mirror of
https://github.com/reddit-archive/reddit.git
synced 2026-01-24 22:38:09 -05:00
3366083663
This is intended to reduce the number of critical secrets stored in the INI file. An initial subset of secrets is moved into the vault to test things out.
74 lines
2.4 KiB
Python
Executable File
74 lines
2.4 KiB
Python
Executable File
#!/usr/bin/env python
|
|
# The contents of this file are subject to the Common Public Attribution
|
|
# License Version 1.0. (the "License"); you may not use this file except in
|
|
# compliance with the License. You may obtain a copy of the License at
|
|
# http://code.reddit.com/LICENSE. The License is based on the Mozilla Public
|
|
# License Version 1.1, but Sections 14 and 15 have been added to cover use of
|
|
# software over a computer network and provide for limited attribution for the
|
|
# Original Developer. In addition, Exhibit A has been modified to be consistent
|
|
# with Exhibit B.
|
|
#
|
|
# Software distributed under the License is distributed on an "AS IS" basis,
|
|
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for
|
|
# the specific language governing rights and limitations under the License.
|
|
#
|
|
# The Original Code is reddit.
|
|
#
|
|
# The Original Developer is the Initial Developer. The Initial Developer of
|
|
# the Original Code is reddit Inc.
|
|
#
|
|
# All portions of the code written by reddit are Copyright (c) 2006-2013 reddit
|
|
# Inc. All Rights Reserved.
|
|
###############################################################################
|
|
|
|
import ConfigParser
|
|
import base64
|
|
import cStringIO
|
|
import os
|
|
import sys
|
|
|
|
from r2.lib.utils import parse_ini_file
|
|
from r2.lib.zookeeper import connect_to_zookeeper
|
|
from r2.lib.app_globals import fetch_secrets
|
|
|
|
|
|
def read_secrets_from_zookeeper(config):
|
|
zk_hostlist = config.get("DEFAULT", "zookeeper_connection_string")
|
|
username = config.get("DEFAULT", "zookeeper_username")
|
|
password = config.get("DEFAULT", "zookeeper_password")
|
|
|
|
client = connect_to_zookeeper(zk_hostlist, (username, password))
|
|
secrets = fetch_secrets(client)
|
|
|
|
ini = ConfigParser.RawConfigParser()
|
|
ini.add_section("secrets")
|
|
for name, secret in secrets.iteritems():
|
|
ini.set("secrets", name, base64.b64encode(secret))
|
|
|
|
output = cStringIO.StringIO()
|
|
ini.write(output)
|
|
return output.getvalue()
|
|
|
|
|
|
def main():
|
|
progname = os.path.basename(sys.argv[0])
|
|
|
|
try:
|
|
ini_file_name = sys.argv[1]
|
|
except IndexError:
|
|
print >> sys.stderr, "USAGE: %s INI" % progname
|
|
return 1
|
|
|
|
try:
|
|
with open(ini_file_name) as ini_file:
|
|
config = parse_ini_file(ini_file)
|
|
except (IOError, ConfigParser.Error), e:
|
|
print >> sys.stderr, "%s: %s: %s" % (progname, ini_file_name, e)
|
|
return 1
|
|
|
|
print read_secrets_from_zookeeper(config)
|
|
|
|
|
|
if __name__ == "__main__":
|
|
sys.exit(main())
|