Pyff metadata genration doesn't exit with error

[baszoetekouw]

The signing key for the SURFconext metadata has changed. Pyff correctly detects that:

Jun 07 20:00:05 meta-af1 pyff-metadata[404562]: ERROR:pyff.samlmd:Error parsing https://metadata.test.surfconext.nl/idps-metadata.xml: Unable to find cert matching fingerprint: 1a:a2:39:93:c7:9e:84:81:d0:77:1d:59:f4:17:ec:30:c6:38:76:3c

But then nicely continues processing the metadata without the entries from SURFconext upstream and delivers a correct but incomplete metadata file.

The sane behaviour would, of course, be to simply error out and exit with an error code so that we can actually know that something is wrong.

[mrvanes]

Is the exit code also 0 then?

[baszoetekouw]

yes Also found the "feature" that causes this: https://github.com/IdentityPython/pyFF/blob/master/src/pyff/builtins.py#L619-L621

I'll fix it right away.

[baszoetekouw]

Werkt nu.