def test_read(tmpdir):
# This will throw an error if yaml attempts to read the tag.
with open(os.path.join(tmpdir, "invalid.yaml"), "w") as invalid_yaml:
invalid_yaml.write("!!python/name:fake_class''\n")
files.read(os.path.join(tmpdir, "invalid.yaml"))
# Under PyYAML's default behavior, the tag !!python/name:builtins.int
# will be parsed into the method int. files.read should ignore this tag.
with open(os.path.join(tmpdir, "valid.yaml"), "w") as valid_yaml:
valid_yaml.write("!!python/name:builtins.int ''\n")
read_files = files.read(os.path.join(tmpdir, "valid.yaml"))
# Assert that the tag was not parsed into the method int
assert int not in read_files
def generate_passphrases(site_name,
save_location,
author,
passphrase_catalog=None,
interactive=False,
force_cleartext=False):
"""
Look for the site passphrase catalogs, and for every passphrase entry in
the passphrase catalog generate a passphrase document, wrap the
passphrase document in a pegleg managed document, and encrypt the
passphrase data.
:param str site_name: The site to read from
:param str save_location: Location to write files to
:param str author: Author who's generating the files
:param path-like passphrase_catalog: Path to file overriding any other
discovered passphrase catalogs
:param bool interactive: Whether to allow user input for passphrases
:param bool force_cleartext: Whether to generate results in clear text
"""
override_passphrase_catalog = passphrase_catalog
if passphrase_catalog:
override_passphrase_catalog = files.read(passphrase_catalog)
PassphraseGenerator(site_name, save_location, author,
override_passphrase_catalog).generate(
interactive=interactive,
force_cleartext=force_cleartext)
def test_read_incompatible_file(self, temp_deployment_files):
# NOTE(felipemonteiro): The Pegleg site-definition.yaml is a
# Deckhand-formatted document currently but probably shouldn't be,
# because it has no business being in Deckhand. As such, validate that
# it is ignored.
path = os.path.join(config.get_site_repo(), 'site', 'cicd',
'site-definition.yaml')
documents = files.read(path)
assert not documents, ("Documents returned should be empty for "
"site-definition.yaml")
def __init__(self,
file_path=None,
docs=None,
generated=False,
catalog=None,
author=None,
site_name=None):
"""
Read the source file and the environment data needed to wrap and
process the file documents as pegleg managed document.
Either of the ``file_path`` or ``docs`` must be
provided.
"""
# Set passphrase and salt
config.set_passphrase()
config.set_salt()
if all([file_path, docs]) or not any([file_path, docs]):
raise ValueError('Either `file_path` or `docs` must be '
'specified.')
if generated and not (catalog and author):
raise ValueError("If the document is generated, author and "
"catalog must be specified.")
self.file_path = file_path
self.documents = list()
self._generated = generated
if docs:
for doc in docs:
self.documents.append(
PeglegManagedSecret(doc,
generated=generated,
catalog=catalog,
author=author))
else:
self.file_path = file_path
for doc in files.read(file_path):
self.documents.append(PeglegManagedSecret(doc))
self._author = author
def documents_for_site(sitename):
"""Gathers all relevant documents for a site, which includes all type and
global documents that are needed to render each site document.
:param str sitename: Site name for which to gather documents.
:returns: List of relevant documents.
:rtype: list
"""
documents = []
params = load_as_params(sitename)
paths = files.directories_for(**params)
filenames = set(files.search(paths))
for filename in filenames:
documents.extend(files.read(filename))
return documents
def documents_for_each_site():
"""Gathers all relevant documents per site, which includes all type and
global documents that are needed to render each site document.
:returns: Dictionary of documents, keyed by each site name.
:rtype: dict
"""
sitenames = list(files.list_sites())
documents = {s: [] for s in sitenames}
for sitename in sitenames:
params = load_as_params(sitename)
paths = files.directories_for(**params)
filenames = set(files.search(paths))
for filename in filenames:
documents[sitename].extend(files.read(filename))
return documents
def test_read_compatible_file(self, temp_deployment_files):
path = os.path.join(config.get_site_repo(), 'site', 'cicd', 'secrets',
'passphrases', 'cicd-passphrase.yaml')
documents = files.read(path)
assert 1 == len(documents)
