Add CMD_ONCE secret type and fill in/change secret definitions

1 files changed, 7 insertions, 2 deletions

diff --git a/app/secretmgr.py b/app/secretmgr.py
index 6af6d13..5cf55dc 100755
--- a/app/secretmgr.py
+++ b/app/secretmgr.py
@@ -43,6 +43,9 @@ USER_LONG <description>
 CMD <command>
 (a secret that is generated by running this command)
 
+CMD_ONCE <command>
+(same, but value is not changed when doing a regen)
+
 CONST <constant value>
 (the secret has a constant value set here)
 
@@ -81,6 +84,7 @@ consul_server = consul.Consul()
 USER             = "USER"
 USER_LONG        = "USER_LONG"
 CMD              = "CMD"
+CMD_ONCE         = "CMD_ONCE"
 CONST            = "CONST"
 CONST_LONG       = "CONST_LONG"
 SERVICE_DN       = "SERVICE_DN"
@@ -108,7 +112,7 @@ def read_secret(key, file_path):
     secret = {"type": stype, "key": key}
     if stype in [USER, USER_LONG]:
         secret["desc"] = " ".join(l0[1:])
-    elif stype == CMD:
+    elif stype in [CMD, CMD_ONCE]:
         secret["cmd"] = " ".join(l0[1:])
     elif stype == CONST:
         secret["value"] = " ".join(l0[1:])
@@ -151,6 +155,7 @@ def get_secrets_services(secrets):
         if svc not in services:
             services[svc] = {
                 "dn": "cn=%s,%s"%(svc, SERVICE_DN_SUFFIX),
+                "desc": "(not provided)",
                 "pass": None,
                 "dn_at": [],
                 "pass_at": [],
@@ -289,7 +294,7 @@ def gen_secrets_base(secrets, regen):
             consul_server.kv.put(key, secret["value"])
             print(bcolors.OKCYAN, "Value set.", bcolors.ENDC)
 
-        if secret["type"] == CMD:
+        if secret["type"] == CMD or (secret["type"] == CMD_ONCE and data is None):
             print("----")
             print(key)
             print("Executing command:", secret["cmd"])