2020-11-10 12:12:36 +00:00
|
|
|
from json import loads
|
|
|
|
from os.path import join
|
|
|
|
|
2020-08-18 13:27:55 +00:00
|
|
|
defaults = {
|
2020-11-10 11:50:08 +00:00
|
|
|
'users': {
|
|
|
|
'root': {
|
|
|
|
'home': '/root',
|
|
|
|
'shell': '/bin/bash',
|
|
|
|
'password': repo.vault.human_password_for('root on {}'.format(node.name)),
|
|
|
|
},
|
|
|
|
},
|
2020-08-18 13:27:55 +00:00
|
|
|
}
|
2020-11-10 12:12:36 +00:00
|
|
|
|
|
|
|
|
2021-01-07 17:44:38 +00:00
|
|
|
@metadata_reactor.provides(
|
|
|
|
'users',
|
|
|
|
)
|
2020-11-10 12:12:36 +00:00
|
|
|
def add_users_from_json(metadata):
|
|
|
|
with open(join(repo.path, 'users.json'), 'r') as f:
|
|
|
|
json = loads(f.read())
|
|
|
|
|
|
|
|
users = {}
|
2021-06-01 14:53:29 +00:00
|
|
|
metadata_users = metadata.get('users', {})
|
2020-11-10 12:12:36 +00:00
|
|
|
# First, add all admin users
|
|
|
|
for uname, config in json.items():
|
2021-06-01 14:53:29 +00:00
|
|
|
if config.get('is_admin', False) or uname in metadata_users:
|
2020-11-10 12:12:36 +00:00
|
|
|
users[uname] = {
|
|
|
|
'ssh_pubkey': set(config['ssh_pubkey']),
|
2021-06-01 14:53:29 +00:00
|
|
|
'is_admin': config.get('is_admin', False),
|
2020-11-10 12:12:36 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
# Then, run again to get all 'to be deleted' users
|
|
|
|
for uname, config in json.items():
|
2021-06-01 14:53:29 +00:00
|
|
|
if uname not in metadata_users:
|
2020-11-10 12:12:36 +00:00
|
|
|
users.setdefault(uname, {
|
|
|
|
'delete': True,
|
|
|
|
})
|
|
|
|
|
|
|
|
return {
|
|
|
|
'users': users,
|
|
|
|
}
|