def mapSecrets(self):
global val
try:
val = Actions(mount_point=self.ctx, secret_path=self.mountpath).fromVault()
assert isinstance(val.iteritems, object)
for key, value in val.iteritems():
b64val = base64.b64encode(value.encode("utf-8"))
val[key] = b64val
except Exception as e:
logging.error('Error encountered {error}'.format(error=str(e)))
sys.exc_clear()
yamldata = yaml.safe_load(open(self.templatepath).read())
secname = self.mountpath.split('/')[1]
yamldata['metadata']['name'] = secname
yamldata['data'] = val
with open(self.outputpath + '/' + secname + '.yaml', 'w') as out:
yaml.dump(yamldata, out)
logging.info(
'Dumped yaml data into {output} {secname}.yaml'.format(output=self.outputpath, secname=secname))
if self.push == 'True':
try:
Create('Secret', self.namespace, self.outputpath + '/' + secname + '.yaml').createResource()
logging.info('Secret {secname}.yaml deployed in kubernetes'.format(secname=secname))
except Exception as e:
logging.error('Encountered error while creating secret in kubernetes {err}'.format(err=str(e)))
sys.exc_clear()
else:
logging.info('All vault secrets dumped into templates')
def deletegame():
if request.method == 'GET':
return '''
<form action='deletegame' method='POST'>
<input type='text' name='game' id='game' placeholder='game'></input>
<input type='submit' name='submit'></input>
</form>
'''
game = request.form['game']
if game is not None:
Actions.delete_game_tables(game)
return redirect(url_for('dashboard'))
def syncToVault(self):
k8s_client = ApiClient().apiclient()
dyn_client = DynamicClient(k8s_client)
v1_resources = dyn_client.resources.get(api_version='v1', kind='Secret')
try:
resource_list = v1_resources.get(namespace=self.namespace)
logging.info('Retrieved list of secrets from project ' + self.namespace)
except Exception as e:
logging.error('Error encountered ' + str(e))
sys.exit(1)
secdict = []
for resource in resource_list.items:
secdict.append(resource.metadata.name)
logging.info('Secret list is ' + str(secdict))
for secret in secdict:
try:
fullyaml = v1_resources.get(name=secret, namespace=self.namespace)
yamlresponse = yaml.safe_load(str(fullyaml))
yamldata = yamlresponse['ResourceInstance[Secret]']['data']
for key, value in yamldata.iteritems():
try:
Actions(secret_path=self.namespace + '/' + secret, mount_point='secret', secret={ key: value }).toVault()
logging.info('Secret ' + secret + ' key ' + key + ' added to hashicorp vault')
except Exception as e:
logging.error('Error pushing secret key ' + key + ' from secret ' + secret + ' to hashicorp vault. See ERROR: ' + str(e))
except Exception as e:
logging.error('Encountered error while getting Secret ' + secret + ' Error: ' + str(e))
logging.info('All secrets in namespace ' + self.namespace + ' pushed to Vault')
def __init__(self, env):
if env.game in Actions.keys():
combos = Actions[env.game]
else:
combos = Actions['others']
super().__init__(env=env, combos=combos)
def request_loader(request):
username = request.form.get('username')
pw = request.form.get('pw')
#if username not in users:
#print(username)
#return
user = User()
user.id = username
# DO NOT ever store passwords in plaintext and always compare password
# hashes using constant-time comparison!
#user.is_authenticated = request.form['pw'] == users[username]['pw']
#print(username, Database.nameAvailable(username))
#return user
if username is not None and Actions.name_available(username):
user.is_authenticated = Actions.authenticate_user(username, pw)
return user
return
def home():
"""This route renders a hello world text."""
command_text = request.data.get('text')
command_text = command_text.split(' ')
slack_uid = request.data.get('user_id')
slackhelper = SlackHelper()
slack_user_info = slackhelper.user_info(slack_uid)
actions = Actions(slackhelper, slack_user_info)
if command_text[0] not in allowed_commands:
response_body = {'text': 'Invalid Command Sent - `/steel help` for available commands'}
if command_text[0] == 'help':
response_body = actions.help()
if command_text[0] in ['my-task', 'my-tasks']:
response_body = actions.my_tasks()
if command_text[0] in ['show-task', 'show-tasks']:
date = command_text[1]
response_body = actions.show_tasks(date)
response = jsonify(response_body)
response.status_code = 200
return response
def syncToVault(self):
k8s_client = ApiClient().apiclient
api_instance = kubernetes.client.CoreV1Api(k8s_client)
try:
resource_list = api_instance.list_namespaced_secret(
self.namespace, pretty=True, timeout_seconds=30)
logging.info('Retrieved list of secrets from project ' +
self.namespace)
except ApiException as e:
logging.error(
'Error encountered when calling CoreV1Api --> list_namespaced_secret '
+ str(e))
sys.exit(1)
secdict = []
for resource in resource_list.items:
secdict.append(resource.metadata.name)
logging.info('Secret list is ' + str(secdict))
for secret in secdict:
try:
fullyaml = api_instance.read_namespaced_secret(secret,
self.namespace,
pretty=True)
yamlresponse = yaml.safe_load(str(fullyaml))
yamldata = yamlresponse['V1Secret[Secret]']['data']
for key, value in yamldata.iteritems():
try:
Actions(secret_path=self.namespace + '/' + secret,
mount_point='secret',
secret={
key: value
}).toVault()
logging.info('Secret ' + secret + ' key ' + key +
' added to hashicorp vault')
except Exception as e:
logging.error('Error pushing secret key ' + key +
' from secret ' + secret +
' to hashicorp vault. See ERROR: ' +
str(e))
except ApiException as e:
logging.error(
'Encountered error while calling CoreV1Api --> read_namespaced_secret for secret'
+ secret + ' Error: ' + str(e))
logging.info('All secrets in namespace ' + self.namespace +
' pushed to Vault')
def login():
if request.method == 'GET':
return '''
<form action='login' method='POST'>
<input type='text' name='username' id='username' placeholder='username'></input>
<input type='password' name='pw' id='pw' placeholder='password'></input>
<input type='submit' name='submit'></input>
</form>
'''
username = request.form['username']
pw = request.form['pw']
print(username, pw)
if Actions.authenticate_user(username, pw):
user = User()
user.id = username
flask_login.login_user(user)
return redirect(url_for('dashboard'))
return redirect(url_for('login'))
image_processor.force_stopped = False
config = controls.get_config(output_folder_path)
thread = threading.Thread(target=image_processor.start_processing,
args=(
file_paths,
config,
))
thread.start()
def handle_stop():
progress_var.set(0)
asyncio.run(image_processor.stop_processing())
actions = Actions(window, open_file_chooser, handle_start, handle_stop)
def handle_clear_list():
global file_paths
items_listbox.delete(0, len(file_paths))
file_paths = set()
actions.on_clear_list(handle_clear_list)
list_frame = tk.Frame(window)
scrollbar = ttk.Scrollbar(list_frame, orient="vertical")
items_listbox = tk.Listbox(list_frame,
def checkForSync(self):
k8s_client = ApiClient.apiclient()
dyn_client = DynamicClient(k8s_client)
v1_resources = dyn_client.resources.get(api_version='v1',
kind='Secret')
try:
resources_list = v1_resources.get(namespace=self.namespace)
logging.info('Retrived list of secrets from project ' +
self.namespace)
except Exception as e:
logging.error('Error encountered ' + str(e))
sys.exit(1)
secdict = []
secact = []
for resource in resources_list.items:
secdict.append(resource.metadata.name)
logging.info('Secret list is ' + str(secdict))
for secret in secdict:
try:
fullyaml = v1_resources.get(name=secret,
namespace=self.namespace)
yaml_response = yaml.safe_load(str(fullyaml))
yamldata = yaml_response['ResourceInstance[Secret]']['data']
for key, value in yamldata.iteritems():
try:
val = Actions(key=key,
mount_point='secret',
secret_path=self.namespace + '/' +
secret).fromVault()
encodedbytes = base64.b64encode(val.encode("utf-8"))
if encodedbytes and value == encodedbytes:
logging.info(
'The current value of the secret-key ' + key +
' in secret ' + secret +
' is unchanged, skipping this one...')
elif encodedbytes and value != encodedbytes:
fullyaml = yaml.safe_load(str(fullyaml))
fullyaml['ResourceInstance[Secret]']['data'][
key] = encodedbytes
logging.info('Updating key-value for key ' + key +
' in secret ' + secret)
try:
print fullyaml['ResourceInstance[Secret]']
v1_resources.patch(
body=fullyaml['ResourceInstance[Secret]'],
namespace=self.namespace,
name=secret)
logging.info(
'Secret ' + secret +
' updated with a new value in namespace ' +
self.namespace)
secact.append(secret)
logging.info(
'Updating the list with secrets that has been modified'
)
except Exception as e:
logging.error('Error encountered ' + str(e))
else:
logging.error('The value for key ' + key +
' does not exist in Vault')
break
except Exception as e:
logging.error('Error getting/setting secret key ' +
key + ' for secret ' + secret +
' from Hashicorp Vault. See ERROR: ' +
str(e))
except Exception as e:
logging.error('Error encountered while getting secret ' +
secret + ' Error: ' + str(e))
return secact
def main():
slackhelper = SlackHelper()
actions = Actions(slackhelper)
actions.notify_channel()
def dashboard():
return render_template('dash.html',
name=flask_login.current_user.id,
games=Actions.get_games(),
players=Actions.get_users())