berryworld 1.0.0.196751__py3-none-any.whl → 1.0.0.197185__py3-none-any.whl

berryworld/__init__.py

@@ -5,8 +5,7 @@ from .allocation_solver import AllocationSolver
 from .pickle_management import PickleManagement
 from .email_logging import EmailLogging
 from .verify_keys import Verify
-from .credentials import SnowflakeCredentials, SQLCredentials, BCCredentials, WebServiceCredentials, \
-    MicrosoftTeamsCredentials
+from .credentials import SnowflakeCredentials, SQLCredentials, WebServiceCredentials, MicrosoftTeamsCredentials
 from .persistent_storage import PersistentStorage
 from .generate_env import EnvVariables
 from .sharepoint_con import SharepointConnection, SharepointConn
@@ -24,4 +23,4 @@ from .teams_logging import TeamsLogging
 from .vivantio_logging import VivantioLogging
 from .snowflake_conn import SnowflakeConn
 from .logging import PythonLogs
-from .sql_connenction import SQLConnection
+from .sql_connenction import SQLConnection, SQLConnectionPool, SQLPoolEngine

berryworld/credentials.py

@@ -71,32 +71,6 @@ class SQLCredentials:
             raise ValueError("Variable %s not found" % str(e))
 
 
-class BCCredentials:
-    def __init__(self, db_name=None, auth=False):
-        self.db_name = db_name
-        self.auth = auth
-
-    def simple_creds(self):
-        try:
-            if self.auth:
-                scope = os.environ.get("BC-AUTH-SCOPE")
-                client_id = os.environ.get("BC-AUTH-CLIENT-ID")
-                client_secret = os.environ.get("BC-AUTH-CLIENT-SECRET")
-
-                return {'scope': scope,
-                        'client_id': client_id,
-                        'client_secret': client_secret}
-            elif self.db_name is not None:
-                server_type = os.environ.get(f"BC-ENV-SERVER-{self.db_name.upper()}")
-
-                return {'server_type': server_type}
-            else:
-                raise ValueError("Please provide a valid input")
-
-        except ValueError as e:
-            raise ValueError("Variable %s not found" % str(e))
-
-
 class WebServiceCredentials:
     def __init__(self, service=None):
         self.service = service

berryworld/generate_env.py

@@ -53,19 +53,24 @@ class EnvVariables:
 
         return config
 
-    def fetch_secrets_by_tag(self, config):
-        """ Fetch secrets from Azure Key Vault based on tags
+    def get_secret_client(self, config):
+        """ Create a Key Vault client
         :param config: Dictionary containing Azure Key Vault configuration
         """
         tenant_id = config["AZURE-TENANT-ID"]
         client_id = config["AZURE-CLIENT-ID"]
         client_secret = config["AZURE-CLIENT-SECRET"]
         vault_url = f"https://{config['AZURE-KEY-VAULT-NAME']}.vault.azure.net/"
-        project_tags = config["AZURE-KEY-VAULT-PROJECT-TAGS"]
-
         credential = ClientSecretCredential(tenant_id, client_id, client_secret)
-        client = SecretClient(vault_url=vault_url, credential=credential)
 
+        return SecretClient(vault_url=vault_url, credential=credential)
+
+    def fetch_secrets_by_tag(self, config):
+        """ Fetch enabled secrets from Azure Key Vault based on tags
+        :param config: Dictionary containing Azure Key Vault configuration
+        """
+        client = self.get_secret_client(config)
+        project_tags = config.get("AZURE-KEY-VAULT-PROJECT-TAGS", [])
         secrets = {}
         for prop in client.list_properties_of_secrets():
             if not prop.enabled:
@@ -78,33 +83,120 @@ class EnvVariables:
                     secrets[key] = secret.value
         return secrets
 
-    def generate_akv_env_file(self, config_path=None, env_path=None):
+    def fetch_all_secrets(self, config):
+        """ Fetch all enabled secrets from the Key Vault
+        :param config: Dictionary containing Azure Key Vault configuration
+        """
+        client = self.get_secret_client(config)
+        secrets = {}
+        for prop in client.list_properties_of_secrets():
+            if prop.enabled:
+                secret = client.get_secret(prop.name)
+                secrets[secret.name] = {
+                    "value": secret.value,
+                    "tags": prop.tags or {}
+                }
+        return secrets
+
+    def create_or_update_akv_secret(self, config, name=None, value=None, tags=None, tag_name=None, tag_value=None,
+                                    disable_old=True, secrets_dict=None):
+        """ Create or update a secret / all secrets in Key Vault :
+        :param config: Dictionary containing Azure Key Vault configuration
+        :param name: Name of the secret to be created / updated
+        :param value: Value of the secret to be created / updated
+        :param tags: Dictionary containing Azure Key Vault configuration
+        :param tag_name: Tag name of the secret to be created / updated
+        :param tag_value: Tag value of the secret to be created / updated
+        :param disable_old: Flag if previous version should be disabled
+        :param secrets_dict: Dictionary of all the secrets from AKV
+        """
+        client = self.get_secret_client(config)
+
+        # If secrets_dict is provided, loop through it
+        if secrets_dict is not None:
+            for s_name, s_data in secrets_dict.items():
+                self.create_or_update_akv_secret(
+                    config,
+                    name=s_name,
+                    value=s_data["value"],
+                    tags=s_data.get("tags"),
+                    disable_old=disable_old
+                )
+            return
+
+        if (name is None and value is None) and secrets_dict is None:
+            raise ValueError("Must provide either secrets_dict or both name and value")
+
+        # Check the latest version of the secret
+        latest_secret = None
+        latest_tags = {}
+        try:
+            latest_secret = client.get_secret(name)
+            latest_tags = latest_secret.properties.tags or {}
+        except Exception:
+            pass
+
+        updated_tags = {**latest_tags}
+        if tags is not None:
+            updated_tags.update(tags)
+        elif tag_name is not None and tag_value is not None:
+            updated_tags[tag_name] = tag_value
+
+        # Check if anything changed in the value or tag
+        value_changed = latest_secret is None or latest_secret.value != value
+        tags_changed = updated_tags != latest_tags
+
+        if not value_changed and not tags_changed:
+            print(f"Secret {name} already up to date. Skipping.")
+            return
+
+        # Create new version
+        new_secret = client.set_secret(name, value, tags=updated_tags)
+        new_version = new_secret.properties.version
+        print(f"Secret {name} updated. New version: {new_version}.")
+
+        # Disable previous versions
+        if disable_old:
+            for secret_prop in client.list_properties_of_secret_versions(name):
+                if secret_prop.version != new_version and secret_prop.enabled:
+                    client.update_secret_properties(secret_prop.name, secret_prop.version, enabled=False)
+
+    def generate_akv_env_file(self, config_path=None, env_path=None, fetch_all=False):
         """ Generate the environment variables file from Azure Key Vault secrets
         :param config_path: Path to the Terraform configuration file (optional)
         :param env_path: Path to the destination .env file (optional)
+        :param fetch_all: Flag if all the secrets should be fetched
         """
         config = self.extract_akv_config_from_tf(config_path)
-        secrets = self.fetch_secrets_by_tag(config)
-
-        # Create .env file for UnitTest
-        with open(env_path, "w") as f:
-            for key, value in secrets.items():
-                f.write(f"{key}={value}\n")
-
-        # Create .env file for container apps
-        if os.name != "nt" and self.env is not None:
-            # Linux/Mac: generate terraform .tfvars file
-            tfvars_path = f"./environments/{self.env}/secrets.auto.tfvars.json"
-            os.makedirs(os.path.dirname(tfvars_path), exist_ok=True)
-            with open(tfvars_path, "w") as f:
-                json.dump({"keyvault_secrets": secrets}, f, indent=2)
-
-    def generate_env_tf(self, config_path='./environments/prod/step01.tf', env_path='.env'):
+        if fetch_all:
+            secrets = self.fetch_all_secrets(config)
+        else:
+            secrets = self.fetch_secrets_by_tag(config)
+
+        if fetch_all:
+            return secrets
+
+        if not fetch_all:
+            # Create .env file for UnitTest
+            with open(env_path, "w") as f:
+                for key, value in secrets.items():
+                    f.write(f"{key}={value}\n")
+
+            # Create .env file for container apps
+            if os.name != "nt" and self.env is not None:
+                # Linux/Mac: generate terraform .tfvars file
+                tfvars_path = f"./environments/{self.env}/secrets.auto.tfvars.json"
+                os.makedirs(os.path.dirname(tfvars_path), exist_ok=True)
+                with open(tfvars_path, "w") as f:
+                    json.dump({"keyvault_secrets": secrets}, f, indent=2)
+
+    def generate_env_tf(self, config_path='./environments/prod/step01.tf', env_path='.env', fetch_all=False):
         """ Main function to parse arguments and generate AKV environment variables file.
         :param config_path: Path to the Terraform configuration file
         :param env_path: Path to the destination .env file
+        :param fetch_all: Flag if all the secrets should be fetched
         """
-        self.generate_akv_env_file(config_path=config_path, env_path=env_path)
+        self.generate_akv_env_file(config_path=config_path, env_path=env_path, fetch_all=fetch_all)
 
     @staticmethod
     def generate_env_file(yaml_path='./environments/prd1/step01.yaml', env_path='./.env'):