Browse Source

URGENT Fix for decryption

This patch fixes a critical bug in decryption which prevents the
decrypted data from being output and adds a unit test to ensure the
output is being generated.

Change-Id: Ica791cd9d309dfff254fe7e35023d130b3d63153
changes/40/641440/2
Lev Morgan 2 months ago
parent
commit
50ce7a02e0
2 changed files with 12 additions and 10 deletions
  1. 1
    1
      pegleg/cli.py
  2. 11
    9
      tests/unit/test_cli.py

+ 1
- 1
pegleg/cli.py View File

@@ -529,7 +529,7 @@ def encrypt(*, save_location, author, site_name):
529 529
 def decrypt(*, file_name, site_name):
530 530
     engine.repository.process_repositories(site_name)
531 531
 
532
-    engine.secrets.decrypt(file_name, site_name)
532
+    click.echo(engine.secrets.decrypt(file_name, site_name))
533 533
 
534 534
 
535 535
 @main.group(help="Miscellaneous generate commands")

+ 11
- 9
tests/unit/test_cli.py View File

@@ -516,24 +516,20 @@ class TestSiteSecretsActions(BaseCLIActionTest):
516 516
         "PEGLEG_PASSPHRASE": "123456789012345678901234567890",
517 517
         "PEGLEG_SALT": "123456"
518 518
     })
519
-    def test_site_secrets_encrypt_local_repo_path(self):
519
+    def test_site_secrets_encrypt_and_decrypt_local_repo_path(self):
520 520
         """Validates ``generate-pki`` action using local repo path."""
521 521
         # Scenario:
522 522
         #
523 523
         # 1) Encrypt a file in a local repo
524 524
 
525 525
         repo_path = self.treasuremap_path
526
-        with open(os.path.join(repo_path, "site", "airship-seaworthy",
527
-                               "secrets", "passphrases", "ceph_fsid.yaml"),
528
-                  "r") \
529
-                as ceph_fsid_fi:
526
+        file_path = os.path.join(repo_path, "site", "airship-seaworthy",
527
+                               "secrets", "passphrases", "ceph_fsid.yaml")
528
+        with open(file_path, "r") as ceph_fsid_fi:
530 529
             ceph_fsid = yaml.load(ceph_fsid_fi)
531 530
             ceph_fsid["metadata"]["storagePolicy"] = "encrypted"
532 531
 
533
-        with open(os.path.join(repo_path, "site", "airship-seaworthy",
534
-                               "secrets", "passphrases", "ceph_fsid.yaml"),
535
-                  "w") \
536
-                as ceph_fsid_fi:
532
+        with open(file_path, "w") as ceph_fsid_fi:
537 533
             yaml.dump(ceph_fsid, ceph_fsid_fi)
538 534
 
539 535
         secrets_opts = ['secrets', 'encrypt', '-a', 'test', self.site_name]
@@ -549,6 +545,12 @@ class TestSiteSecretsActions(BaseCLIActionTest):
549 545
             assert "encrypted" in ceph_fsid["data"]
550 546
             assert "managedDocument" in ceph_fsid["data"]
551 547
 
548
+        relative_file_path = os.path.join("secrets", "passphrases",
549
+                                          "ceph_fsid.yaml")
550
+        secrets_opts = ['secrets', 'decrypt', '-f', relative_file_path,
551
+                        self.site_name]
552
+        result = self.runner.invoke(cli.site, ['-r', repo_path] + secrets_opts)
553
+        assert result.exit_code == 0, result.output
552 554
 
553 555
 class TestTypeCliActions(BaseCLIActionTest):
554 556
     """Tests type-level CLI actions."""

Loading…
Cancel
Save