Beispiel #1
0
def GetCredentials():
    VAULT_SERVER = getenv('VAULT_SERVER')
    VAULT_TOKEN = getenv('VAULT_TOKEN')
    CONSUL_SERVER = getenv('CONSUL_SERVER')
    client = Client(url="http://{}:8200".format(VAULT_SERVER),
                    token=VAULT_TOKEN,
                    verify=False)
    MONGODB_USER = client.read(
        "secret/devops-lab/app-devops")['data']['mongodb_user']
    MONGODB_PASS = client.read(
        "secret/devops-lab/app-devops")['data']['mongodb_pass']
    RABBIT_USER = client.read(
        "secret/devops-lab/app-devops")['data']['rabbitmq_user']
    RABBIT_PASS = client.read(
        "secret/devops-lab/app-devops")['data']['rabbitmq_pass']
    client = Consul(host=CONSUL_SERVER)
    index, data = client.kv.get('devops-lab',
                                index=None,
                                recurse=True,
                                separator='lab')
    CONFIG = [{
        "mongo": {
            "user": MONGODB_USER,
            "pass": MONGODB_PASS,
            "host": data[0]['Value'].decode("utf-8")
        }
    }, {
        "rabbit": {
            "user": RABBIT_USER,
            "pass": RABBIT_PASS,
            "host": data[1]['Value'].decode("utf-8")
        }
    }]
    return CONFIG
Beispiel #2
0
 def run(self, terms, variables, **kwargs):
     key, field, path = terms
     vault = LookupModule.get_vault_from_path('../{}'.format(path))
     client = Client(**vault)
     if client.is_authenticated() and not client.is_sealed():
         result = [client.read(key)['data'][field]]
         return result
     else:
         raise AnsibleError('Unable to authenticate with Vault!')
Beispiel #3
0
def login_vault():
    if 'VAULT_TOKEN' in os.environ:
        vault_token = os.environ['VAULT_TOKEN']
    else:
        raise Exception('Vault token not defined')
    vc = VaultClient(url='https://vault.pentair.io', token=vault_token)
    vc.renew_token()
    secret = vc.read('secret/data/lambdas/ami')
    username = secret['data']['data']['username']
    password = secret['data']['data']['password']
    resp = requests.post(AMI_URL + '/Login', json={'username': username, 'password': password})
    if resp.status_code == 200:
        return resp.json()['token']
    else:
        raise Exception(resp)
Beispiel #4
0
from hvac import Client
from os import getenv

client = Client(url='http://localhost:8200',
                token='s.x3cBNKobC84wB82nvu09dIMI',
                verify=False)
MONGODB_USER = client.read(
    "secret/devops-lab/app-devops")['data']['mongodb_user']
MONGODB_PASS = client.read(
    "secret/devops-lab/app-devops")['data']['mongodb_pass']
REDIS_PASS = client.read("secret/devops-lab/app-devops")['data']['redis_pass']

print("UserMongo: {} \nPassMongo: {}".format(MONGODB_USER, MONGODB_PASS))
print("PassRedis:", REDIS_PASS)