def from_params(cls, data, ref_params):
"""
Return new GPPSecret from data and ref_params: target_name
recipients will be grabbed from the inventory via target_name
"""
try:
# XXX only used for testing
if GPG_TARGET_FINGERPRINTS:
_fingerprints = [{
'fingerprint': v
} for _, v in GPG_TARGET_FINGERPRINTS.items()]
return cls(data, _fingerprints, **ref_params.kwargs)
target_name = ref_params.kwargs['target_name']
target_inv = cached.inv['nodes'].get(target_name, None)
if target_name is None:
raise ValueError('target_name not set')
if target_inv is None:
raise ValueError('target_inv not set')
try:
recipients = target_inv['parameters']['kapitan']['secrets'][
'gpg']['recipients']
except KeyError:
# TODO: Keeping gpg recipients backwards-compatible until we make a breaking release
logger.warning(
"WARNING: parameters.kapitan.secrets.recipients is deprecated, "
+
"please move them to parameters.kapitan.secrets.gpg.recipients"
)
recipients = target_inv['parameters']['kapitan']['secrets'][
'recipients']
return cls(data, recipients, **ref_params.kwargs)
except KeyError:
raise RefError("Could not create GPGSecret: target_name missing")
def from_params(cls, data, ref_params):
"""
Return new GPPSecret from data and ref_params: target_name
recipients will be grabbed from the inventory via target_name
"""
try:
# XXX only used for testing
if GPG_TARGET_FINGERPRINTS:
_fingerprints = [{"fingerprint": v} for _, v in GPG_TARGET_FINGERPRINTS.items()]
return cls(data, _fingerprints, **ref_params.kwargs)
target_name = ref_params.kwargs["target_name"]
if target_name is None:
raise ValueError("target_name not set")
target_inv = cached.inv["nodes"].get(target_name, None)
if target_inv is None:
raise ValueError("target_inv not set")
if "secrets" not in target_inv["parameters"]["kapitan"]:
raise KapitanError(
f"parameters.kapitan.secrets not defined in inventory of target {target_name}"
)
recipients = target_inv["parameters"]["kapitan"]["secrets"]["gpg"]["recipients"]
return cls(data, recipients, **ref_params.kwargs)
except KeyError:
raise RefError("Could not create GPGSecret: target_name missing")
def from_params(cls, data, ref_params):
"""
Return new GPPSecret from data and ref_params: target_name
recipients will be grabbed from the inventory via target_name
"""
try:
# XXX only used for testing
if GPG_TARGET_FINGERPRINTS:
_fingerprints = [{
'fingerprint': v
} for _, v in GPG_TARGET_FINGERPRINTS.items()]
return cls(data, _fingerprints, **ref_params.kwargs)
target_name = ref_params.kwargs['target_name']
if target_name is None:
raise ValueError('target_name not set')
target_inv = cached.inv['nodes'].get(target_name, None)
if target_inv is None:
raise ValueError('target_inv not set')
if 'secrets' not in target_inv['parameters']['kapitan']:
raise KapitanError(
"parameters.kapitan.secrets not defined in {}".format(
target_name))
recipients = target_inv['parameters']['kapitan']['secrets']['gpg'][
'recipients']
return cls(data, recipients, **ref_params.kwargs)
except KeyError:
raise RefError("Could not create GPGSecret: target_name missing")
def from_params(cls, data, ref_params):
"""
Return new GoogleKMSSecret from data and ref_params: target_name
key will be grabbed from the inventory via target_name
"""
try:
target_name = ref_params.kwargs['target_name']
target_inv = cached.inv['nodes'].get(target_name, None)
if target_name is None:
raise ValueError('target_name not set')
if target_inv is None:
raise ValueError('target_inv not set')
key = target_inv['parameters']['kapitan']['secrets']['gkms']['key']
return cls(data, key, **ref_params.kwargs)
except KeyError:
raise RefError("Could not create GoogleKMSSecret: target_name missing")
def from_params(cls, data, ref_params):
"""
Return new VaultSecret from data and ref_params: target_name
parameters will be grabbed from the inventory via target_name
"""
try:
target_name = ref_params.kwargs["target_name"]
if target_name is None:
raise ValueError("target_name not set")
target_inv = cached.inv["nodes"].get(target_name, None)
if target_inv is None:
raise ValueError("target_inv not set")
ref_params.kwargs["vault_params"] = target_inv["parameters"]["kapitan"]["secrets"]["vaultkv"]
return cls(data, **ref_params.kwargs)
except KeyError:
raise RefError("Could not create VaultSecret: vaultkv parameters missing")
def from_params(cls, data, ref_params):
"""
Return new GoogleKMSSecret from data and ref_params: target_name
key will be grabbed from the inventory via target_name
"""
try:
target_name = ref_params.kwargs["target_name"]
if target_name is None:
raise ValueError("target_name not set")
target_inv = cached.inv["nodes"].get(target_name, None)
if target_inv is None:
raise ValueError("target_inv not set")
key = target_inv["parameters"]["kapitan"]["secrets"]["gkms"]["key"]
return cls(data, key, **ref_params.kwargs)
except KeyError:
raise RefError("Could not create GoogleKMSSecret: target_name missing")
def from_params(cls, data, ref_params):
"""
Return new VaultSecret from data and ref_params: target_name
parameters will be grabbed from the inventory via target_name
"""
try:
target_name = ref_params.kwargs['target_name']
if target_name is None:
raise ValueError('target_name not set')
target_inv = cached.inv['nodes'].get(target_name, None)
if target_inv is None:
raise ValueError('target_inv not set')
ref_params.kwargs['vault_params'] = target_inv['parameters'][
'kapitan']['secrets']['vaultkv']
return cls(data, **ref_params.kwargs)
except KeyError:
raise RefError(
"Could not create VaultSecret: vaultkv parameters missing")