def test_load():
"""
Make sure that the `load` function returns the secret found in the first
of the following cases:
1. via `_load_from_run_secrets`
2. via `_load_from_environment_hint`
3. via `_load_from_environment_variable`
4. None or the provided fallback
"""
with patch("sec._load_from_run_secrets") as run_secrets_mock:
with patch("sec._load_from_environment_hint") as env_hint_mock:
with patch("sec._load_from_environment_variable") as env_var_mock:
secret_name = "whoa"
# Test case 1
assert sec.load(secret_name) == run_secrets_mock.return_value
# Test case 2
run_secrets_mock.return_value = None
assert sec.load(secret_name) == env_hint_mock.return_value
# Test case 3
env_hint_mock.return_value = None
assert sec.load(secret_name) == env_var_mock.return_value
# Test case 4
env_var_mock.return_value = None
assert sec.load(secret_name) == None
assert sec.load(secret_name, "fallback") == "fallback"
# -*- coding: utf-8 -*-
import logging
import sys
import yaml
import sec
logger = logging.getLogger(__name__)
DEBUG = False
ERROR_404_HELP = False
# App config
LOG_LEVEL = sec.load("LOG_LEVEL", fallback="INFO").upper()
# Secrets
TOKEN = sec.load("AUTH_TOKEN", fallback="")
if not TOKEN:
logger.error("Auth token must be set")
sys.exit(1)
# Swarm config
CONFIG_FILE = sec.load("CONFIG_FILE", fallback="/servitor.yaml")
try:
with open(CONFIG_FILE) as f:
_service_config = yaml.safe_load(f)
DOCKER_SWARMS = _service_config["swarm"]
except Exception:
],
},
},
]
WSGI_APPLICATION = 'castor.wsgi.application'
# Database
# https://docs.djangoproject.com/en/1.10/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql',
'NAME': os.getenv('POSTGRES_DB', 'castor'),
'USER': sec.load('POSTGRES_USER', 'castor'),
'PASSWORD': sec.load('POSTGRES_PASSWORD'), # No default for security
'HOST': os.getenv('POSTGRES_HOST', 'postgres'),
'PORT': os.getenv('POSTGRES_PORT', '5432'),
}
}
# Password validation
# https://docs.djangoproject.com/en/1.10/ref/settings/#auth-password-validators
AUTH_PASSWORD_VALIDATORS = [
{
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
},
{
# coding=utf-8
import sec
LOG_LEVEL = sec.load("log_level", fallback="INFO").upper()
# Flask
DEBUG = False
# Flask-Caching
CACHE_TYPE = "redis"
CACHE_REDIS_URL = sec.load("redis_url", fallback="redis://localhost")
CACHE_DEFAULT_TIMEOUT = 600
# Flack
FLACK_DEFAULT_NAME = "GifRoulette"
FLACK_TOKEN = sec.load("slack_token")
FLACK_URL_PREFIX = sec.load("flack_prefix", fallback="/")
# App
GIPHY_API_KEY = sec.load("giphy_key")
GIPHY_RATING = "pg-13"
GIPHY_POOL = 16
REPLYGIF_API_KEY = sec.load("replygif_key")
REPLYGIF_ONLY_REPLYTAGS = False
REPLYGIF_TAG_MATCH_ACC = 90
REPLYGIF_TAG_CACHE_LEN = (60 * 60 * 24 * 7)
# import os
import re
import logging.config
import sec
from django.utils.translation import ugettext_lazy as _
# BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
SECRET_KEY = sec.load("django_secret_key")
DEBUG = True
HOST_NAMES = [x.strip() for x in sec.load("HOST_NAMES").split(",")]
ALLOWED_HOSTS = HOST_NAMES
# name <email>
email_re = r"^\s*(.*)\s+<(.*)>\s*$"
ADMINS = [
re.match(email_re, x).groups() for x in sec.load("ADMINS").split(",")
]
# # Email related settings
# EMAIL_HOST = os.environ.get('EMAIL_HOST')
# EMAIL_PORT = int(os.environ.get('EMAIL_PORT', 0)) or None
# EMAIL_HOST_USER = read_secret_from_file('EMAIL_HOST_USER')
# EMAIL_HOST_PASSWORD = read_secret_from_file('EMAIL_HOST_PASSWORD')
# EMAIL_USE_TLS = os.environ.get('EMAIL_USE_TLS', '').lower() == 'true'
# EMAIL_USE_SSL = os.environ.get('EMAIL_USE_SSL', '').lower() == 'true'
# EMAIL_TIMEOUT = 10
import os
from flask import Flask, request
from flask import render_template
import sec
AUTH_USER = sec.load("AUTH_USER", "antonis")
AUTH_PASSWORD = sec.load("AUTH_PASSWORD", "kalipetis")
DEBUG = os.getenv("FLASK_DEBUG") == "1"
ENVIRONMENT = os.getenv("FLASK_ENV", "development")
app = Flask(__name__)
@app.route("/")
def home():
greeting = request.args.get("greeting", "Hello")
authorization = request.authorization or {"username": None, "password": None}
username = authorization["username"]
password = authorization["password"]
context = {"greeting": greeting, "environment": ENVIRONMENT, "debug": DEBUG}
if username != AUTH_USER or password != AUTH_PASSWORD:
headers = {"WWW-Authenticate": 'Basic realm="Login Required"'}
return render_template("not-authorized.html", **context), 401, headers
return render_template("index.html", **context)
# coding=utf-8
import sec
LOG_LEVEL = sec.load("log_level", fallback="INFO").upper()
# Flask
DEBUG = False
# Flask Redis
REDIS_URL = sec.load("redis_url", fallback="redis://localhost")
# Flack
FLACK_DEFAULT_NAME = "Unit Converter"
FLACK_URL_PREFIX = sec.load("flack_prefix", fallback="/")
FLACK_TOKEN = sec.load("slack_token")
FLACK_CLIENT_ID = sec.load("slack_client_id")
FLACK_CLIENT_SECRET = sec.load("slack_app_secret")
'social_django.context_processors.login_redirect',
],
},
},
]
WSGI_APPLICATION = 'castor.wsgi.application'
# Database
# https://docs.djangoproject.com/en/1.10/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql',
'NAME': os.getenv('POSTGRES_DB', 'castor'),
'USER': sec.load('POSTGRES_USER', 'castor'),
'PASSWORD': sec.load('POSTGRES_PASSWORD'), # No default for security
'HOST': os.getenv('POSTGRES_HOST', 'postgres'),
'PORT': os.getenv('POSTGRES_PORT', '5432'),
}
}
# Password validation
# https://docs.djangoproject.com/en/1.10/ref/settings/#auth-password-validators
AUTH_PASSWORD_VALIDATORS = [
{
'NAME':
'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
},
{
import sec
from flask import Flask
from redis.utils import from_url
app = Flask(__name__)
redis_client = from_url(sec.load("REDIS_URL"))
@app.route("/")
def hello_world():
times = redis_client.incr("visits")
return f"Hello, World! You have visited {times} times."