_die("in run inspections - %s" % e)
try:
log.doing("verify all step matchrules...")
toto.verifylib.verify_all_item_rules(layout.steps, step_link_dict)
except Exception, e:
_die("in verify all step matchrules - %s" % e)
try:
log.doing("verify all inspection matchrules...")
toto.verifylib.verify_all_item_rules(layout.inspect, inspection_link_dict,
step_link_dict)
except Exception, e:
_die("in verify all inspection matchrules - %s" % e)
log.passing("all verification")
def in_toto_verify_wrapper(location, toto_verify=None, layout_path="root.layout", layout_keys="alice.pub", toto_default=None ):
original_cwd = os.getcwd()
os.chdir(location)
if toto_default:
layout_key_paths = layout_keys.split(',')
in_toto_verify(layout_path, layout_key_paths)
elif toto_verify:
layout_key_paths = toto_verify[1].split(',')
in_toto_verify(toto_verify[0], layout_key_paths)
#else:
#layout_key_paths = layout_keys.split(',')
#in_toto_verify(layout_path, layout_key_paths)
log.doing("'%s' - load key '%s'" % (layout_path, layout_key))
# FIXME: Change key load
layout_key_dict = toto.util.create_and_persist_or_load_key(layout_key)
except Exception, e:
log.error("in load key - %s" % e)
# Verify signature
try:
log.doing("'%s' - verify signature - key '%s'" \
% (layout_path, layout_key))
msg = "'%s' - verify signature" % layout_path
if layout.verify_signature(layout_key):
log.passing(msg)
else:
log.failing(msg)
retval = 1
except Exception, e:
log.error("in verify signature - %s" % e)
raise # TODO: exit gracefully instead of exception?
step_links = {}
# Load links by steps
for step in layout.steps:
try:
step_name = "%s.link" % step.name
log.doing("'%s' - '%s' - load link" % (layout_path, step.name))