# WARNING # # THIS IS AN AUTOGENERATED FILE. # # MANUAL CHANGES CAN AND WILL BE OVERWRITTEN. import re from setuptools import setup PACKAGE_NAME = 'secret_loader' PACKAGE_DESCRIPTION = """ # Secret Loader System. System for loading secrets from a variety of sources. Usage: ```python import secret_loader secrets = secret_loader.SecretLoader(env_key_prefix='MYAPP') db_username = secrets.load_or_fail('DATABASE_USERNAME') db_password = secrets.load_or_fail('DATABASE_PASSWORD') ``` Secret loading order: 0. Hardcoded values. **This is purely for debugging, prototyping, and for configuring below options.** 1. Files pointed to by environment variables. Docker friendly. 2. Secrets folder. Also Docker friendly. Defaults to `secrets`, but can be configured through the `SECRETS_DIRECTORY` key (NOTE: passed directly, rather than through a file.) 3. [Pass: the standard unix password manager](https://www.passwordstore.org/). Most suited for personal usage; very unsuited for server environments. Requires `pass` installed locally, and configuration of the `PASS_STORE_SUBFOLDER` through one of the above methods. 4. Vault instance if configured. Suited for production environments. **NOTE: This is barely supported.** Requires `hvac` python package. ## Future extensions - [ ] Key casing should be more consistent * Case-insensitive for hardcoded and `load`. * Upper case for environment variables. * Lower case for files and others. - [ ] New special configuration value for switching the `secrets` directory. - [ ] Wrap secrets in intelligent strings: * [ ] Instead of returning `None` on unloaded, return `UnknownSecret`, that produce error when formatted. * [ ] `repr(secret)` should not include contents, but only the secret and how it was loaded. * [ ] Methods on `Secret` should be kept minimal. - [ ] Avoid leakage to swap files. * Possibly Mlock? [Does not seem to work](https://stackoverflow.com/questions/29524020/prevent-ram-from-paging-to-swap-area-mlock) * Alternatively use [mmap](https://docs.python.org/3/library/mmap.html) and [memoryview](https://stackoverflow.com/questions/18655648/what-exactly-is-the-point-of-memoryview-in-python)?ยง - [ ] Vault: * [ ] Ensure vault code path works. * [ ] Document usage and requirements. - [ ] Get inspiration from """.strip() PACKAGE_DESCRIPTION_SHORT = """ System for loading secrets from a variety of sources.""".strip() def parse_version_file(text: str) -> str: match = re.match(r'^__version__\s*=\s*(["\'])([\d\.]+)\1$', text) if match is None: msg = 'Malformed _version.py file!' raise Exception(msg) return match.group(2) with open(PACKAGE_NAME + '/_version.py') as f: version = parse_version_file(f.read()) REQUIREMENTS_MAIN = [ 'frozendict', ] REQUIREMENTS_TEST = [ 'pytest', ] setup( name=PACKAGE_NAME, version=version, description=PACKAGE_DESCRIPTION_SHORT, long_description=PACKAGE_DESCRIPTION, long_description_content_type='text/markdown', author='Jon Michael Aanes', author_email='jonjmaa@gmail.com', url='https://gitfub.space/Jmaa/' + PACKAGE_NAME, packages=[PACKAGE_NAME], install_requires=REQUIREMENTS_MAIN, extras_require={ 'test': REQUIREMENTS_TEST, }, python_requires='>=3.9', )