bitwarden-crd-operator/src/utils/utils.py

import os
import json
import subprocess


class BitwardenCommandException(Exception):
    pass


def get_secret_from_bitwarden(id):
    return command_wrapper(command=f"get item {id}")


def unlock_bw(logger):
    status_output = command_wrapper("status")
    status = json.loads(status_output)['status']
    if status == 'unlocked':
        logger.info("Already unlocked")
        return
    token_output = command_wrapper("unlock --passwordenv BW_PASSWORD")
    tokens = token_output.split('"')[1::2]
    os.environ["BW_SESSION"] = tokens[1]
    logger.info("Signin successful. Session exported")


def command_wrapper(command):
    system_env = dict(os.environ)
    sp = subprocess.Popen(
        [f"bw {command}"],
        stdout=subprocess.PIPE,
        stderr=subprocess.PIPE,
        close_fds=True,
        shell=True,
        env=system_env)
    out, err = sp.communicate()
    if err:
        raise BitwardenCommandException(err)
    return out.decode(encoding='UTF-8')


def parse_login_scope(secret_json, key):
    return secret_json["login"][key]


def parse_fields_scope(secret_json, key):
    if "fields" not in secret_json:
        return None
    for entry in secret_json["fields"]:
        if entry['name'] == key:
            return entry['value']
work in progress to support raw template types 2022-11-26 12:49:57 +00:00			`import os`
Unlock vault only when it's needed 2023-01-19 01:57:21 +00:00			`import json`
work in progress to support raw template types 2022-11-26 12:49:57 +00:00			`import subprocess`

autopep8 and bump alpine 2023-04-21 12:39:06 +00:00
working jinja template type 2022-11-26 20:33:31 +00:00			`class BitwardenCommandException(Exception):`
			`pass`

autopep8 and bump alpine 2023-04-21 12:39:06 +00:00
wip for jinja template type 2022-11-26 17:55:42 +00:00			`def get_secret_from_bitwarden(id):`
working jinja template type 2022-11-26 20:33:31 +00:00			`return command_wrapper(command=f"get item {id}")`
work in progress to support raw template types 2022-11-26 12:49:57 +00:00
autopep8 and bump alpine 2023-04-21 12:39:06 +00:00
work in progress to support raw template types 2022-11-26 12:49:57 +00:00			`def unlock_bw(logger):`
Unlock vault only when it's needed 2023-01-19 01:57:21 +00:00			`status_output = command_wrapper("status")`
			`status = json.loads(status_output)['status']`
			`if status == 'unlocked':`
			`logger.info("Already unlocked")`
			`return`
working jinja template type 2022-11-26 20:33:31 +00:00			`token_output = command_wrapper("unlock --passwordenv BW_PASSWORD")`
work in progress to support raw template types 2022-11-26 12:49:57 +00:00			`tokens = token_output.split('"')[1::2]`
			`os.environ["BW_SESSION"] = tokens[1]`
			`logger.info("Signin successful. Session exported")`

autopep8 and bump alpine 2023-04-21 12:39:06 +00:00
working jinja template type 2022-11-26 20:33:31 +00:00			`def command_wrapper(command):`
work in progress to support raw template types 2022-11-26 12:49:57 +00:00			`system_env = dict(os.environ)`
autopep8 and bump alpine 2023-04-21 12:39:06 +00:00			`sp = subprocess.Popen(`
			`[f"bw {command}"],`
			`stdout=subprocess.PIPE,`
			`stderr=subprocess.PIPE,`
			`close_fds=True,`
			`shell=True,`
			`env=system_env)`
work in progress to support raw template types 2022-11-26 12:49:57 +00:00			`out, err = sp.communicate()`
			`if err:`
working jinja template type 2022-11-26 20:33:31 +00:00			`raise BitwardenCommandException(err)`
			`return out.decode(encoding='UTF-8')`

autopep8 and bump alpine 2023-04-21 12:39:06 +00:00
working jinja template type 2022-11-26 20:33:31 +00:00			`def parse_login_scope(secret_json, key):`
			`return secret_json["login"][key]`

autopep8 and bump alpine 2023-04-21 12:39:06 +00:00
working jinja template type 2022-11-26 20:33:31 +00:00			`def parse_fields_scope(secret_json, key):`
Improve stability when there is no fields 2023-01-20 01:57:06 +00:00			`if "fields" not in secret_json:`
			`return None`
working jinja template type 2022-11-26 20:33:31 +00:00			`for entry in secret_json["fields"]:`
			`if entry['name'] == key:`
			`return entry['value']`