1
0

Improved pass resolution

This commit is contained in:
Jon Michael Aanes 2024-07-07 23:54:03 +02:00
parent 4e74424955
commit a0522f344d
Signed by: Jmaa
SSH Key Fingerprint: SHA256:Ab0GfHGCblESJx7JRE4fj4bFy/KRpeLhi41y4pF3sNA

View File

@ -20,7 +20,7 @@ Secret loading order:
3. [Pass: the standard unix password 3. [Pass: the standard unix password
manager](https://www.passwordstore.org/). Most suited for personal manager](https://www.passwordstore.org/). Most suited for personal
usage; very unsuited for server environments. Requires `pass` installed usage; very unsuited for server environments. Requires `pass` installed
locally, and configuration of the `PASS_FOLDER` through one of the above locally, and configuration of the `PASS_STORE_SUBFOLDER` through one of the above
methods. methods.
4. Vault instance if configured. Suited for production environments. 4. Vault instance if configured. Suited for production environments.
""" """
@ -42,7 +42,7 @@ ENV_KEY_VAULT_URL = 'VAULT_URL'
ENV_KEY_VAULT_TOKEN = 'VAULT_TOKEN' ENV_KEY_VAULT_TOKEN = 'VAULT_TOKEN'
ENV_KEY_VAULT_MOUNT_POINT = 'VAULT_MOUNT_POINT' ENV_KEY_VAULT_MOUNT_POINT = 'VAULT_MOUNT_POINT'
ENV_KEY_PASS_FOLDER = 'PASS_FOLDER' ENV_KEY_PASS_FOLDER = 'PASS_STORE_SUBFOLDER'
class SecretLoader: class SecretLoader:
""" """
@ -111,9 +111,9 @@ class SecretLoader:
return None return None
cmd = ['pass', 'show', f'{self.pass_folder}/{env_key.lower()}'] cmd = ['pass', 'show', f'{self.pass_folder}/{env_key.lower()}']
process = subprocess.run(cmd, capture_output = True, check = True) process = subprocess.run(cmd, capture_output = True)
print(process) if process.returncode:
return None
return process.stdout.decode('utf8') return process.stdout.decode('utf8')
def _load_or_none_vault(self, env_key: str) -> str | None: def _load_or_none_vault(self, env_key: str) -> str | None: