def run_kv_copy_path(self):
"""
Prepares a CLI run of kv_copy_path
"""
self.logger.debug("Preparing run of kv_copy_path")
missing_args = utils.keys_exists_in_dict(
self.logger, self.kwargs,
[{"key": "vault_addr", "exc": [None, '']},
{"key": "vault_token", "exc": [None, False]},
{"key": "vault_target_addr", "exc": [None, '']},
{"key": "vault_target_token", "exc": [None, False]}]
)
if len(missing_args):
raise ValueError(
"Following arguments are missing %s" %
[k['key'].replace("_", "-") for k in missing_args]
)
self.kv_copy_path(
self.kwargs["vault_addr"],
self.kwargs["vault_token"],
self.kwargs["vault_target_addr"],
self.kwargs["vault_target_token"],
self.kwargs["copy_path"][0],
self.kwargs["copy_path"][1]
)
def run(self, arg_parser, parsed_args):
"""
Module entry point
:param arg_parser: Arguments parser instance
:param parsed_args: Arguments parsed fir this module
:type parsed_args: argparse.ArgumentParser.parse_args()
"""
self.parsed_args = parsed_args
self.arg_parser = arg_parser
missing_args = utils.keys_exists_in_dict(self.logger,
vars(self.parsed_args),
[{
"key": "vault_addr",
"exc": [None, '']
}, {
"key": "vault_token",
"exc": [None, False]
}])
if len(missing_args):
self.logger.error(
"Following arguments are missing %s\n" %
[k['key'].replace("_", "-") for k in missing_args])
self.arg_parser.print_help()
return False
self.logger.debug("Module " + self.module_name + " started")
def run(self, kwargs):
"""
Module entry point
:param kwargs: Arguments parsed
:type kwargs: dict
"""
# Convert kwargs to an Object with kwargs dict as class vars
self.kwargs = namedtuple("KwArgs", kwargs.keys())(*kwargs.values())
self.logger.debug("Module " + self.module_name + " started")
if not self.check_args_integrity():
self.subparser.print_help()
return False
missing_args = utils.keys_exists_in_dict(
self.logger, dict(self.kwargs._asdict()),
[{"key": "vault_addr", "exc": [None, '']},
{"key": "vault_token", "exc": [None, False]},
{"key": "vault_config", "exc": [None, False, '']}]
)
if len(missing_args):
raise ValueError(
"Following arguments are missing %s\n" % [
k['key'].replace("_", "-") for k in missing_args]
)
self.vault_client = VaultClient(
self.base_logger,
vault_addr=self.kwargs.vault_addr,
dry=self.kwargs.dry_run,
skip_tls=self.kwargs.skip_tls
)
self.vault_client.authenticate()
if self.kwargs.push:
self.secret_push()
def run_kv_find_duplicates(self):
"""
Prepares a CLI run of kv_find_duplicates
"""
self.logger.debug("Preparing run of kv_find_duplicates")
missing_args = utils.keys_exists_in_dict(
self.logger, self.kwargs,
[{"key": "vault_addr", "exc": [None, '']},
{"key": "vault_token", "exc": [None, False]}]
)
if len(missing_args):
raise ValueError(
"Following arguments are missing %s" %
[k['key'].replace("_", "-") for k in missing_args]
)
self.kv_find_duplicates(
self.kwargs["vault_addr"],
self.kwargs["vault_token"],
self.kwargs["find_duplicates"],
self.kwargs["exclude"] if self.kwargs["exclude"] else []
)
def run(self, kwargs):
"""
Module entry point
:param kwargs: Arguments parsed
:type kwargs: dict
"""
# Convert kwargs to an Object with kwargs dict as class vars
self.kwargs = namedtuple("KwArgs", kwargs.keys())(*kwargs.values())
self.logger.debug("Module " + self.module_name + " started")
if not self.check_args_integrity():
self.subparser.print_help()
return False
missing_args = utils.keys_exists_in_dict(self.logger,
dict(self.kwargs._asdict()),
[{
"key": "vault_config",
"exc": [None, False, '']
}])
if len(missing_args):
raise ValueError(
"Following arguments are missing %s\n" %
[k['key'].replace("_", "-") for k in missing_args])
self.policies_folder = os.path.join(self.kwargs.vault_config,
"policies")
self.user_policies_folder = os.path.join(self.policies_folder, "user")
self.kubernetes_policies_folder = os.path.join(self.policies_folder,
"service", "kubernetes")
self.group_policies_folder = os.path.join(self.policies_folder,
"group")
self.group_policies_to_create = []
self.user_policies_to_create = []
self.kubernetes_policies_to_create = []
if not self.read_configuration() or not self.read_ldap_configuration():
return False
self.vault_client = VaultClient(self.base_logger,
vault_addr=self.kwargs.vault_addr,
dry=self.kwargs.dry_run,
skip_tls=self.kwargs.skip_tls)
self.vault_client.authenticate(self.kwargs.vault_token)
if not self.get_ldap_data():
return False
if self.kwargs.list_groups:
self.ldap_list_groups()
return True
if self.kwargs.create_policies:
self.ldap_create_policies()
return True
missing_args = utils.keys_exists_in_dict(self.logger,
dict(self.kwargs._asdict()),
[{
"key": "vault_addr",
"exc": [None, '']
}, {
"key": "vault_token",
"exc": [None, False]
}, {
"key": "vault_config",
"exc": [None, False, '']
}])
if len(missing_args):
raise ValueError(
"Following arguments are missing %s\n" %
[k['key'].replace("_", "-") for k in missing_args])
self.vault_client = self.connect_to_vault(self.kwargs.vault_addr,
self.kwargs.vault_token)
if self.kwargs.manage_ldap_groups:
self.ldap_manage_ldap_groups()
if self.kwargs.manage_ldap_users:
self.ldap_manage_ldap_users()
if self.kwargs.create_groups_secrets:
self.ldap_create_groups_secrets()
if self.kwargs.create_users_secrets:
self.ldap_create_users_secrets()
