diff options
| author |   Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2018-01-12 21:28:22 +0100 |
|---|---|---|
| committer | Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2018-01-14 03:06:33 +0100 |
| commit | d42a2fc9b70da0aa11a2b3fb1ca1948bfdb9f6b3 (patch) | |
| tree | b04cadc86330c8451bb561f751980a5d4accbab8 | |
| parent | 0208c3e6d059f634513e4ad87b393ebb555f58bc (diff) | |
[PDF] generate_config: eyaml only encrypted PDFs
Silence misleading warnings about failed decription for PDFs
that do not use this feature.
While at it, print yamllint version used by check-jinja.sh.
Change-Id: Ica1ff90abaee8c9bb20996899c8f0a7527133618
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
| -rwxr-xr-x | config/utils/check-jinja2.sh | 3 | ||||
| -rwxr-xr-x | config/utils/generate_config.py | 11 |
2 files changed, 9 insertions, 5 deletions
diff --git a/config/utils/check-jinja2.sh b/config/utils/check-jinja2.sh index 2953ff6a..8a966e52 100755 --- a/config/utils/check-jinja2.sh +++ b/config/utils/check-jinja2.sh @@ -17,6 +17,8 @@ INSTALLER_ADAPTERS='./config/installers/*' TMPF='/tmp/out.yml' # should be outside Jenkins WS to prevent data leakage RC=0 +echo "Using $(yamllint --version)" + # Build a table header, using ';' as column sep SUMMARY='PDF Verify Matrix;YAML Lint;' for adapter in ${INSTALLER_ADAPTERS}; do @@ -26,6 +28,7 @@ done # Iterate all PDFs, check with each installer adapter, log results while IFS= read -r lab_config; do valid_yaml='OK' + echo -e "\n###################### ${lab_config} ######################\n" echo -e "\n\nyamllint -s ${lab_config}" if ! yamllint -s "${lab_config}"; then valid_yaml='FAIL'; fi SUMMARY+="\n${lab_config#labs/};${valid_yaml};" diff --git a/config/utils/generate_config.py b/config/utils/generate_config.py index dfc6e6c4..cf558e28 100755 --- a/config/utils/generate_config.py +++ b/config/utils/generate_config.py @@ -52,18 +52,19 @@ ENV = Environment(loader=FileSystemLoader(os.path.dirname(ARGS.jinja2))) ENV.filters['ipaddr_index'] = ipaddr_index ENV.filters['dpkg_arch'] = dpkg_arch -# Run `eyaml decrypt` on the whole file, in case any PDF data is encrypted +# Run `eyaml decrypt` on the whole file, but only if PDF data is encrypted # Note: eyaml return code is 0 even if keys are not available try: - DICT = yaml.safe_load(check_output(['eyaml', 'decrypt', '-f', ARGS.yaml])) + if 'ENC[PKCS7' in open(ARGS.yaml).read(): + DICT = yaml.safe_load(check_output(['eyaml', 'decrypt', + '-f', ARGS.yaml])) except CalledProcessError as ex: - logging.error('eyaml decryption failed!') + logging.error('eyaml decryption failed! Fallback to raw data.') except OSError as ex: - logging.warn('eyaml not found, skipping decryption') + logging.warn('eyaml not found, skipping decryption. Fallback to raw data.') try: DICT['details'] except (NameError, TypeError) as ex: - logging.warn('PDF decryption skipped, fallback to using raw data.') with open(ARGS.yaml) as _: DICT = yaml.safe_load(_) |