Wip - Add secret support

7 years ago · 84113adef3
parent b3bb8c270f
commit 84113adef3
12 changed files with 148 additions and 21 deletions
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -1,19 +1,19 @@
- repo: git://github.com/pre-commit/pre-commit-hooks
-  sha: 'v0.6.0'
-  hooks:
-    - id: check-added-large-files
-    - id: check-docstring-first
-    - id: check-merge-conflict
-    - id: check-yaml
-    - id: end-of-file-fixer
-    - id: flake8
-      args:
-          - --exclude=__init__.py,docs/conf.py
-    - id: autopep8-wrapper
-    - id: requirements-txt-fixer
-    - id: trailing-whitespace
- repo: git://github.com/asottile/reorder_python_imports
-  sha: 3d86483455ab5bd06cc1069fdd5ac57be5463f10
-  hooks:
-    - id: reorder-python-imports
-      language_version: 'python2.7'
+-   repo: git://github.com/pre-commit/pre-commit-hooks
+    sha: 78818b90cd694c29333ba54d38f9e60b6359ccfc
+    hooks:
+    -   id: check-added-large-files
+    -   id: check-docstring-first
+    -   id: check-merge-conflict
+    -   id: check-yaml
+    -   id: end-of-file-fixer
+    -   id: flake8
+        args:
+        - --exclude=__init__.py,docs/conf.py
+    -   id: autopep8-wrapper
+    -   id: requirements-txt-fixer
+    -   id: trailing-whitespace
+-   repo: git://github.com/asottile/reorder_python_imports
+    sha: 2bff31275b3a2fef7d75989ae60e57f1a8616ed6
+    hooks:
+    -   id: reorder-python-imports
+        language_version: python2.7
--- a/5
+++ b/5
@ -2,21 +2,26 @@

 build:
 	@docker-compose build
+	@docker-compose -f docker-compose.v3.yml build

 clean:
 	docker-compose down --remove-orphans
+	@docker-compose -f docker-compose.v3.yml down --remove-orphans

 test: build test-python2 test-python3 clean

 test-python2:
 	@docker-compose run --rm testpython2
+	@docker-compose -f docker-compose.v3.yml run --rm testpython2

 test-python3:
 	@docker-compose run --rm testpython3
+	@docker-compose -f docker-compose.v3.yml run --rm testpython3


 test_debug: build
 	@docker-compose up --force-recreate testpython2_debug testpython3_debug
+	@docker-compose -f docker-compose.v3.yml up --force-recreate testpython2_debug testpython3_debug

 publish:
 	@python setup.py register && python setup.py sdist upload
--- a/docker-compose.v3.yml
+++ b/docker-compose.v3.yml
@ -0,0 +1,32 @@
+version: '3.1'
+
+services:
+    testpython3:
+        build:
+            context: .
+            dockerfile: Dockerfile-test.py3
+        command: ["py.test", "--verbose", "-rw", "-m", "v3", "."]
+
+    testpython2:
+        build:
+            context: .
+            dockerfile: Dockerfile-test.py2
+        command: ["py.test", "--verbose", "-rw", "-m", "v3", "."]
+
+    testpython3_debug:
+        build:
+            context: .
+            dockerfile: Dockerfile-test.py3
+        command: ["py.test", "--verbose", "-s", "-rw", "-m", "v3", "."]
+
+    testpython2_debug:
+        build:
+            context: .
+            dockerfile: Dockerfile-test.py2
+        command: ["py.test", "--verbose", "-s", "-rw", "-m", "v3", "."]
+
+secrets:
+    secret1:
+        file: ./secret1_file
+    secret2:
+        file: ./secret2_file
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -9,6 +9,7 @@ testpython3:
        - test2
        - test3
        - test4
+    command: ["py.test", "--verbose", "-rw", "-m", "not v3", "."]
    extends:
        file: common.yml
        service: environ
@ -24,6 +25,7 @@ testpython2:
        - test2
        - test3
        - test4
+    command: ["py.test", "--verbose", "-rw", "-m", "not v3", "."]
    extends:
        file: common.yml
        service: environ
@ -39,7 +41,7 @@ testpython3_debug:
        - test2
        - test3
        - test4
-    command: ["py.test", "--verbose", "-s", "-rw", "."]
+    command: ["py.test", "--verbose", "-s", "-rw", "-m", "not v3", "."]
    extends:
        file: common.yml
        service: environ
@ -55,7 +57,7 @@ testpython2_debug:
        - test2
        - test3
        - test4
-    command: ["py.test", "--verbose", "-s", "-rw", "."]
+    command: ["py.test", "--verbose", "-s", "-rw", "-m", "not v3", "."]
    extends:
        file: common.yml
        service: environ
--- a/docs/templates.rst
+++ b/docs/templates.rst
@ -53,6 +53,8 @@ You have 4 available objects in your templates.
 -  ``containers``
 -  ``environ``

+``links`` and ``containers`` are not supported by docker network or docker-compose v2.
+
 config
 ^^^^^^

--- a/pyentrypoint/entrypoint.py
+++ b/pyentrypoint/entrypoint.py
@ -20,6 +20,7 @@ from .constants import ENTRYPOINT_FILE
 from .docker_links import DockerLinks
 from .logs import Logs
 from .runner import Runner
+from .secrets import Secrets

 __all__ = ['Entrypoint', 'main']

@ -91,6 +92,7 @@ class Entrypoint(object):
                                    environ=os.environ,
                                    json=json,
                                    yaml=yaml,
+                                    secrets=Secrets(),
                                    containers=DockerLinks().to_containers()))

    def run_pre_conf_cmds(self):
--- a/pyentrypoint/secrets.py
+++ b/pyentrypoint/secrets.py
@ -0,0 +1,44 @@
+"""
+    Get secrets in containers
+"""
+from __future__ import absolute_import
+from __future__ import print_function
+from __future__ import unicode_literals
+
+import os
+
+
+class Secrets(object):
+    "Secret loader"
+
+    secret_dir = '/run/secrets'
+    secret_files = ()
+
+    def __init__(self):
+        self._idx = 0
+        if os.path.exists(self.secret_dir):
+            self.secret_files = os.listdir(self.secret_dir)
+
+    def __len__(self):
+        return len(self.secret_files)
+
+    def __getitem__(self, key):
+        if key not in self.secret_files:
+            raise KeyError
+        return self._read_file(key)
+
+    def __iter__(self):
+        return self
+
+    def __next__(self):
+        idx = self._idx
+        self._idx += 1
+        try:
+            self.secret_files[idx]
+        except IndexError:
+            raise StopIteration
+        return self._read_file(file=self.secret_files[idx])
+
+    def _read_file(self, file):
+        with open(os.path.join(self.secret_dir, file), 'r') as s:
+            return s.read()
--- a/1
+++ b/1
@ -0,0 +1 @@
+SECRET1
--- a/1
+++ b/1
@ -0,0 +1 @@
+SECRET2
--- a/tests/configs/secret.yml
+++ b/tests/configs/secret.yml
@ -0,0 +1,6 @@
+config_files:
+    - /tmp/test_template.yml
+    - /tmp/test_template2.yml.tpl
+    - /tmp/test_template2.yml.tpl: /tmp/test_template3.yml
+
+debug: true
--- a/tests/secret_test.py
+++ b/tests/secret_test.py
@ -0,0 +1,28 @@
+# Tests using pytest
+from __future__ import absolute_import
+from __future__ import unicode_literals
+
+import pytest
+from yaml import load
+from yaml import Loader
+
+from pyentrypoint import Entrypoint
+
+
+@pytest.mark.v3
+def test_secret_templates():
+    test_confs = ['configs/secret.yml']
+    for test_conf in test_confs:
+        entry = Entrypoint(conf='configs/secret.yml')
+
+        conf = entry.config
+
+        entry.apply_conf()
+
+        for _, config_file in conf.get_templates():
+            with open(config_file, mode='r') as r:
+                test = load(stream=r, Loader=Loader)
+
+            # test secrets
+            assert test['SECRET']['secret1'] == 'SECRET1'
+            assert test['SECRET']['secret2'] == 'SECRET2'
--- a/tests/test_template_secret.yml.tpl
+++ b/tests/test_template_secret.yml.tpl
@ -0,0 +1,4 @@
+SECRET:
+{% for key, secret in secrets,items() %}
+    '{{key}}': '{{secret}}'
+{% endfor %}