introduce credentials api
This commit is contained in:
parent
1a90f2dfe2
commit
ca6b693a9a
6 changed files with 103 additions and 21 deletions
|
@ -1,15 +1,24 @@
|
||||||
|
import deprecation
|
||||||
from .python_util import execute
|
from .python_util import execute
|
||||||
|
|
||||||
def gopass_field_from_path (path, field):
|
|
||||||
|
@deprecation.deprecated(
|
||||||
|
deprecated_in="3.2", details="use infrastructure.CredentialsApi instead"
|
||||||
|
)
|
||||||
|
def gopass_field_from_path(path, field):
|
||||||
credential = None
|
credential = None
|
||||||
if path and field:
|
if path and field:
|
||||||
print('get field for: ' + path + ', ' + field)
|
print("get field for: " + path + ", " + field)
|
||||||
credential = execute(['gopass', 'show', path, field])
|
credential = execute(["gopass", "show", path, field])
|
||||||
return credential
|
return credential
|
||||||
|
|
||||||
def gopass_password_from_path (path):
|
|
||||||
|
@deprecation.deprecated(
|
||||||
|
deprecated_in="3.2", details="use infrastructure.CredentialsApi instead"
|
||||||
|
)
|
||||||
|
def gopass_password_from_path(path):
|
||||||
credential = None
|
credential = None
|
||||||
if path:
|
if path:
|
||||||
print('get password for: ' + path)
|
print("get password for: " + path)
|
||||||
credential = execute(['gopass', 'show', '--password', path])
|
credential = execute(["gopass", "show", "--password", path])
|
||||||
return credential
|
return credential
|
||||||
|
|
|
@ -1,22 +1,30 @@
|
||||||
from pathlib import Path
|
from pathlib import Path
|
||||||
|
from typing import List
|
||||||
from .common import Devops, MixinType, BuildType
|
from .common import Devops, MixinType, BuildType
|
||||||
from .credentials import Credentials
|
from .credentials import Credentials, GopassType
|
||||||
from .devops_factory import DevopsFactory
|
from .devops_factory import DevopsFactory
|
||||||
from .version import Version
|
from .version import Version
|
||||||
from src.main.python.ddadevops.infrastructure import (
|
from src.main.python.ddadevops.infrastructure import (
|
||||||
BuildFileRepository
|
BuildFileRepository,
|
||||||
|
CredentialsApi,
|
||||||
|
EnvironmentApi,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
class InitService:
|
class InitService:
|
||||||
def __init__(self, devops_factory, build_file_repository):
|
def __init__(self, devops_factory, build_file_repository, credentials_api, environment_api):
|
||||||
self.devops_factory = devops_factory
|
self.devops_factory = devops_factory
|
||||||
self.build_file_repository = build_file_repository
|
self.build_file_repository = build_file_repository
|
||||||
|
self.credentials_api = credentials_api
|
||||||
|
self.environment_api = environment_api
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def prod(cls, base_dir: str):
|
def prod(cls, base_dir: str):
|
||||||
return cls(
|
return cls(
|
||||||
DevopsFactory(),
|
DevopsFactory(),
|
||||||
BuildFileRepository(base_dir),
|
BuildFileRepository(base_dir),
|
||||||
|
CredentialsApi(),
|
||||||
|
EnvironmentApi(),
|
||||||
)
|
)
|
||||||
|
|
||||||
def initialize(self, input: dict) -> Devops:
|
def initialize(self, input: dict) -> Devops:
|
||||||
|
@ -25,12 +33,6 @@ class InitService:
|
||||||
|
|
||||||
version = None
|
version = None
|
||||||
|
|
||||||
if MixinType.RELEASE in mixin_types:
|
|
||||||
primary_build_file_id = input.get("release_primary_build_file", "./project.clj")
|
|
||||||
primary_build_file = self.build_file_repository.get(Path(primary_build_file_id))
|
|
||||||
version = primary_build_file.get_version()
|
|
||||||
|
|
||||||
|
|
||||||
if BuildType.C4K in build_types:
|
if BuildType.C4K in build_types:
|
||||||
default_mappings = [
|
default_mappings = [
|
||||||
{
|
{
|
||||||
|
@ -40,8 +42,38 @@ class InitService:
|
||||||
{
|
{
|
||||||
"gopass_path": "server/meissa/grafana-cloud",
|
"gopass_path": "server/meissa/grafana-cloud",
|
||||||
"name": "grafana_cloud_password",
|
"name": "grafana_cloud_password",
|
||||||
}
|
},
|
||||||
]
|
]
|
||||||
credentials = Credentials(input, default_mappings)
|
credentials = Credentials(input, default_mappings)
|
||||||
|
passwords = self.resolve_passwords(credentials)
|
||||||
|
|
||||||
|
# merge passwords & input
|
||||||
|
|
||||||
|
if MixinType.RELEASE in mixin_types:
|
||||||
|
primary_build_file_id = input.get(
|
||||||
|
"release_primary_build_file", "./project.clj"
|
||||||
|
)
|
||||||
|
primary_build_file = self.build_file_repository.get(
|
||||||
|
Path(primary_build_file_id)
|
||||||
|
)
|
||||||
|
version = primary_build_file.get_version()
|
||||||
|
|
||||||
return self.devops_factory.build_devops(input, version=version)
|
return self.devops_factory.build_devops(input, version=version)
|
||||||
|
|
||||||
|
def resolve_passwords(self, credentials: Credentials) -> List[str]:
|
||||||
|
result = {}
|
||||||
|
for name in credentials.mappings.keys():
|
||||||
|
mapping = credentials.mappings[name]
|
||||||
|
env_value = self.environment_api.get(mapping.name_for_environment)
|
||||||
|
if env_value:
|
||||||
|
result[name] = env_value
|
||||||
|
else:
|
||||||
|
if mapping.gopass_type == GopassType.FIELD:
|
||||||
|
result[name] = self.credentials_api.gopass_field_from_path(
|
||||||
|
mapping.gopass_path, mapping.gopass_field
|
||||||
|
)
|
||||||
|
if mapping.gopass_type == GopassType.PASSWORD:
|
||||||
|
result[name] = self.credentials_api.gopass_password_from_path(
|
||||||
|
mapping.gopass_path
|
||||||
|
)
|
||||||
|
return result
|
||||||
|
|
|
@ -1,2 +1,10 @@
|
||||||
from .infrastructure import FileApi, ImageApi, ResourceApi, ExecutionApi, ProjectRepository, EnvironmentApi
|
from .infrastructure import (
|
||||||
|
FileApi,
|
||||||
|
ImageApi,
|
||||||
|
ResourceApi,
|
||||||
|
ExecutionApi,
|
||||||
|
ProjectRepository,
|
||||||
|
EnvironmentApi,
|
||||||
|
CredentialsApi,
|
||||||
|
)
|
||||||
from .repository import DevopsRepository, BuildFileRepository
|
from .repository import DevopsRepository, BuildFileRepository
|
|
@ -101,6 +101,24 @@ class ExecutionApi:
|
||||||
return output
|
return output
|
||||||
|
|
||||||
class EnvironmentApi():
|
class EnvironmentApi():
|
||||||
|
|
||||||
def get(self, key):
|
def get(self, key):
|
||||||
return environ.get(key)
|
return environ.get(key)
|
||||||
|
|
||||||
|
|
||||||
|
class CredentialsApi():
|
||||||
|
def __init__ (self):
|
||||||
|
self.execution_api = ExecutionApi()
|
||||||
|
|
||||||
|
def gopass_field_from_path (self, path, field):
|
||||||
|
credential = None
|
||||||
|
if path and field:
|
||||||
|
print('get field for: ' + path + ', ' + field)
|
||||||
|
credential = self.execution_api.execute(['gopass', 'show', path, field])
|
||||||
|
return credential
|
||||||
|
|
||||||
|
def gopass_password_from_path (elf, path):
|
||||||
|
credential = None
|
||||||
|
if path:
|
||||||
|
print('get password for: ' + path)
|
||||||
|
credential = self.execution_api.execute(['gopass', 'show', '--password', path])
|
||||||
|
return credential
|
||||||
|
|
|
@ -49,3 +49,16 @@ class BuildFileRepositoryMock:
|
||||||
|
|
||||||
def write(self, build_file: BuildFile):
|
def write(self, build_file: BuildFile):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
class EnvironmentApiMock():
|
||||||
|
def get(self, key):
|
||||||
|
pass
|
||||||
|
|
||||||
|
|
||||||
|
class CredentialsApiMock():
|
||||||
|
def gopass_field_from_path (self, path, field):
|
||||||
|
pass
|
||||||
|
|
||||||
|
def gopass_password_from_path (elf, path):
|
||||||
|
pass
|
||||||
|
|
||||||
|
|
|
@ -5,13 +5,15 @@ from src.main.python.ddadevops.domain import (
|
||||||
Version,
|
Version,
|
||||||
MixinType,
|
MixinType,
|
||||||
)
|
)
|
||||||
from .helper import BuildFileRepositoryMock, devops_config
|
from .helper import BuildFileRepositoryMock, EnvironmentApiMock, CredentialsApiMock, devops_config
|
||||||
|
|
||||||
|
|
||||||
def test_sould_load_build_file():
|
def test_sould_load_build_file():
|
||||||
sut = InitService(
|
sut = InitService(
|
||||||
DevopsFactory(),
|
DevopsFactory(),
|
||||||
BuildFileRepositoryMock(),
|
BuildFileRepositoryMock(),
|
||||||
|
CredentialsApiMock(),
|
||||||
|
EnvironmentApiMock(),
|
||||||
)
|
)
|
||||||
assert (
|
assert (
|
||||||
Version.from_str("1.1.5-SNAPSHOT")
|
Version.from_str("1.1.5-SNAPSHOT")
|
||||||
|
|
Loading…
Reference in a new issue