Make the yaml parser aware of '!encrypted/' tags

Currently, the documentation generation for zuul jobs fails whenever a secret is included in any of the yaml files that are parsed by the zuul-sphinx extension. This is because the yaml parser is not aware of the custom tag '!encrypted/pkcs1-oaep' and therefore fails to initialize an appropriate python object due to a missing constructor. This results in the following error message: "yaml.constructor.ConstructorError: could not determine a constructor for the tag '!encrypted/pkcs1-oaep'" Change-Id: Id011487615a3392affd627bbdcbdbe18e58206c5
2018-04-10 10:30:20 +02:00 · 2018-04-10 10:30:20 +02:00 · 3ef1afe17e
commit 3ef1afe17e
parent 12b3f457bd
1 changed files with 13 additions and 2 deletions
--- a/zuul_sphinx/zuul.py
+++ b/zuul_sphinx/zuul.py
@ -26,6 +26,17 @@ from docutils import nodes
 import yaml


+class ZuulSafeLoader(yaml.SafeLoader):
+
+    def __init__(self, *args, **kwargs):
+        super(ZuulSafeLoader, self).__init__(*args, **kwargs)
+        self.add_multi_constructor('!encrypted/', self.construct_encrypted)
+
+    @classmethod
+    def construct_encrypted(cls, loader, tag_suffix, node):
+        return loader.construct_sequence(node)
+
+
 class ProjectTemplate(object):
    def __init__(self, conf):
        self.name = conf['name']
@ -72,7 +83,7 @@ class ZuulDirective(Directive):

    def parse_zuul_yaml(self, path):
        with open(path) as f:
-            data = yaml.safe_load(f)
+            data = yaml.load(f, Loader=ZuulSafeLoader)
        layout = Layout()
        for obj in data:
            if 'job' in obj:
@ -86,7 +97,7 @@ class ZuulDirective(Directive):
        layout = Layout()
        for conf in os.listdir(path):
            with open(os.path.join(path, conf)) as f:
-                data = yaml.safe_load(f)
+                data = yaml.load(f, Loader=ZuulSafeLoader)
            for obj in data:
                if 'job' in obj:
                    layout.jobs.append(obj['job'])