mirror of
https://github.com/cmehay/pyentrypoint
synced 2024-10-30 15:21:11 +00:00
Wip - Add secret support
This commit is contained in:
parent
b3bb8c270f
commit
84113adef3
@ -1,19 +1,19 @@
|
|||||||
- repo: git://github.com/pre-commit/pre-commit-hooks
|
- repo: git://github.com/pre-commit/pre-commit-hooks
|
||||||
sha: 'v0.6.0'
|
sha: 78818b90cd694c29333ba54d38f9e60b6359ccfc
|
||||||
hooks:
|
hooks:
|
||||||
- id: check-added-large-files
|
- id: check-added-large-files
|
||||||
- id: check-docstring-first
|
- id: check-docstring-first
|
||||||
- id: check-merge-conflict
|
- id: check-merge-conflict
|
||||||
- id: check-yaml
|
- id: check-yaml
|
||||||
- id: end-of-file-fixer
|
- id: end-of-file-fixer
|
||||||
- id: flake8
|
- id: flake8
|
||||||
args:
|
args:
|
||||||
- --exclude=__init__.py,docs/conf.py
|
- --exclude=__init__.py,docs/conf.py
|
||||||
- id: autopep8-wrapper
|
- id: autopep8-wrapper
|
||||||
- id: requirements-txt-fixer
|
- id: requirements-txt-fixer
|
||||||
- id: trailing-whitespace
|
- id: trailing-whitespace
|
||||||
- repo: git://github.com/asottile/reorder_python_imports
|
- repo: git://github.com/asottile/reorder_python_imports
|
||||||
sha: 3d86483455ab5bd06cc1069fdd5ac57be5463f10
|
sha: 2bff31275b3a2fef7d75989ae60e57f1a8616ed6
|
||||||
hooks:
|
hooks:
|
||||||
- id: reorder-python-imports
|
- id: reorder-python-imports
|
||||||
language_version: 'python2.7'
|
language_version: python2.7
|
||||||
|
5
Makefile
5
Makefile
@ -2,21 +2,26 @@
|
|||||||
|
|
||||||
build:
|
build:
|
||||||
@docker-compose build
|
@docker-compose build
|
||||||
|
@docker-compose -f docker-compose.v3.yml build
|
||||||
|
|
||||||
clean:
|
clean:
|
||||||
docker-compose down --remove-orphans
|
docker-compose down --remove-orphans
|
||||||
|
@docker-compose -f docker-compose.v3.yml down --remove-orphans
|
||||||
|
|
||||||
test: build test-python2 test-python3 clean
|
test: build test-python2 test-python3 clean
|
||||||
|
|
||||||
test-python2:
|
test-python2:
|
||||||
@docker-compose run --rm testpython2
|
@docker-compose run --rm testpython2
|
||||||
|
@docker-compose -f docker-compose.v3.yml run --rm testpython2
|
||||||
|
|
||||||
test-python3:
|
test-python3:
|
||||||
@docker-compose run --rm testpython3
|
@docker-compose run --rm testpython3
|
||||||
|
@docker-compose -f docker-compose.v3.yml run --rm testpython3
|
||||||
|
|
||||||
|
|
||||||
test_debug: build
|
test_debug: build
|
||||||
@docker-compose up --force-recreate testpython2_debug testpython3_debug
|
@docker-compose up --force-recreate testpython2_debug testpython3_debug
|
||||||
|
@docker-compose -f docker-compose.v3.yml up --force-recreate testpython2_debug testpython3_debug
|
||||||
|
|
||||||
publish:
|
publish:
|
||||||
@python setup.py register && python setup.py sdist upload
|
@python setup.py register && python setup.py sdist upload
|
||||||
|
32
docker-compose.v3.yml
Normal file
32
docker-compose.v3.yml
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
version: '3.1'
|
||||||
|
|
||||||
|
services:
|
||||||
|
testpython3:
|
||||||
|
build:
|
||||||
|
context: .
|
||||||
|
dockerfile: Dockerfile-test.py3
|
||||||
|
command: ["py.test", "--verbose", "-rw", "-m", "v3", "."]
|
||||||
|
|
||||||
|
testpython2:
|
||||||
|
build:
|
||||||
|
context: .
|
||||||
|
dockerfile: Dockerfile-test.py2
|
||||||
|
command: ["py.test", "--verbose", "-rw", "-m", "v3", "."]
|
||||||
|
|
||||||
|
testpython3_debug:
|
||||||
|
build:
|
||||||
|
context: .
|
||||||
|
dockerfile: Dockerfile-test.py3
|
||||||
|
command: ["py.test", "--verbose", "-s", "-rw", "-m", "v3", "."]
|
||||||
|
|
||||||
|
testpython2_debug:
|
||||||
|
build:
|
||||||
|
context: .
|
||||||
|
dockerfile: Dockerfile-test.py2
|
||||||
|
command: ["py.test", "--verbose", "-s", "-rw", "-m", "v3", "."]
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
secret1:
|
||||||
|
file: ./secret1_file
|
||||||
|
secret2:
|
||||||
|
file: ./secret2_file
|
@ -9,6 +9,7 @@ testpython3:
|
|||||||
- test2
|
- test2
|
||||||
- test3
|
- test3
|
||||||
- test4
|
- test4
|
||||||
|
command: ["py.test", "--verbose", "-rw", "-m", "not v3", "."]
|
||||||
extends:
|
extends:
|
||||||
file: common.yml
|
file: common.yml
|
||||||
service: environ
|
service: environ
|
||||||
@ -24,6 +25,7 @@ testpython2:
|
|||||||
- test2
|
- test2
|
||||||
- test3
|
- test3
|
||||||
- test4
|
- test4
|
||||||
|
command: ["py.test", "--verbose", "-rw", "-m", "not v3", "."]
|
||||||
extends:
|
extends:
|
||||||
file: common.yml
|
file: common.yml
|
||||||
service: environ
|
service: environ
|
||||||
@ -39,7 +41,7 @@ testpython3_debug:
|
|||||||
- test2
|
- test2
|
||||||
- test3
|
- test3
|
||||||
- test4
|
- test4
|
||||||
command: ["py.test", "--verbose", "-s", "-rw", "."]
|
command: ["py.test", "--verbose", "-s", "-rw", "-m", "not v3", "."]
|
||||||
extends:
|
extends:
|
||||||
file: common.yml
|
file: common.yml
|
||||||
service: environ
|
service: environ
|
||||||
@ -55,7 +57,7 @@ testpython2_debug:
|
|||||||
- test2
|
- test2
|
||||||
- test3
|
- test3
|
||||||
- test4
|
- test4
|
||||||
command: ["py.test", "--verbose", "-s", "-rw", "."]
|
command: ["py.test", "--verbose", "-s", "-rw", "-m", "not v3", "."]
|
||||||
extends:
|
extends:
|
||||||
file: common.yml
|
file: common.yml
|
||||||
service: environ
|
service: environ
|
||||||
|
@ -53,6 +53,8 @@ You have 4 available objects in your templates.
|
|||||||
- ``containers``
|
- ``containers``
|
||||||
- ``environ``
|
- ``environ``
|
||||||
|
|
||||||
|
``links`` and ``containers`` are not supported by docker network or docker-compose v2.
|
||||||
|
|
||||||
config
|
config
|
||||||
^^^^^^
|
^^^^^^
|
||||||
|
|
||||||
|
@ -20,6 +20,7 @@ from .constants import ENTRYPOINT_FILE
|
|||||||
from .docker_links import DockerLinks
|
from .docker_links import DockerLinks
|
||||||
from .logs import Logs
|
from .logs import Logs
|
||||||
from .runner import Runner
|
from .runner import Runner
|
||||||
|
from .secrets import Secrets
|
||||||
|
|
||||||
__all__ = ['Entrypoint', 'main']
|
__all__ = ['Entrypoint', 'main']
|
||||||
|
|
||||||
@ -91,6 +92,7 @@ class Entrypoint(object):
|
|||||||
environ=os.environ,
|
environ=os.environ,
|
||||||
json=json,
|
json=json,
|
||||||
yaml=yaml,
|
yaml=yaml,
|
||||||
|
secrets=Secrets(),
|
||||||
containers=DockerLinks().to_containers()))
|
containers=DockerLinks().to_containers()))
|
||||||
|
|
||||||
def run_pre_conf_cmds(self):
|
def run_pre_conf_cmds(self):
|
||||||
|
44
pyentrypoint/secrets.py
Normal file
44
pyentrypoint/secrets.py
Normal file
@ -0,0 +1,44 @@
|
|||||||
|
"""
|
||||||
|
Get secrets in containers
|
||||||
|
"""
|
||||||
|
from __future__ import absolute_import
|
||||||
|
from __future__ import print_function
|
||||||
|
from __future__ import unicode_literals
|
||||||
|
|
||||||
|
import os
|
||||||
|
|
||||||
|
|
||||||
|
class Secrets(object):
|
||||||
|
"Secret loader"
|
||||||
|
|
||||||
|
secret_dir = '/run/secrets'
|
||||||
|
secret_files = ()
|
||||||
|
|
||||||
|
def __init__(self):
|
||||||
|
self._idx = 0
|
||||||
|
if os.path.exists(self.secret_dir):
|
||||||
|
self.secret_files = os.listdir(self.secret_dir)
|
||||||
|
|
||||||
|
def __len__(self):
|
||||||
|
return len(self.secret_files)
|
||||||
|
|
||||||
|
def __getitem__(self, key):
|
||||||
|
if key not in self.secret_files:
|
||||||
|
raise KeyError
|
||||||
|
return self._read_file(key)
|
||||||
|
|
||||||
|
def __iter__(self):
|
||||||
|
return self
|
||||||
|
|
||||||
|
def __next__(self):
|
||||||
|
idx = self._idx
|
||||||
|
self._idx += 1
|
||||||
|
try:
|
||||||
|
self.secret_files[idx]
|
||||||
|
except IndexError:
|
||||||
|
raise StopIteration
|
||||||
|
return self._read_file(file=self.secret_files[idx])
|
||||||
|
|
||||||
|
def _read_file(self, file):
|
||||||
|
with open(os.path.join(self.secret_dir, file), 'r') as s:
|
||||||
|
return s.read()
|
1
secret1_file
Normal file
1
secret1_file
Normal file
@ -0,0 +1 @@
|
|||||||
|
SECRET1
|
1
secret2_file
Normal file
1
secret2_file
Normal file
@ -0,0 +1 @@
|
|||||||
|
SECRET2
|
6
tests/configs/secret.yml
Normal file
6
tests/configs/secret.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
config_files:
|
||||||
|
- /tmp/test_template.yml
|
||||||
|
- /tmp/test_template2.yml.tpl
|
||||||
|
- /tmp/test_template2.yml.tpl: /tmp/test_template3.yml
|
||||||
|
|
||||||
|
debug: true
|
28
tests/secret_test.py
Normal file
28
tests/secret_test.py
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
# Tests using pytest
|
||||||
|
from __future__ import absolute_import
|
||||||
|
from __future__ import unicode_literals
|
||||||
|
|
||||||
|
import pytest
|
||||||
|
from yaml import load
|
||||||
|
from yaml import Loader
|
||||||
|
|
||||||
|
from pyentrypoint import Entrypoint
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.v3
|
||||||
|
def test_secret_templates():
|
||||||
|
test_confs = ['configs/secret.yml']
|
||||||
|
for test_conf in test_confs:
|
||||||
|
entry = Entrypoint(conf='configs/secret.yml')
|
||||||
|
|
||||||
|
conf = entry.config
|
||||||
|
|
||||||
|
entry.apply_conf()
|
||||||
|
|
||||||
|
for _, config_file in conf.get_templates():
|
||||||
|
with open(config_file, mode='r') as r:
|
||||||
|
test = load(stream=r, Loader=Loader)
|
||||||
|
|
||||||
|
# test secrets
|
||||||
|
assert test['SECRET']['secret1'] == 'SECRET1'
|
||||||
|
assert test['SECRET']['secret2'] == 'SECRET2'
|
4
tests/test_template_secret.yml.tpl
Normal file
4
tests/test_template_secret.yml.tpl
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
SECRET:
|
||||||
|
{% for key, secret in secrets,items() %}
|
||||||
|
'{{key}}': '{{secret}}'
|
||||||
|
{% endfor %}
|
Loading…
Reference in New Issue
Block a user