summaryrefslogtreecommitdiffstats
path: root/config/utils
AgeCommit message (Collapse)AuthorFilesLines
2018-01-14[PDF] check-jinja: cleanup, compact outputAlexandru Avadanii1-16/+16
The Pharos git repo already has a CI verify job for `yamllint`-ing the PDF files (check-jinja input yaml), so drop that check and keep linting only output YAML files. While at it, slightly rework the output log to make it easier to read. Change-Id: I2e47902d71514709eb48432f87d6ce68fb795d73 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-01-14[PDF] check-jinja: Replace encrypted str w/ dummyAlexandru Avadanii1-1/+3
During PDF validation using `check-jinja.sh`, most if not all encrypted strings will fail to decrypt due to missing keys on the build server. The templater will fallback to using raw plaintext, leading to `line too long` yamllint violations. Since we don't care about the actual value of the unencrypted string, replace the encrypted one with a dummy (shorter) string. Change-Id: I0f96db0e055bf84ad43a1df4a0f2bd86cc50fd22 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-01-14[PDF] check-jinja: Disable check against templateAlexandru Avadanii1-1/+1
config/pdf/pod1*yaml files are not valid PDFs, but only templates. Trying to expand said files against installer adapters would lead to funky results, since most fields are expressed as '{val1|val2}' in the template files. Change-Id: Ieec4d596d0b5246aa506239183a31463951403e7 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-01-14[PDF] generate_config: eyaml only encrypted PDFsAlexandru Avadanii2-5/+9
Silence misleading warnings about failed decription for PDFs that do not use this feature. While at it, print yamllint version used by check-jinja.sh. Change-Id: Ica1ff90abaee8c9bb20996899c8f0a7527133618 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-12-20validate-pdf-jinja2-templates-master failingagardner2-4/+4
If keys do not exist, the skipping decryption python stuff doesn't work, see: https://build.opnfv.org/ci/job/validate-pdf-jinja2-templates-master/16/consoleFull Still does not fallback to plain in the case of a 'bad decryption', but the current code does not either, bad decryption is logged in any case. Change-Id: I8da2c7cf8568a6e77ca24cc9ce665410d93b7ba9 Signed-off-by: agardner <agardner@linuxfoundation.org>
2017-12-15Update the example config filename in eyaml READMEAlex Yang1-1/+1
The example configuration file in the directory pharos/config/utils/ is config.example.yaml. Change-Id: I493274e4ddb689eb729ed642b5f495b5be0b75b0 Signed-off-by: Alex Yang <yangyang1@zte.com.cn>
2017-12-13Update eyaml READMETrevor Bramwell1-1/+2
On CentOS7 systems the gem command is contained in the 'rubygems' package, not 'ruby-gems'. After the keys have been moved, there is not reason to keep around the 'keys' directory. Change-Id: I5cb9f474276de75b650ddf323a279e139fb62d37 Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
2017-12-09generate_config.py: Fix running without eyamlAlexandru Avadanii1-3/+7
If eyaml is not installed or misconfigured, we should output raw encrypted data and throw a warn/error accordingly, instead of bailing out completely. Needed for Fuel deploys on PODs that do not use PDF encryption, e.g. lf-pod2. Change-Id: I2905df11a3cf2f2eb1ab9bfd8bd88619af2cab04 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-11-24Jenkins does not have /usr/local/bin/ in pathagardner1-0/+1
Stupid jenkins Change-Id: Ibfd83e7dadd674cfe7d7a9c2a712ef069fb8d5de Signed-off-by: agardner <agardner@linuxfoundation.org>
2017-11-23Moving check-jinja2 to pharos.agardner1-0/+66
Securedlab will be going away now that we can encrypt strings (eyaml) we need to check jinja2 PDF templates that will be moving into pharos This adds one pod yaml files and fixes paths in check-jinja2.sh After this is merged I can create a jenkins job for pharos. Then I can start moving pdf files into the pharos repo Change-Id: I2f2f2925275de49035d7d0160249d75b25ca0d20 Signed-off-by: agardner <agardner@linuxfoundation.org>
2017-11-17generate_config: Use eyaml to decrypt secret valuesAlexandru Avadanii3-4/+101
Note: IDF data encryption is not supported. Supporting that is trivial, but it leads to slightly more complicated code, plus it breaks support for multiline scalar encrypted data in the PDF ('>'), forcing us to define each encrypted value as inline string. While at it, fix silly limitation of jinja2 path residing in a subdir of CWD. Change-Id: I441ec754d8b6e4aad2ed73aba0b9b18ed65f05f4 Signed-off-by: agardner <agardner@linuxfoundation.org> Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-09-26PDF: generate_config: Add IDF parsing supportAlexandru Avadanii1-0/+8
For a given 'podN.yaml' file, check whether a file named 'idf-podN.yaml' exists in the same directory, and if it does, pass its contents under the 'idf' dict key to the j2 template. This assumes the contents of IDF yaml have a root 'idf' key. Change-Id: I6c6f1b9f28c38989f8a6ed4a389c9a1da423d76d Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-09-18config/utils: Add generate_config.pyAlexandru Avadanii1-0/+53
Previously, generate_config.py resided in securedlab git repo, but since we want to be able to use it in both securedlab (for validation of new PDF files during verify jobs) and installer projects (for actually parsing the PDF file into usable installer inputs), we decided to move it to a common location, also available for regular users. This change merely replicates the file from securedlab git repo. Change-Id: I9ff7889e408338d3911853fe01b752b013de1db7 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>