summaryrefslogtreecommitdiff
path: root/cloudinit
diff options
context:
space:
mode:
Diffstat (limited to 'cloudinit')
-rw-r--r--cloudinit/gpg.py26
1 files changed, 19 insertions, 7 deletions
diff --git a/cloudinit/gpg.py b/cloudinit/gpg.py
index 620dfb19..baa8b534 100644
--- a/cloudinit/gpg.py
+++ b/cloudinit/gpg.py
@@ -28,23 +28,35 @@ LOG = logging.getLogger(__name__)
def gpg_export_armour(key):
"""Export gpg key, armoured key gets returned"""
- (armour, _) = util.subp(["gpg", "--export", "--armour", key], capture=True)
+ try:
+ (armour, _) = util.subp(["gpg", "--export", "--armour", key],
+ capture=True)
+ except util.ProcessExecutionError as error:
+ # debug, since it happens for any key not on the system initially
+ LOG.debug('Failed to export armoured key "%s": %s', key, error)
+ armour = None
return armour
def gpg_recv_key(key, keyserver):
"""Receive gpg key from the specified keyserver"""
+ LOG.debug('Receive gpg key "%s"', key)
try:
util.subp(["gpg", "--keyserver", keyserver, "--recv", key],
capture=True)
except util.ProcessExecutionError as error:
- raise ValueError('Failed to import key %s from server %s - error %s' %
+ raise ValueError(('Failed to import key "%s" '
+ 'from server "%s" - error %s') %
(key, keyserver, error))
def gpg_delete_key(key):
"""Delete the specified key from the local gpg ring"""
- util.subp(["gpg", "--batch", "--yes", "--delete-keys", key], capture=True)
+ try:
+ util.subp(["gpg", "--batch", "--yes", "--delete-keys", key],
+ capture=True)
+ except util.ProcessExecutionError as error:
+ LOG.warn('Failed delete key "%s": %s', key, error)
def gpg_getkeybyid(keyid, keyserver):
@@ -53,12 +65,12 @@ def gpg_getkeybyid(keyid, keyserver):
if not armour:
try:
gpg_recv_key(keyid, keyserver=keyserver)
+ armour = gpg_export_armour(keyid)
except ValueError:
LOG.exception('Failed to obtain gpg key %s', keyid)
raise
-
- armour = gpg_export_armour(keyid)
- # delete just imported key to leave environment as it was before
- gpg_delete_key(keyid)
+ finally:
+ # delete just imported key to leave environment as it was before
+ gpg_delete_key(keyid)
return armour.rstrip('\n')