Skip to content

Commit

Permalink
Fix merge conflicts
Browse files Browse the repository at this point in the history
  • Loading branch information
@TimvdHeijden
TimvdHeijden committed Sep 24, 2024
2 parents 042f2b0 + 5a5d78a commit ffa19b5
Show file tree
Hide file tree
Showing 8 changed files with 56 additions and 18 deletions.
15 changes: 15 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,21 @@ The function lets you upload a dictionary, where the key-value pairs are the sec
from keyvault import dict_to_keyvault

dict_to_keyvault(keyvault_name="mykeyvault", secret_dict={'SECRET_NAME': 'secret value'})

```
It is also possible to add an expiry date or the content type of the secrets:

```python
from keyvault import dict_to_keyvault
from datetime import datetime, timedelta
expiry_date = datetime.now() + timedelta(days=80)

dict_to_keyvault(
keyvault_name="mykeyvault",
secret_dict={'SECRET_NAME': 'secret value'},
expires_on=expiry_date,
content_type="text/plain"
)
```

## Delete keyvault secrets
Expand Down
2 changes: 1 addition & 1 deletion keyvault/auth.py
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
from azure.keyvault.secrets import SecretClient
from azure.identity import DefaultAzureCredential
from azure.keyvault.secrets import SecretClient


def create_keyvault_client(keyvault_name: str):
Expand Down
6 changes: 4 additions & 2 deletions keyvault/get_secrets.py
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
from keyvault.auth import create_keyvault_client
import logging
from azure.core.exceptions import ServiceRequestError
import os
from time import sleep

from keyvault.auth import create_keyvault_client


def get_secret_list(client) -> list:
"""
Expand All @@ -22,7 +23,8 @@ def get_secret_list(client) -> list:
secret_properties = client.list_properties_of_secrets()
secrets = list()
for secret_property in secret_properties:
secrets.append(secret_property.name)
if secret_property.enabled:
secrets.append(secret_property.name)

return secrets

Expand Down
12 changes: 9 additions & 3 deletions keyvault/tests/__init__.py
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,12 @@
import os

from keyvault import secrets_to_environment

# The keyvault name is stored in github secrets.
secrets_to_environment(keyvault_name=os.environ.get("TEST_KEYVAULT_NAME"))
try:
from dotenv import load_dotenv

load_dotenv(override=True)
print("keyvault", os.environ.get("TEST_KEYVAULT_NAME"))
except ImportError:
print("dotenv not installed")

test_keyvault = os.environ.get("TEST_KEYVAULT_NAME")
25 changes: 20 additions & 5 deletions keyvault/tests/test_keyvault.py
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
import logging
import os
from datetime import datetime, timedelta
from pprint import pprint

from keyvault import delete_keyvault_secrets, dict_to_keyvault, get_keyvault_secrets
from keyvault.tests import test_keyvault

"""
This is the testing suite for twinfield tools.
Expand All @@ -15,6 +16,18 @@
# #############################


def test_create_secrets():
my_secrets = {"USERNAME": "PYTHON2"}
expiry_date = datetime.now() + timedelta(days=80)

dict_to_keyvault(
keyvault_name=test_keyvault,
secret_dict=my_secrets,
expires_on=expiry_date,
content_type="text/plain",
)


def test_keyvault_download_upload():
"""
Test for functions used in this package.
Expand All @@ -24,21 +37,23 @@ def test_keyvault_download_upload():

my_secrets = {"USERNAME": "PYTHON", "PASSWORD": "12kNDi2lm§!"}

dict_to_keyvault(keyvault_name=os.environ.get("TEST_KEYVAULT_NAME"), secret_dict=my_secrets)
dict_to_keyvault(keyvault_name=test_keyvault, secret_dict=my_secrets)

logging.info("***START TEST DOWNLOADING SECRETS FROM KEYVAULT***")

downloaded_secrets = get_keyvault_secrets(keyvault_name=os.environ.get("TEST_KEYVAULT_NAME"))
downloaded_secrets = get_keyvault_secrets(keyvault_name=test_keyvault)
pprint(downloaded_secrets)

assert my_secrets == downloaded_secrets

logging.info("***START TEST DELETING SECRETS FROM KEYVAULT***")

delete_keyvault_secrets(keyvault_name=os.environ.get("TEST_KEYVAULT_NAME"), secret_list=["USERNAME"])
downloaded_updated_secrets = get_keyvault_secrets(keyvault_name=os.environ.get("TEST_KEYVAULT_NAME"))
delete_keyvault_secrets(keyvault_name=test_keyvault, secret_list=["USERNAME"])
downloaded_updated_secrets = get_keyvault_secrets(keyvault_name=test_keyvault)

pprint(downloaded_updated_secrets)


if __name__ == "__main__":
test_create_secrets()
test_keyvault_download_upload()
11 changes: 5 additions & 6 deletions keyvault/utils.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ def get_dotenv_secrets(dotenv_file: str) -> dict:
return local_secrets


def dict_to_keyvault(keyvault_name: str, secret_dict: dict) -> None:
def dict_to_keyvault(keyvault_name: str, secret_dict: dict, **kwargs) -> None:
"""
Parameters
----------
Expand All @@ -68,17 +68,16 @@ def dict_to_keyvault(keyvault_name: str, secret_dict: dict) -> None:
"""

client = create_keyvault_client(keyvault_name=keyvault_name)
send_secrets(client, secret_dict)
send_secrets(client, secret_dict, **kwargs)


def send_secrets(client: SecretClient, secrets: dict) -> None:
def send_secrets(client: SecretClient, secrets: dict, **kwargs) -> None:
"""
Parameters
----------
client : SecretClient
keyvault client
secrets: dict
dictionary containing the secrets
Expand All @@ -92,7 +91,7 @@ def send_secrets(client: SecretClient, secrets: dict) -> None:
secret_name = secret_name.replace("_", "-") # Azure does not accept _ in names. FFS
logging.debug(f"creating secret name {secret_name}")
try:
client.set_secret(secret_name, secret_value)
client.set_secret(secret_name, secret_value, **kwargs)
except ResourceExistsError:
# if the secret already exists, first recover the secret and then update the secret.
client.begin_recover_deleted_secret(secret_name)
Expand All @@ -101,7 +100,7 @@ def send_secrets(client: SecretClient, secrets: dict) -> None:
for _ in tqdm(range(10), desc="Secret is in soft delete state: Waiting to recover..."):
sleep(1)

client.set_secret(secret_name, secret_value)
client.set_secret(secret_name, secret_value, **kwargs)

logging.info(f"succesfully created {len(secrets)} secrets!")

Expand Down
1 change: 1 addition & 0 deletions requirements-dev.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,3 +3,4 @@ flake8
isort
pre-commit
pytest
python-dotenv
2 changes: 1 addition & 1 deletion setup.cfg
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[metadata]
name = keyvault
version = 0.2.0
version = 0.3.0
author = Melvin Folkers, Erfan Nariman
author_email = [email protected]
description = A small package for handling project secrets
Expand Down

0 comments on commit ffa19b5

Please sign in to comment.