also populate logger for lookup

This commit is contained in:
Nico Angelo 2023-10-02 15:06:30 +02:00
parent f7a0f43cab
commit f3cba82c9f
2 changed files with 22 additions and 22 deletions

View File

@ -1,13 +1,16 @@
import json
from utils.utils import get_secret_from_bitwarden, get_attachment, parse_fields_scope, parse_login_scope from utils.utils import get_secret_from_bitwarden, get_attachment, parse_fields_scope, parse_login_scope
def bitwarden_lookup(id, scope, field): class BitwardenLookupHandler:
if scope == "attachment":
return get_attachment(None, id, field) def __init__(self, logger) -> None:
_secret_json = get_secret_from_bitwarden(None, id) self.logger = logger
if scope == "login":
return parse_login_scope(_secret_json, field) def bitwarden_lookup(self, id, scope, field):
if scope == "fields": if scope == "attachment":
return parse_fields_scope(_secret_json, field) return get_attachment(self.logger, id, field)
_secret_json = get_secret_from_bitwarden(self.logger, id)
if scope == "login":
return parse_login_scope(_secret_json, field)
if scope == "fields":
return parse_fields_scope(_secret_json, field)

View File

@ -4,27 +4,24 @@ import kubernetes
import json import json
from utils.utils import unlock_bw, bw_sync_interval from utils.utils import unlock_bw, bw_sync_interval
from lookups.bitwarden_lookup import bitwarden_lookup from lookups.bitwarden_lookup import BitwardenLookupHandler
from jinja2 import Environment, BaseLoader from jinja2 import Environment, BaseLoader
lookup_func_dict = { def render_template(logger, template):
"bitwarden_lookup": bitwarden_lookup,
}
def render_template(template):
jinja_template = Environment(loader=BaseLoader()).from_string(template) jinja_template = Environment(loader=BaseLoader()).from_string(template)
jinja_template.globals.update(lookup_func_dict) jinja_template.globals.update({
"bitwarden_lookup": BitwardenLookupHandler(logger).bitwarden_lookup,
})
return jinja_template.render() return jinja_template.render()
def create_template_secret(secret, filename, template): def create_template_secret(logger, secret, filename, template):
secret.type = "Opaque" secret.type = "Opaque"
secret.data = {} secret.data = {}
secret.data[filename] = str( secret.data[filename] = str(
base64.b64encode( base64.b64encode(
render_template(template).encode("utf-8")), render_template(logger, template).encode("utf-8")),
"utf-8") "utf-8")
return secret return secret
@ -48,7 +45,7 @@ def create_managed_secret(spec, name, namespace, logger, body, **kwargs):
secret = kubernetes.client.V1Secret() secret = kubernetes.client.V1Secret()
secret.metadata = kubernetes.client.V1ObjectMeta( secret.metadata = kubernetes.client.V1ObjectMeta(
name=secret_name, annotations=annotations) name=secret_name, annotations=annotations)
secret = create_template_secret(secret, filename, template) secret = create_template_secret(logger, secret, filename, template)
obj = api.create_namespaced_secret( obj = api.create_namespaced_secret(
secret_namespace, secret secret_namespace, secret
@ -109,7 +106,7 @@ def update_managed_secret(
secret = kubernetes.client.V1Secret() secret = kubernetes.client.V1Secret()
secret.metadata = kubernetes.client.V1ObjectMeta( secret.metadata = kubernetes.client.V1ObjectMeta(
name=secret_name, annotations=annotations) name=secret_name, annotations=annotations)
secret = create_template_secret(secret, filename, template) secret = create_template_secret(logger, secret, filename, template)
try: try:
obj = api.replace_namespaced_secret( obj = api.replace_namespaced_secret(