diff options
| author | Joshua Harlow <harlowja@yahoo-inc.com> | 2012-06-15 18:01:03 -0700 |
|---|---|---|
| committer | Joshua Harlow <harlowja@yahoo-inc.com> | 2012-06-15 18:01:03 -0700 |
| commit | 508168acb95aee070d493b45656f781a42bdd262 (patch) | |
| tree | e816b241c500d99f1289fb6afffb33abb560df99 /cloudinit/transforms/cc_ca_certs.py | |
| parent | 36c1da35c2c0cb1b2ee18b7374bc81df8349e3e2 (diff) | |
| download | vyos-cloud-init-508168acb95aee070d493b45656f781a42bdd262.tar.gz vyos-cloud-init-508168acb95aee070d493b45656f781a42bdd262.zip | |
Complete initial cleanup for refactoring/rework.
Some of the cleanups were the following
1. Using standard (logged) utility functions for sub process work, writing, reading files, and other file system/operating system options
2. Having distrobutions impelement there own subclasses to handle system specifics (if applicable)
3. Having a cloud wrapper that provides just the functionality we want to expose (cloud.py)
4. Using a path class instead of globals for all cloud init paths (it is configured via config)
5. Removal of as much shared global state as possible (there should be none, minus a set of constants)
6. Other various cleanups that remove transforms/handlers/modules from reading/writing/chmoding there own files.
a. They should be using util functions to take advantage of the logging that is now enabled in those util functions (very useful for debugging)
7. Urls being read and checked from a single module that serves this and only this purpose (+1 for code organization)
8. Updates to log whenever a transform decides not to run
9. Ensure whenever a exception is thrown (and possibly captured) that the util.logexc function is called
a. For debugging, tracing this is important to not just drop them on the floor.
10. Code shuffling into utils.py where it makes sense (and where it could serve a benefit for other code now or in the future)
Diffstat (limited to 'cloudinit/transforms/cc_ca_certs.py')
| -rw-r--r-- | cloudinit/transforms/cc_ca_certs.py | 25 |
1 files changed, 13 insertions, 12 deletions
diff --git a/cloudinit/transforms/cc_ca_certs.py b/cloudinit/transforms/cc_ca_certs.py index 3af6238a..8ca9a200 100644 --- a/cloudinit/transforms/cc_ca_certs.py +++ b/cloudinit/transforms/cc_ca_certs.py @@ -13,10 +13,10 @@ # # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. + import os -from subprocess import check_call -from cloudinit.util import (write_file, get_cfg_option_list_or_str, - delete_dir_contents, subp) + +from cloudinit import util CA_CERT_PATH = "/usr/share/ca-certificates/" CA_CERT_FILENAME = "cloud-init-ca-certs.crt" @@ -28,7 +28,7 @@ def update_ca_certs(): """ Updates the CA certificate cache on the current machine. """ - check_call(["update-ca-certificates"]) + util.subp(["update-ca-certificates"]) def add_ca_certs(certs): @@ -41,9 +41,9 @@ def add_ca_certs(certs): if certs: cert_file_contents = "\n".join(certs) cert_file_fullpath = os.path.join(CA_CERT_PATH, CA_CERT_FILENAME) - write_file(cert_file_fullpath, cert_file_contents, mode=0644) + util.write_file(cert_file_fullpath, cert_file_contents, mode=0644) # Append cert filename to CA_CERT_CONFIG file. - write_file(CA_CERT_CONFIG, "\n%s" % CA_CERT_FILENAME, omode="a") + util.write_file(CA_CERT_CONFIG, "\n%s" % CA_CERT_FILENAME, omode="ab") def remove_default_ca_certs(): @@ -51,14 +51,14 @@ def remove_default_ca_certs(): Removes all default trusted CA certificates from the system. To actually apply the change you must also call L{update_ca_certs}. """ - delete_dir_contents(CA_CERT_PATH) - delete_dir_contents(CA_CERT_SYSTEM_PATH) - write_file(CA_CERT_CONFIG, "", mode=0644) + util.delete_dir_contents(CA_CERT_PATH) + util.delete_dir_contents(CA_CERT_SYSTEM_PATH) + util.write_file(CA_CERT_CONFIG, "", mode=0644) debconf_sel = "ca-certificates ca-certificates/trust_new_crts select no" - subp(('debconf-set-selections', '-'), debconf_sel) + util.subp(('debconf-set-selections', '-'), debconf_sel) -def handle(_name, cfg, _cloud, log, _args): +def handle(name, cfg, _cloud, log, _args): """ Call to handle ca-cert sections in cloud-config file. @@ -70,6 +70,7 @@ def handle(_name, cfg, _cloud, log, _args): """ # If there isn't a ca-certs section in the configuration don't do anything if "ca-certs" not in cfg: + log.debug("Skipping module named %s, no 'ca-certs' key in configuration", name) return ca_cert_cfg = cfg['ca-certs'] @@ -81,7 +82,7 @@ def handle(_name, cfg, _cloud, log, _args): # If we are given any new trusted CA certs to add, add them. if "trusted" in ca_cert_cfg: - trusted_certs = get_cfg_option_list_or_str(ca_cert_cfg, "trusted") + trusted_certs = util.get_cfg_option_list_or_str(ca_cert_cfg, "trusted") if trusted_certs: log.debug("adding %d certificates" % len(trusted_certs)) add_ca_certs(trusted_certs) |