Ejemplo n.º 1
0
def main(args):
    project = get_project(args.datafile)

    region = os.getenv("AWS_DEFAULT_REGION", args.region)
    kw = {}
    if not os.getenv("AWS_PROFILE"):
        kw = dict(
            aws_access_key_id=os.getenv('AWS_ACCESS_KEY_ID'),
            aws_secret_access_key=os.getenv('AWS_SECRET_ACCESS_KEY'),
            aws_session_token=os.getenv('AWS_SESSION_TOKEN'),
        )

    if args.debug:
        boto3.set_stream_logger(name='botocore')
        trollius_log(level=logging.DEBUG)

    session = boto3.session.Session(region_name=region, **kw)
    storage = S3(
        session=session,
        vault=args.vault,
        vaultkey=args.vaultkey,
        env=args.env,
        region=args.region,
        prefix=args.project,
        project=project,
    )

    method = getattr(storage, args.action)
    fn = lambda: method(**vars(args))
    result = yield from (fn())
    prettyprint(result, args)
Ejemplo n.º 2
0
def prepare():
    p = argparse.ArgumentParser()
    p.add_argument("action", help="list,get,put,envs,config,setup")
    p.add_argument("key", nargs="?", default=None)
    p.add_argument("value", nargs="?", default=None)
    p.add_argument("--version", default=None)
    p.add_argument("--region", help="AWS region", default="us-east-1")
    p.add_argument("--vaultkey", help="Name of KMS key", default="alias/secret")
    p.add_argument("--vault", help="Name of vault (eg. S3 bucket)", default="secret")
    p.add_argument("--project", help="Name of project (eg. S3 'folder')", default=None)
    p.add_argument("--env", help="Environment namespace for keys", default="default")
    p.add_argument("--datafile", default=DATAFILE)
    p.add_argument("--debug", default=None)
    if len(sys.argv) == 1:
        sys.exit(p.print_help())
    args = p.parse_args()
    args.action = ALIASES.get(args.action, args.action)

    project = get_project(args.datafile)

    if args.action not in ["setup"]:
        args.vault = project.load().get("vault", args.vault)
        args.project = project.load().get("project", args.project)
        args.vaultkey = project.load().get("key", args.vaultkey)
        args.region = project.load().get("region", args.region)
        if not all([args.vault, args.project]):
            sys.exit("Vault and/or Project configuration undefined")

    if args.action == "help":
        print_status(args)
        sys.exit(helpT)

    return args
Ejemplo n.º 3
0
def prepare():
    p = argparse.ArgumentParser()
    p.add_argument("action", help="list,get,put,envs,config,setup")
    p.add_argument("key", nargs="?", default=None)
    p.add_argument("value", nargs="?", default=None)
    p.add_argument("--version", default=None)
    p.add_argument("--region", help="AWS region of KMS and S3", default=None)
    p.add_argument("--vaultkey", help="Name of KMS key", default=None)
    p.add_argument("--vault",
                   help="Name of vault (eg. S3 bucket)",
                   default=None)
    p.add_argument("-P",
                   "--project",
                   help="Name of project (eg. S3 'folder')",
                   default=None)
    p.add_argument("--env",
                   help="Environment namespace for keys",
                   default='default')
    p.add_argument("-F", "--fmt", help="Output format", default='console')
    p.add_argument("-o",
                   "--output",
                   help="Output to console (default) or given filepath",
                   default='')
    p.add_argument("--datafile", default=DATAFILE)
    p.add_argument("--debug", default=None)
    p.add_argument("--skip-files", action='store_true', default=False)
    if len(sys.argv) == 1:
        sys.exit(p.print_help())
    args = p.parse_args()
    args.action = ALIASES.get(args.action, args.action)

    project = get_project(args.datafile)

    # Arguments preference: CLI -> .secret -> globals

    args.project = args.project if (
        args.project is not None) else project.load().get('project', '')
    args.vault = args.vault or project.load().get('vault')
    args.vaultkey = args.vaultkey or project.load().get('key')
    args.region = args.region or project.load().get('region')

    secret_profile = os.getenv("SECRET_PROFILE", "default")
    config = configparser.SafeConfigParser()
    config.read(os.path.expanduser('~/.secret/credentials'))
    if config.has_section(secret_profile):
        if not args.vault:
            args.vault = config.get(secret_profile, 'vault', raw=0)
        if not args.vaultkey:
            args.vaultkey = config.get(secret_profile, 'vaultkey', raw=0)
        if not args.region:
            args.region = config.get(secret_profile, 'region', raw=0)

    if not all([args.vault]):
        sys.exit("Vault configuration undefined: --vault, --vaultkey")

    if args.action == 'help':
        print_status(args)
        sys.exit(helpT)

    return args
Ejemplo n.º 4
0
def prepare():
    p = argparse.ArgumentParser()
    p.add_argument("action", help="list,get,put,envs,config,setup")
    p.add_argument("key", nargs="?", default=None)
    p.add_argument("value", nargs="?", default=None)
    p.add_argument("--version", default=None)
    p.add_argument("--region", help="AWS region of KMS and S3", default=None)
    p.add_argument("--vaultkey", help="Name of KMS key", default=None)
    p.add_argument("--vault", help="Name of vault (eg. S3 bucket)", default=None)
    p.add_argument("-P", "--project", help="Name of project (eg. S3 'folder')", default=None)
    p.add_argument("--env", help="Environment namespace for keys", default='default')
    p.add_argument("-F","--fmt", help="Output format", default='console')
    p.add_argument("-o","--output", help="Output to console (default) or given filepath", default='')
    p.add_argument("--datafile", default=DATAFILE)
    p.add_argument("--debug", default=None)
    p.add_argument("--skip-files", action='store_true', default=False)
    if len(sys.argv) == 1:
        sys.exit(p.print_help())
    args = p.parse_args()
    args.action = ALIASES.get(args.action, args.action)

    project = get_project(args.datafile)

    # Arguments preference: CLI -> .secret -> globals

    args.project = args.project if (args.project is not None) else project.load().get('project', '')
    args.vault = args.vault or project.load().get('vault')
    args.vaultkey = args.vaultkey or project.load().get('key')
    args.region = args.region or project.load().get('region')

    secret_profile = os.getenv("SECRET_PROFILE", "default")
    config = configparser.SafeConfigParser()
    config.read(os.path.expanduser('~/.secret/credentials'))
    if config.has_section(secret_profile):
        if not args.vault:
            args.vault = config.get(secret_profile, 'vault', raw=0)
        if not args.vaultkey:
            args.vaultkey = config.get(secret_profile, 'vaultkey', raw=0)
        if not args.region:
            args.region = config.get(secret_profile, 'region', raw=0)

    if not all([args.vault]):
        sys.exit("Vault configuration undefined: --vault, --vaultkey")

    if args.action == 'help':
        print_status(args)
        sys.exit(helpT)

    return args
Ejemplo n.º 5
0
def main(args):
    project = get_project(args.datafile)
    
    region = os.getenv("AWS_DEFAULT_REGION", args.region)
    kw = {}
    if not os.getenv("AWS_PROFILE"):
        kw = dict(aws_access_key_id=os.getenv('AWS_ACCESS_KEY_ID'),
            aws_secret_access_key=os.getenv('AWS_SECRET_ACCESS_KEY'),
            aws_session_token=os.getenv('AWS_SESSION_TOKEN'),)

    if args.debug:
        boto3.set_stream_logger(name='botocore')
        trollius_log(level=logging.DEBUG)

    session = boto3.session.Session(region_name=region, **kw)
    storage = S3(session=session, vault=args.vault, vaultkey=args.vaultkey, env=args.env, project=project)

    method = getattr(storage, args.action)
    result = yield From(method(**vars(args)))
    prettyprint(result)
Ejemplo n.º 6
0
 def setUp(self):
     del sys.argv[1:]
     self.project = get_project('.secret').load()