Fix encrypt files stat validation

The input to encrypt files may be a list of paths so our validation has to evaluate and state each list entry separately. Without this we fail beacuse the list of paths is treated like a single path and that does not stat resulting in early failure. Change-Id: Ibe3f6b162c3adad928708464ea03ddded2f4c683
2022-03-17 09:11:26 -07:00 · 2022-03-17 09:11:26 -07:00 · 21341d2d47
commit 21341d2d47
parent e88f592c4d
2 changed files with 39 additions and 4 deletions
--- a/roles/encrypt-file/tasks/main.yaml
+++ b/roles/encrypt-file/tasks/main.yaml
@ -1,7 +1,18 @@
+- name: Stat input file
+  stat:
+    path: '{{ zj_encrypt_file }}'
+  loop: '{{ [ encrypt_file ] if encrypt_file is string else encrypt_file }}'
+  loop_control:
+    loop_var: zj_encrypt_file
+  register: _stat_result
+
 - name: Validate input file
  fail:
-    msg: 'Must define "encrypt_file"'
-  when: encrypt_file is undefined
+    msg: '{{ zj_stat_result.stat.path }} : file does not exist'
+  when: not zj_stat_result.stat.exists
+  loop: '{{ _stat_result.results }}'
+  loop_control:
+    loop_var: zj_stat_result

 - name: Ensure gpg2 installed
  package:
--- a/test-playbooks/encrypt-file.yaml
+++ b/test-playbooks/encrypt-file.yaml
@ -130,12 +130,25 @@
        path: '{{ _tempfile.path }}.gpg'
        state: absent

-    # Do it again to exercise already imported keys path
+    - name: Make a second fake file
+      tempfile:
+        state: file
+      register: _tempfile2
+
+    - name: Add some data to second fake file
+      copy:
+        content: 'Hello, I am encrypted. This is the second file.'
+        dest: '{{ _tempfile2.path }}'
+
+    # Do it again to exercise already imported keys path and check we can
+    # encrypt multiple files.
    - name: Encrypt file
      include_role:
        name: encrypt-file
      vars:
-        encrypt_file: '{{ _tempfile.path }}'
+        encrypt_file:
+          - '{{ _tempfile.path }}'
+          - '{{ _tempfile2.path }}'
        encrypt_file_recipients:
          - zuul-jobs-test-2
          - zuul-jobs-test-3
@ -151,3 +164,14 @@
      file:
        path: '{{ _tempfile.path }}.gpg'
        state: absent
+
+    - name: Remove second temporary file
+      file:
+        path: '{{ _tempfile2.path }}'
+        state: absent
+      when: _tempfile2.path is defined
+
+    - name: Remove second encrypted output file
+      file:
+        path: '{{ _tempfile2.path }}.gpg'
+        state: absent