Switch from Woodpecker CI to Forgejo Actions

This fix also avoid empty file generation on headers lines generation errors.

.forgejo/workflows/release.yaml

@@ -0,0 +1,89 @@
+---
+name: Build and publish Debian package
+on: [create]
+jobs:
+  build:
+    runs-on: docker
+    container:
+      image: docker.io/brenard/debian-python-deb:latest
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Build Debian package
+        env:
+          MAINTAINER_NAME: ${{ vars.MAINTAINER_NAME }}
+          MAINTAINER_EMAIL: ${{ vars.MAINTAINER_EMAIL }}
+          DEBIAN_CODENAME: ${{ vars.DEBIAN_CODENAME }}
+        run: |
+          echo "${{ secrets.GPG_KEY }}"|base64 -d|gpg --import
+          ./build.sh
+          mv check_slapdd_crc32 dist/
+      - name: Upload Debian package files
+        uses: actions/upload-artifact@v3
+        with:
+          name: dist
+          path: |
+            dist/*.buildinfo
+            dist/*.changes
+            dist/*.deb
+            dist/*.dsc
+            dist/*.tar.gz
+            dist/release_notes.md
+            dist/check_slapdd_crc32
+
+  publish-forgejo:
+    runs-on: docker
+    container:
+      image: docker.io/brenard/debian-python-deb:latest
+    steps:
+      - name: Download Debian package files
+        uses: actions/download-artifact@v3
+        with:
+          name: dist
+
+      - name: Create the release
+        id: create-release
+        shell: bash
+        run: |
+          mkdir release
+          mv *.deb release/
+          mv check_slapdd_crc32 release/
+          md5sum release/* > md5sum.txt
+          sha512sum release/* > sha512sum.txt
+          mv md5sum.txt sha512sum.txt release/
+          {
+            echo 'release_note<<EOF'
+            cat release_notes.md
+            echo 'EOF'
+          } >> "$GITHUB_OUTPUT"
+
+      - name: Publish release on Forgejo
+        uses: actions/forgejo-release@v1
+        with:
+          direction: upload
+          url: https://gitea.zionetrix.net
+          token: ${{ secrets.forgejo_token }}
+          release-dir: release
+          release-notes: ${{ steps.create-release.outputs.release_note }}
+
+  publish-aptly:
+    runs-on: docker
+    container:
+      image: docker.io/brenard/aptly-publish:latest
+    steps:
+      - name: "Download Debian package files"
+        uses: actions/download-artifact@v3
+        with:
+          name: dist
+
+      - name: "Publish Debian package on Aptly repository"
+        uses: https://gitea.zionetrix.net/bn8/aptly-publish@master
+        with:
+          api_url: ${{ vars.apt_api_url }}
+          api_username: ${{ vars.apt_api_username }}
+          api_password: ${{ secrets.apt_api_password }}
+          repo_name: ${{ vars.apt_repo_name }}
+          path: "./"
+          source_name: ${{ vars.apt_source_name }}

.forgejo/workflows/tests.yaml

@@ -0,0 +1,15 @@
+---
+name: Run tests
+on: [push]
+jobs:
+  test-precommit:
+    runs-on: docker
+    container:
+      image: docker.io/brenard/python-pre-commit:latest
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Run pre-commit
+        run: pre-commit run --all-files

.gitignore

@@ -1,2 +1,3 @@
 *~
 .*.swp
+dist/

.pre-commit-config.yaml

@@ -0,0 +1,64 @@
+# Pre-commit hooks to run tests and ensure code is cleaned.
+# See https://pre-commit.com for more information
+---
+repos:
+  - repo: https://github.com/astral-sh/ruff-pre-commit
+    rev: v0.1.6
+    hooks:
+      - id: ruff
+        args: ["--fix"]
+  - repo: https://github.com/asottile/pyupgrade
+    rev: v3.15.0
+    hooks:
+      - id: pyupgrade
+        args: ["--keep-percent-format", "--py37-plus"]
+  - repo: https://github.com/psf/black
+    rev: 23.11.0
+    hooks:
+      - id: black
+        args: ["--target-version", "py37", "--line-length", "100"]
+  - repo: https://github.com/PyCQA/isort
+    rev: 5.12.0
+    hooks:
+      - id: isort
+        args: ["--profile", "black", "--line-length", "100"]
+  - repo: https://github.com/PyCQA/flake8
+    rev: 6.1.0
+    hooks:
+      - id: flake8
+        args: ["--max-line-length=100"]
+  - repo: https://github.com/codespell-project/codespell
+    rev: v2.2.2
+    hooks:
+      - id: codespell
+        args:
+          - --ignore-words-list=exten
+          - --skip="./.*,*.csv,*.json,*.ini,*.subject,*.txt,*.html,*.log,*.conf"
+          - --quiet-level=2
+          - --ignore-regex=.*codespell-ignore$
+          # - --write-changes  # Uncomment to write changes
+        exclude_types: [csv, json]
+  - repo: https://github.com/adrienverge/yamllint
+    rev: v1.32.0
+    hooks:
+      - id: yamllint
+        ignore: .github/
+  - repo: https://github.com/pre-commit/mirrors-prettier
+    rev: v2.7.1
+    hooks:
+      - id: prettier
+        args: ["--print-width", "100"]
+  - repo: local
+    hooks:
+      - id: pylint
+        name: pylint
+        entry: pylint
+        language: system
+        types: [python]
+        require_serial: true
+  - repo: https://github.com/PyCQA/bandit
+    rev: 1.7.5
+    hooks:
+      - id: bandit
+        args: [--skip, "B101", --recursive]
+minimum_pre_commit_version: 3.2.0

.pylintrc

@@ -0,0 +1,8 @@
+[MESSAGES CONTROL]
+disable=line-too-long,
+	missing-docstring,
+	invalid-name,
+	locally-disabled,
+	too-many-arguments,
+	too-many-branches,
+	redefined-outer-name,

README.md

@@ -1,10 +1,17 @@
 # OpenLDAP tool to check CRC32 of LDIF files of slapd.d directory
-  
+
 This script permit to check (and eventually fix) CRC32 value of the LDIF files of OpenLDAP slapd.d configuration directory.
 
 ## Requirements
 
-This script only used common __python3__ modules _(no additionnal package to install on Debian based systems)_.
+This script only used common **python3** modules _(no additional package to install on Debian based systems)_.
+
+## Installation
+
+```
+git clone https://gogs.zionetrix.net/bn8/check_slapdd_crc32.git /usr/local/src/check_slapdd_crc32
+ln -s /usr/local/src/check_slapdd_crc32/check_slapdd_crc32 /usr/local/sbin/check_slapdd_crc32
+```
 
 ## Usage
 
@@ -36,4 +43,3 @@ This program is free software; you can redistribute it and/or modify it under th
 This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
 
 You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-

build.sh

@@ -0,0 +1,62 @@
+#!/bin/bash
+
+QUIET_ARG=""
+[ "$1" == "--quiet" ] && QUIET_ARG="--quiet"
+
+# Enter source directory
+cd $( dirname $0 )
+
+echo "Clean previous build..."
+rm -fr dist
+
+echo "Detect version using git describe..."
+VERSION="$( git describe --tags|sed 's/^[^0-9]*//' )"
+
+echo "Create building environemt..."
+BDIR=dist/check-slapdd-crc32-$VERSION
+mkdir -p $BDIR
+[ -z "$QUIET_ARG" ] && RSYNC_ARG="-v" || RSYNC_ARG=""
+rsync -a $RSYNC_ARG debian/ $BDIR/debian/
+cp check_slapdd_crc32 $BDIR/
+
+echo "Set VERSION=$VERSION in gitdch using sed..."
+sed -i "s/^version *=.*$/version = '$VERSION'/" $BDIR/check_slapdd_crc32
+
+if [ -z "$DEBIAN_CODENAME" ]
+then
+	echo "Retrieve debian codename using lsb_release..."
+	DEBIAN_CODENAME=$( lsb_release -c -s )
+else
+	echo "Use debian codename from environment ($DEBIAN_CODENAME)"
+fi
+
+echo "Generate debian changelog using gitdch..."
+GITDCH_ARGS=('--verbose')
+[ -n "$QUIET_ARG" ] && GITDCH_ARGS=('--warning')
+if [ -n "$MAINTAINER_NAME" ]
+then
+	echo "Use maintainer name from environment ($MAINTAINER_NAME)"
+	GITDCH_ARGS+=("--maintainer-name" "${MAINTAINER_NAME}")
+fi
+if [ -n "$MAINTAINER_EMAIL" ]
+then
+	echo "Use maintainer email from environment ($MAINTAINER_EMAIL)"
+	GITDCH_ARGS+=("--maintainer-email" "$MAINTAINER_EMAIL")
+fi
+gitdch \
+	--package-name check-slapdd-crc32 \
+	--version "${VERSION}" \
+	--code-name $DEBIAN_CODENAME \
+	--output $BDIR/debian/changelog \
+	--release-notes dist/release_notes.md \
+	"${GITDCH_ARGS[@]}"
+
+if [ -n "$MAINTAINER_NAME" -a -n "$MAINTAINER_EMAIL" ]
+then
+	echo "Set Maintainer field in debian control file ($MAINTAINER_NAME <$MAINTAINER_EMAIL>)..."
+	sed -i "s/^Maintainer: .*$/Maintainer: $MAINTAINER_NAME <$MAINTAINER_EMAIL>/" $BDIR/debian/control
+fi
+
+echo "Build debian package..."
+cd $BDIR
+dpkg-buildpackage

check_slapdd_crc32

@@ -10,51 +10,37 @@ import os
 import re
 import sys
 
-default_slapdd_path = '/etc/ldap/slapd.d'
+version = "0.0"
+default_slapdd_path = "/etc/ldap/slapd.d"
 
-### MAIN ####
-parser = argparse.ArgumentParser()
+# Main
+parser = argparse.ArgumentParser(description=f"{__doc__} (version: {version})")
+
+parser.add_argument("-d", "--debug", action="store_true", help="Show debug messages")
+
+parser.add_argument("-v", "--verbose", action="store_true", help="Show verbose messages")
 
 parser.add_argument(
-    '-d', '--debug',
-    action='store_true',
-    help='Show debug messages'
+    "-l", "--log-file", action="store", type=str, dest="logfile", help="Log file path"
 )
 
 parser.add_argument(
-    '-v', '--verbose',
-    action='store_true',
-    help='Show verbose messages'
+    "-C",
+    "--console",
+    action="store_true",
+    help="Also log on console (even if log file is provided)",
 )
 
+parser.add_argument("-f", "--fix", action="store_true", help="Fix CRC32 value in LDIF files")
+
 parser.add_argument(
-    '-l',
-    '--log-file',
+    "-p",
+    "--path",
     action="store",
     type=str,
-    dest="logfile",
-    help="Log file path"
-)
-
-parser.add_argument(
-    '-C', '--console',
-    action='store_true',
-    help='Also log on console (even if log file is provided)'
-)
-
-parser.add_argument(
-    '-f', '--fix',
-    action='store_true',
-    help='Fix CRC32 value in LDIF files'
-)
-
-parser.add_argument(
-    '-p', '--path',
-    action='store',
-    type=str,
-    dest='slapdd_path',
-    help='Default slapd.d directory path (default: %s)' % default_slapdd_path,
-    default=default_slapdd_path
+    dest="slapdd_path",
+    help=f"Default slapd.d directory path (default: {default_slapdd_path}",
+    default=default_slapdd_path,
 )
 
 
@@ -62,7 +48,9 @@ options = parser.parse_args()
 
 # Initialize log
 log = logging.getLogger()
-logformat = logging.Formatter("%(asctime)s - " + os.path.basename(sys.argv[0]) + " - %(levelname)s - %(message)s")
+logformat = logging.Formatter(
+    f"%(asctime)s - {os.path.basename(sys.argv[0])} - %(levelname)s - " "%(message)s"
+)
 
 if options.debug:
     log.setLevel(logging.DEBUG)
@@ -81,6 +69,7 @@ if not options.logfile or options.console:
     logconsole.setFormatter(logformat)
     log.addHandler(logconsole)
 
+
 def check_file(dir_path, file_name):
     """
     Check CRC32 of an LDIF file
@@ -93,33 +82,37 @@ def check_file(dir_path, file_name):
     lines = []
     current_crc32 = None
     try:
-        with open(path, 'rb') as fd:
+        with open(path, "rb") as fd:
             for line in fd.readlines():
-                if line.startswith(b'# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.'):
-                    logging.debug('%s: AUTO-GENERATED line detected, pass (%s)', path, line)
+                if line.startswith(b"# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify."):
+                    logging.debug("%s: AUTO-GENERATED line detected, pass (%s)", path, line)
                     continue
-                if line.startswith(b'# CRC32 '):
-                    logging.debug('%s: CRC32 line detected, retreive current CRC32 value (%s)', path, line)
-                    current_crc32 = re.match('^# CRC32 (.*)$', line.decode()).group(1)
+                if line.startswith(b"# CRC32 "):
+                    logging.debug(
+                        "%s: CRC32 line detected, retrieve current CRC32 value (%s)", path, line
+                    )
+                    current_crc32 = re.match("^# CRC32 (.*)$", line.decode()).group(1)
                     logging.debug('%s: current CRC32 found is "%s"', path, current_crc32)
                     continue
                 lines.append(line)
-    except IOError as err:
-        logging.error('%s: fail to read file content (%s)', path, err)
+    except OSError as err:
+        logging.error("%s: fail to read file content (%s)", path, err)
         return False
 
-    crc32 = ("%08X" % ((binascii.crc32(b"".join(lines)) & 0xFFFFFFFF) % (1<<32))).lower()
+    # pylint: disable=consider-using-f-string
+    crc32 = ("%08X" % ((binascii.crc32(b"".join(lines)) & 0xFFFFFFFF) % (1 << 32))).lower()
     if current_crc32:
         if current_crc32 == crc32:
-            log.info('%s: current CRC32 value is correct (%s)', path, crc32)
+            log.info("%s: current CRC32 value is correct (%s)", path, crc32)
         else:
-            log.warning('%s: invalid CRC32 value found (%s != %s)', path, current_crc32, crc32)
+            log.warning("%s: invalid CRC32 value found (%s != %s)", path, current_crc32, crc32)
             fix_crc32(path, crc32, lines)
     else:
         log.warning('%s: no CRC32 value found. Correct CRC32 value is "%s".', path, crc32)
         fix_crc32(path, crc32, lines)
     return True
 
+
 def fix_crc32(path, crc32, lines):
     """
     Fix CRC32 value of an LDIF file
@@ -131,18 +124,24 @@ def fix_crc32(path, crc32, lines):
     if not options.fix:
         return True
     try:
-        with open(path, 'wb') as fd:
-            lines = [b'# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.\n', b'# CRC32 %s\n' % crc32.encode()] + lines
-            for line in lines:
+        headers_lines = [
+            b"# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.\n",
+            b"# CRC32 " + crc32.encode() + b"\n",
+        ]
+        with open(path, "wb") as fd:
+            for line in headers_lines + lines:
                 fd.write(line)
-    except IOError as err:
-        logging.error('%s: fail to write new file content (%s)', path, err)
+    except OSError as err:
+        logging.error("%s: fail to write new file content (%s)", path, err)
         return False
     return True
 
+
 log.info('Checking CRC32 in slapd directory "%s"', options.slapdd_path)
 for dirpath, dnames, fnames in os.walk(options.slapdd_path):
-    log.debug('%s: sub-dirs = "%s", files = "%s"', dirpath, '", "'.join(dnames), '", "'.join(fnames))
+    log.debug(
+        '%s: sub-dirs = "%s", files = "%s"', dirpath, '", "'.join(dnames), '", "'.join(fnames)
+    )
     for fname in fnames:
-        if fname.endswith('.ldif'):
+        if fname.endswith(".ldif"):
             check_file(dirpath, fname)

debian/compat

@@ -0,0 +1 @@
+11

debian/control

@@ -0,0 +1,13 @@
+Source: check-slapdd-crc32
+Section: admin
+Priority: optional
+Maintainer: Debian Zionetrix - check-slapdd-crc32 <debian+check-slapdd-crc32@zionetrix.net>
+Build-Depends: debhelper (>> 11.0.0)
+Standards-Version: 3.9.6
+
+Package: check-slapdd-crc32
+Architecture: all
+Depends: ${misc:Depends}, python3
+Description: OpenLDAP tool to check CRC32 of LDIF files of slapd.d directory
+ This script permit to check (and eventually fix) CRC32 value of the LDIF
+ files of OpenLDAP slapd.d configuration directory.

debian/copyright

@@ -0,0 +1,20 @@
+This package was written by Benjamin Renard <brenard@zionetrix.net>.
+
+Copyright (C) 2022 Benjamin Renard <brenard@zionetrix.net>
+
+check-slapdd-crc32 is licensed under the GNU general public license, version 3.
+
+check-slapdd-crc32 is free software; you can redistribute it and/or modify it under
+the terms of the GNU General Public License as published by the Free Software
+Foundation; either version 2, or (at your option) any later version.
+
+check-slapdd-crc32 is distributed in the hope that it will be useful, but WITHOUT ANY
+WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+PARTICULAR PURPOSE.  See the GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License along with
+check-slapdd-crc32; see the file COPYING.  If not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
+
+On Debian systems, a copy of the GNU General Public License is available in
+/usr/share/common-licenses/GPL-3 as part of the base-files package.

debian/dirs

@@ -0,0 +1 @@
+usr/bin

debian/install

@@ -0,0 +1 @@
+check_slapdd_crc32 usr/bin

debian/rules

@@ -0,0 +1,4 @@
+#!/usr/bin/make -f
+#export DH_VERBOSE=1
+%:
+	dh  $@

debian/source/format

@@ -0,0 +1 @@
+1.0