pkgs/scripts: move auamost into hacc-scripts
we've had this for ages, and since I started with the new scripts directory under pkgs (and anticipated we'll write more), it seems like a good idea to move that script there and have them all in one place. Certainly better than having it as one extremely long string inside Nix.
This commit is contained in:
parent
3345eb97dc
commit
243f091a49
4 changed files with 54 additions and 60 deletions
|
@ -85,7 +85,7 @@
|
||||||
{ docs = websites."docs.hacc.space"; } // websites;
|
{ docs = websites."docs.hacc.space"; } // websites;
|
||||||
|
|
||||||
packages.x86_64-linux = {
|
packages.x86_64-linux = {
|
||||||
inherit (pkgs) mattermost;
|
inherit (pkgs) mattermost hacc-scripts;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -43,61 +43,7 @@
|
||||||
after = [ "network.target" ];
|
after = [ "network.target" ];
|
||||||
serviceConfig.Type = "simple";
|
serviceConfig.Type = "simple";
|
||||||
path = [ pkgs.fish pkgs.curl pkgs.jq ];
|
path = [ pkgs.fish pkgs.curl pkgs.jq ];
|
||||||
script = (pkgs.writeTextFile {
|
script = "${pkgs.hacc-scripts}/bin/uffd-sync-mattermost-groups.fish";
|
||||||
name = "auamost.fish";
|
|
||||||
executable = true;
|
|
||||||
checkPhase = ''
|
|
||||||
${lib.getExe pkgs.fish} -n $target
|
|
||||||
'';
|
|
||||||
text = ''
|
|
||||||
#!${lib.getExe pkgs.fish}
|
|
||||||
source /run/secrets/auamost/secrets.fish
|
|
||||||
|
|
||||||
for i in (seq 1 (count $groups))
|
|
||||||
set team $teams[$i]
|
|
||||||
set group $groups[$i]
|
|
||||||
set users (curl -u $uffd_token --basic https://login.infra4future.de/api/v1/getusers -d group="$group")
|
|
||||||
set usernames (echo "$users" | jq -c "[.[] | .loginname]")
|
|
||||||
for user in (echo "$users" | jq -c ".[]")
|
|
||||||
set id (echo "$user" | jq .id)
|
|
||||||
set username (echo "$user" | jq .loginname)
|
|
||||||
set email (echo "$user" | jq .email)
|
|
||||||
curl -H $mattermost_token \
|
|
||||||
-H "Content-Type: application/json" https://mattermost.infra4future.de/api/v4/users \
|
|
||||||
-d '{"email": '"$email"', "username": '"$username"', "auth_service": "gitlab", "auth_data": "'"$id"'"}'
|
|
||||||
end
|
|
||||||
set userids (curl -H $mattermost_token \
|
|
||||||
-H "Content-Type: application/json" https://mattermost.infra4future.de/api/v4/users/usernames \
|
|
||||||
-d "$usernames" | jq '[.[] | {user_id: .id, team_id: "'$team'"} ]')
|
|
||||||
curl -H $mattermost_token \
|
|
||||||
-H "Content-Type: application/json" https://mattermost.infra4future.de/api/v4/teams/"$team"/members/batch \
|
|
||||||
-d "$userids"
|
|
||||||
|
|
||||||
if test "$group" = "hacc"
|
|
||||||
continue
|
|
||||||
end
|
|
||||||
|
|
||||||
set current_members (curl -H $mattermost_token \
|
|
||||||
-H "Content-Type: application/json" https://mattermost.infra4future.de/api/v4/teams/"$team"/members | jq '[.[] | .user_id]')
|
|
||||||
|
|
||||||
# membership relations don't contain e.g. usernames, so fetch those, too
|
|
||||||
set current_users (curl -H $mattermost_token \
|
|
||||||
-H "Content-Type: application/json" https://mattermost.infra4future.de/api/v4/users/ids \
|
|
||||||
-d "$current_members" | jq -c '.[]')
|
|
||||||
|
|
||||||
set userids (echo "$userids" | jq -c ".[].user_id")
|
|
||||||
for member in $current_users
|
|
||||||
set id (echo $member | jq .id)
|
|
||||||
if not contains -i $id $userids > /dev/null then
|
|
||||||
set id_unquoted (echo $member | jq -r .id)
|
|
||||||
echo removing $id_unquoted (echo $member | jq '.email') from $team \($group\)
|
|
||||||
curl -X DELETE -H $mattermost_token \
|
|
||||||
-H "Content-Type: application/json" https://mattermost.infra4future.de/api/v4/teams/"$team"/members/"$id_unquoted"
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
|
||||||
'';
|
|
||||||
}).outPath;
|
|
||||||
startAt = "*:0/15";
|
startAt = "*:0/15";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -1,15 +1,16 @@
|
||||||
{ stdenvNoCC, gauche }:
|
{ stdenvNoCC, gauche, fish }:
|
||||||
|
|
||||||
stdenvNoCC.mkDerivation {
|
stdenvNoCC.mkDerivation {
|
||||||
name = "hacc-utility-scripts";
|
name = "hacc-utility-scripts";
|
||||||
|
|
||||||
src = ./.;
|
src = ./.;
|
||||||
|
|
||||||
buildInputs = [ gauche ];
|
buildInputs = [ gauche fish ];
|
||||||
|
|
||||||
installPhase = ''
|
installPhase = ''
|
||||||
chmod +x *.scm
|
|
||||||
mkdir -p $out/bin
|
mkdir -p $out/bin
|
||||||
cp *.scm $out/bin
|
fish -n $out/bin/*.fish
|
||||||
|
cp *.{scm,fish} $out/bin
|
||||||
|
chmod +x $out/bin/*
|
||||||
'';
|
'';
|
||||||
}
|
}
|
||||||
|
|
47
pkgs/scripts/uffd-sync-mattermost-groups.fish
Normal file
47
pkgs/scripts/uffd-sync-mattermost-groups.fish
Normal file
|
@ -0,0 +1,47 @@
|
||||||
|
#!/usr/bin/env fish
|
||||||
|
|
||||||
|
source /run/secrets/auamost/secrets.fish
|
||||||
|
|
||||||
|
for i in (seq 1 (count $groups))
|
||||||
|
set team $teams[$i]
|
||||||
|
set group $groups[$i]
|
||||||
|
set users (curl -u $uffd_token --basic https://login.infra4future.de/api/v1/getusers -d group="$group")
|
||||||
|
set usernames (echo "$users" | jq -c "[.[] | .loginname]")
|
||||||
|
for user in (echo "$users" | jq -c ".[]")
|
||||||
|
set id (echo "$user" | jq .id)
|
||||||
|
set username (echo "$user" | jq .loginname)
|
||||||
|
set email (echo "$user" | jq .email)
|
||||||
|
curl -H $mattermost_token \
|
||||||
|
-H "Content-Type: application/json" https://mattermost.infra4future.de/api/v4/users \
|
||||||
|
-d '{"email": '"$email"', "username": '"$username"', "auth_service": "gitlab", "auth_data": "'"$id"'"}'
|
||||||
|
end
|
||||||
|
set userids (curl -H $mattermost_token \
|
||||||
|
-H "Content-Type: application/json" https://mattermost.infra4future.de/api/v4/users/usernames \
|
||||||
|
-d "$usernames" | jq '[.[] | {user_id: .id, team_id: "'$team'"} ]')
|
||||||
|
curl -H $mattermost_token \
|
||||||
|
-H "Content-Type: application/json" https://mattermost.infra4future.de/api/v4/teams/"$team"/members/batch \
|
||||||
|
-d "$userids"
|
||||||
|
|
||||||
|
if test "$group" = "hacc"
|
||||||
|
continue
|
||||||
|
end
|
||||||
|
|
||||||
|
set current_members (curl -H $mattermost_token \
|
||||||
|
-H "Content-Type: application/json" https://mattermost.infra4future.de/api/v4/teams/"$team"/members | jq '[.[] | .user_id]')
|
||||||
|
|
||||||
|
# membership relations don't contain e.g. usernames, so fetch those, too
|
||||||
|
set current_users (curl -H $mattermost_token \
|
||||||
|
-H "Content-Type: application/json" https://mattermost.infra4future.de/api/v4/users/ids \
|
||||||
|
-d "$current_members" | jq -c '.[]')
|
||||||
|
|
||||||
|
set userids (echo "$userids" | jq -c ".[].user_id")
|
||||||
|
for member in $current_users
|
||||||
|
set id (echo $member | jq .id)
|
||||||
|
if not contains -i $id $userids > /dev/null then
|
||||||
|
set id_unquoted (echo $member | jq -r .id)
|
||||||
|
echo removing $id_unquoted (echo $member | jq '.email') from $team \($group\)
|
||||||
|
curl -X DELETE -H $mattermost_token \
|
||||||
|
-H "Content-Type: application/json" https://mattermost.infra4future.de/api/v4/teams/"$team"/members/"$id_unquoted"
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in a new issue