diff options
author | Shreenidhi Shedi <53473811+sshedi@users.noreply.github.com> | 2023-03-17 03:01:22 +0530 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-03-16 16:31:22 -0500 |
commit | 3634678465e7b8f8608bcb9a1f5773ae7837cbe9 (patch) | |
tree | 85db09e4d17f85dced8a27a731be634fec085dd8 /cloudinit | |
parent | 5eb43b9548312ecb76a6a7e4567500a836ca3514 (diff) | |
download | cloud-init-git-3634678465e7b8f8608bcb9a1f5773ae7837cbe9.tar.gz |
Handle non existent ca-cert-config situation (#2073)
Currently if a cert file doesn't exist, cc_ca_certs module crashes
This fix makes it possible to handle it gracefully.
Also, out_lines variable may not be available if os.stat returns 0.
This issue is also taken care of.
Added tests for the same.
Diffstat (limited to 'cloudinit')
-rw-r--r-- | cloudinit/config/cc_ca_certs.py | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/cloudinit/config/cc_ca_certs.py b/cloudinit/config/cc_ca_certs.py index b1c4a2bf..54153638 100644 --- a/cloudinit/config/cc_ca_certs.py +++ b/cloudinit/config/cc_ca_certs.py @@ -177,14 +177,20 @@ def disable_system_ca_certs(distro_cfg): @param distro_cfg: A hash providing _distro_ca_certs_configs function. """ - if distro_cfg["ca_cert_config"] is None: + + ca_cert_cfg_fn = distro_cfg["ca_cert_config"] + + if not ca_cert_cfg_fn or not os.path.exists(ca_cert_cfg_fn): return + header_comment = ( "# Modified by cloud-init to deselect certs due to user-data" ) + added_header = False - if os.stat(distro_cfg["ca_cert_config"]).st_size != 0: - orig = util.load_file(distro_cfg["ca_cert_config"]) + + if os.stat(ca_cert_cfg_fn).st_size: + orig = util.load_file(ca_cert_cfg_fn) out_lines = [] for line in orig.splitlines(): if line == header_comment: @@ -197,9 +203,10 @@ def disable_system_ca_certs(distro_cfg): out_lines.append(header_comment) added_header = True out_lines.append("!" + line) - util.write_file( - distro_cfg["ca_cert_config"], "\n".join(out_lines) + "\n", omode="wb" - ) + + util.write_file( + ca_cert_cfg_fn, "\n".join(out_lines) + "\n", omode="wb" + ) def remove_default_ca_certs(distro_cfg): |