also populate logger for lookup
This commit is contained in:
parent
f7a0f43cab
commit
f3cba82c9f
@ -1,13 +1,16 @@
|
|||||||
import json
|
|
||||||
|
|
||||||
from utils.utils import get_secret_from_bitwarden, get_attachment, parse_fields_scope, parse_login_scope
|
from utils.utils import get_secret_from_bitwarden, get_attachment, parse_fields_scope, parse_login_scope
|
||||||
|
|
||||||
|
|
||||||
def bitwarden_lookup(id, scope, field):
|
class BitwardenLookupHandler:
|
||||||
if scope == "attachment":
|
|
||||||
return get_attachment(None, id, field)
|
def __init__(self, logger) -> None:
|
||||||
_secret_json = get_secret_from_bitwarden(None, id)
|
self.logger = logger
|
||||||
if scope == "login":
|
|
||||||
return parse_login_scope(_secret_json, field)
|
def bitwarden_lookup(self, id, scope, field):
|
||||||
if scope == "fields":
|
if scope == "attachment":
|
||||||
return parse_fields_scope(_secret_json, field)
|
return get_attachment(self.logger, id, field)
|
||||||
|
_secret_json = get_secret_from_bitwarden(self.logger, id)
|
||||||
|
if scope == "login":
|
||||||
|
return parse_login_scope(_secret_json, field)
|
||||||
|
if scope == "fields":
|
||||||
|
return parse_fields_scope(_secret_json, field)
|
||||||
|
@ -4,27 +4,24 @@ import kubernetes
|
|||||||
import json
|
import json
|
||||||
|
|
||||||
from utils.utils import unlock_bw, bw_sync_interval
|
from utils.utils import unlock_bw, bw_sync_interval
|
||||||
from lookups.bitwarden_lookup import bitwarden_lookup
|
from lookups.bitwarden_lookup import BitwardenLookupHandler
|
||||||
from jinja2 import Environment, BaseLoader
|
from jinja2 import Environment, BaseLoader
|
||||||
|
|
||||||
|
|
||||||
lookup_func_dict = {
|
def render_template(logger, template):
|
||||||
"bitwarden_lookup": bitwarden_lookup,
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
def render_template(template):
|
|
||||||
jinja_template = Environment(loader=BaseLoader()).from_string(template)
|
jinja_template = Environment(loader=BaseLoader()).from_string(template)
|
||||||
jinja_template.globals.update(lookup_func_dict)
|
jinja_template.globals.update({
|
||||||
|
"bitwarden_lookup": BitwardenLookupHandler(logger).bitwarden_lookup,
|
||||||
|
})
|
||||||
return jinja_template.render()
|
return jinja_template.render()
|
||||||
|
|
||||||
|
|
||||||
def create_template_secret(secret, filename, template):
|
def create_template_secret(logger, secret, filename, template):
|
||||||
secret.type = "Opaque"
|
secret.type = "Opaque"
|
||||||
secret.data = {}
|
secret.data = {}
|
||||||
secret.data[filename] = str(
|
secret.data[filename] = str(
|
||||||
base64.b64encode(
|
base64.b64encode(
|
||||||
render_template(template).encode("utf-8")),
|
render_template(logger, template).encode("utf-8")),
|
||||||
"utf-8")
|
"utf-8")
|
||||||
return secret
|
return secret
|
||||||
|
|
||||||
@ -48,7 +45,7 @@ def create_managed_secret(spec, name, namespace, logger, body, **kwargs):
|
|||||||
secret = kubernetes.client.V1Secret()
|
secret = kubernetes.client.V1Secret()
|
||||||
secret.metadata = kubernetes.client.V1ObjectMeta(
|
secret.metadata = kubernetes.client.V1ObjectMeta(
|
||||||
name=secret_name, annotations=annotations)
|
name=secret_name, annotations=annotations)
|
||||||
secret = create_template_secret(secret, filename, template)
|
secret = create_template_secret(logger, secret, filename, template)
|
||||||
|
|
||||||
obj = api.create_namespaced_secret(
|
obj = api.create_namespaced_secret(
|
||||||
secret_namespace, secret
|
secret_namespace, secret
|
||||||
@ -109,7 +106,7 @@ def update_managed_secret(
|
|||||||
secret = kubernetes.client.V1Secret()
|
secret = kubernetes.client.V1Secret()
|
||||||
secret.metadata = kubernetes.client.V1ObjectMeta(
|
secret.metadata = kubernetes.client.V1ObjectMeta(
|
||||||
name=secret_name, annotations=annotations)
|
name=secret_name, annotations=annotations)
|
||||||
secret = create_template_secret(secret, filename, template)
|
secret = create_template_secret(logger, secret, filename, template)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
obj = api.replace_namespaced_secret(
|
obj = api.replace_namespaced_secret(
|
||||||
|
Loading…
Reference in New Issue
Block a user