Passphrase
Some checks failed
Lint Checks / Run linter (pull_request) Failing after 42s
Deploy Test / Run deploy test suite (pull_request) Successful in 5m37s
Webapp Test / Run webapp test suite (pull_request) Successful in 5m0s
K8s Deployment Control Test / Run deployment control suite on kind/k8s (pull_request) Successful in 7m46s
K8s Deploy Test / Run deploy test suite on kind/k8s (pull_request) Successful in 8m33s
Smoke Test / Run basic test suite (pull_request) Successful in 4m19s

This commit is contained in:
Thomas E Lackey 2024-08-24 00:54:07 -05:00
parent d808da4314
commit 970351db92

View File

@ -21,6 +21,7 @@ import sys
import tempfile
import time
import uuid
import yaml
import click
import gnupg
@ -42,9 +43,6 @@ from stack_orchestrator.deploy.webapp.util import (
skip_by_tag,
confirm_payment,
)
from stack_orchestrator.util import get_yaml
yaml = get_yaml()
def process_app_deployment_request(
@ -62,6 +60,7 @@ def process_app_deployment_request(
recreate_on_deploy,
deployer_record,
gpg,
private_key_passphrase,
config_upload_dir,
logger,
):
@ -121,8 +120,8 @@ def process_app_deployment_request(
f"{config_upload_dir}/{app_deployment_request.attributes.config.ref}",
"rb",
) as file:
decrypted = gpg.decrypt_file(file)
parsed = AttrDict(yaml.load(decrypted))
decrypted = gpg.decrypt_file(file, passphrase=private_key_passphrase)
parsed = AttrDict(yaml.safe_load(decrypted))
if "env" in parsed.config:
env.update(parsed.config.env)
@ -354,6 +353,12 @@ def dump_known_requests(filename, requests, status="SEEN"):
@click.option(
"--private-key-file", help="The private key for decrypting config.", required=True
)
@click.option(
"--private-key-passphrase",
help="The passphrase for the private key.",
required=True,
)
@click.pass_context
@click.pass_context
def command( # noqa: C901
ctx,
@ -379,6 +384,7 @@ def command( # noqa: C901
lrn,
config_upload_dir,
private_key_file,
private_key_passphrase,
all_requests,
):
if request_id and discover:
@ -627,6 +633,7 @@ def command( # noqa: C901
recreate_on_deploy,
deployer_record,
gpg,
private_key_passphrase,
config_upload_dir,
build_logger,
)