def main(args):
project = get_project(args.datafile)
region = os.getenv("AWS_DEFAULT_REGION", args.region)
kw = {}
if not os.getenv("AWS_PROFILE"):
kw = dict(
aws_access_key_id=os.getenv('AWS_ACCESS_KEY_ID'),
aws_secret_access_key=os.getenv('AWS_SECRET_ACCESS_KEY'),
aws_session_token=os.getenv('AWS_SESSION_TOKEN'),
)
if args.debug:
boto3.set_stream_logger(name='botocore')
trollius_log(level=logging.DEBUG)
session = boto3.session.Session(region_name=region, **kw)
storage = S3(
session=session,
vault=args.vault,
vaultkey=args.vaultkey,
env=args.env,
region=args.region,
prefix=args.project,
project=project,
)
method = getattr(storage, args.action)
fn = lambda: method(**vars(args))
result = yield from (fn())
prettyprint(result, args)
def prepare():
p = argparse.ArgumentParser()
p.add_argument("action", help="list,get,put,envs,config,setup")
p.add_argument("key", nargs="?", default=None)
p.add_argument("value", nargs="?", default=None)
p.add_argument("--version", default=None)
p.add_argument("--region", help="AWS region", default="us-east-1")
p.add_argument("--vaultkey", help="Name of KMS key", default="alias/secret")
p.add_argument("--vault", help="Name of vault (eg. S3 bucket)", default="secret")
p.add_argument("--project", help="Name of project (eg. S3 'folder')", default=None)
p.add_argument("--env", help="Environment namespace for keys", default="default")
p.add_argument("--datafile", default=DATAFILE)
p.add_argument("--debug", default=None)
if len(sys.argv) == 1:
sys.exit(p.print_help())
args = p.parse_args()
args.action = ALIASES.get(args.action, args.action)
project = get_project(args.datafile)
if args.action not in ["setup"]:
args.vault = project.load().get("vault", args.vault)
args.project = project.load().get("project", args.project)
args.vaultkey = project.load().get("key", args.vaultkey)
args.region = project.load().get("region", args.region)
if not all([args.vault, args.project]):
sys.exit("Vault and/or Project configuration undefined")
if args.action == "help":
print_status(args)
sys.exit(helpT)
return args
def prepare():
p = argparse.ArgumentParser()
p.add_argument("action", help="list,get,put,envs,config,setup")
p.add_argument("key", nargs="?", default=None)
p.add_argument("value", nargs="?", default=None)
p.add_argument("--version", default=None)
p.add_argument("--region", help="AWS region of KMS and S3", default=None)
p.add_argument("--vaultkey", help="Name of KMS key", default=None)
p.add_argument("--vault",
help="Name of vault (eg. S3 bucket)",
default=None)
p.add_argument("-P",
"--project",
help="Name of project (eg. S3 'folder')",
default=None)
p.add_argument("--env",
help="Environment namespace for keys",
default='default')
p.add_argument("-F", "--fmt", help="Output format", default='console')
p.add_argument("-o",
"--output",
help="Output to console (default) or given filepath",
default='')
p.add_argument("--datafile", default=DATAFILE)
p.add_argument("--debug", default=None)
p.add_argument("--skip-files", action='store_true', default=False)
if len(sys.argv) == 1:
sys.exit(p.print_help())
args = p.parse_args()
args.action = ALIASES.get(args.action, args.action)
project = get_project(args.datafile)
# Arguments preference: CLI -> .secret -> globals
args.project = args.project if (
args.project is not None) else project.load().get('project', '')
args.vault = args.vault or project.load().get('vault')
args.vaultkey = args.vaultkey or project.load().get('key')
args.region = args.region or project.load().get('region')
secret_profile = os.getenv("SECRET_PROFILE", "default")
config = configparser.SafeConfigParser()
config.read(os.path.expanduser('~/.secret/credentials'))
if config.has_section(secret_profile):
if not args.vault:
args.vault = config.get(secret_profile, 'vault', raw=0)
if not args.vaultkey:
args.vaultkey = config.get(secret_profile, 'vaultkey', raw=0)
if not args.region:
args.region = config.get(secret_profile, 'region', raw=0)
if not all([args.vault]):
sys.exit("Vault configuration undefined: --vault, --vaultkey")
if args.action == 'help':
print_status(args)
sys.exit(helpT)
return args
def prepare():
p = argparse.ArgumentParser()
p.add_argument("action", help="list,get,put,envs,config,setup")
p.add_argument("key", nargs="?", default=None)
p.add_argument("value", nargs="?", default=None)
p.add_argument("--version", default=None)
p.add_argument("--region", help="AWS region of KMS and S3", default=None)
p.add_argument("--vaultkey", help="Name of KMS key", default=None)
p.add_argument("--vault", help="Name of vault (eg. S3 bucket)", default=None)
p.add_argument("-P", "--project", help="Name of project (eg. S3 'folder')", default=None)
p.add_argument("--env", help="Environment namespace for keys", default='default')
p.add_argument("-F","--fmt", help="Output format", default='console')
p.add_argument("-o","--output", help="Output to console (default) or given filepath", default='')
p.add_argument("--datafile", default=DATAFILE)
p.add_argument("--debug", default=None)
p.add_argument("--skip-files", action='store_true', default=False)
if len(sys.argv) == 1:
sys.exit(p.print_help())
args = p.parse_args()
args.action = ALIASES.get(args.action, args.action)
project = get_project(args.datafile)
# Arguments preference: CLI -> .secret -> globals
args.project = args.project if (args.project is not None) else project.load().get('project', '')
args.vault = args.vault or project.load().get('vault')
args.vaultkey = args.vaultkey or project.load().get('key')
args.region = args.region or project.load().get('region')
secret_profile = os.getenv("SECRET_PROFILE", "default")
config = configparser.SafeConfigParser()
config.read(os.path.expanduser('~/.secret/credentials'))
if config.has_section(secret_profile):
if not args.vault:
args.vault = config.get(secret_profile, 'vault', raw=0)
if not args.vaultkey:
args.vaultkey = config.get(secret_profile, 'vaultkey', raw=0)
if not args.region:
args.region = config.get(secret_profile, 'region', raw=0)
if not all([args.vault]):
sys.exit("Vault configuration undefined: --vault, --vaultkey")
if args.action == 'help':
print_status(args)
sys.exit(helpT)
return args
def main(args):
project = get_project(args.datafile)
region = os.getenv("AWS_DEFAULT_REGION", args.region)
kw = {}
if not os.getenv("AWS_PROFILE"):
kw = dict(aws_access_key_id=os.getenv('AWS_ACCESS_KEY_ID'),
aws_secret_access_key=os.getenv('AWS_SECRET_ACCESS_KEY'),
aws_session_token=os.getenv('AWS_SESSION_TOKEN'),)
if args.debug:
boto3.set_stream_logger(name='botocore')
trollius_log(level=logging.DEBUG)
session = boto3.session.Session(region_name=region, **kw)
storage = S3(session=session, vault=args.vault, vaultkey=args.vaultkey, env=args.env, project=project)
method = getattr(storage, args.action)
result = yield From(method(**vars(args)))
prettyprint(result)
def setUp(self):
del sys.argv[1:]
self.project = get_project('.secret').load()