On Wed, Jul 17, 2019 at 01:53:59PM +0200, Andrea Bolognani wrote: > We don't want sensitive information such as the API token to > be stored into the script, both because it could lead to them > being leaked by mistake and because it makes it needlessly > complicated for users to take advantage of the tool. We arguably don't want the token stored cleartext in a config file either. How about making use of the system keyring - there's a python module that looks to make this fairly easy https://pypi.org/project/keyring/ > > Signed-off-by: Andrea Bolognani <abologna@xxxxxxxxxx> > --- > guests/quayadmin | 25 +++++++++++++++++++++---- > 1 file changed, 21 insertions(+), 4 deletions(-) > > diff --git a/guests/quayadmin b/guests/quayadmin > index 25128e5..4e60653 100755 > --- a/guests/quayadmin > +++ b/guests/quayadmin > @@ -19,15 +19,32 @@ > # with this program. If not, see <https://www.gnu.org/licenses/>. > > import argparse > +import configparser > +import os > import pprint > import requests > import sys > > def get_config(): > - config = { > - "baseurl": "https://quay.io/api/v1";, > - "token": "xxx", > - } > + try: > + path = os.environ["XDG_CONFIG_HOME"] > + except KeyError: > + path = os.path.join(os.environ["HOME"], ".config") > + path = os.path.join(os.path.join(path, "quayadmin"), "config.ini") > + > + try: > + parser = configparser.ConfigParser() > + parser.read_file(open(path)) > + except Exception as ex: > + raise Exception("Cannot load config: {}".format(ex)) > + > + try: > + config = { > + "baseurl": "https://quay.io/api/v1";, > + "token": parser["DEFAULT"]["token"], > + } > + except KeyError: > + raise Exception("Token not found in {}".format(path)) > > return config > > -- > 2.21.0 > > -- > libvir-list mailing list > libvir-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/libvir-list Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
