Mercurial > hg > soundsoftware-site
changeset 223:c3544e9fd588 feature_20
* Some work on managing ownerships etc for doc extraction
| author | Chris Cannam <chris.cannam@soundsoftware.ac.uk> |
|---|---|
| date | Tue, 15 Feb 2011 16:58:46 +0000 |
| parents | 292cde42265a |
| children | 4d438600f46b |
| files | extra/soundsoftware/extract-docs.sh extra/soundsoftware/extract-doxygen.sh extra/soundsoftware/extract-javadoc.sh |
| diffstat | 3 files changed, 85 insertions(+), 43 deletions(-) [+] |
line wrap: on
line diff
--- a/extra/soundsoftware/extract-docs.sh Fri Feb 11 16:21:55 2011 +0000 +++ b/extra/soundsoftware/extract-docs.sh Tue Feb 15 16:58:46 2011 +0000 @@ -7,6 +7,9 @@ hgdir="/var/hg" docdir="/var/doc" +logfile="/var/www/test-cannam/log/extract-docs.log" + +redgrp="redmine" apikey="" apihost="" @@ -32,64 +35,107 @@ { p="$1" if [ -n "$apiuser" ]; then - curl -u "$apiuser":"$apipass" "http://$apihost/sys/projects/$p/embedded.xml?enable=1&key=$apikey" -d "" + sudo -u docgen curl -u "$apiuser":"$apipass" "http://$apihost/sys/projects/$p/embedded.xml?enable=1&key=$apikey" -d "" else - curl "http://$apihost/sys/projects/$p/embedded.xml?enable=1&key=$apikey" -d "" + sudo -u docgen curl "http://$apihost/sys/projects/$p/embedded.xml?enable=1&key=$apikey" -d "" fi } +# We want to ensure the doc extraction is done by the unprivileged +# user docgen, which is not a member of any interesting group +# +# To this end, we create the tmpdir with user docgen and group +# www-data, and use the www-data user to pull out an archive of the Hg +# repo tip into a location beneath that, before using the docgen user +# to extract docs from that location and write them into the tmpdir + +# Same tmpdir for each project: we delete and recreate to avoid +# cleanup duty from lots of directories being created +# +tmpdir=$(mktemp -d "$docdir/tmp_XXXXXX") + +fail() +{ + message="$1" + echo "$message" 1>&2 + case "$tmpdir" in + */tmp*) rm -rf "$tmpdir";; + *);; + esac + exit 1 +} + +case "$tmpdir" in + /*) ;; + *) fail "Temporary directory creation failed";; +esac + +chown docgen.www-data "$tmpdir" || fail "Temporary directory ownership change failed" +chmod g+rwx "$tmpdir" || fail "Temporary directory permissions change failed" + for projectdir in "$hgdir"/* ; do if [ -d "$projectdir" ] && [ -d "$projectdir/.hg" ]; then + if ! sudo -u www-data hg -R "$projectdir" -q update; then + echo "Failed to update Hg in $projectdir, skipping" 1>&2 + continue + fi + project=$(basename "$projectdir") - echo "Found Hg repo: $projectdir for project $project" - ##!!! do as www-data: - ( cd "$projectdir" ; sudo -u www-data hg -q update ) || exit 1 + tmptargetdir="$tmpdir/doc" + snapshotdir="$tmpdir/hgsnapshot" - tmpdir=$(mktemp -d "$docdir/tmp_XXXXXX") - - case "$tmpdir" in - /*) ;; - *) echo "Temporary directory creation failed"; exit 1;; - esac + rm -rf "$tmptargetdir" "$snapshotdir" + + mkdir -m 770 "$tmptargetdir" || fail "Snapshot directory creation failed" + chown docgen.www-data "$tmptargetdir" || fail "Snapshot directory ownership change failed" + + mkdir -m 770 "$snapshotdir" || fail "Snapshot directory creation failed" + chown docgen.www-data "$snapshotdir" || fail "Snapshot directory ownership change failed" + + hgparents=$(sudo -u www-data hg -R "$projectdir" parents) + if [ -z "$hgparents" ]; then + echo "Hg repo at $projectdir has no working copy (empty repo?), skipping" + continue + else + echo "Found non-empty Hg repo: $projectdir for project $project" + fi + + if ! sudo -u www-data hg -R "$projectdir" archive -r tip -t files "$snapshotdir"; then + echo "Failed to pick archive from $projectdir, skipping" 1>&2 + continue + fi targetdir="$docdir/$project" - echo "Temporary dir is $tmpdir, eventual target is $targetdir" + echo "Temporary dir is $tmpdir, temporary doc dir is $tmptargetdir, snapshot dir is $snapshotdir, eventual target is $targetdir" - ##!!! do as docs user: for x in $types; do - if "$progdir/extract-$x.sh" "$project" "$tmpdir"; then - break - else + if ! sudo -u docgen "$progdir/extract-$x.sh" "$project" "$snapshotdir" "$tmptargetdir" >> "$logfile" 2>&1; then echo "Failed to extract via type $x" fi done - if [ -f "$tmpdir/index.html" ]; then + if [ -f "$tmptargetdir/index.html" ]; then echo "Processing resulted in an index.html being created, looks good!" if [ ! -d "$targetdir" ] || [ ! -f "$targetdir/index.html" ]; then -# # If we have just written something to a doc directory that was -# # previously empty, we should switch on Embedded for this project - echo "This project hasn't had doc extracted before -- I should switch on Embedded for it at this point" + echo "This project hasn't had doc extracted before: enabling Embedded" enable_embedded "$project" fi if [ -d "$targetdir" ]; then mv "$targetdir" "$targetdir"_"$$" && \ - mv "$tmpdir" "$targetdir" && \ + mv "$tmptargetdir" "$targetdir" && \ rm -rf "$targetdir"_"$$" + chgrp -R "$redgrp" "$targetdir" else - echo "Processing resulted in no index.html, skipping" - mv "$tmpdir" "$targetdir" + mv "$tmptargetdir" "$targetdir" + chgrp -R "$redgrp" "$targetdir" fi - - else - # generated nothing (useful) - rm -rf "$tmpdir" fi fi done +rm -rf "$tmpdir"
--- a/extra/soundsoftware/extract-doxygen.sh Fri Feb 11 16:21:55 2011 +0000 +++ b/extra/soundsoftware/extract-doxygen.sh Tue Feb 15 16:58:46 2011 +0000 @@ -1,20 +1,18 @@ #!/bin/bash -hgdir="/var/hg" docdir="/var/doc" project="$1" -targetdir="$2" +projectdir="$2" +targetdir="$3" -projectdir="$hgdir/$project" - -if [ -z "$project" ] || [ -z "$targetdir" ]; then - echo "Usage: $0 <project> <targetdir>" +if [ -z "$project" ] || [ -z "$targetdir" ] || [ -z "$projectdir" ]; then + echo "Usage: $0 <project> <projectdir> <targetdir>" exit 2 fi -if [ ! -d "$projectdir" ] || [ ! -d "$projectdir/.hg" ]; then - echo "No hg repo found at $projectdir" +if [ ! -d "$projectdir" ]; then + echo "Project directory $projectdir not found" exit 1 fi
--- a/extra/soundsoftware/extract-javadoc.sh Fri Feb 11 16:21:55 2011 +0000 +++ b/extra/soundsoftware/extract-javadoc.sh Tue Feb 15 16:58:46 2011 +0000 @@ -1,20 +1,18 @@ #!/bin/bash -hgdir="/var/hg" docdir="/var/doc" project="$1" -targetdir="$2" +projectdir="$2" +targetdir="$3" -projectdir="$hgdir/$project" - -if [ -z "$project" ] || [ -z "$targetdir" ]; then - echo "Usage: $0 <project> <targetdir>" +if [ -z "$project" ] || [ -z "$targetdir" ] || [ -z "$projectdir" ]; then + echo "Usage: $0 <project> <projectdir> <targetdir>" exit 2 fi -if [ ! -d "$projectdir" ] || [ ! -d "$projectdir/.hg" ]; then - echo "No hg repo found at $projectdir" +if [ ! -d "$projectdir" ]; then + echo "Project directory $projectdir not found" exit 1 fi