[PATCH] keyhandler: Report incomplete signer object
1 view
Skip to first unread message
Jan Kiszka
Apr 30, 2026, 3:50:16 AM (10 days ago) Apr 30
to kas-devel, Felix Moessbauer
From: Jan Kiszka <jan.k...@siemens.com>
Prevents that we crash like this:
Traceback (most recent call last):
File "kas/kas.py", line 245, in main
kas(sys.argv[1:])
~~~^^^^^^^^^^^^^^
File "kas/kas.py", line 219, in kas
plugin.run(args)
~~~~~~~~~~^^^^^^
File "kas/plugins/build.py", line 107, in run
macro.run(ctx, args.skip)
~~~~~~~~~^^^^^^^^^^^^^^^^
File "kas/libcmds.py", line 118, in run
if _run_single(cmd[0]) and cmd[1]:
~~~~~~~~~~~^^^^^^^^
File "kas/libcmds.py", line 112, in _run_single
command.execute(ctx)
~~~~~~~~~~~~~~~^^^^^
File "kas/libcmds.py", line 667, in execute
self._import_keys(ctx)
~~~~~~~~~~~~~~~~~^^^^^
File "kas/libcmds.py", line 684, in _import_keys
ctx.keyhandler[name] = handler_cls(dir, signers_cfg, ctx.config)
~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "kas/keyhandler.py", line 90, in __init__
self._import_keys(signers, confinst)
~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^
File "kas/keyhandler.py", line 115, in _import_keys
if import_result.count == 0:
^^^^^^^^^^^^^
UnboundLocalError: cannot access local variable 'import_result' where it is not associated with a value
Signed-off-by: Jan Kiszka <jan.k...@siemens.com>
---
kas/keyhandler.py | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/kas/keyhandler.py b/kas/keyhandler.py
index 677bee4..092ce2b 100644
--- a/kas/keyhandler.py
+++ b/kas/keyhandler.py
@@ -112,6 +112,10 @@ class GPGKeyHandler(KeyHandler):
'with "fingerprint"')
import_result = self.gpg.recv_keys(keyserver,
fingerprint)
+ else:
+ raise KasUserError(
+ 'neither "path" nor "gpg_keyserver" specified for signer '
+ f'"{name}"')
if import_result.count == 0:
raise KeyImportError(name, 'No keys imported')
if import_result.count > 1:
--
2.47.3
Prevents that we crash like this:
Traceback (most recent call last):
File "kas/kas.py", line 245, in main
kas(sys.argv[1:])
~~~^^^^^^^^^^^^^^
File "kas/kas.py", line 219, in kas
plugin.run(args)
~~~~~~~~~~^^^^^^
File "kas/plugins/build.py", line 107, in run
macro.run(ctx, args.skip)
~~~~~~~~~^^^^^^^^^^^^^^^^
File "kas/libcmds.py", line 118, in run
if _run_single(cmd[0]) and cmd[1]:
~~~~~~~~~~~^^^^^^^^
File "kas/libcmds.py", line 112, in _run_single
command.execute(ctx)
~~~~~~~~~~~~~~~^^^^^
File "kas/libcmds.py", line 667, in execute
self._import_keys(ctx)
~~~~~~~~~~~~~~~~~^^^^^
File "kas/libcmds.py", line 684, in _import_keys
ctx.keyhandler[name] = handler_cls(dir, signers_cfg, ctx.config)
~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "kas/keyhandler.py", line 90, in __init__
self._import_keys(signers, confinst)
~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^
File "kas/keyhandler.py", line 115, in _import_keys
if import_result.count == 0:
^^^^^^^^^^^^^
UnboundLocalError: cannot access local variable 'import_result' where it is not associated with a value
Signed-off-by: Jan Kiszka <jan.k...@siemens.com>
---
kas/keyhandler.py | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/kas/keyhandler.py b/kas/keyhandler.py
index 677bee4..092ce2b 100644
--- a/kas/keyhandler.py
+++ b/kas/keyhandler.py
@@ -112,6 +112,10 @@ class GPGKeyHandler(KeyHandler):
'with "fingerprint"')
import_result = self.gpg.recv_keys(keyserver,
fingerprint)
+ else:
+ raise KasUserError(
+ 'neither "path" nor "gpg_keyserver" specified for signer '
+ f'"{name}"')
if import_result.count == 0:
raise KeyImportError(name, 'No keys imported')
if import_result.count > 1:
--
2.47.3
MOESSBAUER, Felix
Apr 30, 2026, 4:52:06 AM (10 days ago) Apr 30
to Kiszka, Jan, kas-devel
In addition, we should also enforce this via the schema. IMHO it makes
no sense to provide both settings via different kas files, so we can
enforce it in the schema. I'll send a patch for that as well.
Reviewed-by: Felix Moessbauer <felix.mo...@siemens.com>
Jan Kiszka
Apr 30, 2026, 5:18:53 AM (10 days ago) Apr 30
to Moessbauer, Felix (FT RPD CED OES-DE), kas-devel
code, no?
Jan
> Reviewed-by: Felix Moessbauer <felix.mo...@siemens.com>
>
>> ---
>> kas/keyhandler.py | 4 ++++
>> 1 file changed, 4 insertions(+)
>>
>> diff --git a/kas/keyhandler.py b/kas/keyhandler.py
>> index 677bee4..092ce2b 100644
>> --- a/kas/keyhandler.py
>> +++ b/kas/keyhandler.py
>> @@ -112,6 +112,10 @@ class GPGKeyHandler(KeyHandler):
>> 'with "fingerprint"')
>> import_result = self.gpg.recv_keys(keyserver,
>> fingerprint)
>> + else:
>> + raise KasUserError(
>> + 'neither "path" nor "gpg_keyserver" specified for signer '
>> + f'"{name}"')
>> if import_result.count == 0:
>> raise KeyImportError(name, 'No keys imported')
>> if import_result.count > 1:
>> --
>> 2.47.3
Siemens AG, Foundational Technologies
Linux Expert Center
MOESSBAUER, Felix
Apr 30, 2026, 6:09:04 AM (10 days ago) Apr 30
to Kiszka, Jan, kas-devel
Yes, then let's better wait for the schema enforcement (which I will
send by today) and use that.
Felix
Reply all
Reply to author
Forward
0 new messages