This is an additional implementation compared to the hvac module. The main purpose of which is to simplify the use and interaction with vault for my standard projects. This module contains a set of methods for working with secrets and database engines in vault.
License: MIT License
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Now the data from the generated approle by this module is simply returned to the variable.
You need to add support for saving to the system keystore, by analogy with init-data.
https://github.com/obervinov/vault-package/blob/v2.0.0/vault/vault.py#L396-L406
Because in Release Notes and Github Web preview links don't work and it doesn't look readable and understandable
Adding dependencies between tasks (for fix errors here and here)
Maybe add to templates or specified workflow
https://github.com/obervinov/users-package/blob/main/.github/workflows/release.yml
typos
[2024-01-29 09:00:49,675] WARNING [logger.logger.init_instance:255] [class.VaultClient] the vault instance was successfully initialized: but sensitive information could not be written to the system keystore. They will be written to a temporary file /tmp/vault-package-init-data.json. Please, move this file to a safe place.correct version
[2024-01-29 09:00:49,675] WARNING [logger.logger.init_instance:255] [class.VaultClient] the vault instance was successfully initialized, but sensitive information could not be written to the system keystore. They will be written to a temporary file /tmp/vault-package-init-data.json. Please, move this file to a safe place.
added new string in template
**full changelog**: https://github.com/obervinov/vault-package/compare/1...2 by @ obervinov https://github.com/obervinov/vault-package/pull/1To determine that the token has expired, the methods use a simple exception hvac.exceptions.Forbidden.
Since the exception is too general, there may be a situation when, for example, an incorrectly configured policy for approle and the module accesses a secret to which it does not have access.
Thus, we get into an infinite loop in which the token will be reissued indefinitely due to incorrectly configured rights.
https://github.com/obervinov/vault-package/blob/main/vault/vault.py#L472
Describe the dependencies that are used in the project (or consider dependency graph as an alternative)
Add working examples with the capabilities of the module:
Is your feature request related to a problem? Please describe.
Now if you try to get a list of secrets on a path that doesn't exist - it will raise an exception. Some situations require more controlled handling of such exceptions.
Describe the solution you'd like
Return None if the path does not exist when the list_secrets() method is called.
Describe alternatives you've considered
You may also consider adding custom exceptions or importing existing exceptions from hvac.
Additional context
https://github.com/obervinov/vault-package/blob/main/vault/vault.py#L591
Run pytest --verbose
ImportError while loading conftest '/home/runner/work/telegram-package/telegram-package/tests/conftest.py'.
tests/conftest.py:6: in <module>
from vault import VaultClient
/opt/hostedtoolcache/Python/3.10.13/x64/lib/python3.10/site-packages/vault.py:7: in <module>
from dateutil.parser import isoparse
E ModuleNotFoundError: No module named 'dateutil'
VAULT_ADDRVAULT_TOKENVAULT_APPROLE_IDVAULT_APPROLE_SECRETIDinstall_requires install_requires=[
'logger @ git+https://github.com/obervinov/[email protected]',
] remove dependency_links
fix requirements.txt
logger @ git+https://github.com/obervinov/[email protected]
classifiers classifiers=[
"License :: OSI Approved :: MIT License",
"Programming Language :: Python :: 3.10",
"Operating System :: OS Independent",
"Intended Audience :: Developers",
"Topic :: Software Development"
]for example
name: Test, Build and create relese
on:
push:
branches:
- '*'
- '*/*'
- '**'
env:
PROJECT_DESCRIPTION: "This project is a telegram bot that allows you to create backups of content from your Instagram profile to Dropbox or Mega clouds, as well as in the local file system."
jobs:
pylint:
uses: obervinov/_templates/.github/workflows/[email protected]
verify-changelog:
uses: obervinov/_templates/.github/workflows/[email protected]
pytest:
uses: obervinov/_templates/.github/workflows/[email protected]
build-release:
uses: obervinov/_templates/.github/workflows/build.docker.yml@release/v1.0.5
needs: [pylint, verify-changelog, pytest]
Docs:
Сoverage:
Tests should:
or VAULT_PROJECT_NAME to determine the mount point
Goal: Automate the process of creating new vault instances or customizing existing ones for my projects
The expected behavior of the module looks like this::
VAULT_ADDR and VAULT_TOKEN for authorization in the vault instancevault/policy.hcl to the vault instancenamespaceapprole for the projectGoal:
Reduce the default setting for the lifetime of the approle token for vault instances.
To do this, you need to implement a mechanism that can recognize when a token has expired and issue a new one.
It is assumed that the lifetime of the token will be 1 hours.
https://pypi.org/project/keyring/
module.prepare_environment.null_resource.remote-commands (remote-exec): [2023-07-13 11:00:45,071] WARNING [root.create_approle:423] [class.VaultClient] confidential vault login data via approle was not saved.
module.prepare_environment.null_resource.remote-commands (remote-exec): [2023-07-13 11:00:45,007] WARNING [root.init_instance:241] [class.VaultClient] the vault instance was successfully initialized: but sensitive data for managing this instance was not saved.
https://github.com/marketplace/actions/python-poetry-action
https://python-poetry.org
setup.py
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.