From a273820c84d2f5ccf45d2528f94c4d424eace883 Mon Sep 17 00:00:00 2001 From: Emmanuel Garette Date: Wed, 19 Mar 2025 10:22:27 +0100 Subject: [PATCH] feat: port to rougail secret_manager --- pyproject.toml | 2 +- src/rougail/user_data_bitwarden/config.py | 1 + src/rougail/user_data_bitwarden/data.py | 1 + .../1_secret_unknown/errors/bitwarden.json | 4 +- .../makedict/bitwarden.json | 8 +-- .../makedict/bitwarden.json.rbw | 8 +-- .../4_several_secrets/errors/bitwarden.json | 4 +- .../errors/bitwarden.json.rbw | 6 -- .../errors/bitwarden.json | 4 +- .../errors/bitwarden.json.rbw | 6 -- .../5_secret_calc/errors/bitwarden.json | 4 ++ .../5_secret_calc/makedict/bitwarden.json | 10 ++++ .../9_unknown_type/errors/bitwarden.json | 4 ++ .../9_unknown_type/makedict/bitwarden.json | 3 + tests/structures/1_secret/00-base.yml | 8 ++- tests/structures/1_secret_unknown/00-base.yml | 8 ++- .../structures/2_username_secret/00-base.yml | 16 ++++-- .../2_username_secret_hidden/00-base.yml | 16 ++++-- .../2_username_secret_invalid/00-base.yml | 16 ++++-- .../2_username_secret_upper/00-base.yml | 16 ++++-- .../3_leadership_secret/00-base.yml | 17 ++++-- .../3_leadership_secret_several/00-base.yml | 16 ++++-- .../structures/4_several_secrets/00-base.yml | 8 ++- .../4_several_secrets_upper/00-base.yml | 8 ++- tests/structures/5_default_value/00-base.yml | 7 --- tests/structures/5_secret_calc/00-base.yml | 57 +++++++++++++++++++ .../00-base.yml | 15 ----- .../00-base.yml | 23 -------- tests/structures/8_multi_variable/00-base.yml | 10 +++- tests/structures/9_unknown_type/00-base.yml | 8 ++- tests/test_load.py | 48 +++------------- 31 files changed, 213 insertions(+), 149 deletions(-) delete mode 100644 tests/results/4_several_secrets/errors/bitwarden.json.rbw delete mode 100644 tests/results/4_several_secrets_upper/errors/bitwarden.json.rbw create mode 100644 tests/results/5_secret_calc/errors/bitwarden.json create mode 100644 tests/results/5_secret_calc/makedict/bitwarden.json create mode 100644 tests/results/9_unknown_type/errors/bitwarden.json create mode 100644 tests/results/9_unknown_type/makedict/bitwarden.json delete mode 100644 tests/structures/5_default_value/00-base.yml create mode 100644 tests/structures/5_secret_calc/00-base.yml delete mode 100644 tests/structures/6_leadership_secret_default_value/00-base.yml delete mode 100644 tests/structures/6_leadership_secret_follower_variable/00-base.yml diff --git a/pyproject.toml b/pyproject.toml index 443959c..a5566d3 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -26,7 +26,7 @@ classifiers = [ ] dependencies = [ "rougail >= 1.1,<2", - "rougail-structural-bitwarden == 0.1.0a2", + "rougail-structural-bitwarden == 0.1.0a3", ] [project.urls] diff --git a/src/rougail/user_data_bitwarden/config.py b/src/rougail/user_data_bitwarden/config.py index 3e943e2..339d400 100644 --- a/src/rougail/user_data_bitwarden/config.py +++ b/src/rougail/user_data_bitwarden/config.py @@ -40,6 +40,7 @@ step: {% endif %} bitwarden: + command: choices: - rbw diff --git a/src/rougail/user_data_bitwarden/data.py b/src/rougail/user_data_bitwarden/data.py index 3fb63a6..fb99662 100644 --- a/src/rougail/user_data_bitwarden/data.py +++ b/src/rougail/user_data_bitwarden/data.py @@ -175,6 +175,7 @@ class RougailUserDataBitwarden: else: key_bitwarden = option.value.get() option.value.set(self.get_values(path, type_, key_bitwarden)[1]) + option.permissive.add('novalidator') def get_values(self, path, type_, key_bitwarden, *, allow_multiple=False): if not isinstance(key_bitwarden, str): diff --git a/tests/results/1_secret_unknown/errors/bitwarden.json b/tests/results/1_secret_unknown/errors/bitwarden.json index f2582f6..92d579e 100644 --- a/tests/results/1_secret_unknown/errors/bitwarden.json +++ b/tests/results/1_secret_unknown/errors/bitwarden.json @@ -1,6 +1,6 @@ { "errors": [ - "cannot find secret \"test_unknown\" from Bitwarden for \"rougail.secret\"" + "cannot find secret \"1_secret_unknown - environment - service - user\" from Bitwarden for \"rougail.secret\"" ], "warnings": [] -} \ No newline at end of file +} diff --git a/tests/results/3_leadership_secret_several/makedict/bitwarden.json b/tests/results/3_leadership_secret_several/makedict/bitwarden.json index 3874eb9..eec5a28 100644 --- a/tests/results/3_leadership_secret_several/makedict/bitwarden.json +++ b/tests/results/3_leadership_secret_several/makedict/bitwarden.json @@ -1,12 +1,12 @@ { "rougail.leader.username": [ { - "rougail.leader.username": "test_multi_username1", - "rougail.leader.secret": "test_multi_password1" + "rougail.leader.username": "bitwarden_username", + "rougail.leader.secret": "bitwarden_password" }, { - "rougail.leader.username": "test_multi_username2", - "rougail.leader.secret": "test_multi_password2" + "rougail.leader.username": "bitwarden_username_2", + "rougail.leader.secret": "bitwarden_password_2" } ] } diff --git a/tests/results/3_leadership_secret_several/makedict/bitwarden.json.rbw b/tests/results/3_leadership_secret_several/makedict/bitwarden.json.rbw index 140b773..549b257 100644 --- a/tests/results/3_leadership_secret_several/makedict/bitwarden.json.rbw +++ b/tests/results/3_leadership_secret_several/makedict/bitwarden.json.rbw @@ -1,12 +1,12 @@ { "rougail.leader.username": [ { - "rougail.leader.username": "test_multi_username2", - "rougail.leader.secret": "test_multi_password2" + "rougail.leader.username": "bitwarden_username_2", + "rougail.leader.secret": "bitwarden_password_2" }, { - "rougail.leader.username": "test_multi_username1", - "rougail.leader.secret": "test_multi_password1" + "rougail.leader.username": "bitwarden_username", + "rougail.leader.secret": "bitwarden_password" } ] } diff --git a/tests/results/4_several_secrets/errors/bitwarden.json b/tests/results/4_several_secrets/errors/bitwarden.json index ca54c81..0509385 100644 --- a/tests/results/4_several_secrets/errors/bitwarden.json +++ b/tests/results/4_several_secrets/errors/bitwarden.json @@ -1,6 +1,6 @@ { "errors": [ - "several items found with name \"test_secret_\" from Bitwarden for \"rougail.secret\": \"test_secret_1\", \"test_secret_2\"" + "several items found with name \"4_several_secrets - environment - service - user\" from Bitwarden for \"rougail.secret\": \"4_several_secrets - environment - service - user_1\", \"4_several_secrets - environment - service - user_2\"" ], "warnings": [] -} +} \ No newline at end of file diff --git a/tests/results/4_several_secrets/errors/bitwarden.json.rbw b/tests/results/4_several_secrets/errors/bitwarden.json.rbw deleted file mode 100644 index 90fd376..0000000 --- a/tests/results/4_several_secrets/errors/bitwarden.json.rbw +++ /dev/null @@ -1,6 +0,0 @@ -{ - "errors": [ - "several items found with name \"test_secret_\" from Bitwarden for \"rougail.secret\": \"test_secret_2\", \"test_secret_1\"" - ], - "warnings": [] -} diff --git a/tests/results/4_several_secrets_upper/errors/bitwarden.json b/tests/results/4_several_secrets_upper/errors/bitwarden.json index a78d3f7..2f692d1 100644 --- a/tests/results/4_several_secrets_upper/errors/bitwarden.json +++ b/tests/results/4_several_secrets_upper/errors/bitwarden.json @@ -1,6 +1,6 @@ { "errors": [ - "several items found with name \"TEST_SECRET_\" from Bitwarden for \"rougail.secret\": \"test_secret_1\", \"test_secret_2\"" + "several items found with name \"3_leadership_secret - ENVIRONMENT - SERVICE - USER\" from Bitwarden for \"rougail.secret\": \"3_leadership_secret - environment - service - user_1\", \"3_leadership_secret - environment - service - user_2\"" ], "warnings": [] -} +} \ No newline at end of file diff --git a/tests/results/4_several_secrets_upper/errors/bitwarden.json.rbw b/tests/results/4_several_secrets_upper/errors/bitwarden.json.rbw deleted file mode 100644 index c9e75b4..0000000 --- a/tests/results/4_several_secrets_upper/errors/bitwarden.json.rbw +++ /dev/null @@ -1,6 +0,0 @@ -{ - "errors": [ - "several items found with name \"TEST_SECRET_\" from Bitwarden for \"rougail.secret\": \"test_secret_2\", \"test_secret_1\"" - ], - "warnings": [] -} \ No newline at end of file diff --git a/tests/results/5_secret_calc/errors/bitwarden.json b/tests/results/5_secret_calc/errors/bitwarden.json new file mode 100644 index 0000000..217db0a --- /dev/null +++ b/tests/results/5_secret_calc/errors/bitwarden.json @@ -0,0 +1,4 @@ +{ + "errors": [], + "warnings": [] +} \ No newline at end of file diff --git a/tests/results/5_secret_calc/makedict/bitwarden.json b/tests/results/5_secret_calc/makedict/bitwarden.json new file mode 100644 index 0000000..5596f03 --- /dev/null +++ b/tests/results/5_secret_calc/makedict/bitwarden.json @@ -0,0 +1,10 @@ +{ + "rougail.host": "test", + "rougail.project": "5_secret_calc", + "rougail.environment": "environment", + "rougail.service": "service", + "rougail.user": "user_1", + "rougail.secret": "bitwarden_password", + "rougail.dyn_user_1.secret": "bitwarden_password", + "rougail.dyn_user_2.secret": "bitwarden_password_2" +} \ No newline at end of file diff --git a/tests/results/9_unknown_type/errors/bitwarden.json b/tests/results/9_unknown_type/errors/bitwarden.json new file mode 100644 index 0000000..217db0a --- /dev/null +++ b/tests/results/9_unknown_type/errors/bitwarden.json @@ -0,0 +1,4 @@ +{ + "errors": [], + "warnings": [] +} \ No newline at end of file diff --git a/tests/results/9_unknown_type/makedict/bitwarden.json b/tests/results/9_unknown_type/makedict/bitwarden.json new file mode 100644 index 0000000..4f1aa2e --- /dev/null +++ b/tests/results/9_unknown_type/makedict/bitwarden.json @@ -0,0 +1,3 @@ +{ + "rougail.secret.bitwarden": true +} \ No newline at end of file diff --git a/tests/structures/1_secret/00-base.yml b/tests/structures/1_secret/00-base.yml index 941c2bb..47f300a 100644 --- a/tests/structures/1_secret/00-base.yml +++ b/tests/structures/1_secret/00-base.yml @@ -4,5 +4,9 @@ version: 1.1 secret: description: the second variable type: secret - default: test_secret_1 - bitwarden: true + secret_manager: + host: test + project: 1_secret + environment: environment + service: service + user: user diff --git a/tests/structures/1_secret_unknown/00-base.yml b/tests/structures/1_secret_unknown/00-base.yml index 0e35e43..bb40701 100644 --- a/tests/structures/1_secret_unknown/00-base.yml +++ b/tests/structures/1_secret_unknown/00-base.yml @@ -4,5 +4,9 @@ version: 1.1 secret: description: the second variable type: secret - default: test_unknown - bitwarden: true + secret_manager: + host: test + project: 1_secret_unknown + environment: environment + service: service + user: user diff --git a/tests/structures/2_username_secret/00-base.yml b/tests/structures/2_username_secret/00-base.yml index 5026895..ab3163f 100644 --- a/tests/structures/2_username_secret/00-base.yml +++ b/tests/structures/2_username_secret/00-base.yml @@ -4,11 +4,19 @@ version: 1.1 username: description: the username type: unix_user - default: test_secret_1 - bitwarden: true + secret_manager: + host: test + project: 2_username_secret + environment: environment + service: service + user: user_1 secret: description: the secret type: secret - default: test_secret_1 - bitwarden: true + secret_manager: + host: test + project: 2_username_secret + environment: environment + service: service + user: user_1 diff --git a/tests/structures/2_username_secret_hidden/00-base.yml b/tests/structures/2_username_secret_hidden/00-base.yml index f88bc51..f926555 100644 --- a/tests/structures/2_username_secret_hidden/00-base.yml +++ b/tests/structures/2_username_secret_hidden/00-base.yml @@ -4,12 +4,20 @@ version: 1.1 username: description: the username type: unix_user - default: test_secret_1 - bitwarden: true + secret_manager: + host: test + project: 2_username_secret_hidden + environment: environment + service: service + user: user secret: description: the secret type: secret hidden: true - default: test_secret_1 - bitwarden: true + secret_manager: + host: test + project: 2_username_secret_hidden + environment: environment + service: service + user: user diff --git a/tests/structures/2_username_secret_invalid/00-base.yml b/tests/structures/2_username_secret_invalid/00-base.yml index 80b617e..67795e9 100644 --- a/tests/structures/2_username_secret_invalid/00-base.yml +++ b/tests/structures/2_username_secret_invalid/00-base.yml @@ -4,11 +4,19 @@ version: 1.1 username: description: the username type: unix_user - default: UP SECRET 1 - bitwarden: true + secret_manager: + host: test + project: 2_username_secret_invalid + environment: environment + service: service + user: UP SECRET 1 secret: description: the secret type: secret - default: UP SECRET 1 - bitwarden: true + secret_manager: + host: test + project: 2_username_secret_invalid + environment: environment + service: service + user: UP SECRET 1 diff --git a/tests/structures/2_username_secret_upper/00-base.yml b/tests/structures/2_username_secret_upper/00-base.yml index e0dfdfe..0bf933c 100644 --- a/tests/structures/2_username_secret_upper/00-base.yml +++ b/tests/structures/2_username_secret_upper/00-base.yml @@ -4,11 +4,19 @@ version: 1.1 username: description: the username type: unix_user - default: TEST_SECRET_1 - bitwarden: true + secret_manager: + host: TEST + project: 2_USERNAME_SECRET_UPPER + environment: ENVIRONMENT + service: SERVICE + user: USER_1 secret: description: the secret type: secret - default: TEST_SECRET_1 - bitwarden: true + secret_manager: + host: TEST + project: 2_USERNAME_SECRET_UPPER + environment: ENVIRONMENT + service: SERVICE + user: USER_1 diff --git a/tests/structures/3_leadership_secret/00-base.yml b/tests/structures/3_leadership_secret/00-base.yml index d309428..3ef06b9 100644 --- a/tests/structures/3_leadership_secret/00-base.yml +++ b/tests/structures/3_leadership_secret/00-base.yml @@ -7,12 +7,19 @@ leader: username: description: the username type: unix_user - default: - - test_secret_1 - - test_secret_2 - bitwarden: true + secret_manager: + host: test + project: 3_leadership_secret + environment: environment + service: service + user: user secret: description: the secret type: secret - bitwarden: true + secret_manager: + host: test + project: 3_leadership_secret + environment: environment + service: service + user: user diff --git a/tests/structures/3_leadership_secret_several/00-base.yml b/tests/structures/3_leadership_secret_several/00-base.yml index 5079719..93da192 100644 --- a/tests/structures/3_leadership_secret_several/00-base.yml +++ b/tests/structures/3_leadership_secret_several/00-base.yml @@ -7,11 +7,19 @@ leader: username: description: the username type: unix_user - default: - - test_multi_ - bitwarden: true + secret_manager: + host: test + project: 3_leadership_secret_several + environment: environment + service: service + user: user secret: description: the secret type: secret - bitwarden: true + secret_manager: + host: test + project: 3_leadership_secret_several + environment: environment + service: service + user: user diff --git a/tests/structures/4_several_secrets/00-base.yml b/tests/structures/4_several_secrets/00-base.yml index 0056345..c340283 100644 --- a/tests/structures/4_several_secrets/00-base.yml +++ b/tests/structures/4_several_secrets/00-base.yml @@ -4,5 +4,9 @@ version: 1.1 secret: description: the second variable type: secret - default: test_secret_ - bitwarden: true + secret_manager: + host: test + project: 4_several_secrets + environment: environment + service: service + user: user diff --git a/tests/structures/4_several_secrets_upper/00-base.yml b/tests/structures/4_several_secrets_upper/00-base.yml index ca39dbd..2396c85 100644 --- a/tests/structures/4_several_secrets_upper/00-base.yml +++ b/tests/structures/4_several_secrets_upper/00-base.yml @@ -4,5 +4,9 @@ version: 1.1 secret: description: the second variable type: secret - default: TEST_SECRET_ - bitwarden: true + secret_manager: + host: test + project: 3_leadership_secret + environment: ENVIRONMENT + service: SERVICE + user: USER diff --git a/tests/structures/5_default_value/00-base.yml b/tests/structures/5_default_value/00-base.yml deleted file mode 100644 index cbf3f97..0000000 --- a/tests/structures/5_default_value/00-base.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -version: 1.1 - -secret2: - description: the variable - type: secret - bitwarden: true diff --git a/tests/structures/5_secret_calc/00-base.yml b/tests/structures/5_secret_calc/00-base.yml new file mode 100644 index 0000000..47cf56b --- /dev/null +++ b/tests/structures/5_secret_calc/00-base.yml @@ -0,0 +1,57 @@ +--- +version: 1.1 + +host: + description: hostname + default: test + +project: + description: the project + default: 5_secret_calc + +environment: + description: the environment + default: environment + +service: + description: the service + default: service + +user: + description: the user + default: user_1 + +secret: + description: the secret + type: secret + secret_manager: + host: + variable: _.host + project: + variable: _.project + environment: + variable: _.environment + service: + variable: _.service + user: + variable: _.user + +dyn_{{ identifier }}: + dynamic: + - user_1 + - user_2 + + secret: + description: the second secret + type: secret + secret_manager: + host: + variable: __.host + project: + variable: __.project + environment: + variable: __.environment + service: + variable: __.service + user: + type: identifier diff --git a/tests/structures/6_leadership_secret_default_value/00-base.yml b/tests/structures/6_leadership_secret_default_value/00-base.yml deleted file mode 100644 index 029e2fa..0000000 --- a/tests/structures/6_leadership_secret_default_value/00-base.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -version: 1.1 - -leader: - type: leadership - - username: - description: the username - type: unix_user - bitwarden: true - - secret: - description: the secret - type: secret - bitwarden: true diff --git a/tests/structures/6_leadership_secret_follower_variable/00-base.yml b/tests/structures/6_leadership_secret_follower_variable/00-base.yml deleted file mode 100644 index d632e62..0000000 --- a/tests/structures/6_leadership_secret_follower_variable/00-base.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -version: 1.1 - -leader: - type: leadership - - username: - description: the username - type: unix_user - default: - - test_secret_1 - - test_secret_2 - bitwarden: true - - secret: - description: the secret - type: secret - default: - jinja: test_secret_{{ index + 1 }} - params: - index: - type: index - bitwarden: true diff --git a/tests/structures/8_multi_variable/00-base.yml b/tests/structures/8_multi_variable/00-base.yml index 00f78b3..f3a4078 100644 --- a/tests/structures/8_multi_variable/00-base.yml +++ b/tests/structures/8_multi_variable/00-base.yml @@ -4,6 +4,10 @@ version: 1.1 secret: description: the secret variable type: secret - default: - - test_secret_1 - bitwarden: true + multi: true + secret_manager: + host: test + project: 8_multi_variable + environment: environment + service: service + user: user diff --git a/tests/structures/9_unknown_type/00-base.yml b/tests/structures/9_unknown_type/00-base.yml index aa999f5..1c494e5 100644 --- a/tests/structures/9_unknown_type/00-base.yml +++ b/tests/structures/9_unknown_type/00-base.yml @@ -3,4 +3,10 @@ version: 1.1 secret: description: the first variable - bitwarden: true + type: string + secret_manager: + host: test + project: 9_unknown_type + environment: environment + service: service + user: user diff --git a/tests/test_load.py b/tests/test_load.py index bc2459d..823ab86 100644 --- a/tests/test_load.py +++ b/tests/test_load.py @@ -154,71 +154,39 @@ def test_dictionaries_4_several_secrets_upper_bw(): _test_dictionaries(test_dir / '4_several_secrets_upper', 'bw') -def test_dictionaries_5_default_value_rbw(): +def test_dictionaries_5_secret_calc_rbw(): "tests the output" - with raises(DictConsistencyError) as err: - _test_dictionaries(test_dir / '5_default_value', 'rbw') - assert err.errno == 304 + _test_dictionaries(test_dir / '5_secret_calc', 'rbw') -def test_dictionaries_5_default_value_bw(): +def test_dictionaries_5_secret_calc_bw(): "tests the output" - with raises(DictConsistencyError) as err: - _test_dictionaries(test_dir / '5_default_value', 'bw') - assert err.errno == 304 - - -def test_dictionaries_6_leadership_secret_default_value_rbw(): - "tests the output" - with raises(DictConsistencyError) as err: - _test_dictionaries(test_dir / '6_leadership_secret_default_value', 'rbw') - assert err.errno == 304 - - -def test_dictionaries_6_leadership_secret_default_value_bw(): - "tests the output" - with raises(DictConsistencyError) as err: - _test_dictionaries(test_dir / '6_leadership_secret_default_value', 'bw') - assert err.errno == 304 - - -def test_dictionaries_6_leadership_secret_follower_variable_rbw(): - "tests the output" - with raises(DictConsistencyError) as err: - _test_dictionaries(test_dir / '6_leadership_secret_follower_variable', 'rbw') - assert err.errno == 303 - - -def test_dictionaries_6_leadership_secret_follower_variable_bw(): - "tests the output" - with raises(DictConsistencyError) as err: - _test_dictionaries(test_dir / '6_leadership_secret_follower_variable', 'bw') - assert err.errno == 303 + _test_dictionaries(test_dir / '5_secret_calc', 'bw') def test_dictionaries_8_multi_variable_rbw(): "tests the output" with raises(DictConsistencyError) as err: _test_dictionaries(test_dir / '8_multi_variable', 'rbw') - assert err.errno == 302 + assert err.value.errno == 57 def test_dictionaries_8_multi_variable_bw(): "tests the output" with raises(DictConsistencyError) as err: _test_dictionaries(test_dir / '8_multi_variable', 'bw') - assert err.errno == 302 + assert err.value.errno == 57 def test_dictionaries_9_unknown_type_rbw(): "tests the output" with raises(DictConsistencyError) as err: _test_dictionaries(test_dir / '9_unknown_type', 'rbw') - assert err.errno == 301 + assert err.value.errno == 56 def test_dictionaries_9_unknown_type_bw(): "tests the output" with raises(DictConsistencyError) as err: _test_dictionaries(test_dir / '9_unknown_type', 'bw') - assert err.errno == 301 + assert err.value.errno == 56