Updated pylint badge

Dockerfile

@@ -0,0 +1,7 @@
+FROM ubuntu:23.04
+
+RUN DEBIAN_FRONTEND=noninteractive \
+  apt-get update \
+  && apt-get install -y python3 python3-jinja2 openssl openjdk-17-jdk
+
+WORKDIR /pki_playground

README.md

@@ -1,4 +1,4 @@
-![pylint](https://img.shields.io/badge/pylint-9.86-yellow?logo=python&logoColor=white)
+![pylint](https://img.shields.io/badge/pylint-9.93-yellow?logo=python&logoColor=white)
 
 # PKI-Playground README.md
 
@@ -22,6 +22,18 @@ sudo python3 pki_playground.py --unlock KEY
 This command will decrypt the shipped with this repository git-crypt key and
 unlock the pkis/ directory.
 
+## Setting up the docker environment
+If you don't want to install the required packages on your host machine,
+there's an option to build the docker environment:
+
+```shell
+$ docker build . -t sirin_pki_playground
+$ ./docker-emit.sh
+```
+
+Will launch the interactive session in the docker container, and mount
+the root of this repository.
+
 ### Initialing the PKI
 After this, you need to initialize the PKI toolchain by entering the following command:
 ```shell

docker-emit.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+DOCKER_IMAGE="sirin_pki_playground"
+if ! docker image inspect "$DOCKER_IMAGE" &> /dev/null; then
+  echo "Docker image '$DOCKER_IMAGE' does not exist. Please build it first with 'docker build . -t $DOCKER_IMAGE'"
+  exit 1
+fi
+
+docker run -it -v "$(pwd)":/pki_playground "$DOCKER_IMAGE" /bin/sh
+

pki_playground.py

@@ -97,7 +97,7 @@ def _parser_register_arguments(parser: argparse.ArgumentParser) -> None:
 
     parser.add_argument(
         "--start-deployment",
-        metavar=("pki_name"),
+        metavar=("deployment_name"),
         type=str,
         help=ARG_STR_DEP_HELP_MESSAGE,
     )
@@ -129,6 +129,9 @@ def _generate_root_certs(pki_name: str) -> None:
 
     if not os.path.exists(working_directory):
         os.mkdir(working_directory)
+    else:
+        print(f"Error: PKI with the name {pki_name} already exists")
+        sys.exit(1)
 
     # Generate root privatekey and certificate
     openssl_root_command = [
@@ -261,6 +264,8 @@ def _generate_server_certs(pki_name: str, server_domain: str) -> None:
         f"../../{pki_name}.crt",
         "-CAkey",
         f"../../{pki_name}.key",
+        "-subj", 
+        f"/C=UA/ST=Kiev Oblast/L=?/O=A? Corp/OU=IT Dept/CN={server_domain}",
         "-CAcreateserial",
         "-out",
         f"{server_domain}.crt",
@@ -440,8 +445,13 @@ def _git_crypt_unlock(key: str) -> None:
         f"pass:{key}",
         "-pbkdf2"
     ]
-    subprocess.run(openssl_decrypt_aes256, check=True)
-    subprocess.run(["git-crypt", "unlock", "./git-crypt-key"], check=True)
+
+    try:
+        subprocess.run(openssl_decrypt_aes256, check=True)
+        subprocess.run(["git-crypt", "unlock", "./git-crypt-key"], check=False)
+    except subprocess.CalledProcessError:
+        subprocess.run(["rm", "git-crypt-key"], check=False)
+        print("Error: Unlocking failed")
 
 
 def _handle_cli_arguments(args: typing.Any) -> None:
@@ -451,7 +461,7 @@ def _handle_cli_arguments(args: typing.Any) -> None:
     :param args: args object that is produces by the argpare's parser
     :returns: None
     """
-
+    
     if args.pki_init:
         _generate_root_certs(args.pki_init)
 
@@ -472,7 +482,7 @@ def _handle_cli_arguments(args: typing.Any) -> None:
 
     if args.unlock:
         _git_crypt_unlock(args.unlock)
-
+    
 
 def handle_cli_arguments() -> None:
     """
@@ -488,6 +498,10 @@ def handle_cli_arguments() -> None:
     args = parser.parse_args()
     _handle_cli_arguments(args)
 
+    if len(sys.argv) == 1:
+        parser.print_help(sys.stderr)
+        sys.exit(1)
+
 
 def main() -> None:
     """
@@ -505,4 +519,3 @@ def main() -> None:
 
 if __name__ == "__main__":
     main()
-