introduce credentials api

This commit is contained in:
Michael Jerger 2023-05-17 13:43:39 +02:00
parent 1a90f2dfe2
commit ca6b693a9a
6 changed files with 103 additions and 21 deletions

View file

@ -1,15 +1,24 @@
import deprecation
from .python_util import execute from .python_util import execute
@deprecation.deprecated(
deprecated_in="3.2", details="use infrastructure.CredentialsApi instead"
)
def gopass_field_from_path(path, field): def gopass_field_from_path(path, field):
credential = None credential = None
if path and field: if path and field:
print('get field for: ' + path + ', ' + field) print("get field for: " + path + ", " + field)
credential = execute(['gopass', 'show', path, field]) credential = execute(["gopass", "show", path, field])
return credential return credential
@deprecation.deprecated(
deprecated_in="3.2", details="use infrastructure.CredentialsApi instead"
)
def gopass_password_from_path(path): def gopass_password_from_path(path):
credential = None credential = None
if path: if path:
print('get password for: ' + path) print("get password for: " + path)
credential = execute(['gopass', 'show', '--password', path]) credential = execute(["gopass", "show", "--password", path])
return credential return credential

View file

@ -1,22 +1,30 @@
from pathlib import Path from pathlib import Path
from typing import List
from .common import Devops, MixinType, BuildType from .common import Devops, MixinType, BuildType
from .credentials import Credentials from .credentials import Credentials, GopassType
from .devops_factory import DevopsFactory from .devops_factory import DevopsFactory
from .version import Version from .version import Version
from src.main.python.ddadevops.infrastructure import ( from src.main.python.ddadevops.infrastructure import (
BuildFileRepository BuildFileRepository,
CredentialsApi,
EnvironmentApi,
) )
class InitService: class InitService:
def __init__(self, devops_factory, build_file_repository): def __init__(self, devops_factory, build_file_repository, credentials_api, environment_api):
self.devops_factory = devops_factory self.devops_factory = devops_factory
self.build_file_repository = build_file_repository self.build_file_repository = build_file_repository
self.credentials_api = credentials_api
self.environment_api = environment_api
@classmethod @classmethod
def prod(cls, base_dir: str): def prod(cls, base_dir: str):
return cls( return cls(
DevopsFactory(), DevopsFactory(),
BuildFileRepository(base_dir), BuildFileRepository(base_dir),
CredentialsApi(),
EnvironmentApi(),
) )
def initialize(self, input: dict) -> Devops: def initialize(self, input: dict) -> Devops:
@ -25,12 +33,6 @@ class InitService:
version = None version = None
if MixinType.RELEASE in mixin_types:
primary_build_file_id = input.get("release_primary_build_file", "./project.clj")
primary_build_file = self.build_file_repository.get(Path(primary_build_file_id))
version = primary_build_file.get_version()
if BuildType.C4K in build_types: if BuildType.C4K in build_types:
default_mappings = [ default_mappings = [
{ {
@ -40,8 +42,38 @@ class InitService:
{ {
"gopass_path": "server/meissa/grafana-cloud", "gopass_path": "server/meissa/grafana-cloud",
"name": "grafana_cloud_password", "name": "grafana_cloud_password",
} },
] ]
credentials = Credentials(input, default_mappings) credentials = Credentials(input, default_mappings)
passwords = self.resolve_passwords(credentials)
# merge passwords & input
if MixinType.RELEASE in mixin_types:
primary_build_file_id = input.get(
"release_primary_build_file", "./project.clj"
)
primary_build_file = self.build_file_repository.get(
Path(primary_build_file_id)
)
version = primary_build_file.get_version()
return self.devops_factory.build_devops(input, version=version) return self.devops_factory.build_devops(input, version=version)
def resolve_passwords(self, credentials: Credentials) -> List[str]:
result = {}
for name in credentials.mappings.keys():
mapping = credentials.mappings[name]
env_value = self.environment_api.get(mapping.name_for_environment)
if env_value:
result[name] = env_value
else:
if mapping.gopass_type == GopassType.FIELD:
result[name] = self.credentials_api.gopass_field_from_path(
mapping.gopass_path, mapping.gopass_field
)
if mapping.gopass_type == GopassType.PASSWORD:
result[name] = self.credentials_api.gopass_password_from_path(
mapping.gopass_path
)
return result

View file

@ -1,2 +1,10 @@
from .infrastructure import FileApi, ImageApi, ResourceApi, ExecutionApi, ProjectRepository, EnvironmentApi from .infrastructure import (
FileApi,
ImageApi,
ResourceApi,
ExecutionApi,
ProjectRepository,
EnvironmentApi,
CredentialsApi,
)
from .repository import DevopsRepository, BuildFileRepository from .repository import DevopsRepository, BuildFileRepository

View file

@ -101,6 +101,24 @@ class ExecutionApi:
return output return output
class EnvironmentApi(): class EnvironmentApi():
def get(self, key): def get(self, key):
return environ.get(key) return environ.get(key)
class CredentialsApi():
def __init__ (self):
self.execution_api = ExecutionApi()
def gopass_field_from_path (self, path, field):
credential = None
if path and field:
print('get field for: ' + path + ', ' + field)
credential = self.execution_api.execute(['gopass', 'show', path, field])
return credential
def gopass_password_from_path (elf, path):
credential = None
if path:
print('get password for: ' + path)
credential = self.execution_api.execute(['gopass', 'show', '--password', path])
return credential

View file

@ -49,3 +49,16 @@ class BuildFileRepositoryMock:
def write(self, build_file: BuildFile): def write(self, build_file: BuildFile):
pass pass
class EnvironmentApiMock():
def get(self, key):
pass
class CredentialsApiMock():
def gopass_field_from_path (self, path, field):
pass
def gopass_password_from_path (elf, path):
pass

View file

@ -5,13 +5,15 @@ from src.main.python.ddadevops.domain import (
Version, Version,
MixinType, MixinType,
) )
from .helper import BuildFileRepositoryMock, devops_config from .helper import BuildFileRepositoryMock, EnvironmentApiMock, CredentialsApiMock, devops_config
def test_sould_load_build_file(): def test_sould_load_build_file():
sut = InitService( sut = InitService(
DevopsFactory(), DevopsFactory(),
BuildFileRepositoryMock(), BuildFileRepositoryMock(),
CredentialsApiMock(),
EnvironmentApiMock(),
) )
assert ( assert (
Version.from_str("1.1.5-SNAPSHOT") Version.from_str("1.1.5-SNAPSHOT")