From e6cfca0c898f0482f37216cf58e61ff1581aaaf6 Mon Sep 17 00:00:00 2001 From: Christian Ehrhardt Date: Thu, 9 Jun 2016 09:35:09 +0200 Subject: improve error handling and reporting in gpg functions --- cloudinit/gpg.py | 26 +++++++++++++++++++------- 1 file changed, 19 insertions(+), 7 deletions(-) (limited to 'cloudinit') diff --git a/cloudinit/gpg.py b/cloudinit/gpg.py index 620dfb19..baa8b534 100644 --- a/cloudinit/gpg.py +++ b/cloudinit/gpg.py @@ -28,23 +28,35 @@ LOG = logging.getLogger(__name__) def gpg_export_armour(key): """Export gpg key, armoured key gets returned""" - (armour, _) = util.subp(["gpg", "--export", "--armour", key], capture=True) + try: + (armour, _) = util.subp(["gpg", "--export", "--armour", key], + capture=True) + except util.ProcessExecutionError as error: + # debug, since it happens for any key not on the system initially + LOG.debug('Failed to export armoured key "%s": %s', key, error) + armour = None return armour def gpg_recv_key(key, keyserver): """Receive gpg key from the specified keyserver""" + LOG.debug('Receive gpg key "%s"', key) try: util.subp(["gpg", "--keyserver", keyserver, "--recv", key], capture=True) except util.ProcessExecutionError as error: - raise ValueError('Failed to import key %s from server %s - error %s' % + raise ValueError(('Failed to import key "%s" ' + 'from server "%s" - error %s') % (key, keyserver, error)) def gpg_delete_key(key): """Delete the specified key from the local gpg ring""" - util.subp(["gpg", "--batch", "--yes", "--delete-keys", key], capture=True) + try: + util.subp(["gpg", "--batch", "--yes", "--delete-keys", key], + capture=True) + except util.ProcessExecutionError as error: + LOG.warn('Failed delete key "%s": %s', key, error) def gpg_getkeybyid(keyid, keyserver): @@ -53,12 +65,12 @@ def gpg_getkeybyid(keyid, keyserver): if not armour: try: gpg_recv_key(keyid, keyserver=keyserver) + armour = gpg_export_armour(keyid) except ValueError: LOG.exception('Failed to obtain gpg key %s', keyid) raise - - armour = gpg_export_armour(keyid) - # delete just imported key to leave environment as it was before - gpg_delete_key(keyid) + finally: + # delete just imported key to leave environment as it was before + gpg_delete_key(keyid) return armour.rstrip('\n') -- cgit v1.2.3