[PATCH consfigurator v2 2/2] GPG: handle missing file separately to subprocess errors

Russell Sim rsl at simopolis.xyz
Sun Sep 25 19:38:10 BST 2022 

There is a special case when running on remote machines where we might want to
handle missing data sources and skip them, so we must raise the
MISSING-DATA-SOURCE condition if the source is missing.

Providing this functionality for READ-STORE created a discrepancy where
SUBPROCESS-ERROR's were wrapped differently depending on if you called
PUT-STORE or READ-STORE.  Handling the missing case explicitly allows us to
pass the GPG-ERROR directly without needing to re-wrap it in the case where
the file is missing.

Signed-off-by: Russell Sim <rsl at simopolis.xyz>
---
 src/data/util.lisp  |  9 ++++-----
 tests/data/pgp.lisp | 21 ++++++++++++++++-----
 2 files changed, 20 insertions(+), 10 deletions(-)

diff --git a/src/data/util.lisp b/src/data/util.lisp
index b6c8685..7a78017 100644
--- a/src/data/util.lisp
+++ b/src/data/util.lisp
@@ -75,8 +75,7 @@ as a string."
 (defun gpg-file-as-string (location)
   "Decrypt the contents of a gpg encrypted file at LOCATION, return as a
 string."
-  (handler-case
-      (gpg (list "--decrypt" (unix-namestring location)))
-    (gpg-error (error)
-      (missing-data-source "While attempt to decrypt ~A, gpg exited with ~A~@[~% with gpg error output:~% ~S~]"
-			   location (subprocess-error-code error) (gpg-error-output error)))))
+  (let ((path (unix-namestring location)))
+    (if (probe-file path)
+        (gpg (list "--decrypt" path))
+        (missing-data-source "File not found while attempting to decrypt ~A" path))))
diff --git a/tests/data/pgp.lisp b/tests/data/pgp.lisp
index 0eb7749..a29a759 100644
--- a/tests/data/pgp.lisp
+++ b/tests/data/pgp.lisp
@@ -21,10 +21,21 @@
   "secret file content")

 (deftest data.pgp.4
-    (handler-case (data.pgp:get-data "/dev/null" "_secrets" "test")
-      (missing-data-source (error)
-        (princ-to-string error)))
-  "While attempt to decrypt /dev/null, gpg exited with 2
- with gpg error output:
+    (let ((*data-source-gnupghome* "/tmp"))
+      (handler-case (data.pgp:get-data "/dev/null" "_secrets" "test")
+        (gpg-error (error)
+          (setf (slot-value error 'uiop/run-program::process) 'sentinel)
+          (princ-to-string error))))
+  "Subprocess CONSFIGURATOR/TESTS::SENTINEL
+ with command (\"gpg\" \"-q\" \"--batch\" \"--homedir\" \"/tmp\" \"--decrypt\" \"/dev/null\")
+ exited with error code 2
+
+ with error output:
  \"gpg: decrypt_message failed: Unknown system error
 \"")
+
+(deftest data.pgp.5
+    (handler-case (data.pgp:get-data "/tmp/does-not-exist" "_secrets" "test")
+      (missing-data-source (error)
+        (princ-to-string error)))
+  "File not found while attempting to decrypt /tmp/does-not-exist")
--
2.37.2

More information about the sgo-software-discuss mailing list