2024-06-12 21:02:57 +00:00
|
|
|
# WARNING
|
|
|
|
#
|
|
|
|
# THIS IS AN AUTOGENERATED FILE.
|
|
|
|
#
|
|
|
|
# MANUAL CHANGES CAN AND WILL BE OVERWRITTEN.
|
|
|
|
|
|
|
|
import re
|
|
|
|
|
|
|
|
from setuptools import setup
|
|
|
|
|
|
|
|
PACKAGE_NAME = 'secret_loader'
|
|
|
|
|
2024-07-08 18:22:14 +00:00
|
|
|
PACKAGE_DESCRIPTION = """
|
|
|
|
# Secret Loader System.
|
|
|
|
|
|
|
|
System for loading secrets from a variety of sources.
|
|
|
|
|
|
|
|
Usage:
|
|
|
|
|
|
|
|
```python
|
|
|
|
import secret_loader
|
2024-07-22 22:47:48 +00:00
|
|
|
|
|
|
|
secrets = secret_loader.SecretLoader(env_key_prefix='MYAPP')
|
2024-07-08 18:22:14 +00:00
|
|
|
|
|
|
|
db_username = secrets.load_or_fail('DATABASE_USERNAME')
|
|
|
|
db_password = secrets.load_or_fail('DATABASE_PASSWORD')
|
|
|
|
```
|
|
|
|
|
|
|
|
Secret loading order:
|
|
|
|
|
|
|
|
0. Hardcoded values. **This is purely for debugging, prototyping, and for
|
|
|
|
configuring below options.**
|
|
|
|
1. Files pointed to by environment variables. Docker friendly.
|
2024-09-19 16:26:38 +00:00
|
|
|
2. Secrets folder. Also Docker friendly. Defaults to `secrets`, but can be
|
|
|
|
configured through the `SECRETS_DIRECTORY` key (NOTE: passed directly,
|
|
|
|
rather than through a file.)
|
2024-07-08 18:22:14 +00:00
|
|
|
3. [Pass: the standard unix password
|
|
|
|
manager](https://www.passwordstore.org/). Most suited for personal
|
|
|
|
usage; very unsuited for server environments. Requires `pass` installed
|
|
|
|
locally, and configuration of the `PASS_STORE_SUBFOLDER` through one of the above
|
|
|
|
methods.
|
2024-07-16 20:15:42 +00:00
|
|
|
4. Vault instance if configured. Suited for production environments. **NOTE:
|
|
|
|
This is barely supported.** Requires `hvac` python package.
|
2024-06-12 21:02:57 +00:00
|
|
|
|
2024-07-16 20:15:42 +00:00
|
|
|
## Future extensions
|
2024-07-08 18:22:14 +00:00
|
|
|
|
2024-07-16 20:15:42 +00:00
|
|
|
- [ ] Key casing should be more consistent
|
|
|
|
* Case-insensitive for hardcoded and `load`.
|
|
|
|
* Upper case for environment variables.
|
|
|
|
* Lower case for files and others.
|
|
|
|
- [ ] New special configuration value for switching the `secrets` directory.
|
|
|
|
- [ ] Wrap secrets in intelligent strings:
|
|
|
|
* [ ] Instead of returning `None` on unloaded, return `UnknownSecret`, that produce error when formatted.
|
|
|
|
* [ ] `repr(secret)` should not include contents, but only the secret and how it was loaded.
|
|
|
|
* [ ] Methods on `Secret` should be kept minimal.
|
2024-07-08 18:22:14 +00:00
|
|
|
- [ ] Avoid leakage to swap files.
|
|
|
|
* Possibly Mlock? [Does not seem to work](https://stackoverflow.com/questions/29524020/prevent-ram-from-paging-to-swap-area-mlock)
|
|
|
|
* Alternatively use [mmap](https://docs.python.org/3/library/mmap.html) and [memoryview](https://stackoverflow.com/questions/18655648/what-exactly-is-the-point-of-memoryview-in-python)?§
|
|
|
|
- [ ] Vault:
|
|
|
|
* [ ] Ensure vault code path works.
|
|
|
|
* [ ] Document usage and requirements.
|
2024-09-19 16:26:38 +00:00
|
|
|
- [ ] Get inspiration from <https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html>
|
2024-08-02 15:15:17 +00:00
|
|
|
""".strip()
|
2024-07-08 18:22:14 +00:00
|
|
|
|
2024-07-16 20:18:13 +00:00
|
|
|
PACKAGE_DESCRIPTION_SHORT = """
|
|
|
|
System for loading secrets from a variety of sources.""".strip()
|
2024-07-10 21:39:53 +00:00
|
|
|
|
2024-06-12 21:02:57 +00:00
|
|
|
|
|
|
|
def parse_version_file(text: str) -> str:
|
|
|
|
match = re.match(r'^__version__\s*=\s*(["\'])([\d\.]+)\1$', text)
|
|
|
|
if match is None:
|
|
|
|
msg = 'Malformed _version.py file!'
|
|
|
|
raise Exception(msg)
|
|
|
|
return match.group(2)
|
|
|
|
|
|
|
|
|
|
|
|
with open(PACKAGE_NAME + '/_version.py') as f:
|
|
|
|
version = parse_version_file(f.read())
|
|
|
|
|
|
|
|
|
2024-08-08 15:37:10 +00:00
|
|
|
REQUIREMENTS_MAIN = [
|
2024-08-08 16:20:19 +00:00
|
|
|
'frozendict',
|
2024-08-08 15:37:10 +00:00
|
|
|
]
|
|
|
|
REQUIREMENTS_TEST = [
|
2024-08-08 16:20:19 +00:00
|
|
|
'pytest',
|
2024-08-08 15:37:10 +00:00
|
|
|
]
|
2024-06-12 21:02:57 +00:00
|
|
|
|
|
|
|
|
|
|
|
setup(
|
|
|
|
name=PACKAGE_NAME,
|
|
|
|
version=version,
|
2024-07-08 18:22:14 +00:00
|
|
|
description=PACKAGE_DESCRIPTION_SHORT,
|
|
|
|
long_description=PACKAGE_DESCRIPTION,
|
2024-06-12 21:02:57 +00:00
|
|
|
long_description_content_type='text/markdown',
|
2024-07-09 21:59:54 +00:00
|
|
|
author='Jon Michael Aanes',
|
2024-06-12 21:02:57 +00:00
|
|
|
author_email='jonjmaa@gmail.com',
|
|
|
|
url='https://gitfub.space/Jmaa/' + PACKAGE_NAME,
|
|
|
|
packages=[PACKAGE_NAME],
|
2024-08-08 15:37:10 +00:00
|
|
|
install_requires=REQUIREMENTS_MAIN,
|
2024-06-12 21:02:57 +00:00
|
|
|
extras_require={
|
2024-08-08 15:37:10 +00:00
|
|
|
'test': REQUIREMENTS_TEST,
|
2024-06-12 21:02:57 +00:00
|
|
|
},
|
|
|
|
python_requires='>=3.9',
|
|
|
|
)
|