diff options
| author | Quentin Dufour <quentin@deuxfleurs.fr> | 2021-01-20 10:21:42 +0100 |
|---|---|---|
| committer | Quentin Dufour <quentin@deuxfleurs.fr> | 2021-01-20 10:21:42 +0100 |
| commit | 8eaa7914d0b61c0b3ea5a7633cf973b2c820aca2 (patch) | |
| tree | 98ae84d142f8a1679262cfa9a313f47e3ed46b05 /app/secretmgr.py | |
| parent | 2a0e9720b79313233f7ce7cb4802e6b13c052089 (diff) | |
| parent | 2e25e150d476934cbe356c34463f5403d100aa76 (diff) | |
| download | infrastructure-8eaa7914d0b61c0b3ea5a7633cf973b2c820aca2.tar.gz infrastructure-8eaa7914d0b61c0b3ea5a7633cf973b2c820aca2.zip | |
Merge branch 'master' of git.deuxfleurs.fr:Deuxfleurs/infrastructure
Diffstat (limited to 'app/secretmgr.py')
| -rwxr-xr-x | app/secretmgr.py | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/app/secretmgr.py b/app/secretmgr.py index 6af6d13..62eb93a 100755 --- a/app/secretmgr.py +++ b/app/secretmgr.py @@ -43,6 +43,9 @@ USER_LONG <description> CMD <command> (a secret that is generated by running this command) +CMD_ONCE <command> +(same, but value is not changed when doing a regen) + CONST <constant value> (the secret has a constant value set here) @@ -81,6 +84,7 @@ consul_server = consul.Consul() USER = "USER" USER_LONG = "USER_LONG" CMD = "CMD" +CMD_ONCE = "CMD_ONCE" CONST = "CONST" CONST_LONG = "CONST_LONG" SERVICE_DN = "SERVICE_DN" @@ -103,12 +107,15 @@ class bcolors: def read_secret(key, file_path): lines = [l.strip() for l in open(file_path, "r")] + if len(lines) == 0: + print(bcolors.FAIL, "ERROR:", bcolors.ENDC, "Empty file in", file_path) + sys.exit(-1) l0 = lines[0].split(" ") stype = l0[0] secret = {"type": stype, "key": key} if stype in [USER, USER_LONG]: secret["desc"] = " ".join(l0[1:]) - elif stype == CMD: + elif stype in [CMD, CMD_ONCE]: secret["cmd"] = " ".join(l0[1:]) elif stype == CONST: secret["value"] = " ".join(l0[1:]) @@ -151,6 +158,7 @@ def get_secrets_services(secrets): if svc not in services: services[svc] = { "dn": "cn=%s,%s"%(svc, SERVICE_DN_SUFFIX), + "desc": "(not provided)", "pass": None, "dn_at": [], "pass_at": [], @@ -275,7 +283,7 @@ def gen_secrets_base(secrets, regen): line = input().strip() if line == ".": break - vals.append(line) + lines.append(line) val = "\n".join(lines) consul_server.kv.put(key, val) print(bcolors.OKCYAN, "Value set.", bcolors.ENDC) @@ -289,7 +297,7 @@ def gen_secrets_base(secrets, regen): consul_server.kv.put(key, secret["value"]) print(bcolors.OKCYAN, "Value set.", bcolors.ENDC) - if secret["type"] == CMD: + if secret["type"] == CMD or (secret["type"] == CMD_ONCE and data is None): print("----") print(key) print("Executing command:", secret["cmd"]) |