined -- 2.17.1 From 201e6be2558aea55df1b343084b2b18b00464476 Mon Sep 17 00:00:00 2001 From: Benjamin Bohard Date: Tue, 31 Jan 2023 11:25:20 +0100 Subject: [PATCH 2/2] Utilisation de pathlib --- lib/tamarin.py | 64 +++++++++++++++++++++++++++----------------------- package | 31 ++++++++++++------------ 2 files changed, 51 insertions(+), 44 deletions(-) diff --git a/lib/tamarin.py b/lib/tamarin.py index a19a689..563c408 100644 --- a/lib/tamarin.py +++ b/lib/tamarin.py @@ -1,4 +1,4 @@ -import os, glob, subprocess, configparser, codecs, sys +import os, glob, subprocess, configparser, codecs, sys, pathlib def run_profile_hooks(profile, step, **kwargs): hooks_dir = get_hooks_dir() @@ -9,51 +9,57 @@ def run_profile_hooks(profile, step, **kwargs): trimmed_hook_name = hook_name.strip(' \t\n\r') if not trimmed_hook_name: continue - hook_path = os.path.join(hooks_dir, trimmed_hook_name) + hook_path = hooks_dir.joinpath(trimmed_hook_name) run([hook_path], **kwargs) def get_base_dir(): - return os.path.realpath(os.path.dirname(os.path.abspath(__file__)) + "/..") + base_dir = pathlib.Path(__file__).absolute().parent.parent.resolve() + return base_dir def get_hooks_dir(): - return os.path.realpath(os.path.dirname(os.path.abspath(__file__)) + "/../hooks") + hooks_dir = get_base_dir().joinpath('hooks') + return hooks_dir def get_lib_dir(): - return os.path.realpath(os.path.dirname(os.path.abspath(__file__)) + "/../lib") + lib_dir = get_base_dir().joinpath('lib') + return lib_dir def get_utils_dir(): - return os.path.realpath(os.path.dirname(os.path.abspath(__file__)) + "/../utils") - -def load_profile(profile_name, debug=False): - profile_filename = profile_name+".conf" - for profile_file in get_available_profiles(): - if profile_filename == os.path.basename(profile_file): - config = configparser.ConfigParser() - with codecs.open(profile_file, encoding = 'utf-8', mode = 'r') as handle: - config.read_file(handle) - return config - return None + utils_dir = get_base_dir().joinpath('utils') + return utils_dir def get_profiles_dir(): - return os.path.realpath(os.path.dirname(os.path.abspath(__file__)) + "/../profiles") - -def get_available_profiles(): - return glob.glob(get_profiles_dir() + '/*.conf') - -def get_available_profile_names(): - profile_files = get_available_profiles() - return [os.path.splitext(os.path.basename(f))[0] for f in profile_files] + profiles_dir = get_base_dir().joinpath('profiles') + return profiles_dir def get_workspace_dir(): """Return the absolute path to the tamarin workspace ($HOME/.tamarin)""" - home = os.environ["HOME"] - return os.path.join(os.sep, home, '.tamarin') + home = pathlib.Path(os.environ["HOME"]) + workspace_dir = home.joinpath('.tamarin') + return workspace_dir def get_workspace_subdir(subdir): """Return the absolute path to a subdirectory in tamarin workspace""" - dir_path = os.path.join(os.sep, get_workspace_dir(), subdir) - os.makedirs(dir_path, exist_ok=True) - return dir_path + subdir_path = get_workspace_dir().joinpath(subdir) + subdir_path.mkdir(parents=True, exist_ok=True) + return subdir_path + +def load_profile(profile_name, debug=False): + profile_filename = profile_name+".conf" + profile_path = get_profiles_dir().joinpath(profile_filename) + if profile_path.exists(): + config = configparser.ConfigParser() + with codecs.open(profile_path, encoding = 'utf-8', mode = 'r') as handle: + config.read_file(handle) + return config + return None + +def get_available_profiles(): + return get_profiles_dir().glob('*.conf') + +def get_available_profile_names(): + profile_files = get_available_profiles() + return [p.stem for p in profile_files] def run(cmd, captureOutput=False, pty=False, debug=False, **kwargs): """Execute an arbitrary command on the system""" diff --git a/package b/package index 8ef64e1..0d5dc44 100755 --- a/package +++ b/package @@ -1,8 +1,8 @@ #!/usr/bin/env python3 -import argparse, sys, shutil, os, subprocess +import argparse, sys, shutil, os, subprocess, pathlib -sys.path.append(os.path.dirname(__file__) + '/lib') +sys.path.append(pathlib.Path(__file__).parent.joinpath('lib').as_posix()) import tamarin @@ -28,18 +28,18 @@ def create_args_parser(): return parser def build_image(build_workspace, base_image, profile_name, profile, debug=False, rebuild=False): - shutil.copytree(tamarin.get_base_dir(), os.path.join(build_workspace, '.tamarin')) + shutil.copytree(tamarin.get_base_dir(), build_workspace.joinpath('.tamarin')) - with open("{:s}/Dockerfile".format(build_workspace), 'w') as dockerfile: + with open(build_workspace.joinpath("Dockerfile"), 'w') as dockerfile: dockerfile.write("FROM {:s}\n".format(base_image)) dockerfile.write("COPY .tamarin /tamarin\n") # Configure "containerbuild" hooks environment hooks_env = os.environ.copy() - hooks_env["PATH"] = os.environ['PATH'] + ':' + tamarin.get_lib_dir() + hooks_env["PATH"] = os.environ['PATH'] + ':' + tamarin.get_lib_dir().as_posix() # Run hooks - tamarin.run_profile_hooks(profile, 'containerbuild', cwd=build_workspace, env=hooks_env, debug=debug) + tamarin.run_profile_hooks(profile, 'containerbuild', cwd=build_workspace.as_posix(), env=hooks_env, debug=debug) image_tag = "tamarin:{:s}_{:s}_{:d}".format(profile_name, base_image.replace(':', '_'), os.getpid()) @@ -72,8 +72,9 @@ if __name__ == "__main__": cleanup(debug=args.debug) # Verify project directory - project_dir = os.path.abspath(args.project_directory) - output_dir = os.path.abspath(args.output) + project_dir = pathlib.Path(args.project_directory).absolute() + output_dir = pathlib.Path(args.output).absolute() + output_dir.mkdir(parents=True, exist_ok=True) # Load build profile profile = tamarin.load_profile(args.profile, debug=args.debug) @@ -83,7 +84,7 @@ if __name__ == "__main__": pid = os.getpid() build_workspace = tamarin.get_workspace_subdir('tmp/build_{:d}'.format(pid)) - shutil.copytree(tamarin.get_utils_dir(), os.path.join(build_workspace, 'utils')) + shutil.copytree(tamarin.get_utils_dir(), build_workspace.joinpath('utils')) base_image = args.base if args.base != '' else profile['profile']['default_image'] @@ -108,16 +109,16 @@ if __name__ == "__main__": # volumes definition docker_args += [ - "-v", "{:s}:/src:z,ro".format(project_dir), - "-v", "{:s}:/dist:z".format(output_dir), + "-v", "{:s}:/src:z,ro".format(project_dir.as_posix()), + "-v", "{:s}:/dist:z".format(output_dir.as_posix()), ] if not args.no_lib_mounts: docker_args += [ - "-v", "{:s}:/tamarin/hooks:z,ro".format(tamarin.get_hooks_dir()), - "-v", "{:s}:/tamarin/lib:z,ro".format(tamarin.get_lib_dir()), - "-v", "{:s}:/tamarin/profiles:z,ro".format(tamarin.get_profiles_dir()), - "-v", "{:s}:/tamarin/utils:z,ro".format(tamarin.get_utils_dir()) + "-v", "{:s}:/tamarin/hooks:z,ro".format(tamarin.get_hooks_dir().as_posix()), + "-v", "{:s}:/tamarin/lib:z,ro".format(tamarin.get_lib_dir().as_posix()), + "-v", "{:s}:/tamarin/profiles:z,ro".format(tamarin.get_profiles_dir().as_posix()), + "-v", "{:s}:/tamarin/utils:z,ro".format(tamarin.get_utils_dir().as_posix()) ] # Use environment proxy if defined -- 2.17.1