SRE/LDAP/Renaming users/Gerrit
This page is currently a draft.
Material may not yet be complete, information may presently be omitted, and certain parts of the content may be subject to radical, rapid alteration. More information pertaining to this may be available on the talk page.
This page codifies what has been an ad-hoc proceedure to this point
Material may not yet be complete, information may presently be omitted, and certain parts of the content may be subject to radical, rapid alteration. More information pertaining to this may be available on the talk page.
This page codifies what has been an ad-hoc proceedure to this point
Renaming users in Gerrit involves fiddling in git quite a bit since Gerrit uses git as a database.
Gerrit uses the ldap cn as the user's username and full name. The uid is used for ssh and api access.
$ ssh [gerrit host]
user@gerrit:~ $ sudo su - gerrit2
gerrit2@gerrit:~ $ cd /srv/gerrit/All-Users
gerrit2@gerrit:~ $ git fetch origin refs/meta/external-ids:refs/meta/external-ids
gerrit2@gerrit:~ $ git checkout FETCH_HEAD
[run the rename account script]
gerrit2@gerrit:~ $ git add . && git commit -m 'Modify [user] commonname'
gerrit2@gerrit:~ $ git push origin HEAD:refs/meta/external-ids
gerrit2@gerrit:~ $ git fetch origin refs/users/[user-id]
gerrit2@gerrit:~ $ git checkout FETCH_HEAD
gerrit2@gerrit:~ $ git config -f account.config account.fullName [new username]
gerrit2@gerrit:~ $ git add account.config
gerrit2@gerrit:~ $ git commit -m 'modify user fullname'
gerrit2@gerrit:~ $ git push origin HEAD:refs/users/[user-id]
[back on your laptop reindex accounts]
$ ssh -p 29418 gerrit.wikimedia.org -- gerrit index start accounts --force
cn rename script
If changing the cn this is the script to use:
#!/bin/bash
set -euo pipefail
OLD_USERNAME="$1"
NEW_USERNAME="$2"
OLD_SHASUM=$(printf "gerrit:%s" "${OLD_USERNAME}" | shasum -a 1)
NEW_SHASUM=$(printf "gerrit:%s" "${NEW_USERNAME}" | shasum -a 1)
OLD_FILE=$(printf '%s/%s\n' "${OLD_SHASUM:0:2}" "${OLD_SHASUM:2:38}")
NEW_FILE=$(printf '%s/%s\n' "${NEW_SHASUM:0:2}" "${NEW_SHASUM:2:38}")
git mv "$OLD_FILE" "$NEW_FILE"
# Change username to lowercase in new file
sed -i "s/gerrit:${OLD_USERNAME}/gerrit:${NEW_USERNAME}/" "$NEW_FILE"
uid rename account script
If changing the `uid` this is the script to use:
#!/bin/bash
set -euo pipefail
OLD_USERNAME="$1"
NEW_USERNAME="$2"
OLD_SHASUM=$(printf "username:%s" "${OLD_USERNAME}" | shasum -a 1)
NEW_SHASUM=$(printf "username:%s" "${NEW_USERNAME}" | shasum -a 1)
OLD_FILE=$(printf '%s/%s\n' "${OLD_SHASUM:0:2}" "${OLD_SHASUM:2:38}")
NEW_FILE=$(printf '%s/%s\n' "${NEW_SHASUM:0:2}" "${NEW_SHASUM:2:38}")
git mv "$OLD_FILE" "$NEW_FILE"
# Change username to lowercase in new file
sed -i "s/username:${OLD_USERNAME}/username:${NEW_USERNAME}/" "$NEW_FILE"