def slurp(path): if not os.path.exists(path): raise click.ClickException( '%s not found. Pegleg must be run from the root of a configuration' ' repository.' % path) with open(path, 'r') as f: try: # Ignore YAML tags, only construct dicts SafeConstructor.add_multi_constructor( '', lambda loader, suffix, node: None) return yaml.safe_load(f) except Exception as e: raise click.ClickException('Failed to parse %s:\n%s' % (path, e))
def read(path): """ Read the yaml file ``path`` and return its contents as a list of dicts """ if not os.path.exists(path): raise click.ClickException( '{} not found. Pegleg must be run from the root of a ' 'configuration repository.'.format(path)) def is_deckhand_document(document): # Deckhand documents only consist of control and application # documents. valid_schemas = ('metadata/Control', 'metadata/Document') if isinstance(document, dict): schema = document.get('metadata', {}).get('schema', '') # NOTE(felipemonteiro): The Pegleg site-definition.yaml is a # Deckhand-formatted document currently but probably shouldn't # be, because it has no business being in Deckhand. As such, # treat it as a special case. if "SiteDefinition" in document.get('schema', ''): return False if any(schema.startswith(x) for x in valid_schemas): return True else: LOG.debug( 'Document with schema=%s is not a valid Deckhand ' 'schema. Ignoring it.', schema) return False def is_pegleg_managed_document(document): return md.PeglegManagedSecretsDocument.is_pegleg_managed_secret( document) with open(path, 'r') as stream: # Ignore YAML tags, only construct dicts SafeConstructor.add_multi_constructor( '', lambda loader, suffix, node: None) try: return [ d for d in yaml.safe_load_all(stream) if d and ( is_deckhand_document(d) or is_pegleg_managed_document(d)) ] except yaml.YAMLError as e: raise click.ClickException('Failed to parse %s:\n%s' % (path, e))
def get_rendered_docs(site_name, validate=True): documents = [] # Ignore YAML tags, only construct dicts SafeConstructor.add_multi_constructor('', lambda loader, suffix, node: None) for filename in util.definition.site_files(site_name): with open(filename, 'r') as f: docs = yaml.safe_load_all(f) for doc in docs: # Managed documents may be encrypted, and require slight # alteration for rendering without decrypting. if doc['schema'] == 'pegleg/PeglegManagedDocument/v1': # Do not decrypt secret, but convert it from bytes to # string to pass schema validation. if 'encrypted' in doc['data'].keys(): doc['data']['managedDocument']['data'] = doc['data'][ 'managedDocument']['data'].decode() # Append the document if it was encrypted using the # encrypted string. If not, using original value. documents.append(doc['data']['managedDocument']) # File was not Pegleg managed, so it can be added directly. else: documents.append(doc) rendered_documents, errors = util.deckhand.deckhand_render( documents=documents, validate=validate) if errors: err_msg = '' for err in errors: if isinstance(err, tuple) and len(err) > 1: err_msg += ': '.join(err) + '\n' else: err_msg += str(err) + '\n' raise click.ClickException(err_msg) return rendered_documents
def get_rendered_docs(site_name, validate=True): documents = [] # Ignore YAML tags, only construct dicts SafeConstructor.add_multi_constructor('', lambda loader, suffix, node: None) for filename in util.definition.site_files(site_name): with open(filename, 'r') as f: documents.extend(list(yaml.safe_load_all(f))) rendered_documents, errors = util.deckhand.deckhand_render( documents=documents, validate=validate) if errors: err_msg = '' for err in errors: if isinstance(err, tuple) and len(err) > 1: err_msg += ': '.join(err) + '\n' else: err_msg += str(err) + '\n' raise click.ClickException(err_msg) return rendered_documents