Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Remove hard dependency on ipaplatform from ipapython, ipalib and ipaclient #271
paths: remove DEV_NULL
The platform-specific path to /dev/null is provided by the Python standard
Replace all uses of paths.DEV_NULL with os.devnull and remove DEV_NULL.
custodiainstance: automatic restart on config file update
Automatically restart Custodia during IPA server upgrade if custodia.conf
Use the new store class name in custodia.conf.template.
ipapython: move dnssec, p11helper and secrets to ipaserver
The dnssec and secrets subpackages and the p11helper module depend on
Move them to ipaserver as they are used only on the server.
ipapython: move certmonger and sysrestore to ipalib.install
The certmonger and sysrestore modules depend on ipaplatform.
Move them to ipalib.install as they are used only from installers.
certdb: move IPA NSS DB install functions to ipaclient.install
The create_ipa_nssdb() and update_ipa_nssdb() depend on ipaplatform.
Move them to ipaclient.install.client as they are used only from the client
certdb: use a temporary file to pass password to pk12util
Currently the PKCS#12 file password is passed via stdin and pk12util reads
Use a temporary file instead.
ipautil: remove SHARE_DIR and PLUGIN_SHARE_DIR
SHARE_DIR and PLUGIN_SHARE_DIR depend on ipaplatform.
Replace all uses of SHARE_DIR with paths.USR_SHARE_IPA_DIR and remove
ipautil: remove get_domain_name()
get_domain_name() and related code depends on ipaplatform.
Replace all uses of get_domain_name() with api.env.domain and remove
ipautil: remove the timeout argument of run()
The argument depends on the platform-specific timeout binary and is used
Call the timeout binary explicitly in ipaclient.ntpconf and remove the
ipautil: move is_fips_enabled() to ipaplatform.tasks
The FIPS setting is platform-specific.
ipautil: move kinit functions to ipalib.install
kinit_password() depends on ipaplatform.
Move kinit_password() as well as kinit_keytab() to a new
ipautil: move file encryption functions to installutils
The encrypt_file() and decrypt_file() functions depend on ipaplatform.
Move them to ipaserver.install.installutils, as they are only used for the
ipapython: remove hard dependency on ipaplatform
Use hard-coded paths to certutil, pk12util and openssl in certdb if
Hard-coded the path to setpasswd in ipautil.run() doc string.
Remove ipaplatform dependency from ipapython's setup.py and add ipapython
ipalib: move certstore to the install subpackage
The certstore module depends on ipaplatform.
Move it to ipalib.install, as it is used only from installers.
constants: remove CACERT
CACERT depends on ipaplatform.
Replace all uses of CACERT with paths.IPA_CA_CRT and remove CACERT.
ipalib: remove hard dependency on ipapython
Hard-code the path to /bin/false in SubprocessError doc string.
Remove ipaplatform dependency from ipalib's setup.py and add it as optional
ipaclient: move install modules to the install subpackage
The ipa_certupdate, ipachangeconf, ipadiscovery and ntpconf modules depend
Move them to ipaclient.install as they are used only from the client
ipaclient: remove hard dependency on ipaplatform
Hard-code the user cache directory path in ipaclient.remote_plugins.schema.
I do not have much trouble reviewing the whole PR, also it does not do that much and does not break tests (did not try integration) so I believe it's fine.
The changes seem fine, I especially dig moving parts only used in ipaserver/ipaclient to their respective submodules.
@jcholast I prefer small patches, that change just one aspect and are easily reviewable in a couple of minutes. The PR touches the entire code base. With 600 additions, more than 700 removals and 316 QC high-severity issues, it is going to take a week to merge it. Merge conflicts are already cumulating, too.
You have already split up your PR in a bunch of commits. It looks like most to all commits are unrelated and don't depend on each other. Basically your PR is an epic with a bunch of independent improvements. How about use the iterative approach and create a PR for each commit?
@jcholast Thanks, I'll add it as a comment to that ticket so that it's more visible to a potential community :)
edit: Removed the LGTM till the outlined necessary issues are fixed, I expect that to come with the rebase.
referenced this pull request
Nov 25, 2016
9117a5d paths: remove DEV_NULL