2
0
mirror of https://github.com/cmehay/pyentrypoint synced 2024-10-30 15:21:11 +00:00

Wip - Add secret support

This commit is contained in:
Christophe Mehay 2017-06-12 20:58:31 +02:00
parent b3bb8c270f
commit 84113adef3
12 changed files with 148 additions and 21 deletions

View File

@ -1,19 +1,19 @@
- repo: git://github.com/pre-commit/pre-commit-hooks - repo: git://github.com/pre-commit/pre-commit-hooks
sha: 'v0.6.0' sha: 78818b90cd694c29333ba54d38f9e60b6359ccfc
hooks: hooks:
- id: check-added-large-files - id: check-added-large-files
- id: check-docstring-first - id: check-docstring-first
- id: check-merge-conflict - id: check-merge-conflict
- id: check-yaml - id: check-yaml
- id: end-of-file-fixer - id: end-of-file-fixer
- id: flake8 - id: flake8
args: args:
- --exclude=__init__.py,docs/conf.py - --exclude=__init__.py,docs/conf.py
- id: autopep8-wrapper - id: autopep8-wrapper
- id: requirements-txt-fixer - id: requirements-txt-fixer
- id: trailing-whitespace - id: trailing-whitespace
- repo: git://github.com/asottile/reorder_python_imports - repo: git://github.com/asottile/reorder_python_imports
sha: 3d86483455ab5bd06cc1069fdd5ac57be5463f10 sha: 2bff31275b3a2fef7d75989ae60e57f1a8616ed6
hooks: hooks:
- id: reorder-python-imports - id: reorder-python-imports
language_version: 'python2.7' language_version: python2.7

View File

@ -2,21 +2,26 @@
build: build:
@docker-compose build @docker-compose build
@docker-compose -f docker-compose.v3.yml build
clean: clean:
docker-compose down --remove-orphans docker-compose down --remove-orphans
@docker-compose -f docker-compose.v3.yml down --remove-orphans
test: build test-python2 test-python3 clean test: build test-python2 test-python3 clean
test-python2: test-python2:
@docker-compose run --rm testpython2 @docker-compose run --rm testpython2
@docker-compose -f docker-compose.v3.yml run --rm testpython2
test-python3: test-python3:
@docker-compose run --rm testpython3 @docker-compose run --rm testpython3
@docker-compose -f docker-compose.v3.yml run --rm testpython3
test_debug: build test_debug: build
@docker-compose up --force-recreate testpython2_debug testpython3_debug @docker-compose up --force-recreate testpython2_debug testpython3_debug
@docker-compose -f docker-compose.v3.yml up --force-recreate testpython2_debug testpython3_debug
publish: publish:
@python setup.py register && python setup.py sdist upload @python setup.py register && python setup.py sdist upload

32
docker-compose.v3.yml Normal file
View File

@ -0,0 +1,32 @@
version: '3.1'
services:
testpython3:
build:
context: .
dockerfile: Dockerfile-test.py3
command: ["py.test", "--verbose", "-rw", "-m", "v3", "."]
testpython2:
build:
context: .
dockerfile: Dockerfile-test.py2
command: ["py.test", "--verbose", "-rw", "-m", "v3", "."]
testpython3_debug:
build:
context: .
dockerfile: Dockerfile-test.py3
command: ["py.test", "--verbose", "-s", "-rw", "-m", "v3", "."]
testpython2_debug:
build:
context: .
dockerfile: Dockerfile-test.py2
command: ["py.test", "--verbose", "-s", "-rw", "-m", "v3", "."]
secrets:
secret1:
file: ./secret1_file
secret2:
file: ./secret2_file

View File

@ -9,6 +9,7 @@ testpython3:
- test2 - test2
- test3 - test3
- test4 - test4
command: ["py.test", "--verbose", "-rw", "-m", "not v3", "."]
extends: extends:
file: common.yml file: common.yml
service: environ service: environ
@ -24,6 +25,7 @@ testpython2:
- test2 - test2
- test3 - test3
- test4 - test4
command: ["py.test", "--verbose", "-rw", "-m", "not v3", "."]
extends: extends:
file: common.yml file: common.yml
service: environ service: environ
@ -39,7 +41,7 @@ testpython3_debug:
- test2 - test2
- test3 - test3
- test4 - test4
command: ["py.test", "--verbose", "-s", "-rw", "."] command: ["py.test", "--verbose", "-s", "-rw", "-m", "not v3", "."]
extends: extends:
file: common.yml file: common.yml
service: environ service: environ
@ -55,7 +57,7 @@ testpython2_debug:
- test2 - test2
- test3 - test3
- test4 - test4
command: ["py.test", "--verbose", "-s", "-rw", "."] command: ["py.test", "--verbose", "-s", "-rw", "-m", "not v3", "."]
extends: extends:
file: common.yml file: common.yml
service: environ service: environ

View File

@ -53,6 +53,8 @@ You have 4 available objects in your templates.
- ``containers`` - ``containers``
- ``environ`` - ``environ``
``links`` and ``containers`` are not supported by docker network or docker-compose v2.
config config
^^^^^^ ^^^^^^

View File

@ -20,6 +20,7 @@ from .constants import ENTRYPOINT_FILE
from .docker_links import DockerLinks from .docker_links import DockerLinks
from .logs import Logs from .logs import Logs
from .runner import Runner from .runner import Runner
from .secrets import Secrets
__all__ = ['Entrypoint', 'main'] __all__ = ['Entrypoint', 'main']
@ -91,6 +92,7 @@ class Entrypoint(object):
environ=os.environ, environ=os.environ,
json=json, json=json,
yaml=yaml, yaml=yaml,
secrets=Secrets(),
containers=DockerLinks().to_containers())) containers=DockerLinks().to_containers()))
def run_pre_conf_cmds(self): def run_pre_conf_cmds(self):

44
pyentrypoint/secrets.py Normal file
View File

@ -0,0 +1,44 @@
"""
Get secrets in containers
"""
from __future__ import absolute_import
from __future__ import print_function
from __future__ import unicode_literals
import os
class Secrets(object):
"Secret loader"
secret_dir = '/run/secrets'
secret_files = ()
def __init__(self):
self._idx = 0
if os.path.exists(self.secret_dir):
self.secret_files = os.listdir(self.secret_dir)
def __len__(self):
return len(self.secret_files)
def __getitem__(self, key):
if key not in self.secret_files:
raise KeyError
return self._read_file(key)
def __iter__(self):
return self
def __next__(self):
idx = self._idx
self._idx += 1
try:
self.secret_files[idx]
except IndexError:
raise StopIteration
return self._read_file(file=self.secret_files[idx])
def _read_file(self, file):
with open(os.path.join(self.secret_dir, file), 'r') as s:
return s.read()

1
secret1_file Normal file
View File

@ -0,0 +1 @@
SECRET1

1
secret2_file Normal file
View File

@ -0,0 +1 @@
SECRET2

6
tests/configs/secret.yml Normal file
View File

@ -0,0 +1,6 @@
config_files:
- /tmp/test_template.yml
- /tmp/test_template2.yml.tpl
- /tmp/test_template2.yml.tpl: /tmp/test_template3.yml
debug: true

28
tests/secret_test.py Normal file
View File

@ -0,0 +1,28 @@
# Tests using pytest
from __future__ import absolute_import
from __future__ import unicode_literals
import pytest
from yaml import load
from yaml import Loader
from pyentrypoint import Entrypoint
@pytest.mark.v3
def test_secret_templates():
test_confs = ['configs/secret.yml']
for test_conf in test_confs:
entry = Entrypoint(conf='configs/secret.yml')
conf = entry.config
entry.apply_conf()
for _, config_file in conf.get_templates():
with open(config_file, mode='r') as r:
test = load(stream=r, Loader=Loader)
# test secrets
assert test['SECRET']['secret1'] == 'SECRET1'
assert test['SECRET']['secret2'] == 'SECRET2'

View File

@ -0,0 +1,4 @@
SECRET:
{% for key, secret in secrets,items() %}
'{{key}}': '{{secret}}'
{% endfor %}