Add logging and dry-run mode to gerrit sync script

Add the command line arguments --loglevel and --dryrun to update-gerrit-keys.py to allow logging and see what changes the script wishes to make. Useful for debugging when running it manually. Change-Id: Ia8274206e13ba9d52013d580c7c4dde31500e671
author: Matt Hart <matthew.hart@linaro.org> 2015-11-23 12:45:50 +0000
committer: Matt Hart <matthew.hart@linaro.org> 2015-11-24 17:48:40 +0000
commit: 9d0b206237b22c25a0541c2e5a8373d3caae9a3a (patch)
tree: 6e0a3e8a2f14b2d76d81f0178bf817f9a84b4e27
parent: 00451f3384f786027763fc36cd0f3ba674b369e5 (diff)
1 files changed, 41 insertions, 16 deletions
diff --git a/update-gerrit-keys.py b/update-gerrit-keys.py
index e4370c8..a8fba93 100755
--- a/update-gerrit-keys.py
+++ b/update-gerrit-keys.py
@@ -3,6 +3,7 @@
 import argparse
 import json
 import linaro_ldap
+import logging
 
 import requests
 
@@ -14,9 +15,17 @@ parser.add_argument('--base', help="Gerrit BASE URL ("
                                    "https://review.linaro.org)")
 parser.add_argument('--noverify', action="store_true",
                     help="Disable SSL certificate verficiation")
+parser.add_argument('--dryrun', action="store_true",
+                    help="Do not perform any actions, just report")
+parser.add_argument('--loglevel', default="WARNING",
+                    help="Setting logging level, default: %(default)s")
 args = parser.parse_args()
+logging.basicConfig(level=getattr(logging, args.loglevel.upper()))
+logging.getLogger("requests").setLevel(logging.WARNING)
+log = logging.getLogger("update-gerrit-keys")
 verify_ssl = True
 if args.noverify:
+    log.debug("Not verifying SSL certificates")
     verify_ssl = False
 
 
@@ -26,6 +35,7 @@ def strip_gerrit_junk(string):
 
 
 def list_keys(username):
+    log.info("Listing keys for user: %s", username)
     url = "%s/a/accounts/%s/sshkeys/" % (args.base, username)
     r = requests.get(url,
                      auth=requests.auth.HTTPDigestAuth(args.username,
@@ -36,35 +46,44 @@ def list_keys(username):
         try:
             a = json.loads(strip_gerrit_junk(r.content))
             for data in a:
-                keydict[data["seq"]] = data["ssh_public_key"]
+                keydict[data["seq"]] = data["ssh_public_key"].strip()
             return keydict
         except ValueError as e:
-            print e
+            log.warn(e)
             return False
     else:
+        log.info("user %s not found in gerrit", username)
         return False
 
 
 def add_key(pubkey, username):
+    log.debug("Adding pubkey %s to user %s", pubkey, username)
     url = "%s/a/accounts/%s/sshkeys/" % (args.base, username)
-    r = requests.post(url, data=pubkey.encode("utf-8"),
-                      auth=requests.auth.HTTPDigestAuth(args.username,
-                                                        args.password),
-                      verify=verify_ssl)
-    if r.status_code == 201:
-        return True
-    return False
+    if not args.dryrun:
+        r = requests.post(url, data=pubkey.encode("utf-8"),
+                          auth=requests.auth.HTTPDigestAuth(args.username,
+                                                            args.password),
+                          verify=verify_ssl)
+        if r.status_code == 201:
+            return True
+        return False
+    log.debug("Not actually doing it because --dryrun")
+    return True
 
 
 def del_key(username, key_id):
+    log.debug("Deleting key %s by id from user %s", key_id, username)
     url = "%s/a/accounts/%s/sshkeys/%i" % (args.base, username, key_id)
-    r = requests.delete(url,
-                        auth=requests.auth.HTTPDigestAuth(args.username,
-                                                          args.password),
-                        verify=verify_ssl)
-    if r.status_code == 204:
-        return True
-    return False
+    if not args.dryrun:
+        r = requests.delete(url,
+                            auth=requests.auth.HTTPDigestAuth(args.username,
+                                                              args.password),
+                            verify=verify_ssl)
+        if r.status_code == 204:
+            return True
+        return False
+    log.debug("Not actually doing it because --dryrun")
+    return True
 
 
 def keysets_to_list(keysets):
@@ -78,13 +97,19 @@ result = linaro_ldap.get_users_and_keys(only_validated=True)
 
 for user, keysets in result.iteritems():
     gerritkeys = list_keys(user)
+    if gerritkeys == False:
+        continue
     simplegerritkeys = gerritkeys.values()
     simpleldapkeys = keysets_to_list(keysets)
+    log.debug("Gerrit keys: %s", simplegerritkeys)
+    log.debug("LDAP keys: %s", simpleldapkeys)
     keys_to_add = set(simpleldapkeys) - set(simplegerritkeys)
     keys_to_remove = set(simplegerritkeys) - set(simpleldapkeys)
+    log.info("Adding %i, removing %i", len(keys_to_add), len(keys_to_remove))
     for key in keys_to_add:
         add_key(key, user)
     for key in keys_to_remove:
         for id, searchkey in gerritkeys.iteritems():
             if key == searchkey:
+                log.debug("Deleting pubkey %s from user %s", key, user)
                 del_key(user, id)
author	Matt Hart <matthew.hart@linaro.org>	2015-11-23 12:45:50 +0000
committer	Matt Hart <matthew.hart@linaro.org>	2015-11-24 17:48:40 +0000
commit	9d0b206237b22c25a0541c2e5a8373d3caae9a3a (patch)
tree	6e0a3e8a2f14b2d76d81f0178bf817f9a84b4e27
parent	00451f3384f786027763fc36cd0f3ba674b369e5 (diff)