Example #1
0
def export_cli(dry_run, tag, delete, git_ssh_url, api_client: ApiClient, hcl,
               pattern_matches):
    block_key_map = {}
    ignore_attribute_key = {"last_updated_timestamp"}
    required_attributes_key = {"key"}

    if hcl:
        secret_api = SecretApi(api_client)

        scopes = secret_api.list_scopes()["scopes"]
        log.info(scopes)

        with GitExportHandler(git_ssh_url,
                              "secrets",
                              delete_not_found=delete,
                              dry_run=dry_run,
                              tag=tag) as gh:
            for scope in scopes:
                secrets = secret_api.list_secrets(scope["name"])["secrets"]
                log.info(secrets)

                for secret in secrets:
                    if not pattern_matches(secret["key"]):
                        log.debug(
                            f"{secret['key']} did not match pattern function {pattern_matches}"
                        )
                        continue
                    log.debug(
                        f"{secret['key']} matched the pattern function {pattern_matches}"
                    )
                    secret_resource_data = prep_json(block_key_map,
                                                     ignore_attribute_key,
                                                     secret,
                                                     required_attributes_key)

                    base_name = normalize_identifier(secret["key"])
                    name = "databricks_secret"
                    identifier = f"databricks_secret-{base_name}"

                    secret_resource_data["scope"] = scope["name"]

                    secret_hcl = create_resource_from_dict(
                        name, identifier, secret_resource_data, False)

                    file_name_identifier = f"{identifier}.tf"
                    gh.add_file(file_name_identifier, secret_hcl)
                    log.debug(secret_hcl)
Example #2
0
def export_cli(dry_run, tag, delete, git_ssh_url, api_client: ApiClient, hcl,
               pattern_matches):
    block_key_map = {}
    ignore_attribute_key = {}
    required_attributes_key = {"principal", "permission"}

    if hcl:
        secret_api = SecretApi(api_client)

        scopes = secret_api.list_scopes()["scopes"]
        log.info(scopes)

        with GitExportHandler(git_ssh_url,
                              "secret_acls",
                              delete_not_found=delete,
                              dry_run=dry_run,
                              tag=tag) as gh:
            for scope in scopes:
                acls = secret_api.list_acls(scope["name"])["items"]
                log.info(acls)

                for acl in acls:
                    acl_resource_data = prep_json(block_key_map,
                                                  ignore_attribute_key, acl,
                                                  required_attributes_key)

                    base_name = normalize_identifier(acl["principal"])
                    name = "databricks_secret_acl"
                    identifier = f"databricks_secret_acl-{base_name}"

                    acl_resource_data["scope"] = scope["name"]

                    acl_hcl = create_resource_from_dict(
                        name, identifier, acl_resource_data, False)

                    file_name_identifier = f"{identifier}.tf"
                    gh.add_file(file_name_identifier, acl_hcl)
                    log.debug(acl_hcl)