nucleardog
/
configs
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Wrapper for Mozilla's sops tool to work with encrypted configs and render them into a classic `.env` format
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9 Commits
1 Branch
0 Tags
220 KiB
 
Tree: 946c289934
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '946c289934'
${ noResults }
configs/configs/transform/env.py

53 lines
2.0 KiB
Raw Blame History

from pprint import pprint
import tempfile
import base64
import os
class Env:
def __init__(self, transform_config):
self.config = transform_config
def transform(self, config, vault):
out = []
for k in self.config["fields"].keys():
value = self.config["fields"][k]
value = self._decode(value, config, vault)
if value is None:
out.append('# ' + k + '=null')
else:
out.append(k + '="' + str(value) + '"')
return os.linesep.join(out)
def _decode(self, value, config, vault):
if type(value) is dict:
if len(value) != 1:
raise Exception('Malformed object literal')
if 'literal' in value:
return value['literal']
elif 'vault' in value:
return vault.resolve(config, self._decode(value['vault'], config, vault))
elif 'file' in value:
temp = tempfile.NamedTemporaryFile(delete=False, prefix='configs')
if type(value['file']) is list:
if len(value['file']) >= 1:
file_contents = self._decode(value['file'][0], config, vault).encode('utf-8')
if len(value['file']) >= 2:
file_permissions = self._decode(value['file'][1], config, vault)
else:
file_permissions = 0o666
else:
file_contents = self._decode(value['file'], config, vault).encode('utf-8')
file_permissions = 0o666
temp.write(file_contents)
temp.close()
os.chmod(temp.name, file_permissions)
return temp.name
elif 'base64' in value:
return base64.b64decode(self._decode(value['base64'], config, vault)).decode('utf-8')
else:
raise Exception('Malformed object literal -- unknown: ' + value.keys()[0])
else:
return vault.resolve(config, value)