def decrypt_environment( self, environment: Dict[str, str], **kwargs: Any, ) -> Dict[str, str]: self.ecosystem = self.get_vault_ecosystems_for_clusters()[0] self.client = get_vault_client( ecosystem=self.ecosystem, num_uses=len(environment), vault_auth_method=self.vault_auth_method, vault_token_file=self.vault_token_file, ) secret_environment = {} for k, v in environment.items(): secret_name = get_secret_name_from_ref(v) secret_path = os.path.join( self.secret_dir, f"{secret_name}.json", ) secret = get_plaintext( client=self.client, env=self.ecosystem, path=secret_path, cache_enabled=False, cache_dir=None, cache_key=None, context=self.service_name, ).decode('utf-8') secret_environment[k] = secret return secret_environment
def decrypt_secret(self, secret_name: str) -> str: ecosystem = self.get_vault_ecosystems_for_clusters()[0] if 'VAULT_TOKEN_OVERRIDE' not in os.environ: username = getpass.getuser() password = getpass.getpass("Please enter your LDAP password to auth with Vault\n") else: username = None password = None client = get_vault_client( ecosystem=ecosystem, username=username, password=password, ) secret_path = os.path.join( self.secret_dir, f"{secret_name}.json", ) return get_plaintext( client=client, path=secret_path, env=ecosystem, cache_enabled=False, cache_key=None, cache_dir=None, context=self.service_name, ).decode('utf-8')
def decrypt_secret_raw(self, secret_name: str) -> bytes: client = self.clients[self.ecosystems[0]] secret_path = os.path.join(self.secret_dir, f"{secret_name}.json") return get_plaintext( client=client, path=secret_path, env=self.ecosystems[0], cache_enabled=False, cache_key=None, cache_dir=None, context=self.service_name, )
def decrypt_secret(self, secret_name: str) -> str: client = self.clients[self.ecosystems[0]] secret_path = os.path.join(self.secret_dir, f"{secret_name}.json") return get_plaintext( client=client, path=secret_path, env=self.ecosystems[0], cache_enabled=False, cache_key=None, cache_dir=None, context=self.service_name, rescue_failures=False, ).decode("utf-8")
def decrypt_environment(self, environment: Dict[str, str], **kwargs: Any) -> Dict[str, str]: client = self.clients[self.ecosystems[0]] secret_environment = {} for k, v in environment.items(): secret_name = get_secret_name_from_ref(v) secret_path = os.path.join(self.secret_dir, f"{secret_name}.json") secret = get_plaintext( client=client, env=self.ecosystems[0], path=secret_path, cache_enabled=False, cache_dir=None, cache_key=None, context=self.service_name, ).decode("utf-8") secret_environment[k] = secret return secret_environment