introduce credentials api

This commit is contained in:
Michael Jerger 2023-05-17 13:43:39 +02:00
parent 1a90f2dfe2
commit ca6b693a9a
6 changed files with 103 additions and 21 deletions

View file

@ -1,15 +1,24 @@
import deprecation
from .python_util import execute
def gopass_field_from_path (path, field):
@deprecation.deprecated(
deprecated_in="3.2", details="use infrastructure.CredentialsApi instead"
)
def gopass_field_from_path(path, field):
credential = None
if path and field:
print('get field for: ' + path + ', ' + field)
credential = execute(['gopass', 'show', path, field])
print("get field for: " + path + ", " + field)
credential = execute(["gopass", "show", path, field])
return credential
def gopass_password_from_path (path):
@deprecation.deprecated(
deprecated_in="3.2", details="use infrastructure.CredentialsApi instead"
)
def gopass_password_from_path(path):
credential = None
if path:
print('get password for: ' + path)
credential = execute(['gopass', 'show', '--password', path])
print("get password for: " + path)
credential = execute(["gopass", "show", "--password", path])
return credential

View file

@ -1,22 +1,30 @@
from pathlib import Path
from typing import List
from .common import Devops, MixinType, BuildType
from .credentials import Credentials
from .credentials import Credentials, GopassType
from .devops_factory import DevopsFactory
from .version import Version
from src.main.python.ddadevops.infrastructure import (
BuildFileRepository
BuildFileRepository,
CredentialsApi,
EnvironmentApi,
)
class InitService:
def __init__(self, devops_factory, build_file_repository):
def __init__(self, devops_factory, build_file_repository, credentials_api, environment_api):
self.devops_factory = devops_factory
self.build_file_repository = build_file_repository
self.credentials_api = credentials_api
self.environment_api = environment_api
@classmethod
def prod(cls, base_dir: str):
return cls(
DevopsFactory(),
BuildFileRepository(base_dir),
CredentialsApi(),
EnvironmentApi(),
)
def initialize(self, input: dict) -> Devops:
@ -25,12 +33,6 @@ class InitService:
version = None
if MixinType.RELEASE in mixin_types:
primary_build_file_id = input.get("release_primary_build_file", "./project.clj")
primary_build_file = self.build_file_repository.get(Path(primary_build_file_id))
version = primary_build_file.get_version()
if BuildType.C4K in build_types:
default_mappings = [
{
@ -40,8 +42,38 @@ class InitService:
{
"gopass_path": "server/meissa/grafana-cloud",
"name": "grafana_cloud_password",
}
},
]
credentials = Credentials(input, default_mappings)
passwords = self.resolve_passwords(credentials)
# merge passwords & input
if MixinType.RELEASE in mixin_types:
primary_build_file_id = input.get(
"release_primary_build_file", "./project.clj"
)
primary_build_file = self.build_file_repository.get(
Path(primary_build_file_id)
)
version = primary_build_file.get_version()
return self.devops_factory.build_devops(input, version=version)
def resolve_passwords(self, credentials: Credentials) -> List[str]:
result = {}
for name in credentials.mappings.keys():
mapping = credentials.mappings[name]
env_value = self.environment_api.get(mapping.name_for_environment)
if env_value:
result[name] = env_value
else:
if mapping.gopass_type == GopassType.FIELD:
result[name] = self.credentials_api.gopass_field_from_path(
mapping.gopass_path, mapping.gopass_field
)
if mapping.gopass_type == GopassType.PASSWORD:
result[name] = self.credentials_api.gopass_password_from_path(
mapping.gopass_path
)
return result

View file

@ -1,2 +1,10 @@
from .infrastructure import FileApi, ImageApi, ResourceApi, ExecutionApi, ProjectRepository, EnvironmentApi
from .infrastructure import (
FileApi,
ImageApi,
ResourceApi,
ExecutionApi,
ProjectRepository,
EnvironmentApi,
CredentialsApi,
)
from .repository import DevopsRepository, BuildFileRepository

View file

@ -101,6 +101,24 @@ class ExecutionApi:
return output
class EnvironmentApi():
def get(self, key):
return environ.get(key)
class CredentialsApi():
def __init__ (self):
self.execution_api = ExecutionApi()
def gopass_field_from_path (self, path, field):
credential = None
if path and field:
print('get field for: ' + path + ', ' + field)
credential = self.execution_api.execute(['gopass', 'show', path, field])
return credential
def gopass_password_from_path (elf, path):
credential = None
if path:
print('get password for: ' + path)
credential = self.execution_api.execute(['gopass', 'show', '--password', path])
return credential

View file

@ -49,3 +49,16 @@ class BuildFileRepositoryMock:
def write(self, build_file: BuildFile):
pass
class EnvironmentApiMock():
def get(self, key):
pass
class CredentialsApiMock():
def gopass_field_from_path (self, path, field):
pass
def gopass_password_from_path (elf, path):
pass

View file

@ -5,13 +5,15 @@ from src.main.python.ddadevops.domain import (
Version,
MixinType,
)
from .helper import BuildFileRepositoryMock, devops_config
from .helper import BuildFileRepositoryMock, EnvironmentApiMock, CredentialsApiMock, devops_config
def test_sould_load_build_file():
sut = InitService(
DevopsFactory(),
BuildFileRepositoryMock(),
CredentialsApiMock(),
EnvironmentApiMock(),
)
assert (
Version.from_str("1.1.5-SNAPSHOT")