get-hc-secrets 1.5.3__tar.gz → 1.5.5__tar.gz

{get_hc_secrets-1.5.3 → get_hc_secrets-1.5.5}/PKG-INFO

@@ -1,9 +1,7 @@
 Metadata-Version: 2.1
 Name: get_hc_secrets
-Version: 1.5.3
+Version: 1.5.5
 Summary: A package to read secrets from Hashicorp vault
-Home-page: https://github.com/xmayeur/getSecrets
-Author: Xavier Mayeur
 Author-email: Xavier Mayeur <xavier@mayeur.be>
 Project-URL: Homepage, https://github.com/xmayeur/getSecrets
 Project-URL: Bug Tracker, https://github.com/xmayeur/getSecrets/issues

{get_hc_secrets-1.5.3 → get_hc_secrets-1.5.5}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "get_hc_secrets"
-dynamic = ["version"]
+version = '1.5.5'
 authors = [
     { name = "Xavier Mayeur", email = "xavier@mayeur.be" }
 ]

get_hc_secrets-1.5.5/src/get_hc_secrets/get_secrets.py

@@ -0,0 +1,136 @@
+import logging
+from os import getenv
+from os.path import join
+
+import requests
+import yaml
+
+_config_file = "~/.config/.vault/vault.yml"
+_home = getenv("HOME")
+_config = yaml.safe_load(open(join(_home, _config_file.replace("~/", ''))))
+logging.basicConfig(level=logging.INFO, format='%(asctime)s %(message)s',
+                    datefmt='%m/%d/%Y %I:%M:%S %p')
+
+
+def get_secret(id: str, repo: str = 'secret') -> dict:
+    """
+    :param id: The ID of the secret to retrieve
+    :param repo: The name of the secrets repository to retrieve the secret from - defaults to 'secret'
+    :return: a json object with key/value pairs
+             or an empty object if the secret retrieval fails
+
+    This method retrieves a secret from a Vault server using the provided ID.
+    If the request is successful (status code 200), the method extracts the key-value pairs JSON object.
+    If the request fails, the method logs an HTTP error message and returns a n empty json {}.
+    """
+
+    base_url = _config['vault']['vault_addr']
+    certs = join(_home, _config['vault']['certs'].replace("~/", ''))
+    token = _config['vault']['token']
+
+    headers = {"X-Vault-Token": token}
+    uri = f"/v1/{repo}/data/"
+    url = f"{base_url}{uri}{id}"
+    resp = requests.get(url, headers=headers, verify=certs)
+    if resp.status_code == 200:
+        secret = resp.json()["data"]["data"]
+        return secret
+
+    else:
+        print(f"http error {resp.status_code}")
+        logging.error(f"Vault api error {resp}")
+        return {}
+
+
+def get_user_pwd(id: str, repo: str = 'secret') -> tuple:
+    """
+    :param id: The ID of the secret to retrieve
+    :param repo: The name of the secret repository to retrieve the seret from - defaults to 'secret'
+    :return: a tuple username, password values if the secrets has such keys, else None, None
+
+    This method retrieves a secret from a Vault server using the provided ID.
+    If the request is successful (status code 200), the method extracts the  username and password key value
+    if such keys exist.
+    If the request fails, the method prints an HTTP error message and returns (None, None).
+    """
+
+    base_url = _config['vault']['vault_addr']
+    certs = join(_home, _config['vault']['certs'].replace("~/", ''))
+    token = _config['vault']['token']
+
+    headers = {"X-Vault-Token": token}
+    uri = f"/v1/{repo}/data/"
+    url = f"{base_url}{uri}{id}"
+    resp = requests.get(url, headers=headers, verify=certs)
+    if resp.status_code == 200:
+        secret = resp.json()["data"]["data"]
+        if 'username' in secret and 'password' in secret:
+            return secret['username'], secret['password']
+        else:
+            return None, None
+
+    else:
+        print(f"http error {resp.status_code}")
+        logging.error(f"Vault api error {resp}")
+        return None, None
+
+
+def list_secret(repo: str = 'secret'):
+    """
+    :param repo: The name of a secret repository to retrieve the secret from - defaults to 'secret'
+    :return: A list containing all items keys from the repository
+
+    """
+
+    base_url = _config['vault']['vault_addr']
+    certs = join(_home, _config['vault']['certs'].replace("~/", ''))
+    token = _config['vault']['token']
+
+    headers = {"X-Vault-Token": token}
+    uri = f"/v1/{repo}/metadata"
+    url = f"{base_url}{uri}"
+    resp = requests.request('LIST', url, headers=headers, verify=certs)
+    if resp.status_code == 200:
+        return resp.json()["data"]["keys"]
+
+    else:
+        print(f"http error {resp.status_code}")
+        logging.error(f"Vault api error {resp}")
+        return None, None
+
+
+def upd_secret(id: str, data, repo: str = 'secret'):
+    """
+    :param id: The ID of the secret to retrieve
+    :param data: The data to be uploaded in place of the exitisting one
+    :param repo: The name of the repository to retrieve the secret from - defaults to 'secret'
+    :return: the response status code from the vault - 200 if successful.
+
+    """
+
+    base_url = _config['vault']['vault_addr']
+    certs = join(_home, _config['vault']['certs'].replace("~/", ''))
+    token = _config['vault']['token']
+
+    headers = {"X-Vault-Token": token}
+    uri = f"/v1/{repo}/data/"
+    url = f"{base_url}{uri}{id}"
+    resp = requests.request('GET', url, headers=headers, verify=certs)
+    if resp.status_code == 200:
+        version = resp.json()["data"]['metadata']['version']
+        obj = {
+            "options": {
+                "cas": version
+            },
+            "data": data
+        }
+
+        resp2 = requests.request('POST', url, headers=headers, json=obj, verify=certs)
+        if resp2.status_code != 200:
+            logging.warning(f"Vault update error for {id} with new {data}")
+        return resp2.status_code
+
+    else:
+        print(f"http error {resp.status_code}")
+        logging.error(f"Vault api error {resp}")
+        return None, None

{get_hc_secrets-1.5.3 → get_hc_secrets-1.5.5/src}/get_hc_secrets.egg-info/PKG-INFO

@@ -1,9 +1,7 @@
 Metadata-Version: 2.1
 Name: get_hc_secrets
-Version: 1.5.3
+Version: 1.5.5
 Summary: A package to read secrets from Hashicorp vault
-Home-page: https://github.com/xmayeur/getSecrets
-Author: Xavier Mayeur
 Author-email: Xavier Mayeur <xavier@mayeur.be>
 Project-URL: Homepage, https://github.com/xmayeur/getSecrets
 Project-URL: Bug Tracker, https://github.com/xmayeur/getSecrets/issues

get_hc_secrets-1.5.5/src/get_hc_secrets.egg-info/SOURCES.txt

@@ -0,0 +1,11 @@
+LICENSE
+README.md
+pyproject.toml
+src/__init__.py
+src/get_hc_secrets/__init__.py
+src/get_hc_secrets/get_secrets.py
+src/get_hc_secrets.egg-info/PKG-INFO
+src/get_hc_secrets.egg-info/SOURCES.txt
+src/get_hc_secrets.egg-info/dependency_links.txt
+src/get_hc_secrets.egg-info/requires.txt
+src/get_hc_secrets.egg-info/top_level.txt

get_hc_secrets-1.5.5/src/get_hc_secrets.egg-info/top_level.txt

@@ -0,0 +1,2 @@
+__init__
+get_hc_secrets

get_hc_secrets-1.5.3/get_hc_secrets.egg-info/SOURCES.txt

@@ -1,9 +0,0 @@
-LICENSE
-README.md
-pyproject.toml
-setup.py
-get_hc_secrets.egg-info/PKG-INFO
-get_hc_secrets.egg-info/SOURCES.txt
-get_hc_secrets.egg-info/dependency_links.txt
-get_hc_secrets.egg-info/requires.txt
-get_hc_secrets.egg-info/top_level.txt

get_hc_secrets-1.5.3/get_hc_secrets.egg-info/top_level.txt

@@ -1 +0,0 @@
-

get_hc_secrets-1.5.3/setup.py

@@ -1,12 +0,0 @@
-from setuptools import setup
-
-setup(
-    name='get_hc_secrets',
-    version='1.5.3',
-    packages=[],
-    url='https://github.com/xmayeur/getSecrets',
-    license='',
-    author='Xavier Mayeur',
-    author_email='xavier@mayeur.be',
-    description='A package to read secrets from Hashicorp vault'
-)