git://git.onelab.eu / sfa.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fix threading, ignore operation in decode_authentication when it is none
[sfa.git] / registry / import.py
diff --git a/registry/import.py b/registry/import.py
index 542ee7a..122c76f 100644 (file)
--- a/registry/import.py
+++ b/registry/import.py
@@ -1,13 +1,33 @@
+##
+# Import PLC records into the Geni database. It is indended that this tool be
+# run once to create Geni records that reflect the current state of the
+# planetlab database.
+#
+# The import tool assumes that the existing PLC hierarchy should all be part
+# of "planetlab.us" (see the root_auth and level1_auth variables below).
+#
+# Public keys are extracted from the users' SSH keys automatically and used to
+# create GIDs. This is relatively experimental as a custom tool had to be
+# written to perform conversion from SSH to OpenSSL format. It only supports
+# RSA keys at this time, not DSA keys.
+##
+
 import getopt
 import sys
 import tempfile
 
 from cert import *
+from trustedroot import *
 from hierarchy import *
 from record import *
+from genitable import *
+from misc import *
 
 shell = None
 
+##
+# Two authorities are specified: the root authority and the level1 authority.
+
 root_auth = "planetlab"
 level1_auth = "planetlab.us"
 
@@ -161,16 +181,45 @@ def import_site(parent_hrn, site):
         if slices:
             import_slice(hrn, slices[0])
 
+def create_top_level_auth_records(hrn):
+    parent_hrn = get_authority(hrn)
+
+    auth_info = AuthHierarchy.get_auth_info(parent_hrn)
+    table = get_auth_table(parent_hrn)
+
+    sa_record = table.resolve("sa", hrn)
+    if not sa_record:
+        sa_record = GeniRecord(name=hrn, gid=auth_info.get_gid_object(), type="sa", pointer=-1)
+        report.trace("  inserting sa record for " + hrn)
+        table.insert(sa_record)
+
+    ma_record = table.resolve("ma", hrn)
+    if not ma_record:
+        ma_record = GeniRecord(name=hrn, gid=auth_info.get_gid_object(), type="ma", pointer=-1)
+        report.trace("  inserting ma record for " + hrn)
+        table.insert(ma_record)
+
 def main():
     global AuthHierarchy
+    global TrustedRoots
 
     process_options()
 
     AuthHierarchy = Hierarchy()
+    TrustedRoots = TrustedRootList()
+
+    print "Import: creating top level authorities"
+
     if not AuthHierarchy.auth_exists(root_auth):
         AuthHierarchy.create_auth(root_auth)
+    #create_top_level_auth_records(root_auth)
     if not AuthHierarchy.auth_exists(level1_auth):
         AuthHierarchy.create_auth(level1_auth)
+    create_top_level_auth_records(level1_auth)
+
+    print "Import: adding", root_auth, "to trusted list"
+    root = AuthHierarchy.get_auth_info(root_auth)
+    TrustedRoots.add_gid(root.get_gid_object())
 
     connect_shell()
 
sfa