Initialize the configuration before consumption

Signed-off-by: Akashdeep Dhar <[email protected]>
fedora-infra · Jan 8, 2025 · 63dbf86 · 63dbf86
1 parent 1db9af5
commit 63dbf86
Show file tree

Hide file tree

Showing 3 changed files with 107 additions and 36 deletions.
diff --git a/firmitas/__init__.py b/firmitas/__init__.py
@@ -71,10 +71,5 @@ def readconf(confobjc):
         )
         sys.exit(1)
 
-    if not os.path.exists(standard.hostloca):
-        logrdata.logrobjc.error(
-            "Please set the directory containing the service hostname map properly"
-        )
-        sys.exit(1)
-    else:
+    if os.path.exists(standard.hostloca):
         standard.certdict = yaml.safe_load(Path(standard.hostloca).read_text())
diff --git a/firmitas/base/maintool.py b/firmitas/base/maintool.py
@@ -54,49 +54,117 @@ def readcert(certobjc):
     return strtdate, stopdate, cstarted, cstopped, daystobt, daystodd, issuauth, serialno
 
 
+def generate():
+    logrdata.logrobjc.info("Generating into the configured directory")
+    doneqant, failqant, totlqant = 0, 0, 0
+
+    logrdata.logrobjc.info("Validating X.509-standard TLS certificates")
+    certloca = Path(standard.certloca)
+
+    for file in certloca.iterdir():
+        if not file.is_file() or ".crt" not in file.name:
+            continue
+
+        certpath = Path(file.as_posix())
+        totlqant += 1
+
+        if not os.path.exists(certpath):
+            logrdata.logrobjc.warning(
+                f"[{file.stem}] The specified X.509-standard TLS certificate could not "
+                + "be located"
+            )
+            failqant += 1
+            continue
+
+        try:
+            readdata = readcert(
+                x509.load_pem_x509_certificate(certpath.read_bytes(), default_backend())
+            )
+            logrdata.logrobjc.info(
+                f"[{file.stem}] The specified X.509-standard TLS certificate was read successfully"
+            )
+            standard.certdict[file.name] = {
+                "path": file.as_posix(),
+                "user": standard.username,
+                "certstat": {
+                    "strtdate": readdata[0],
+                    "stopdate": readdata[1],
+                    "cstarted": readdata[2],
+                    "cstopped": readdata[3],
+                    "daystobt": readdata[4],
+                    "daystodd": readdata[5],
+                    "issuauth": readdata[6],
+                    "serialno": readdata[7],
+                },
+                "notistat": {
+                    "done": False,
+                    "link": "",
+                    "time": "",
+                }
+            }
+            doneqant += 1
+        except ValueError:
+            logrdata.logrobjc.error(
+                f"[{file.stem}] The specified X.509-standard TLS certificate could not be read"
+            )
+            failqant += 1
+
+    logrdata.logrobjc.info(
+        f"Of {totlqant} TLS certificates, {doneqant} TLS certificate(s) were read successfully "
+        + f"while {failqant} TLS certificate(s) could not be read"
+    )
+
+    with open(standard.hostloca, "w") as yamlfile:
+        yaml.safe_dump(standard.certdict, yamlfile)
+
+
 def probedir():
     logrdata.logrobjc.info("Probing into the configured directory")
     doneqant, failqant, totlqant = 0, 0, 0
+
+    logrdata.logrobjc.info("Validating X.509-standard TLS certificates")
     standard.certdict = yaml.safe_load(Path(standard.hostloca).read_text())
-    logrdata.logrobjc.info(
-        f"Validating {len(standard.certdict)} X.509-standard TLS certificates"
-    )
+
     for nameindx in standard.certdict:
+        certpath = Path(standard.certdict[nameindx]["path"])
         totlqant += 1
-        certpath = Path(standard.certloca, standard.certdict[nameindx]["path"])
-        if os.path.exists(certpath):
-            try:
-                certobjc = x509.load_pem_x509_certificate(certpath.read_bytes(), default_backend())
-                (
-                    standard.certdict[nameindx]["certstat"]["strtdate"],
-                    standard.certdict[nameindx]["certstat"]["stopdate"],
-                    standard.certdict[nameindx]["certstat"]["cstarted"],
-                    standard.certdict[nameindx]["certstat"]["cstopped"],
-                    standard.certdict[nameindx]["certstat"]["daystobt"],
-                    standard.certdict[nameindx]["certstat"]["daystodd"],
-                    standard.certdict[nameindx]["certstat"]["issuauth"],
-                    standard.certdict[nameindx]["certstat"]["serialno"],
-                ) = readcert(certobjc)
-                doneqant += 1
-                logrdata.logrobjc.info(
-                    f"[{nameindx}] The specified X.509-standard TLS certificate was read "
-                    + "successfully"
-                )
-            except ValueError:
-                failqant += 1
-                logrdata.logrobjc.error(
-                    f"[{nameindx}] The specified X.509-standard TLS certificate could not be read"
-                )
-        else:
-            failqant += 1
+
+        if not os.path.exists(certpath):
             logrdata.logrobjc.warning(
                 f"[{nameindx}] The specified X.509-standard TLS certificate could not "
                 + "be located"
             )
+            failqant += 1
+            continue
+
+        try:
+            print(certpath)
+            certobjc = x509.load_pem_x509_certificate(certpath.read_bytes(), default_backend())
+            (
+                standard.certdict[nameindx]["certstat"]["strtdate"],
+                standard.certdict[nameindx]["certstat"]["stopdate"],
+                standard.certdict[nameindx]["certstat"]["cstarted"],
+                standard.certdict[nameindx]["certstat"]["cstopped"],
+                standard.certdict[nameindx]["certstat"]["daystobt"],
+                standard.certdict[nameindx]["certstat"]["daystodd"],
+                standard.certdict[nameindx]["certstat"]["issuauth"],
+                standard.certdict[nameindx]["certstat"]["serialno"],
+            ) = readcert(certobjc)
+            logrdata.logrobjc.info(
+                f"[{nameindx}] The specified X.509-standard TLS certificate was read successfully"
+            )
+            doneqant += 1
+        except ValueError:
+            logrdata.logrobjc.error(
+                f"[{nameindx}] The specified X.509-standard TLS certificate could not be read"
+            )
+            failqant += 1
+
     logrdata.logrobjc.info(
         f"Of {totlqant} TLS certificates, {doneqant} TLS certificate(s) were read successfully "
         + f"while {failqant} TLS certificate(s) could not be read"
     )
+
     with open(standard.hostloca, "w") as yamlfile:
         yaml.safe_dump(standard.certdict, yamlfile)
 

diff --git a/firmitas/main.py b/firmitas/main.py
@@ -21,10 +21,13 @@
 """
 
 
+import os
+
 import click
 
 from firmitas import __vers__, readconf
-from firmitas.base.maintool import gonotify, probedir
+from firmitas.base.maintool import generate, gonotify, probedir
+from firmitas.conf import logrdata, standard
 
 
 @click.command(name="firmitas")
@@ -43,5 +46,10 @@ def main(conffile=None):
         with open(conffile) as confobjc:
             exec(compile(confobjc.read(), conffile, "exec"), confdict)  # noqa : S102
         readconf(confdict)
+
+    if not os.path.exists(standard.hostloca):
+        logrdata.logrobjc.warning("Generating a new service hostname directory")
+        generate()
+
     probedir()
     gonotify()