aboutsummaryrefslogtreecommitdiff
path: root/http-sync-repos.py
blob: 2a0ab049546db3428ae2659fc0b0dadb86c5d938 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87

#!/usr/bin/env python

# Synchronize Cryptech git repositories by scraping URLs from the
# automatically generated Trac page.  Yes, we know too much about how
# the generation script and Trac format this page, c'est la vie.
#
# Python's built-in support for HTTPS is a bit primative, we could do
# better with something like PyCURL, but we want this to run with just
# the standard Python libraries, so we're stranded in kludge city.

from urllib import urlopen
from xml.etree.ElementTree import ElementTree
from subprocess import check_call
from tempfile import NamedTemporaryFile
import sys
import os

# URL for automatically generated Trac page listing repositories.

trac_page = "https://wiki.cryptech.is/wiki/GitRepositories"

# PEM-encoded CA certificate covering Cryptech web services.

cacert = '''\
-----BEGIN CERTIFICATE-----
MIIERzCCAy+gAwIBAgIBADANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJVUzEL
MAkGA1UECBMCTUExEDAOBgNVBAcTB1JlYWRpbmcxITAfBgNVBAoTGEdydW5jaHdl
YXRoZXIgQXNzb2NpYXRlczEkMCIGCSqGSIb3DQEJARYVcG9zdG1hc3RlckBoYWN0
cm4ubmV0MCAXDTEwMDkyNTA1MzQ0MloYDzIxMDkwOTI1MDUzNDQyWjB1MQswCQYD
VQQGEwJVUzELMAkGA1UECBMCTUExEDAOBgNVBAcTB1JlYWRpbmcxITAfBgNVBAoT
GEdydW5jaHdlYXRoZXIgQXNzb2NpYXRlczEkMCIGCSqGSIb3DQEJARYVcG9zdG1h
c3RlckBoYWN0cm4ubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
wf723VEaWozuyJCytEgFkEMXDd17RTChb4RCpqFrlswbKEk4/Vw7IvBeLYNfl5F8
1hx6ca7CU4qD+4tVkanJ7dJhT9a1jWPKjx/Xz8rpZBSDzgiDZNlgX4giDHjG3Ju8
QcT9Elpx4SEBxeaVEl2AXXsShv1PrSpCt9WUdS+0NQkA7z3cXASNPOBFoITM37pC
21nuQuocpjFTaGXw5s3/FhVgcKSUHmQN5UdYK5N2w7pcn7UV2v92UFYSG9cEjQL5
DfPqzJeLemzmUl+XBqSfY/gPCyJdAPOudflnFyptVv3BrmMQYEyJBeRnt2o5aYWd
q1w2wB2HPsEglm1K19gEoQIDAQABo4HfMIHcMAwGA1UdEwQFMAMBAf8wCwYDVR0P
BAQDAgEGMB0GA1UdDgQWBBQkrUZV1MeYpBcTnpsuT60UPRjCZjCBnwYDVR0jBIGX
MIGUgBQkrUZV1MeYpBcTnpsuT60UPRjCZqF5pHcwdTELMAkGA1UEBhMCVVMxCzAJ
BgNVBAgTAk1BMRAwDgYDVQQHEwdSZWFkaW5nMSEwHwYDVQQKExhHcnVuY2h3ZWF0
aGVyIEFzc29jaWF0ZXMxJDAiBgkqhkiG9w0BCQEWFXBvc3RtYXN0ZXJAaGFjdHJu
Lm5ldIIBADANBgkqhkiG9w0BAQUFAAOCAQEAMeBzm4x6hlwbcrR8AcjSP4S/8+pW
4WsmkuKlZMyP/E4rc2DpVBi9WRnLtQoQ+FDU47VkG1D97i+HYx1Ky7W8oU4YB3Xr
ptoAenVmiQOVnbMluuQlxBa8JbOizt+BzL0NJEC6gHvCYT5SmFFsJgXBQZNPpRJb
cDzuilf3b6vCFtRL+hD75VFLkljQWUWt59cNPGhtBItsq3q72LZ2ftPgk9ufC2h3
whlvaaZldSFGnPRcFgXYYUootSh0yUW2lIHn52s/tPRN6XXnrdz+cLUCCchSkPOi
Q9q/UFgaXUetsqlb56PINOrLZUpAfqC4xFBVVo2oI0ubFq173QlATQpn/w==
-----END CERTIFICATE-----
'''

try:
  ssl_cert_file = NamedTemporaryFile("w")
  ssl_cert_file.write(cacert)
  ssl_cert_file.flush()
  try:
    os.fchmod(ssl_cert_file.fileno(), 0600)
  except:
    pass
  os.environ["SSL_CERT_FILE"]  = ssl_cert_file.name # OpenSSL looks for this
  os.environ["GIT_SSL_CAINFO"] = ssl_cert_file.name # Git looks for this

  head = "https://git.cryptech.is/"
  tail = ".git"
  errs = 0

  for elt in ElementTree(file = urlopen(trac_page)).iter("{http://www.w3.org/1999/xhtml}tt"):
    if elt.text.startswith(head) and elt.text.endswith(tail):
      url  = elt.text
      repo = url[len(head):-len(tail)]
      pull = os.path.isdir(repo)
      print
      print url
      try:
        if pull:
          check_call(("git", "fetch", "--all"), cwd = repo)
          check_call(("git", "pull"), cwd = repo)
        else:
          check_call(("git", "clone", url, repo))
      except:
        print "** Error", "pulling" if pull else "cloning", repo
        errs += 1

finally:
  ssl_cert_file.close()

sys.exit(errs)
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-07 15:19:52 +0000