create user in docker container

also fix user reading and add nocolor flag by default
2025-04-24 07:17:17 +00:00 · 2022-03-31 03:25:53 +03:00 · 2022-03-31 03:25:53 +03:00 · a132b1544a
commit a132b1544a
parent 63acae4b1c
8 changed files with 34 additions and 24 deletions
--- a/1
+++ b/1
@ -1,6 +1,7 @@
 FROM archlinux:base-devel

 # image configuration
+ENV AHRIMAN_API_USER=""
 ENV AHRIMAN_ARCHITECTURE="x86_64"
 ENV AHRIMAN_DEBUG=""
 ENV AHRIMAN_FORCE_ROOT=""
--- a/docker/entrypoint.sh
+++ b/docker/entrypoint.sh
@ -9,12 +9,12 @@ sed -i "s|database = /var/lib/ahriman/ahriman.db|database = $AHRIMAN_REPOSITORY_
 sed -i "s|host = 127.0.0.1|host = $AHRIMAN_HOST|g" "/etc/ahriman.ini"
 sed -i "s|handlers = syslog_handler|handlers = ${AHRIMAN_OUTPUT}_handler|g" "/etc/ahriman.ini.d/logging.ini"

-AHRIMAN_DEFAULT_ARGS=("-a" "$AHRIMAN_ARCHITECTURE")
+AHRIMAN_DEFAULT_ARGS=("--architecture" "$AHRIMAN_ARCHITECTURE")
 if [[ "$AHRIMAN_OUTPUT" == "syslog" ]]; then
    if [ ! -e "/dev/log" ]; then
        # by default ahriman uses syslog which is not available inside container
        # to make noise less we force quiet mode in case if /dev/log was not mounted
-        AHRIMAN_DEFAULT_ARGS+=("-q")
+        AHRIMAN_DEFAULT_ARGS+=("--quiet")
    fi
 fi

@ -31,6 +31,13 @@ if [ -n "$AHRIMAN_PORT" ]; then
    AHRIMAN_SETUP_ARGS+=("--web-port" "$AHRIMAN_PORT")
 fi
 ahriman "${AHRIMAN_DEFAULT_ARGS[@]}" repo-setup "${AHRIMAN_SETUP_ARGS[@]}"
+# add user for api if set
+if [ -n "$AHRIMAN_API_USER" ]; then
+    # python getpass does not read from stdin
+    # see thread https://mail.python.org/pipermail/python-dev/2008-February/077235.html
+    # WARNING with debug mode password will be put to stdout
+    ahriman "${AHRIMAN_DEFAULT_ARGS[@]}" user-add --as-service --role write --secure "$AHRIMAN_API_USER" -p "$(openssl rand -base64 20)"
+fi

 # refresh database
 runuser -u build -- yay --noconfirm -Syy &> /dev/null
--- a/package/share/ahriman/settings/ahriman.ini
+++ b/package/share/ahriman/settings/ahriman.ini
@ -21,7 +21,7 @@ archbuild_flags =
 build_command = extra-x86_64-build
 ignore_packages =
 makechrootpkg_flags =
-makepkg_flags =
+makepkg_flags = --nocolor

 [repository]
 name = aur-clone
--- a/src/ahriman/application/ahriman.py
+++ b/src/ahriman/application/ahriman.py
@ -526,7 +526,7 @@ def _set_user_list_parser(root: SubParserAction) -> argparse.ArgumentParser:
    parser.add_argument("username", help="filter users by username", nargs="?")
    parser.add_argument("-r", "--role", help="filter users by role", type=UserAccess, choices=UserAccess)
    parser.set_defaults(handler=handlers.User, action=Action.List, architecture=[""], lock=None, no_report=True,  # nosec
-                        password="", quiet=True, role=UserAccess.Read, unsafe=True)
+                        password="", quiet=True, unsafe=True)
    return parser


@ -542,7 +542,7 @@ def _set_user_remove_parser(root: SubParserAction) -> argparse.ArgumentParser:
    parser.add_argument("username", help="username for web service")
    parser.add_argument("-s", "--secure", help="set file permissions to user-only", action="store_true")
    parser.set_defaults(handler=handlers.User, action=Action.Remove, architecture=[""], lock=None, no_report=True,  # nosec
-                        password="", quiet=True, role=UserAccess.Read, unsafe=True)
+                        password="", quiet=True, unsafe=True)
    return parser


--- a/src/ahriman/application/handlers/user.py
+++ b/src/ahriman/application/handlers/user.py
@ -49,20 +49,21 @@ class User(Handler):
        :param no_report: force disable reporting
        :param unsafe: if set no user check will be performed before path creation
        """
+        database = SQLite.load(configuration)
+
+        if args.action == Action.Update:
            salt = User.get_salt(configuration)
            user = User.user_create(args)

            auth_configuration = User.configuration_get(configuration.include)
-        database = SQLite.load(configuration)

-        if args.action == Action.List:
-            for found_user in database.user_list(user.username, user.access):
-                UserPrinter(found_user).print(verbose=True)
-        elif args.action == Action.Remove:
-            database.user_remove(user.username)
-        elif args.action == Action.Update:
            User.configuration_create(auth_configuration, user, salt, args.as_service, args.secure)
            database.user_update(user.hash_password(salt))
+        elif args.action == Action.List:
+            for found_user in database.user_list(args.username, args.access):
+                UserPrinter(found_user).print(verbose=True)
+        elif args.action == Action.Remove:
+            database.user_remove(args.username)

    @staticmethod
    def configuration_create(configuration: Configuration, user: MUser, salt: str,
--- a/tests/ahriman/application/handlers/test_handler_help.py
+++ b/tests/ahriman/application/handlers/test_handler_help.py
@ -39,3 +39,10 @@ def test_run_command(args: argparse.Namespace, configuration: Configuration, moc

    Help.run(args, "x86_64", configuration, True, False)
    parse_mock.assert_called_once_with(["aur-search", "--help"])
+
+
+def test_disallow_auto_architecture_run() -> None:
+    """
+    must not allow multi architecture run
+    """
+    assert not Help.ALLOW_AUTO_ARCHITECTURE_RUN
--- a/tests/ahriman/application/handlers/test_handler_user.py
+++ b/tests/ahriman/application/handlers/test_handler_user.py
@ -54,17 +54,16 @@ def test_run(args: argparse.Namespace, configuration: Configuration, database: S
 def test_run_list(args: argparse.Namespace, configuration: Configuration, database: SQLite, user: User,
                  mocker: MockerFixture) -> None:
    """
-    must list avaiable users
+    must list available users
    """
    args = _default_args(args)
    args.action = Action.List
+    args.access = None
    mocker.patch("ahriman.core.database.sqlite.SQLite.load", return_value=database)
-    get_auth_configuration_mock = mocker.patch("ahriman.application.handlers.User.configuration_get")
    list_mock = mocker.patch("ahriman.core.database.sqlite.SQLite.user_list", return_value=[user])

    User.run(args, "x86_64", configuration, True, False)
-    get_auth_configuration_mock.assert_called_once_with(configuration.include)
-    list_mock.assert_called_once_with("user", UserAccess.Read)
+    list_mock.assert_called_once_with("user", None)


 def test_run_remove(args: argparse.Namespace, configuration: Configuration, database: SQLite,
@ -75,11 +74,9 @@ def test_run_remove(args: argparse.Namespace, configuration: Configuration, data
    args = _default_args(args)
    args.action = Action.Remove
    mocker.patch("ahriman.core.database.sqlite.SQLite.load", return_value=database)
-    get_auth_configuration_mock = mocker.patch("ahriman.application.handlers.User.configuration_get")
    remove_mock = mocker.patch("ahriman.core.database.sqlite.SQLite.user_remove")

    User.run(args, "x86_64", configuration, True, False)
-    get_auth_configuration_mock.assert_called_once_with(configuration.include)
    remove_mock.assert_called_once_with(args.username)


--- a/tests/ahriman/application/test_ahriman.py
+++ b/tests/ahriman/application/test_ahriman.py
@ -485,8 +485,6 @@ def test_subparsers_user_list_option_role(parser: argparse.ArgumentParser) -> No
    """
    user-list command must convert role option to useraccess instance
    """
-    args = parser.parse_args(["user-list"])
-    assert isinstance(args.role, UserAccess)
    args = parser.parse_args(["user-list", "--role", "write"])
    assert isinstance(args.role, UserAccess)

@ -502,7 +500,6 @@ def test_subparsers_user_remove(parser: argparse.ArgumentParser) -> None:
    assert args.no_report
    assert args.password is not None
    assert args.quiet
-    assert args.role is not None
    assert args.unsafe