def initial_token(vault_client, opt): """Generate our first token based on workstation configuration""" app_filename = appid_file() token_filename = token_file() if 'VAULT_TOKEN' in os.environ and os.environ['VAULT_TOKEN']: log('Token derived from VAULT_TOKEN environment variable', opt) return os.environ['VAULT_TOKEN'].strip() elif 'VAULT_USER_ID' in os.environ and \ 'VAULT_APP_ID' in os.environ and \ os.environ['VAULT_USER_ID'] and os.environ['VAULT_APP_ID']: token = app_token(vault_client, os.environ['VAULT_APP_ID'].strip(), os.environ['VAULT_USER_ID'].strip()) log("Token derived from VAULT_APP_ID and VAULT_USER_ID", opt) return token elif 'VAULT_ROLE_ID' in os.environ and \ 'VAULT_SECRET_ID' in os.environ and \ os.environ['VAULT_ROLE_ID'] and os.environ['VAULT_SECRET_ID']: token = approle_token(vault_client, os.environ['VAULT_ROLE_ID'], os.environ['VAULT_SECRET_ID']) log("Token derived from VAULT_ROLE_ID and VAULT_SECRET_ID", opt) return token elif app_filename: token = yaml.safe_load(open(app_filename).read().strip()) if 'app_id' in token and 'user_id' in token: token = app_token(vault_client, token['app_id'], token['user_id']) log("Token derived from %s" % app_filename, opt) return token elif token_filename: log("Token derived from %s" % token_filename, opt) return open(token_filename, 'r').read().strip() else: raise aomi.exceptions.AomiCredentials('unknown method')
def init_token(self): """Generate our first token based on workstation configuration""" app_filename = appid_file() token_filename = token_file() approle_filename = approle_file() token = None if 'VAULT_ROLE_ID' in os.environ and \ 'VAULT_SECRET_ID' in os.environ and \ os.environ['VAULT_ROLE_ID'] and os.environ['VAULT_SECRET_ID']: token = approle_token(self, os.environ['VAULT_ROLE_ID'], os.environ['VAULT_SECRET_ID']) LOG.debug("Token derived from VAULT_ROLE_ID and VAULT_SECRET_ID") elif 'VAULT_TOKEN' in os.environ and os.environ['VAULT_TOKEN']: LOG.debug('Token derived from VAULT_TOKEN environment variable') token = os.environ['VAULT_TOKEN'].strip() elif 'VAULT_USER_ID' in os.environ and \ 'VAULT_APP_ID' in os.environ and \ os.environ['VAULT_USER_ID'] and os.environ['VAULT_APP_ID']: LOG.debug("Token derived from VAULT_APP_ID and VAULT_USER_ID") token = app_token(self, os.environ['VAULT_APP_ID'].strip(), os.environ['VAULT_USER_ID'].strip()) elif approle_filename: creds = yaml.safe_load(open(approle_filename).read().strip()) if 'role_id' in creds and 'secret_id' in creds: LOG.debug("Token derived from approle file") token = approle_token(self, creds['role_id'], creds['secret_id']) elif token_filename: LOG.debug("Token derived from %s", token_filename) try: token = open(token_filename, 'r').read().strip() except IOError as os_exception: if os_exception.errno == 21: raise aomi.exceptions.AomiFile('Bad Vault token file') raise elif app_filename: token = yaml.safe_load(open(app_filename).read().strip()) if 'app_id' in token and 'user_id' in token: LOG.debug("Token derived from %s", app_filename) token = app_token(self, token['app_id'], token['user_id']) else: raise aomi.exceptions.AomiCredentials('unknown method') return token
def init_token(self): """Generate our first token based on workstation configuration""" app_filename = appid_file() token_filename = token_file() approle_filename = approle_file() if 'VAULT_ROLE_ID' in os.environ and \ 'VAULT_SECRET_ID' in os.environ and \ os.environ['VAULT_ROLE_ID'] and os.environ['VAULT_SECRET_ID']: token = approle_token(self, os.environ['VAULT_ROLE_ID'], os.environ['VAULT_SECRET_ID']) LOG.info("Token derived from VAULT_ROLE_ID and VAULT_SECRET_ID") return token elif 'VAULT_TOKEN' in os.environ and os.environ['VAULT_TOKEN']: LOG.info('Token derived from VAULT_TOKEN environment variable') return os.environ['VAULT_TOKEN'].strip() elif 'VAULT_USER_ID' in os.environ and \ 'VAULT_APP_ID' in os.environ and \ os.environ['VAULT_USER_ID'] and os.environ['VAULT_APP_ID']: token = app_token(self, os.environ['VAULT_APP_ID'].strip(), os.environ['VAULT_USER_ID'].strip()) LOG.info("Token derived from VAULT_APP_ID and VAULT_USER_ID") return token elif approle_filename: creds = yaml.safe_load(open(approle_filename).read().strip()) if 'role_id' in creds and 'secret_id' in creds: token = approle_token(self, creds['role_id'], creds['secret_id']) LOG.info("Token derived from approle file") return token elif token_filename: LOG.info("Token derived from %s", token_filename) try: return open(token_filename, 'r').read().strip() except IOError as os_exception: if os_exception.errno == 21: raise aomi.exceptions.AomiFile('Bad Vault token file') raise elif app_filename: token = yaml.safe_load(open(app_filename).read().strip()) if 'app_id' in token and 'user_id' in token: token = app_token(self, token['app_id'], token['user_id']) LOG.info("Token derived from %s", app_filename) return token else: raise aomi.exceptions.AomiCredentials('unknown method')
def help_me(parser, opt): """Handle display of help and whatever diagnostics""" print("aomi v%s" % version) print('Get started with aomi' ' https://autodesk.github.io/aomi/quickstart') if opt.verbose: tf_str = 'Token File,' if token_file() else '' app_str = 'AppID File,' if appid_file() else '' tfe_str = 'Token Env,' if 'VAULT_TOKEN' in os.environ else '' appre_str = 'App Role Env,' if 'VAULT_ROLE_ID' in os.environ and \ 'VAULT_SECRET_ID' in os.environ else '' appe_str = 'AppID Env,' if 'VAULT_USER_ID' in os.environ and \ 'VAULT_APP_ID' in os.environ else '' log(("Auth Hints Present : %s%s%s%s%s" % (tf_str, app_str, tfe_str, appre_str, appe_str))[:-1], opt) log( "Vault Server %s" % os.environ['VAULT_ADDR'] if 'VAULT_ADDR' in os.environ else '??', opt) parser.print_help() sys.exit(0)
def help_me(parser, opt): """Handle display of help and whatever diagnostics""" print("aomi v%s" % version) print('Get started with aomi' ' https://autodesk.github.io/aomi/quickstart') if opt.verbose == 2: tf_str = 'Token File,' if token_file() else '' app_str = 'AppID File,' if appid_file() else '' approle_str = 'Approle File,' if approle_file() else '' tfe_str = 'Token Env,' if 'VAULT_TOKEN' in os.environ else '' appre_str = 'App Role Env,' if 'VAULT_ROLE_ID' in os.environ and \ 'VAULT_SECRET_ID' in os.environ else '' appe_str = 'AppID Env,' if 'VAULT_USER_ID' in os.environ and \ 'VAULT_APP_ID' in os.environ else '' LOG.info(("Auth Hints Present : %s%s%s%s%s%s" % (tf_str, app_str, approle_str, tfe_str, appre_str, appe_str))[:-1]) LOG.info("Vault Server %s" % os.environ['VAULT_ADDR'] if 'VAULT_ADDR' in os.environ else '??') parser.print_help() sys.exit(0)