|
@@ -5,7 +5,6 @@ import socket
|
|
|
from pathlib import Path, PurePosixPath
|
|
from pathlib import Path, PurePosixPath
|
|
|
from dataclasses import dataclass
|
|
from dataclasses import dataclass
|
|
|
from typing import Any
|
|
from typing import Any
|
|
|
-from enum import StrEnum
|
|
|
|
|
|
|
|
|
|
is_windows = os.name == "nt"
|
|
is_windows = os.name == "nt"
|
|
|
|
|
|
|
@@ -41,52 +40,24 @@ class KeePass:
|
|
|
return cls(path=path, bin=binary)
|
|
return cls(path=path, bin=binary)
|
|
|
|
|
|
|
|
|
|
|
|
|
-class SecretType(StrEnum):
|
|
|
|
|
- File="file"
|
|
|
|
|
- KeepassAttribute="keepass-attribute"
|
|
|
|
|
- KeepassAttachment="keepass-attachment"
|
|
|
|
|
-
|
|
|
|
|
-
|
|
|
|
|
@dataclass
|
|
@dataclass
|
|
|
class Secret:
|
|
class Secret:
|
|
|
name: str
|
|
name: str
|
|
|
mode: int
|
|
mode: int
|
|
|
- type: SecretType
|
|
|
|
|
- host_path: Path | None = None
|
|
|
|
|
- key: str | None = None
|
|
|
|
|
- attribute: str | None = None
|
|
|
|
|
- attachment: str | None = None
|
|
|
|
|
|
|
|
|
|
def create(self, keepass: KeePass):
|
|
def create(self, keepass: KeePass):
|
|
|
- match self.type:
|
|
|
|
|
- case SecretType.File:
|
|
|
|
|
- args = ["podman", "secret", "create", "--replace", self.name, self.host_path]
|
|
|
|
|
- print(args)
|
|
|
|
|
- subprocess.run(args)
|
|
|
|
|
-
|
|
|
|
|
- case SecretType.KeepassAttribute:
|
|
|
|
|
- value = keepass.read_entry_attribute(self.key, self.attribute)
|
|
|
|
|
- args = ["podman", "secret", "create", "--replace", self.name, "-"]
|
|
|
|
|
- print(args)
|
|
|
|
|
- subprocess.run(args, input=value.encode())
|
|
|
|
|
-
|
|
|
|
|
- case SecretType.KeepassAttachment:
|
|
|
|
|
- value = keepass.read_entry_attachment(self.key, self.attachment)
|
|
|
|
|
- args = ["podman", "secret", "create", "--replace", self.name, "-"]
|
|
|
|
|
- print(args)
|
|
|
|
|
- subprocess.run(args, input=value.encode())
|
|
|
|
|
|
|
+ ...
|
|
|
|
|
|
|
|
@classmethod
|
|
@classmethod
|
|
|
def from_line(cls, line: str):
|
|
def from_line(cls, line: str):
|
|
|
type_, *args = line.split(",")
|
|
type_, *args = line.split(",")
|
|
|
- match (SecretType(type_), *args):
|
|
|
|
|
- case (SecretType.File, path):
|
|
|
|
|
- path = Path(path).expanduser()
|
|
|
|
|
- return cls(host_path=path, name=path.name, mode=0o0400, type=SecretType.File)
|
|
|
|
|
- case (SecretType.KeepassAttribute, key, attribute):
|
|
|
|
|
- return cls(name=key, key=key, mode=0o0400, type=SecretType.KeepassAttribute, attribute=attribute)
|
|
|
|
|
- case (SecretType.KeepassAttachment, key, attachment):
|
|
|
|
|
- return cls(name=key, key=key, mode=0o0400, type=SecretType.KeepassAttachment, attachment=attachment)
|
|
|
|
|
|
|
+ match type_:
|
|
|
|
|
+ case "file":
|
|
|
|
|
+ return SecretFile.from_line(*args)
|
|
|
|
|
+ case "keepass-attribute":
|
|
|
|
|
+ return SecretKeepassAttribute.from_line(*args)
|
|
|
|
|
+ case "keepass-attachment":
|
|
|
|
|
+ return SecretKeepassAttachment.from_line(*args)
|
|
|
|
|
|
|
|
@classmethod
|
|
@classmethod
|
|
|
def read_sources(cls, hostname: str, login: str) -> list["Secret"]:
|
|
def read_sources(cls, hostname: str, login: str) -> list["Secret"]:
|
|
@@ -95,6 +66,52 @@ class Secret:
|
|
|
lines = f.readlines()
|
|
lines = f.readlines()
|
|
|
return [cls.from_line(l.strip()) for l in lines]
|
|
return [cls.from_line(l.strip()) for l in lines]
|
|
|
|
|
|
|
|
|
|
+@dataclass
|
|
|
|
|
+class SecretKeepassAttachment(Secret):
|
|
|
|
|
+ key: str
|
|
|
|
|
+ attachment: str
|
|
|
|
|
+
|
|
|
|
|
+ def create(self, keepass: KeePass):
|
|
|
|
|
+ value = keepass.read_entry_attachment(self.key, self.attachment)
|
|
|
|
|
+ args = ["podman", "secret", "create", "--replace", self.name, "-"]
|
|
|
|
|
+ print(args)
|
|
|
|
|
+ subprocess.run(args, input=value.encode())
|
|
|
|
|
+
|
|
|
|
|
+ @classmethod
|
|
|
|
|
+ def from_line(cls, key, attachment):
|
|
|
|
|
+ return cls(name=key, key=key, mode=0o0400, attachment=attachment)
|
|
|
|
|
+
|
|
|
|
|
+
|
|
|
|
|
+@dataclass
|
|
|
|
|
+class SecretKeepassAttribute(Secret):
|
|
|
|
|
+ key: str
|
|
|
|
|
+ attribute: str
|
|
|
|
|
+
|
|
|
|
|
+ def create(self, keepass: KeePass):
|
|
|
|
|
+ value = keepass.read_entry_attribute(self.key, self.attribute)
|
|
|
|
|
+ args = ["podman", "secret", "create", "--replace", self.name, "-"]
|
|
|
|
|
+ print(args)
|
|
|
|
|
+ subprocess.run(args, input=value.encode())
|
|
|
|
|
+
|
|
|
|
|
+ @classmethod
|
|
|
|
|
+ def from_line(cls, key, attribute):
|
|
|
|
|
+ return cls(name=key, key=key, mode=0o0400, attribute=attribute)
|
|
|
|
|
+
|
|
|
|
|
+
|
|
|
|
|
+@dataclass
|
|
|
|
|
+class SecretFile(Secret):
|
|
|
|
|
+ host_path: Path
|
|
|
|
|
+
|
|
|
|
|
+ def create(self, keepass: KeePass):
|
|
|
|
|
+ args = ["podman", "secret", "create", "--replace", self.name, self.host_path]
|
|
|
|
|
+ print(args)
|
|
|
|
|
+ subprocess.run(args)
|
|
|
|
|
+
|
|
|
|
|
+ @classmethod
|
|
|
|
|
+ def from_line(cls, path: str):
|
|
|
|
|
+ path = Path(path).expanduser()
|
|
|
|
|
+ return cls(host_path=path, name=path.name, mode=0o0400)
|
|
|
|
|
+
|
|
|
|
|
|
|
|
def to_source_path(path: Path):
|
|
def to_source_path(path: Path):
|
|
|
mount_base = PurePosixPath("/mnt") / "source"
|
|
mount_base = PurePosixPath("/mnt") / "source"
|
jherve