summaryrefslogtreecommitdiffstats
path: root/config/utils
AgeCommit message (Collapse)AuthorFilesLines
2017-12-20validate-pdf-jinja2-templates-master failingagardner2-4/+4
If keys do not exist, the skipping decryption python stuff doesn't work, see: https://build.opnfv.org/ci/job/validate-pdf-jinja2-templates-master/16/consoleFull Still does not fallback to plain in the case of a 'bad decryption', but the current code does not either, bad decryption is logged in any case. Change-Id: I8da2c7cf8568a6e77ca24cc9ce665410d93b7ba9 Signed-off-by: agardner <agardner@linuxfoundation.org>
2017-12-15Update the example config filename in eyaml READMEAlex Yang1-1/+1
The example configuration file in the directory pharos/config/utils/ is config.example.yaml. Change-Id: I493274e4ddb689eb729ed642b5f495b5be0b75b0 Signed-off-by: Alex Yang <yangyang1@zte.com.cn>
2017-12-13Update eyaml READMETrevor Bramwell1-1/+2
On CentOS7 systems the gem command is contained in the 'rubygems' package, not 'ruby-gems'. After the keys have been moved, there is not reason to keep around the 'keys' directory. Change-Id: I5cb9f474276de75b650ddf323a279e139fb62d37 Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
2017-12-09generate_config.py: Fix running without eyamlAlexandru Avadanii1-3/+7
If eyaml is not installed or misconfigured, we should output raw encrypted data and throw a warn/error accordingly, instead of bailing out completely. Needed for Fuel deploys on PODs that do not use PDF encryption, e.g. lf-pod2. Change-Id: I2905df11a3cf2f2eb1ab9bfd8bd88619af2cab04 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-11-24Jenkins does not have /usr/local/bin/ in pathagardner1-0/+1
Stupid jenkins Change-Id: Ibfd83e7dadd674cfe7d7a9c2a712ef069fb8d5de Signed-off-by: agardner <agardner@linuxfoundation.org>
2017-11-23Moving check-jinja2 to pharos.agardner1-0/+66
Securedlab will be going away now that we can encrypt strings (eyaml) we need to check jinja2 PDF templates that will be moving into pharos This adds one pod yaml files and fixes paths in check-jinja2.sh After this is merged I can create a jenkins job for pharos. Then I can start moving pdf files into the pharos repo Change-Id: I2f2f2925275de49035d7d0160249d75b25ca0d20 Signed-off-by: agardner <agardner@linuxfoundation.org>
2017-11-17generate_config: Use eyaml to decrypt secret valuesAlexandru Avadanii3-4/+101
Note: IDF data encryption is not supported. Supporting that is trivial, but it leads to slightly more complicated code, plus it breaks support for multiline scalar encrypted data in the PDF ('>'), forcing us to define each encrypted value as inline string. While at it, fix silly limitation of jinja2 path residing in a subdir of CWD. Change-Id: I441ec754d8b6e4aad2ed73aba0b9b18ed65f05f4 Signed-off-by: agardner <agardner@linuxfoundation.org> Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-09-26PDF: generate_config: Add IDF parsing supportAlexandru Avadanii1-0/+8
For a given 'podN.yaml' file, check whether a file named 'idf-podN.yaml' exists in the same directory, and if it does, pass its contents under the 'idf' dict key to the j2 template. This assumes the contents of IDF yaml have a root 'idf' key. Change-Id: I6c6f1b9f28c38989f8a6ed4a389c9a1da423d76d Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-09-18config/utils: Add generate_config.pyAlexandru Avadanii1-0/+53
Previously, generate_config.py resided in securedlab git repo, but since we want to be able to use it in both securedlab (for validation of new PDF files during verify jobs) and installer projects (for actually parsing the PDF file into usable installer inputs), we decided to move it to a common location, also available for regular users. This change merely replicates the file from securedlab git repo. Change-Id: I9ff7889e408338d3911853fe01b752b013de1db7 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>