diff options
Diffstat (limited to 'config/utils')
| -rwxr-xr-x | config/utils/check-jinja2.sh | 9 | ||||
| -rwxr-xr-x | config/utils/generate_config.py | 11 |
2 files changed, 13 insertions, 7 deletions
diff --git a/config/utils/check-jinja2.sh b/config/utils/check-jinja2.sh index 2953ff6a..c33bef50 100755 --- a/config/utils/check-jinja2.sh +++ b/config/utils/check-jinja2.sh @@ -17,6 +17,8 @@ INSTALLER_ADAPTERS='./config/installers/*' TMPF='/tmp/out.yml' # should be outside Jenkins WS to prevent data leakage RC=0 +echo "Using $(yamllint --version)" + # Build a table header, using ';' as column sep SUMMARY='PDF Verify Matrix;YAML Lint;' for adapter in ${INSTALLER_ADAPTERS}; do @@ -26,6 +28,7 @@ done # Iterate all PDFs, check with each installer adapter, log results while IFS= read -r lab_config; do valid_yaml='OK' + echo -e "\n###################### ${lab_config} ######################\n" echo -e "\n\nyamllint -s ${lab_config}" if ! yamllint -s "${lab_config}"; then valid_yaml='FAIL'; fi SUMMARY+="\n${lab_config#labs/};${valid_yaml};" @@ -40,7 +43,9 @@ while IFS= read -r lab_config; do echo 'Result: PASS' ((pdf_inst_pass+=1)) echo -e "\nyamllint -s ${jinja_template%.j2}" - if yamllint -s "${TMPF}"; then ((pdf_yaml_pass+=1)); fi + if yamllint -s <(sed 's|ENC\[PKCS.*\]|opnfv|g' "${TMPF}"); then + ((pdf_yaml_pass+=1)); + fi else echo 'Result: FAIL' RC=1 @@ -49,7 +54,7 @@ while IFS= read -r lab_config; do done < <(find "${adapter}" -name '*.j2') SUMMARY+="${pdf_yaml_pass}/${pdf_inst_pass}/${pdf_inst};" done -done < <(find 'config' 'labs' -name 'pod*.yaml') +done < <(find 'labs' -name 'pod*.yaml') rm -f "${TMPF}" echo -e '\n\nNOTE: tuple fmt: (valid YAML output/sucessful parse/templates).\n' diff --git a/config/utils/generate_config.py b/config/utils/generate_config.py index dfc6e6c4..cf558e28 100755 --- a/config/utils/generate_config.py +++ b/config/utils/generate_config.py @@ -52,18 +52,19 @@ ENV = Environment(loader=FileSystemLoader(os.path.dirname(ARGS.jinja2))) ENV.filters['ipaddr_index'] = ipaddr_index ENV.filters['dpkg_arch'] = dpkg_arch -# Run `eyaml decrypt` on the whole file, in case any PDF data is encrypted +# Run `eyaml decrypt` on the whole file, but only if PDF data is encrypted # Note: eyaml return code is 0 even if keys are not available try: - DICT = yaml.safe_load(check_output(['eyaml', 'decrypt', '-f', ARGS.yaml])) + if 'ENC[PKCS7' in open(ARGS.yaml).read(): + DICT = yaml.safe_load(check_output(['eyaml', 'decrypt', + '-f', ARGS.yaml])) except CalledProcessError as ex: - logging.error('eyaml decryption failed!') + logging.error('eyaml decryption failed! Fallback to raw data.') except OSError as ex: - logging.warn('eyaml not found, skipping decryption') + logging.warn('eyaml not found, skipping decryption. Fallback to raw data.') try: DICT['details'] except (NameError, TypeError) as ex: - logging.warn('PDF decryption skipped, fallback to using raw data.') with open(ARGS.yaml) as _: DICT = yaml.safe_load(_) |