gitzone

gitzone (12898B)

---

 #!/usr/bin/env perl
 
 # gitzone - git-based zone file management tool for BIND
 #
 # Copyright (C) 2011 - 2013 Dyne.org Foundation
 #
 # This program is free software: you can redistribute it and/or modify it under
 # the terms of the GNU Affero General Public License as published by the Free
 # Software Foundation, either version 3 of the License, or (at your option) any
 # later version.
 #
 # This program is distributed in the hope that it will be useful, but WITHOUT
 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
 # FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more
 # details.
 #
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 
 # This program is called from a pre-receive & post-receive or pre-commit &
 # post-commit git hook. If a push is made to the master branch, changed files
 # are validated with named-checkzone>. The push or commit is rejected if there's
 # an error in one of the zone files specified in the config file. If everything
 # is OK, the zone files are copied to $zone_dir and the zone is reloaded with
 # the following command: rndc reload $zone $class $view
 
 use warnings;
 use strict;
 use POSIX qw/strftime/;
 use Cwd qw/cwd realpath/;
 use File::Basename qw/fileparse basename/;
 use File::Temp;
 use File::Path;
 use File::Spec;
 
 @ARGV >= 2 or die "Usage: gitzone /path/to/gitzone.conf <command>\n";
 chdir '.git' if -d '.git';
 basename(realpath) eq '.git' or die "gitzone has to be run from a .git directory\n";
 
 my $lock_file = realpath '.gitzone-lock';
 my $list_file = realpath '.gitzone-list';
 my $stash_file;
 my $read_only = 0;
 chdir '..';
 
 our $user = getpwuid $<;
 our $repo = basename realpath;
 our ($zone_dir, $git, $named_checkzone, $rndc, $class, $default_view, $update_record, $unrestricted_includes, $max_depth, $repos, $verbosity);
 
 my ($config_file, $cmd) = @ARGV;
 do $config_file or die "Can't load config: $!\n";
 
 my (%files, @zones, @changed_files, $date, $cleanup);
 delete $ENV{GIT_DIR};
 
 !-e $lock_file or die "Error: lock file exists\n";
 open FILE, '>', $lock_file or die $!; close FILE;
 
 sub cleanup { unlink $lock_file; &$cleanup() if ref $cleanup }
 sub clean_exit { cleanup; exit shift }
 $SIG{__DIE__} = \&cleanup;
 
 ($_ = $cmd) &&
     /^pre-receive$/ && pre_receive() ||
     /^post-receive$/ && post_receive() ||
     /^pre-commit$/ && pre_commit() ||
     /^post-commit$/ && post_commit() ||
     $update_record && /^update-record$/ && update_record($ARGV[2]);
 cleanup;
 
 sub git {
     my ($args, $print, $ret) = @_;
     $ret ||=0;
     print "% git $args\n" if $verbosity >= 2;
     $_ = `$git $args 2>&1`;
     $print = 1 if !defined $print && $verbosity >= 1;
     if ($print) {
 	#my $cwd = cwd; s/$cwd//g; # print relative paths
 	print;
     }
     if ($ret >= 0 && $? >> 8 != $ret) {
 	my ($package, $filename, $line) = caller;
 	print;
 	die "Died at line $line.\n";
     }
     return $_;
 }
 
 # Load BIND config files specified in the $repos config variable.
 # First load the -default key, then the $repo key.
 sub load_repo_config {
     my $key = shift || '-default';
 
     # move files not in a dir to a . dir for easier processing
     for my $file (keys %{$repos->{$key}}) {
 	next if ref $repos->{$key}->{$file} eq 'HASH';
 	$repos->{$key}->{'.'}->{$file} = $repos->{$key}->{$file};
 	delete $repos->{$key}->{$file};
     }
 
     for my $dir (keys %{$repos->{$key}}) {
 	my $d = $repos->{$key}->{$dir};
 	for my $file (keys %$d) {
 	    $d->{$file} = $default_view if $d->{$file} eq 1;
 	    $d->{$file} = [$d->{$file}] if ref $d->{$file} ne 'ARRAY';
 	    next unless $file =~ m,^/,;
 	    if (-f $file) {
 		open FILE, '<', $file or die $!;
 		while (<FILE>) {
 		    if (/^\s*zone\s+"([^"]+)"/) {
 			$repos->{$repo}->{$dir}->{$1} = $d->{$file};
 		    }
 		}
 		close FILE;
 	    }
 	    delete $d->{$file} if $key ne '-default';
 	}
     }
 
     load_repo_config($repo) if $key eq '-default';
 }
 
 sub check_what_changed {
     my ($old, $new) = @_;
 
     # diff with empty tree if there's no previous commit
     if (!$old || $old =~ /^0+$/) {
 	$_ = git "diff-tree --root $new";
     } else {
 	$_ = git "diff --raw --abbrev=40 ". ($new ? "$old..$new" : $old);
     }
 
     # parse diff output, add only valid zone names to %files for parsing
     $files{$1} = 0 while m,^:(?:[\w.]+\s+){5}(?:[A-Za-z0-9./-]+\s+)?([A-Za-z0-9./-]+)$,gm;
 }
 
 sub process_files {
     $files{$_} = 0 for @_;
     process_file($_) for keys %files;
     check_zones();
 
     if (@changed_files && !$read_only) {
 	print "adding changed files: @changed_files\n" if $verbosity >= 2;
 	git "add @changed_files";
     }
 }
 
 sub process_file {
     my ($file, $depth) = @_;
     my (@newfile, $changed, @inc_by);
     print ">> process_file($file)\n" if $verbosity >= 3;
 
     return 0 if $files{$file}; # already processed
     return -1 unless -f $file;
 
     print ">>> processing $file\n" if $verbosity >= 3;
     $files{$_}++;
 
     open FILE, '<', $file or die $!;
     my $n = 0;
     while (<FILE>) {
 	$n++;
 	my $line = $_;
 	if (/^(.*)(\b\d+\b)(.*?;AUTO_INCREMENT\b.*)$/) {
 	    # increment serial where marked with ;AUTO_INCREMENT
 	    # if length of serial is 10 and starts with 20 treat it as a date
 	    my ($a,$s,$z) = ($1,int $2,$3);
 	    $date ||= strftime '%Y%m%d', localtime;
 	    $s = ($s =~ /^$date/ || $s < 2000000000 || $s >= 2100000000) ? $s + 1 : $date.'00';
 	    $line = "$a$s$z\n";
 	    $changed = 1;
 	} elsif (/^(\s*\$INCLUDE\s+)(\S+)(.*)$/) {
 	    my ($a,$inc_file,$z) = ($1,$2,$3);
 	    unless ($unrestricted_includes) {
 		# check $INCLUDE lines for files outside the repo dir
 		unless ($inc_file =~ m,^$repo/, && $inc_file !~ /\.\./) {
 		    close FILE;
 		    die "Error in $file:$n: invalid included file name, it should start with: $repo/\n";
 		}
 	    }
 
 	    # Try and feed INCLUDE files with relative path names into the list.
 	    # This should allow having a common header with an AUTO_INCREMENTed serial number.
 	    if ($inc_file =~ m|^$repo/(.*)|) {
 		push (@inc_by, $1);
 	    }
 	} else {
 	    if ($n == 1 && /^;INCLUDED_BY\s+(.*)$/) {
 		push(@inc_by, split /\s+/, $1);
 	    }
 	}
 	push @newfile, $line;
     }
     close FILE;
 
     if ($changed && !$read_only) {
 	print ">>> $file changed, saving\n" if $verbosity >= 3;
 
 	open FILE, '>', $file or die $!;
 	print FILE for @newfile;
 	close FILE;
 
 	push @changed_files, $file;
     }
 
     if ($depth++ < $max_depth) {
 	process_file($_, $depth) for @inc_by;
     } else {
 	print "Warning: ;INCLUDED_BY is followed only up to $max_depth levels,\n".
 	    "  the following files are not reloaded: @inc_by\n";
     }
 
     return 1;
 }
 
 sub check_zones {
     print ">> check_zones: ,",%files,"\n" if $verbosity >= 3;
     for my $file (keys %files) {
 	my ($zone, $dir) = fileparse $file;
 	$zone =~ s/\.signed$//;
 	$dir = substr $dir, 0, -1;
 	# skip files with errors and those that are not in the config
 	next unless $files{$file} > 0 && exists $repos->{$repo}->{$dir}->{$zone};
 
 	print "Checking zone $zone\n";
 	print `$named_checkzone -w .. '$zone' '$repo/$file'`;
 	clean_exit 1 if $?; # error, reject push
 	push @zones, $file;
     }
 }
 
 sub save_list_file {
     if (@zones) {
 	print "Zone check passed: @zones\n";
 	# save changed zone list for post-receive hook
 	open FILE, '>>', $list_file or die $!;
 	print FILE join(' ', @zones), "\n";
 	close FILE;
     } else {
 	print "No zones to reload\n";
     }
 }
 
 sub load_list_file {
     return unless -f $list_file;
     my %zones;
     open FILE, '<', $list_file or die $!;
     while (<FILE>) {
 	$zones{$_} = 1 for split /[\s\n\r]+/;
     }
     close FILE;
     @zones = keys %zones;
 }
 
 sub install_zones {
     print "Reloading changed zones: @zones\n";
 
     my $cwd = cwd;
 
     chdir "$zone_dir/$repo" or die $!;
     git "clone $cwd ." unless -d '.git';
     git 'fetch';
     git 'reset --hard remotes/origin/master';
 
     for my $file (@zones) {
 	my ($zone, $dir) = fileparse $file;
 	$zone =~ s/\.signed$//;
 	$dir = substr $dir, 0, -1;
 	my $view = $repos->{$repo}->{$dir}->{$zone};
 	print "$_/$zone: ", `$rndc reload '$zone' $class $_` for @$view;
     }
 
     unlink $list_file;
 }
 
 # save working dir state
 # (git stash wouldn't work without conflicts if there's a
 # change in both the index & working tree in the same file)
 sub stash_save {
     $stash_file = File::Temp::tempnam('.git', '.gitzone-stash-');
     print "Saving working tree to $stash_file\n";
     git "update-index --refresh -q", 0, -1;
     git "diff >$stash_file";
     git 'checkout .';
 }
 
 # restore working dir
 sub stash_pop {
     print "Restoring working tree from $stash_file\n";
     git "apply --reject --whitespace=nowarn $stash_file", 1, -1;
     unlink $stash_file unless $?;
 }
 
 sub pre_receive {
     my ($old, $new, $ref);
 
     while (<STDIN>) { # <old-value> SP <new-value> SP <ref-name> LF
 	print if $verbosity >= 1;
 	next unless m,(\w+) (\w+) ([\w/]+),;
 	next if $3 ne 'refs/heads/master'; # only process master branch
 	die "Denied branch 'new', choose another name\n" if $3 eq 'refs/head/new';
 	($old, $new, $ref) = ($1, $2, $3);
     }
 
     # nothing for master branch, exit
     clean_exit 0 unless $ref;
 
     # Figure out the paths for the repo, and the temporary checkout location.
     my $base_cwd = cwd;
     my @dir = File::Spec->splitdir($base_cwd);
     my $repo_name = $dir[$#dir];
     $dir[$#dir] .= '_tmp';
     push(@dir, $repo_name);
     my $tmp_dir = join('/', @dir);
 
     # Do the diff and find out exactly what changed.
     # This must be done before the chdir below.
     check_what_changed($old, $new);
 
     # Make the temporary directory from scratch.
     File::Path->remove_tree($tmp_dir, verbose => 1);
     File::Path->make_path($tmp_dir, verbose => 1);
 
     # Extract the new commit.
     # We do this with git archive, and then extract the resulting tar in the temporary directory.
     # There really should be a better way to do this, but I can't find one.
     git "archive $new | tar -C $tmp_dir -xf -";
 
     # chdir into the temporary directory.
     chdir $tmp_dir or die $!;
 
     # Go read only, no actual changes in the pre-release hook.
     $read_only = 1;
 
     load_repo_config;
     process_files;
 
     # Go back to the repo.
     chdir $base_cwd;
 }
 
 sub pre_commit {
     stash_save;
 
     $cleanup = sub {
 	# reset any changes, e.g. auto inc.
 	git 'checkout .';
 	stash_pop;
     };
 
     git 'rev-parse --verify HEAD', 0, -1;
     check_what_changed($? ? undef : 'HEAD');
     load_repo_config;
     process_files;
 
     $cleanup = sub {
 	stash_pop;
     };
 
     save_list_file;
 }
 
 sub post_receive {
     my ($old, $new, $ref);
 
     while (<STDIN>) { # <old-value> SP <new-value> SP <ref-name> LF
 	print if $verbosity >= 1;
 	next unless m,(\w+) (\w+) ([\w/]+),;
 	next if $3 ne 'refs/heads/master'; # only process master branch
 	die "Denied branch 'new', choose another name\n" if $3 eq 'refs/head/new';
 	($old, $new, $ref) = ($1, $2, $3);
     }
 
     # nothing for master branch, exit
     clean_exit 0 unless $ref;
 
     # Repeat the check_what_changed from the pre_receive.
     check_what_changed($old, $new);
 
     print "\n";
 
     # Grab the current master.
     git 'checkout -f master';
 
     load_repo_config;
 
     # Go through and process the files again, this time allowing changes.
     # All of the AUTO_INCREMENT stuff happens here.
     # The zone files are checked a second time as well.
     process_files;
 
     # Commit any auto increment changes.
     if (@changed_files) {
 	git "commit -nm 'auto increment: @changed_files'", 1;
     }
 
     # Actually install the new zone files.
     install_zones;
 
     if (@changed_files) {
 	print "Done. Auto increment applied, don't forget to pull.\n";
     } else {
 	print "Done.\n";
     }
 }
 
 sub post_commit {
     print "\n";
 
     load_repo_config;
     load_list_file;
     install_zones;
     print "Done.\n";
 }
 
 sub update_record {
     my ($c, $file, @record) = split /\s+/, shift;
     my ($ip) = $ENV{SSH_CLIENT} =~ /^([\d.]+|[a-f\d:]+)\s/i or die "Invalid IP address\n";
     my $re = qr/^\s*/i;
     $re = qr/$re$_\s+/i for (@record);
     my $matched = 0;
     my $changed = 0;
     my @newfile;
 
     git 'checkout -f master';
 
     open FILE, '<', $file or die "$file: $!";
     while (<FILE>) {
 	my $line = $_;
 	if (!$matched && s/($re)([\d.]+|[a-f\d:]+)/$1$ip/i) {
 	    print "Matched record:\n$line";
 	    $matched = 1;
 	    if ($line ne "$1$ip\n") {
 		$changed = 1;
 		$line = "$1$ip\n";
 		print "Updating it with:\n$line";
 	    } else {
 		print "Not updating: already up-to-date\n";
 		close FILE;
 		clean_exit 0;
 	    }
 	}
 	push @newfile, $line;
     }
     close FILE;
     die "No matching record in $file: @record\n" unless $matched;
 
     open FILE, '>', $file or die $!;
     print FILE for @newfile;
     close FILE;
 
     git "commit -nm 'update-record: $file' '$file'", 1;
 
     load_repo_config;
     process_files $file;
     git "commit -nm 'auto increment: @changed_files'", 1 if @changed_files;
     install_zones if @zones;
 }