bitwarden-crd-operator/src/utils/utils.py

import os
import json
import subprocess


class BitwardenCommandException(Exception):
    pass


def get_secret_from_bitwarden(logger, id):
    return command_wrapper(logger, command=f"get item {id}")


def unlock_bw(logger):
    status_output = command_wrapper(logger, "status", False)
    status = status_output['data']['template']['status']
    if status == 'unlocked':
        logger.info("Already unlocked")
        return
    token_output = command_wrapper(logger, "unlock --passwordenv BW_PASSWORD")
    os.environ["BW_SESSION"] = token_output["data"]["raw"]
    logger.info("Signin successful. Session exported")


def command_wrapper(logger, command, use_success: bool = True):
    system_env = dict(os.environ)
    sp = subprocess.Popen(
        [f"bw --response {command}"],
        stdout=subprocess.PIPE,
        stderr=subprocess.PIPE,
        close_fds=True,
        shell=True,
        env=system_env)
    out, err = sp.communicate()
    resp = json.loads(out.decode(encoding='UTF-8'))
    if "DEBUG" in system_env:
        logger.info(resp)
    if resp["success"] != None and (not use_success or (use_success and resp["success"] == True)):
        return resp
    logger.warn(resp)
    return None


def parse_login_scope(secret_json, key):
    return secret_json["data"]["login"][key]


def parse_fields_scope(secret_json, key):
    if "fields" not in secret_json:
        return None
    for entry in secret_json["data"]["fields"]:
        if entry['name'] == key:
            return entry['value']
work in progress to support raw template types 2022-11-26 12:49:57 +00:00			`import os`
Unlock vault only when it's needed 2023-01-19 01:57:21 +00:00			`import json`
work in progress to support raw template types 2022-11-26 12:49:57 +00:00			`import subprocess`

autopep8 and bump alpine 2023-04-21 12:39:06 +00:00
working jinja template type 2022-11-26 20:33:31 +00:00			`class BitwardenCommandException(Exception):`
			`pass`

autopep8 and bump alpine 2023-04-21 12:39:06 +00:00
switch to JSON mode of cli pass around logger 2023-04-21 14:50:33 +00:00			`def get_secret_from_bitwarden(logger, id):`
			`return command_wrapper(logger, command=f"get item {id}")`
work in progress to support raw template types 2022-11-26 12:49:57 +00:00
autopep8 and bump alpine 2023-04-21 12:39:06 +00:00
work in progress to support raw template types 2022-11-26 12:49:57 +00:00			`def unlock_bw(logger):`
switch to JSON mode of cli pass around logger 2023-04-21 14:50:33 +00:00			`status_output = command_wrapper(logger, "status", False)`
			`status = status_output['data']['template']['status']`
Unlock vault only when it's needed 2023-01-19 01:57:21 +00:00			`if status == 'unlocked':`
			`logger.info("Already unlocked")`
			`return`
switch to JSON mode of cli pass around logger 2023-04-21 14:50:33 +00:00			`token_output = command_wrapper(logger, "unlock --passwordenv BW_PASSWORD")`
			`os.environ["BW_SESSION"] = token_output["data"]["raw"]`
work in progress to support raw template types 2022-11-26 12:49:57 +00:00			`logger.info("Signin successful. Session exported")`

autopep8 and bump alpine 2023-04-21 12:39:06 +00:00
switch to JSON mode of cli pass around logger 2023-04-21 14:50:33 +00:00			`def command_wrapper(logger, command, use_success: bool = True):`
work in progress to support raw template types 2022-11-26 12:49:57 +00:00			`system_env = dict(os.environ)`
autopep8 and bump alpine 2023-04-21 12:39:06 +00:00			`sp = subprocess.Popen(`
switch to JSON mode of cli pass around logger 2023-04-21 14:50:33 +00:00			`[f"bw --response {command}"],`
autopep8 and bump alpine 2023-04-21 12:39:06 +00:00			`stdout=subprocess.PIPE,`
			`stderr=subprocess.PIPE,`
			`close_fds=True,`
			`shell=True,`
			`env=system_env)`
work in progress to support raw template types 2022-11-26 12:49:57 +00:00			`out, err = sp.communicate()`
switch to JSON mode of cli pass around logger 2023-04-21 14:50:33 +00:00			`resp = json.loads(out.decode(encoding='UTF-8'))`
fix 2023-04-24 07:54:53 +00:00			`if "DEBUG" in system_env:`
switch to JSON mode of cli pass around logger 2023-04-21 14:50:33 +00:00			`logger.info(resp)`
			`if resp["success"] != None and (not use_success or (use_success and resp["success"] == True)):`
			`return resp`
			`logger.warn(resp)`
			`return None`
working jinja template type 2022-11-26 20:33:31 +00:00
autopep8 and bump alpine 2023-04-21 12:39:06 +00:00
working jinja template type 2022-11-26 20:33:31 +00:00			`def parse_login_scope(secret_json, key):`
switch to JSON mode of cli pass around logger 2023-04-21 14:50:33 +00:00			`return secret_json["data"]["login"][key]`
working jinja template type 2022-11-26 20:33:31 +00:00
autopep8 and bump alpine 2023-04-21 12:39:06 +00:00
working jinja template type 2022-11-26 20:33:31 +00:00			`def parse_fields_scope(secret_json, key):`
Improve stability when there is no fields 2023-01-20 01:57:06 +00:00			`if "fields" not in secret_json:`
			`return None`
switch to JSON mode of cli pass around logger 2023-04-21 14:50:33 +00:00			`for entry in secret_json["data"]["fields"]:`
working jinja template type 2022-11-26 20:33:31 +00:00			`if entry['name'] == key:`
			`return entry['value']`