How to use the baseplate.lib.secrets.SecretsStore function in baseplate

To help you get started, we’ve selected a few baseplate examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github reddit / baseplate.py / tests / integration / live_data / zookeeper_tests.py View on Github external
def test_create_client_with_credentials(self):
        secrets = mock.Mock(spec=SecretsStore)
        secrets.get_simple.return_value = b"myzkuser:hunter2"

        client = zookeeper_client_from_config(
            secrets,
            {
                "zookeeper.hosts": "%s:%d" % zookeeper_endpoint.address,
                "zookeeper.credentials": "secret/zk-user",
            },
        )

        client.start()
        with self.assertRaises(NoNodeError):
            client.get("/does_not_exist")
        client.stop()

        secrets.get_simple.assert_called_with("secret/zk-user")
github reddit / baseplate.py / tests / integration / hvac_tests.py View on Github external
def setUp(self):
        secrets_store = mock.Mock(spec=SecretsStore)
        secrets_store.get_vault_url.return_value = "http://%s:%d/" % vault_endpoint.address
        secrets_store.get_vault_token.return_value = "b4c6f298-3f80-11e7-8b88-5254001e7ad3"

        self.baseplate_observer = TestBaseplateObserver()

        baseplate = Baseplate()
        baseplate.register(self.baseplate_observer)
        baseplate.configure_context({}, {"vault": HvacClient(secrets_store)})

        self.context = baseplate.make_context_object()
        self.server_span = baseplate.make_server_span(self.context, "test")
github reddit / baseplate.py / tests / unit / lib / secrets / store_tests.py View on Github external
def test_prefix(self):
        secrets = secrets_store_from_config(
            {"secrets.path": "/tmp/test", "test_secrets.path": "/tmp/secrets"},
            prefix="test_secrets.",
        )
        self.assertIsInstance(secrets, SecretsStore)
        self.assertEqual(secrets._filewatcher._path, "/tmp/secrets")
github reddit / baseplate.py / tests / integration / live_data / zookeeper_tests.py View on Github external
def test_create_client_no_secrets(self):
        secrets = mock.Mock(spec=SecretsStore)
        client = zookeeper_client_from_config(
            secrets, {"zookeeper.hosts": "%s:%d" % zookeeper_endpoint.address}
        )

        client.start()

        with self.assertRaises(NoNodeError):
            client.get("/does_not_exist")

        client.stop()
github reddit / baseplate.py / tests / unit / clients / sqlalchemy_tests.py View on Github external
def setUp(self):
        mock_filewatcher = mock.Mock(spec=FileWatcher)
        mock_filewatcher.get_data.return_value = {
            "secrets": {
                "secret/sql/account": {
                    "type": "credential",
                    "username": "reddit",
                    "password": "password",
                }
            },
            "vault": {"token": "test", "url": "http://vault.example.com:8200/"},
        }
        secrets = SecretsStore("/secrets")
        secrets._filewatcher = mock_filewatcher
        self.secrets = secrets
github reddit / baseplate.py / tests / unit / core_tests.py View on Github external
def setUp(self):
        mock_filewatcher = mock.Mock(spec=FileWatcher)
        mock_filewatcher.get_data.return_value = {
            "secrets": {
                "secret/authentication/public-key": {
                    "type": "versioned",
                    "current": AUTH_TOKEN_PUBLIC_KEY,
                }
            },
            "vault": {"token": "test", "url": "http://vault.example.com:8200/"},
        }
        self.store = SecretsStore("/secrets")
        self.store._filewatcher = mock_filewatcher
        self.factory = EdgeRequestContextFactory(self.store)
github reddit / baseplate.py / tests / unit / frameworks / pyramid / csrf_tests.py View on Github external
def setUp(self):
        mock_filewatcher = mock.Mock(spec=FileWatcher)
        mock_filewatcher.get_data.return_value = {
            "secrets": {
                "secret/csrf/signing-key": {
                    "type": "versioned",
                    "current": base64.b64encode(b"test"),
                    "encoding": "base64",
                }
            },
            "vault": {"token": "test", "url": "http://vault.example.com:8200/"},
        }
        secrets = SecretsStore("/secrets")
        secrets._filewatcher = mock_filewatcher
        self.policy = TokenCSRFStoragePolicy(secrets=secrets, secret_path="secret/csrf/signing-key")
github reddit / baseplate.py / tests / unit / clients / kombu_tests.py View on Github external
def secrets():
    mock_filewatcher = mock.Mock(spec=FileWatcher)
    mock_filewatcher.get_data.return_value = {
        "secrets": {
            "secret/rabbitmq/account": {
                "type": "credential",
                "username": "spez",
                "password": "hunter2",
            }
        },
        "vault": {"token": "test", "url": "http://vault.example.com:8200/"},
    }
    secrets = SecretsStore("/secrets")
    secrets._filewatcher = mock_filewatcher
    return secrets
github reddit / baseplate.py / tests / integration / thrift_tests.py View on Github external
def make_edge_context_factory():
    mock_filewatcher = mock.Mock(spec=FileWatcher)
    mock_filewatcher.get_data.return_value = {
        "secrets": {
            "secret/authentication/public-key": {
                "type": "versioned",
                "current": AUTH_TOKEN_PUBLIC_KEY,
            }
        },
        "vault": {"token": "test", "url": "http://vault.example.com:8200/"},
    }
    secrets = SecretsStore("/secrets")
    secrets._filewatcher = mock_filewatcher
    return EdgeRequestContextFactory(secrets)
github reddit / baseplate.py / baseplate / lib / secrets.py View on Github external
{
            config_prefix: {
                "path": config.Optional(config.String, default="/var/local/secrets.json"),
                "backoff": config.Optional(config.Timespan),
            }
        },
    )
    options = getattr(cfg, config_prefix)

    if options.backoff:
        backoff = options.backoff.total_seconds()
    else:
        backoff = None

    # pylint: disable=maybe-no-member
    return SecretsStore(options.path, timeout=timeout, backoff=backoff)