def client(self): # type: () -> hvac.Client """ Return an authenticated Hashicorp Vault client """ _client = hvac.Client(url=self.url, **self.kwargs) if self.auth_type == "token": if not self.token: raise VaultError("token cannot be None for auth_type='token'") _client.token = self.token elif self.auth_type == "ldap": _client.auth.ldap.login( username=self.username, password=self.password) elif self.auth_type == "userpass": _client.auth_userpass(username=self.username, password=self.password) elif self.auth_type == "approle": _client.auth_approle(role_id=self.role_id, secret_id=self.secret_id) elif self.auth_type == "github": _client.auth.github.login(token=self.token) elif self.auth_type == "gcp": from airflow.contrib.utils.gcp_credentials_provider import ( get_credentials_and_project_id, _get_scopes ) scopes = _get_scopes(self.gcp_scopes) credentials, _ = get_credentials_and_project_id(key_path=self.gcp_key_path, scopes=scopes) _client.auth.gcp.configure(credentials=credentials) else: raise AirflowException("Authentication type '{}' not supported".format(self.auth_type)) if _client.is_authenticated(): return _client else: raise VaultError("Vault Authentication Error!")
def client(self): # type: (...) -> SecretManagerServiceClient """ Create an authenticated KMS client """ scopes = _get_scopes(self.gcp_scopes) self.credentials, self.project_id = get_credentials_and_project_id( key_path=self.gcp_key_path, scopes=scopes) _client = SecretManagerServiceClient( credentials=self.credentials, client_info=ClientInfo(client_library_version='airflow_v' + version.version)) return _client
def test_get_scopes_with_input(self, _, scopes_str, scopes): self.assertEqual(_get_scopes(scopes_str), scopes)
def test_get_scopes_with_default(self): self.assertEqual(_get_scopes(), _DEFAULT_SCOPES)