wip

.github/workflows/ruff.yaml

@@ -0,0 +1,48 @@
+name: CI
+on: [ push, pull_request ]
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+      - name: Install dependencies
+        run: |
+          python -m pip install uv
+          uv venv
+          uv pip compile pyproject.toml --extra ci | uv pip install -r -
+      - name: ruff check
+        run: .venv/bin/ruff check --output-format=github .
+  format:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+      - name: Install dependencies
+        run: |
+          python -m pip install uv
+          uv venv
+          uv pip compile pyproject.toml --extra ci | uv pip install -r -
+      - name: ruff format
+        run: .venv/bin/ruff format --diff .
+  # test:
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #     - uses: actions/checkout@v4
+  #     - name: Install Python
+  #       uses: actions/setup-python@v5
+  #       with:
+  #         python-version: "3.11" # matrix?
+  #     - name: Install dependencies
+  #       run: |
+  #          python -m pip install uv
+  #          uv pip compile pyproject.toml --extra test -o requirements.txt
+  #          uv pip install -r requirements.txt
+  #     - name: pytest
+  #       run: pytest

buildbot_netauth/__init__.py

@@ -0,0 +1,82 @@
+from pathlib import Path
+
+import netauth
+from buildbot.www.auth import CustomAuth, UserInfoProviderBase
+from twisted.internet import defer
+
+
+class NetAuthAuth(CustomAuth):
+    """
+    NetAuth authentication provider
+
+    :param na_inst: a NetAuth instance (useful if also using the UserInfoProvider), optional
+    :param conf: path to a NetAuth config file, optional, ignored if `na_inst` is provided
+    :param kwargs: all other keyword arguments are passed to the NetAuth instance, if it is created internally
+    """
+
+    def __init__(self, *, na_inst: netauth.NetAuth | None = None, conf: Path | None = None, **kwargs):
+        if na_inst is not None:
+            self.netauth = na_inst
+            self.netauth.service_name = "buildbot"
+        else:
+            kwargs["service_name"] = "buildbot"
+            if conf is not None:
+                self.netauth = netauth.NetAuth.with_config(conf, **kwargs)
+            else:
+                self.netauth = netauth.NetAuth(**kwargs)
+            super().__init__()
+
+    def check_credentials(self, username: str, password: str) -> bool:
+        try:
+            self.netauth.auth_entity(username, password)
+            return True
+        except netauth.error.UnauthenticatedError:
+            return False
+
+
+class NetAuthUserInfo(UserInfoProviderBase):
+    """
+    NetAuth user info provider
+
+    :param na_inst: a NetAuth instance (useful if also using the UserInfoProvider), optional
+    :param conf: path to a NetAuth config file, optional, ignored if `na_inst` is provided
+    :param kwargs: all other keyword arguments are passed to the NetAuth instance, if it is created internally
+    """
+
+    def __init__(self, *, na_inst: netauth.NetAuth | None = None, conf: Path | None = None, **kwargs):
+        if na_inst is not None:
+            self.netauth = na_inst
+            self.netauth.service_name = "buildbot"
+        else:
+            kwargs["service_name"] = "buildbot"
+            if conf is not None:
+                self.netauth = netauth.NetAuth.with_config(conf, **kwargs)
+            else:
+                self.netauth = netauth.NetAuth(**kwargs)
+            super().__init__()
+
+    def getUserInfo(self, username):
+        try:
+            entity = self.netauth.entity_info(username)
+
+            if entity is None:
+                return defer.fail(ValueError("entity not found"))
+
+            id = entity.id
+            email = f"{id}@netauth"
+            if (meta := entity.meta) is not None:
+                full_name = meta.display_name or meta.legal_name or id
+                groups = meta.groups or []
+            else:
+                full_name = entity.id
+                groups = []
+
+            return defer.succeed(
+                {
+                    "email": email,
+                    "full_name": full_name,
+                    "groups": groups,
+                }
+            )
+        except netauth.error.NetAuthRpcError as e:
+            return defer.fail(e)

pyproject.toml

@@ -0,0 +1,56 @@
+[build-system]
+requires = ["setuptools", "setuptools-scm"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "buildbot-netauth"
+authors = [
+    {name = "classabbyamp", email = "dev@placeviolette.net"}
+]
+description = "buildbot plugin for integration with NetAuth"
+readme = "README.md"
+requires-python = ">=3.11"
+keywords = ["secure-access", "authentication-service", "netauth", "buildbot"]
+classifiers = [
+    "License :: OSI Approved :: MIT License",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+]
+packages=["netauth"]
+dynamic = ["version"]
+dependencies = [
+    "netauth",
+    "buildbot~=4.0.0",
+]
+
+[project.optional-dependencies]
+ci = [
+    "ruff",
+]
+publish = [
+    "twine",
+]
+
+[project.entry-points."buildbot.util"]
+NetAuthAuth = "buildbot_netauth:NetAuthAuth"
+NetAuthUserInfo = "buildbot_netauth:NetAuthUserInfo"
+
+[project.urls]
+Repository = "https://github.com/classabbyamp/buildbot-netauth"
+Changelog = "https://github.com/classabbyamp/buildbot-netauth/blob/master/CHANGELOG.md"
+
+[tool.setuptools.dynamic]
+version = {attr = "buildbot_netauth.__version__"}
+
+[tool.ruff]
+include = ["buildbot_netauth/**"]
+line-length = 120
+indent-width = 4
+target-version = "py311"
+
+[tool.ruff.format]
+quote-style = "double"
+indent-style = "space"
+skip-magic-trailing-comma = false
+line-ending = "lf"