Unlock vault only when it's needed

This commit is contained in:
Thibault Cohen 2023-01-18 20:57:21 -05:00
parent 40f76a8bdb
commit 6a324e66da

View File

@ -1,4 +1,5 @@
import os import os
import json
import subprocess import subprocess
class BitwardenCommandException(Exception): class BitwardenCommandException(Exception):
@ -8,6 +9,11 @@ def get_secret_from_bitwarden(id):
return command_wrapper(command=f"get item {id}") return command_wrapper(command=f"get item {id}")
def unlock_bw(logger): def unlock_bw(logger):
status_output = command_wrapper("status")
status = json.loads(status_output)['status']
if status == 'unlocked':
logger.info("Already unlocked")
return
token_output = command_wrapper("unlock --passwordenv BW_PASSWORD") token_output = command_wrapper("unlock --passwordenv BW_PASSWORD")
tokens = token_output.split('"')[1::2] tokens = token_output.split('"')[1::2]
os.environ["BW_SESSION"] = tokens[1] os.environ["BW_SESSION"] = tokens[1]