kubernetes-watch 0.1.4__py3-none-any.whl → 0.1.5__py3-none-any.whl

kube_watch/modules/logic/load.py

@@ -4,5 +4,20 @@ logger = get_run_logger()
 
 def load_secrets_to_env(data):
     for key, value in data.items():
+        if key in os.environ:
+            del os.environ[key]
         os.environ[key] = value
         # logger.info(f"ENV VAR: {key} loaded")
+
+def load_env_from_file(filepath):
+    with open(filepath, "r") as f:
+        for line in f:
+            # Remove whitespace and ignore comments
+            line = line.strip()
+            if line and not line.startswith('#'):
+                key, value = line.split('=', 1)
+                # Remove the environment variable if it already exists
+                if key in os.environ:
+                    del os.environ[key]
+                # Set the new value
+                os.environ[key] = value

kube_watch/modules/providers/vault.py

@@ -108,12 +108,33 @@ def generate_new_secret_id(vault_client, role_name, vault_path, env_var_name):
     """
     Generates new secret_id. Note an admin role is required for this.
     """
-    new_secret_response = vault_client.auth.approle.generate_secret_id(
-        role_name=role_name,
-        mount_point=f'approle/{vault_path}'
-    )
+    try:
+        # Write directly to the Vault endpoint to create the secret ID with num_uses
+        # response = vault_client.write(
+        #     f"auth/approle/{vault_path}/role/{role_name}/secret-id",
+        # )
+        response = vault_client.auth.approle.generate_secret_id(
+            role_name=role_name,
+            mount_point=f'approle/{vault_path}'
+        )
+        # Check if the response contains the secret ID
+        if response and 'data' in response:
+            secret_id = response['data']['secret_id']
+            secret_id_accessor = response['data']['secret_id_accessor']
+            logger.info("Generated a new secret ID with usage buffer.")
+            return {env_var_name: secret_id, f"{env_var_name}_ACCESSOR": secret_id_accessor}
+        else:
+            logger.error("No secret ID returned in the response.")
+            raise RuntimeError("Failed to generate new secret ID: No content returned.")
+    except hvac.exceptions.InvalidRequest as e:
+        logger.error("Error generating new secret ID: %s", str(e))
+        raise RuntimeError("Failed to generate new secret ID.") from e
+    # new_secret_response = vault_client.auth.approle.generate_secret_id(
+    #     role_name=role_name,
+    #     mount_point=f'approle/{vault_path}'
+    # )
 
-    return { env_var_name : new_secret_response['data']['secret_id'] }
+    # return { env_var_name : new_secret_response['data']['secret_id'] }
 
 
 
@@ -147,7 +168,8 @@ def clean_secret_ids(vault_client, role_name, secret_id_env, vault_path, has_kub
 
     Note: secret_id_env is a dictionary. The key, VAULT_SECRET_ID, has the secret_id value.
     """
-    secret_id = secret_id_env.get("VAULT_SECRET_ID")
+    secret_id = secret_id_env.get("VAULT_SECRET_ID_ACCESSOR")
+    
     if has_kube_secret_updated:
         secret_ids_path = f'auth/approle/{vault_path}/role/{role_name}/secret-id'
         try:

{kubernetes_watch-0.1.4.dist-info → kubernetes_watch-0.1.5.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: kubernetes-watch
-Version: 0.1.4
+Version: 0.1.5
 Summary: 
 Author: bmotevalli
 Author-email: b.motevalli@gmail.com

{kubernetes_watch-0.1.4.dist-info → kubernetes_watch-0.1.5.dist-info}/RECORD

@@ -12,7 +12,7 @@ kube_watch/modules/clusters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMp
 kube_watch/modules/clusters/kube.py,sha256=Fje6-vUA1KQ4x8T6cUYJT_eVwUYw-dR71h95ixSLqLM,7767
 kube_watch/modules/logic/actions.py,sha256=lt7OkSw6m2ZQe2SfENUsjZeD8vdpvfoE4laEkv9veEA,2471
 kube_watch/modules/logic/checks.py,sha256=CFIMVURKJP5Y3mByyJkFCrJBlVUjTG2XixiwoRquXN4,157
-kube_watch/modules/logic/load.py,sha256=5DKi3nAFMcoNQL504JaDc-_REJSc6GyxeXLWQwNl0BM,227
+kube_watch/modules/logic/load.py,sha256=8b5Y_iRTB6c7LY1-9wQjOrl_oW4JyVp5bjwh169frkU,804
 kube_watch/modules/logic/merge.py,sha256=vwc2TwcGU-vH5W0bFXzAzOMHt36ksdS4if1c4IbTeXs,926
 kube_watch/modules/logic/scheduler.py,sha256=-p5qh3FnEQ1jlkaY0Lrj9U-vau1b07NYAXBP6M09yoU,3517
 kube_watch/modules/logic/trasnform.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -22,12 +22,12 @@ kube_watch/modules/providers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NM
 kube_watch/modules/providers/aws.py,sha256=yvxVwL7seuvxpGR2ZCrmWEMKh9hesWdPTC6LvW7Bi9E,8585
 kube_watch/modules/providers/git.py,sha256=h3rcn1FhU82nF52Ol9YHyFk4cvPxxaz_AxHnip8OXPY,1183
 kube_watch/modules/providers/github.py,sha256=WCpZIKHr4U0a4El1leXkaCv1jznf9ob5xHVeTNSpNG0,5338
-kube_watch/modules/providers/vault.py,sha256=kw-S4orCIrVgDKzctzYeICIVD3-A9cT_CyyFAwi4oPM,6215
+kube_watch/modules/providers/vault.py,sha256=mPSjI5p1ycwXl6XFQNLohJ1rK_z_iT3QA9RJB1O3cpI,7381
 kube_watch/standalone/metarecogen/ckan_to_gn.py,sha256=FBiv6McWh4hqV6Bz08zGLzEIe4v1-D3FawjBKYbV7Ms,4767
 kube_watch/watch/__init__.py,sha256=6Ay9P_Ws7rP7ZaIrFRZtp_1uwVK4ZDmkkNhFyqPNQIU,61
 kube_watch/watch/helpers.py,sha256=T0xDSCfrW7NrmQzgIzOiojQzu_HesajMb7S_AX-tt98,6431
 kube_watch/watch/workflow.py,sha256=h0b_P_kfiPxqTFHZ6o2HkDkNaUBOwv1DKJnwEMMVXaI,4203
-kubernetes_watch-0.1.4.dist-info/LICENSE,sha256=StyinJRmy--Pc2vQbRToZSN4sjSVg3zccMFrktVcrEw,1096
-kubernetes_watch-0.1.4.dist-info/METADATA,sha256=n9GU5CEsh33BEGgYDApxctg_Rl0Oav6RfeYwVMM-fzs,4969
-kubernetes_watch-0.1.4.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
-kubernetes_watch-0.1.4.dist-info/RECORD,,
+kubernetes_watch-0.1.5.dist-info/LICENSE,sha256=StyinJRmy--Pc2vQbRToZSN4sjSVg3zccMFrktVcrEw,1096
+kubernetes_watch-0.1.5.dist-info/METADATA,sha256=GiDXVvgzxWV6zfK3VeEgqXTzRKSAKHan0Y4HML37Br0,4969
+kubernetes_watch-0.1.5.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
+kubernetes_watch-0.1.5.dist-info/RECORD,,