def build_manifest()

in features/0002-keys-generate.py [0:0]

• 36 lines of code
• 4 McCabe index (conditional complexity)

def build_manifest():
    """Build the manifest dictionary from the above key material definitions."""
    manifest = {"manifest": {"type": "keys", "version": VERSION}}
    keys = {}

    for key_bits, key_bytes in AES_KEYS:
        key_name = "aes-%s" % key_bits
        keys[key_name] = {
            "key-id": key_name,
            "encrypt": True,
            "decrypt": True,
            "algorithm": "aes",
            "type": "symmetric",
            "bits": key_bits,
            "encoding": "base64",
            "material": base64.b64encode(key_bytes).decode("utf-8"),
        }

    for key_bits, key_type, pem_key in RSA_KEYS:
        key_name = "rsa-%s-%s" % (key_bits, key_type)
        keys[key_name] = {
            "key-id": key_name,
            "encrypt": True,
            "decrypt": key_type == "private",
            "algorithm": "rsa",
            "type": key_type,
            "bits": key_bits,
            "encoding": "pem",
            "material": pem_key,
        }

    for key_name, key_arn, decryptable in AWS_KMS_KEYS:
        keys[key_name] = {
            "type": "aws-kms",
            "key-id": key_arn,
            "encrypt": True,
            "decrypt": decryptable,
        }

    manifest["keys"] = keys
    return manifest