def getRevocationList():
"""
Load the list of revoked playbook snippet hashes from the egg
Returns:
dictionary of revocation list entries (name, hash)
"""
try:
# Import revoked list yaml. The yaml is structured as a list of lists, so we can reuse the playbook signing and
# verification code. There will only ever be one list, so we just grab the first element...
revoked_playbooks = yaml.load(
pkgutil.get_data('insights', 'revoked_playbooks.yaml'))[0]
except Exception:
raise PlaybookVerificationError(
message='VERIFICATION FAILED: Error loading revocation list')
# verify the list signature!
verified, snippetHash = verifyPlaybookSnippet(revoked_playbooks)
if not verified:
raise PlaybookVerificationError(
message='VERIFICATION FAILED: Revocation list signature invalid')
revocationList = revoked_playbooks.get('revoked_playbooks', [])
return revocationList
def loadPlaybookYaml(playbook):
"""
Load playbook yaml using current yaml library implementation
output: playbook yaml
"""
try:
playbookYaml = yaml.load(playbook)
return playbookYaml
except:
raise PlaybookVerificationError(
message=
"PLAYBOOK VERIFICATION FAILURE: Failed to load playbook yaml because yaml is not valid"
)
def loadPlaybookYaml(playbook):
"""
Load playbook yaml using current yaml library implementation
output: playbook yaml
"""
return yaml.load(playbook)