valitydev/salt
14
0
Fork 0
mirror of https://github.com/valitydev/salt.git synced 2024-11-08 09:23:56 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

reduce globals in GPG renderer for easier testing

Browse Source
This commit is contained in:
Justin Findlay 2015-07-15 18:31:50 -06:00 committed by rallytime
parent de5b6682ef
commit 7aa424209e
1 changed files with 23 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
salt/renderers/gpg.py
View File

@ -105,13 +105,28 @@ else:
LOG = logging.getLogger(__name__)
GPG_BINARY = salt.utils.which('gpg')
GPG_HEADER = re.compile(r'-----BEGIN PGP MESSAGE-----')
if __salt__['config.get']('gpg_keydir'):
DEFAULT_GPG_KEYDIR = __salt__['config.get']('gpg_keydir')
else:
DEFAULT_GPG_KEYDIR = os.path.join(salt.syspaths.CONFIG_DIR, 'gpgkeys')
def _get_gpg_exec():
'''
return the GPG executable or raise an error
'''
gpg_exec = salt.utils.which('gpg')
if gpg_exec:
return gpg_exec
else:
raise SaltRenderError('GPG unavailable')
def _get_key_dir():
'''
return the location of the GPG key directory
'''
if __salt__['config.get']('gpg_keydir'):
return __salt__['config.get']('gpg_keydir')
else:
return os.path.join(salt.syspaths.CONFIG_DIR, 'gpgkeys')
def _decrypt_ciphertext(cipher):
@ -120,7 +135,7 @@ def _decrypt_ciphertext(cipher):
the cipher and return the decrypted string. If the cipher cannot be
decrypted, log the error, and return the ciphertext back out.
'''
cmd = [GPG_BINARY, '--homedir', DEFAULT_GPG_KEYDIR, '-d']
cmd = [_get_gpg_exec(), '--homedir', _get_key_dir(), '-d']
proc = Popen(cmd, stdin=PIPE, stdout=PIPE, stderr=PIPE, shell=False)
decrypted_data, decrypt_error = proc.communicate(input=cipher)
if not decrypted_data:
@ -158,8 +173,8 @@ def render(gpg_data, saltenv='base', sls='', argline='', **kwargs):
Create a gpg object given a gpg_keydir, and then use it to try to decrypt
the data to be rendered.
'''
if not HAS_GPG:
if not _get_gpg_exec():
raise SaltRenderError('GPG unavailable')
LOG.debug('Reading GPG keys from: %s', DEFAULT_GPG_KEYDIR)
LOG.debug('Reading GPG keys from: %s', _get_key_dir())
return _decrypt_object(gpg_data)