예제 #1
0
def test_contextual_log_handler(context, mocker):
    contextual_path = os.path.join(context.config['artifact_dir'], "test.log")
    swlog.log.setLevel(logging.DEBUG)
    with swlog.contextual_log_handler(context, path=contextual_path):
        swlog.log.info("foo")
    swlog.log.info("bar")
    with open(contextual_path, "r") as fh:
        contents = fh.read().splitlines()
    assert len(contents) == 1
    assert contents[0].endswith("foo")
예제 #2
0
def test_contextual_log_handler(context, mocker):
    contextual_path = os.path.join(context.config['artifact_dir'], "test.log")
    swlog.log.setLevel(logging.DEBUG)
    with swlog.contextual_log_handler(context, path=contextual_path):
        swlog.log.info("foo")
    swlog.log.info("bar")
    with open(contextual_path, "r") as fh:
        contents = fh.read().splitlines()
    assert len(contents) == 1
    assert contents[0].endswith("foo")
예제 #3
0
async def verify_chain_of_trust(chain):
    """Build and verify the chain of trust.

    Args:
        chain (ChainOfTrust): the chain we're operating on

    Raises:
        CoTError: on failure
    """
    log_path = os.path.join(chain.context.config["task_log_dir"],
                            "chain_of_trust.log")
    with contextual_log_handler(
            chain.context,
            path=log_path,
            log_obj=log,
            formatter=AuditLogFormatter(
                fmt=chain.context.config['log_fmt'],
                datefmt=chain.context.config['log_datefmt'],
            )):
        try:
            # build LinkOfTrust objects
            await build_task_dependencies(chain, chain.task, chain.name,
                                          chain.task_id)
            # download the signed chain of trust artifacts
            await download_cot(chain)
            # verify the signatures and populate the ``link.cot``s
            verify_cot_signatures(chain)
            # download all other artifacts needed to verify chain of trust
            await download_firefox_cot_artifacts(chain)
            # verify the task types, e.g. decision
            task_count = await verify_task_types(chain)
            check_num_tasks(chain, task_count)
            # verify the worker_impls, e.g. docker-worker
            await verify_worker_impls(chain)
            await trace_back_to_firefox_tree(chain)
        except (DownloadError, KeyError, AttributeError) as exc:
            log.critical("Chain of Trust verification error!", exc_info=True)
            if isinstance(exc, CoTError):
                raise
            else:
                raise CoTError(str(exc))
        log.info("Good.")