Port to py3.6 fixes SpriteLink#1252

Move to newest or replacement libs
Fix syntax to 3.6+
Overhaul strings to optimize performance and readability
Update build stuff to 3.6 + move docker img to 18.04/bionic

Dockerfile.nipapd

@@ -32,7 +32,7 @@
 # via a volume.
 #
 
-FROM ubuntu:xenial
+FROM ubuntu:bionic
 MAINTAINER Kristian Larsson <[email protected]>
 
 ENV DEBIAN_FRONTEND=noninteractive
@@ -44,19 +44,30 @@ RUN apt-get update -qy && apt-get upgrade -qy \
     libpq-dev \
     libsqlite3-dev \
     postgresql-client \
-    python \
-    python-all \
-    python-docutils \
-    python-pip \
-    python-dev \
- && pip --no-input install envtpl \
+    software-properties-common \
+    python3 \
+    python3-all \
+    python3-pip \
+    python3-dev \
+    libsasl2-dev \
+    libldap2-dev \
+    libssl-dev \
  && rm -rf /var/lib/apt/lists/*
 
+# Install any additional CA certs from ca_certs folder required by corp proxies etc
+RUN mkdir -p /usr/share/ca-certificates/extra
+COPY ca_certs/*.crt /usr/share/ca-certificates/extra/
+RUN ls /usr/share/ca-certificates/extra/*.crt | sed 's/\/usr\/share\/ca-certificates\///g' >> /etc/ca-certificates.conf
+RUN update-ca-certificates
+RUN pip3 install --upgrade pip
+RUN pip3 config set global.cert /etc/ssl/certs/ca-certificates.crt
+
 
 COPY nipap /nipap
 WORKDIR /nipap
-RUN pip --no-input install -r requirements.txt \
- && python setup.py install
+RUN pip3 install --no-input envtpl
+RUN pip3 --no-input install -r requirements.txt \
+ && python3 setup.py install
 
 EXPOSE 1337
 ENV LISTEN_ADDRESS=0.0.0.0 LISTEN_PORT=1337 SYSLOG=false DB_PORT=5432 DB_SSLMODE=disable

ca_certs/README.rst

@@ -0,0 +1,8 @@
+Custom CA Certs for docker containers
+=====================================
+If you need to include specific CA certs which you must trust, place them here
+in PEM format, named \*.crt.
+
+This may be required if you need to build the container from inside a network
+which uses a proxy or similar, or other dependencies towards internal services
+are included in your containers.

nipap/MANIFEST.in

@@ -1 +1,3 @@
 include README.rst MANIFEST.in
+include *.man.rst
+include requirements.txt

nipap/Makefile

@@ -1,7 +1,7 @@
 # $Id: Makefile,v 1.6 2011/04/18 17:14:00 lukagarb Exp $
 #
 
-PYTHON=`which python2`
+PYTHON=`which python3`
 DESTDIR=/
 BUILDIR=$(CURDIR)/debian/python-nipap-build
 PROJECT=nipap
@@ -38,7 +38,7 @@ test:
 check:
 
 upload:
-	python setup.py sdist upload
+	python3 setup.py sdist upload
 
 clean:
 	$(PYTHON) setup.py clean

nipap/debian/control

@@ -2,13 +2,13 @@ Source: nipap
 Maintainer: Lukas Garberg <[email protected]>
 Section: python
 Priority: optional
-Build-Depends: python (>= 2.7), debhelper (>= 7.4.3)
+Build-Depends: python (>= 3.6), debhelper (>= 7.4.3)
 Standards-Version: 4.4.0
 
 
 Package: nipap-common
 Architecture: all
-Depends: python (>= 2.7), ${misc:Depends}, python-pysqlite2, python-ipy
+Depends: python (>= 3.6), ${misc:Depends}, python-pysqlite2, python-ipy
 Suggests: python-ldap
 Description: Neat IP Address Planner
  The Neat IP Address Planner, NIPAP, is a system built for efficiently managing
@@ -17,7 +17,7 @@ Description: Neat IP Address Planner
 
 Package: nipapd
 Architecture: all
-Depends: debconf, nipap-common, python (>= 2.7), ${misc:Depends}, python-psycopg2, python-flask, python-flask-xml-rpc, python-flask-restful, python-flask-compress, python-tornado, python-parsedatetime, python-tz, python-dateutil, python-psutil, python-pyparsing, python-jwt, python-requests
+Depends: debconf, nipap-common, python (>= 3.6), ${misc:Depends}, python-psycopg2, python-flask, python-flask-xml-rpc, python-flask-restful, python-flask-compress, python-tornado, python-parsedatetime, python-tz, python-dateutil, python-psutil, python-pyparsing, python-jwt, python-requests
 Description: Neat IP Address Planner XML-RPC daemon
  The Neat IP Address Planner, NIPAP, is a system built for efficiently managing
  large amounts of IP addresses. This is the XML-RPC daemon.

nipap/entrypoint.sh

@@ -1,11 +1,12 @@
 #!/bin/sh
 
-envtpl --allow-missing /nipap/nipap.conf.dist -o /etc/nipap/nipap.conf
+envtpl --allow-missing --keep-template /nipap/nipap.conf.dist -o /etc/nipap/nipap.conf
+/bin/bash /nipap/wait-for-it.sh -t 60 $DB_HOST:$DB_PORT -- sleep 5
 
 /usr/sbin/nipap-passwd create-database
 if [ -n "$NIPAP_USERNAME" -a -n "$NIPAP_PASSWORD" ]; then
 	echo "Creating user '$NIPAP_USERNAME'"
 	/usr/sbin/nipap-passwd add --username $NIPAP_USERNAME --name "NIPAP user" --password $NIPAP_PASSWORD
 fi
-
+echo "Starting nipap daemon.."
 exec /usr/sbin/nipapd --debug --foreground --auto-install-db --auto-upgrade-db --no-pid-file

nipap/nipap-passwd

@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
 #
 # Manages NIPAP LocalAuth authentication database
 #
@@ -16,10 +16,11 @@ if __name__ == '__main__':
     # parse arguments
     parser = argparse.ArgumentParser(description='NIPAP User configuration')
     parser.add_argument('action',
-        metavar='{list, add, delete, modify, test-user, latest-version, create-database, upgrade-database}',
-        nargs='?', type=str,
-        choices=['list', 'add', 'delete', 'modify', 'test-user', 'latest-version', 'create-database', 'upgrade-database'],
-        help='define an action to execute')
+                        metavar='{list, add, delete, modify, test-user, latest-version, create-database, upgrade-database}',
+                        nargs='?', type=str,
+                        choices=['list', 'add', 'delete', 'modify', 'test-user', 'latest-version', 'create-database',
+                                 'upgrade-database'],
+                        help='define an action to execute')
     parser.add_argument('-u', '--username', dest='user', type=str,
                         help='username')
     parser.add_argument('-p', '--password', dest='password', type=str,
@@ -38,7 +39,7 @@ if __name__ == '__main__':
                         help="database file [default: read from config]")
     parser.add_argument('-c', '--config', dest='config',
                         default='/etc/nipap/nipap.conf', type=str, help=
-            'read configuration from CONFIG [default:/etc/nipap/nipap.conf]')
+                        'read configuration from CONFIG [default:/etc/nipap/nipap.conf]')
     parser.add_argument('--version', action='version',
                         version='nipap-passwd version %s' % nipap.__version__)
     args = parser.parse_args()
@@ -52,8 +53,8 @@ if __name__ == '__main__':
 
     try:
         cfg = NipapConfig(args.config)
-    except NipapConfigError, exc:
-        print >> sys.stderr, "The specified configuration file ('" + args.config + "') does not exist"
+    except NipapConfigError as exc:
+        print("The specified configuration file ('" + args.config + "') does not exist", file=sys.stderr)
         sys.exit(1)
 
     if args.db_file:
@@ -63,65 +64,69 @@ if __name__ == '__main__':
 
     if args.action == 'list':
         # print a nicely formatted list of users
-        header =  "%-20s %-25s %-7s %-7s" % ('username', 'real name', 'trusted', 'read only')
-        print "%s\n%s" % (header,''.join('-' for x in range(len(header))))
+        header = "{:<20} {:<25} {:<7} {:<7}".format('username', 'real name', 'trusted', 'read only')
+        print("{}\n{}".format(header, ''.join('-' for x in range(len(header)))))
         for u in a.list_users():
             if not args.user or args.user == u['username']:
-                print "%-20s %-25s %-7d %-7d" % (u['username'], u['full_name'], int(u['trusted']), int(u['readonly']))
+                print("%-20s %-25s %-7d %-7d" % (u['username'], u['full_name'], int(u['trusted']), int(u['readonly'])))
 
     elif args.action == 'test-user':
         if not args.user:
-            print "Please specify user with --user"
+            print("Please specify user with --user")
             sys.exit(1)
         if not args.password:
-            print "Please specify password with --password"
+            print("Please specify password with --password")
             sys.exit(1)
         af = nipap.authlib.AuthFactory()
         auth = af.get_auth(args.user, args.password, "nipap", {})
         if not auth.authenticate():
-            print "The username or password seems to be wrong"
+            print("The username or password seems to be wrong")
             sys.exit(2)
 
-        print "Username and password seem to be correct"
+        print("Username and password seem to be correct")
         sys.exit(0)
-    
+
     elif args.action == 'add':
         if not args.user:
-            print "Please specify user with --user"
+            print("Please specify user with --user")
             sys.exit(1)
         if not args.password:
-            print "Please specify password with --password"
+            print("Please specify password with --password")
             sys.exit(1)
         if not args.name:
-            print "Please specify name with --name"
+            print("Please specify name with --name")
             sys.exit(1)
         try:
             a.add_user(args.user, args.password, args.name, args.trusted, args.readonly)
-            print "Added user %s to database %s" % (args.user, cfg.get('auth.backends.local','db_path'))
+            print("Added user {} to database {}".format(args.user, cfg.get('auth.backends.local', 'db_path')))
         except nipap.authlib.AuthError as exc:
             if str(exc) == 'attempt to write a readonly database':
-                print "You do not have sufficient rights to write to database: %s" % (cfg.get('auth.backends.local','db_path'))
+                print("You do not have sufficient rights to write to database: %s" % (
+                    cfg.get('auth.backends.local', 'db_path')))
             elif str(exc) == 'column username is not unique':
-                print "Username '%s' already exists in the database: %s " % (args.user, cfg.get('auth.backends.local','db_path'))
+                print("Username '{}' already exists in the database: {} ".format(args.user,
+                                                                                 cfg.get('auth.backends.local',
+                                                                                         'db_path')))
             else:
-                print exc
+                print(exc)
 
     elif args.action == 'delete':
         try:
             if not args.user:
-                print "Please specify user with --user"
+                print("Please specify user with --user")
                 sys.exit(1)
             a.remove_user(args.user)
-            print "User %s deleted from database %s" % (args.user, cfg.get('auth.backends.local', 'db_path'))
+            print("User {} deleted from database {}".format(args.user, cfg.get('auth.backends.local', 'db_path')))
         except nipap.authlib.AuthError as exc:
             if str(exc) == 'attempt to write a readonly database':
-                print "You do not have sufficient rights to write to database: %s" % (cfg.get('auth.backends.local','db_path'))
+                print("You do not have sufficient rights to write to database: %s" % (
+                    cfg.get('auth.backends.local', 'db_path')))
             else:
-                print exc
+                print(exc)
 
     elif args.action == 'modify':
         if not args.user:
-            print "Please specify user with --user"
+            print("Please specify user with --user")
             sys.exit(1)
 
         data = {}
@@ -135,16 +140,17 @@ if __name__ == '__main__':
             data['readonly'] = args.readonly
 
         if len(data) == 0:
-            print "Please specify value to change"
+            print("Please specify value to change")
             sys.exit(1)
 
         try:
             a.modify_user(args.user, data)
         except nipap.authlib.AuthError as exc:
             if str(exc) == 'attempt to write a readonly database':
-                print "You do not have sufficient rights to write to database: %s" % (cfg.get('auth.backends.local','db_path'))
+                print("You do not have sufficient rights to write to database: %s" % (
+                    cfg.get('auth.backends.local', 'db_path')))
             else:
-                print exc
+                print(exc)
 
     elif args.action == 'upgrade-database':
         a._upgrade_database()
@@ -158,13 +164,13 @@ if __name__ == '__main__':
         try:
             latest = a._latest_db_version()
             if not latest:
-                print >> sys.stderr, "It seems your Sqlite database for local auth is out of date"
-                print >> sys.stderr, "Please run 'nipap-passwd upgrade-database' to upgrade your database."
+                print("It seems your Sqlite database for local auth is out of date", file=sys.stderr)
+                print("Please run 'nipap-passwd upgrade-database' to upgrade your database.", file=sys.stderr)
                 sys.exit(2)
-        except nipap.authlib.AuthSqliteError, e:
-            print >> sys.stderr, "Error checking version of Sqlite database for local auth: %s" % e
+        except nipap.authlib.AuthSqliteError as e:
+            print("Error checking version of Sqlite database for local auth: %s" % e, file=sys.stderr)
             sys.exit(1)
-        print "Sqlite database for local auth is of the latest version."
+        print("Sqlite database for local auth is of the latest version.")
         sys.exit(0)
 
     else: