Catch ProcessExecutionError in revoke_cert

Catch processExecutionError if revoking the
certificate fails.

This change has been abandoned by Chuck Short, so
I am continuing where he left off (mattoliverau).

Continues abandoned change: 17741

Change-Id: I9714ea8cece87256ff5f9a936286c1da3d628af9
Closes-Bug: #883320
Co-Authored-By: chuck.short@canonical.com

1 files changed, 12 insertions, 7 deletions

diff --git a/nova/crypto.py b/nova/crypto.py
index d462468cc4..895d663ae8 100644
--- a/nova/crypto.py
+++ b/nova/crypto.py
@@ -274,13 +274,18 @@ def ssh_encrypt_text(ssh_public_key, text):
 def revoke_cert(project_id, file_name):
     """Revoke a cert by file name."""
     start = os.getcwd()
-    os.chdir(ca_folder(project_id))
-    # NOTE(vish): potential race condition here
-    utils.execute('openssl', 'ca', '-config', './openssl.cnf', '-revoke',
-                  file_name)
-    utils.execute('openssl', 'ca', '-gencrl', '-config', './openssl.cnf',
-                  '-out', CONF.crl_file)
-    os.chdir(start)
+    if not os.chdir(ca_folder(project_id)):
+        raise exception.ProjectNotFound(project_id=project_id)
+    try:
+        # NOTE(vish): potential race condition here
+        utils.execute('openssl', 'ca', '-config', './openssl.cnf', '-revoke',
+                      file_name)
+        utils.execute('openssl', 'ca', '-gencrl', '-config', './openssl.cnf',
+                      '-out', CONF.crl_file)
+    except processutils.ProcessExecutionError:
+        raise exception.RevokeCertFailure(project_id=project_id)
+    finally:
+        os.chdir(start)
 
 
 def revoke_certs_by_user(user_id):