Re: [jenkins-ci PATCH 10/20] quayadmin: Read configuration from file

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jul 17, 2019 at 01:53:59PM +0200, Andrea Bolognani wrote:
> We don't want sensitive information such as the API token to
> be stored into the script, both because it could lead to them
> being leaked by mistake and because it makes it needlessly
> complicated for users to take advantage of the tool.

We arguably don't want the token stored cleartext in a
config file either. How about making use of the system
keyring - there's a python module that looks to make
this fairly easy

  https://pypi.org/project/keyring/


> 
> Signed-off-by: Andrea Bolognani <abologna@xxxxxxxxxx>
> ---
>  guests/quayadmin | 25 +++++++++++++++++++++----
>  1 file changed, 21 insertions(+), 4 deletions(-)
> 
> diff --git a/guests/quayadmin b/guests/quayadmin
> index 25128e5..4e60653 100755
> --- a/guests/quayadmin
> +++ b/guests/quayadmin
> @@ -19,15 +19,32 @@
>  # with this program. If not, see <https://www.gnu.org/licenses/>.
>  
>  import argparse
> +import configparser
> +import os
>  import pprint
>  import requests
>  import sys
>  
>  def get_config():
> -    config = {
> -        "baseurl": "https://quay.io/api/v1";,
> -        "token": "xxx",
> -    }
> +    try:
> +        path = os.environ["XDG_CONFIG_HOME"]
> +    except KeyError:
> +        path = os.path.join(os.environ["HOME"], ".config")
> +    path = os.path.join(os.path.join(path, "quayadmin"), "config.ini")
> +
> +    try:
> +        parser = configparser.ConfigParser()
> +        parser.read_file(open(path))
> +    except Exception as ex:
> +        raise Exception("Cannot load config: {}".format(ex))
> +
> +    try:
> +        config = {
> +            "baseurl": "https://quay.io/api/v1";,
> +            "token": parser["DEFAULT"]["token"],
> +        }
> +    except KeyError:
> +        raise Exception("Token not found in {}".format(path))
>  
>      return config
>  
> -- 
> 2.21.0
> 
> --
> libvir-list mailing list
> libvir-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/libvir-list

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list



[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux