cerc-io/stack-orchestrator
17
1
Fork 3
Code Issues 113 Pull Requests 18 Actions Packages Projects Releases 480 Wiki Activity

Passphrase
Some checks failed
Lint Checks / Run linter (pull_request) Failing after 42s
Details
Deploy Test / Run deploy test suite (pull_request) Successful in 5m37s
Details
Webapp Test / Run webapp test suite (pull_request) Successful in 5m0s
Details
K8s Deployment Control Test / Run deployment control suite on kind/k8s (pull_request) Successful in 7m46s
Details
K8s Deploy Test / Run deploy test suite on kind/k8s (pull_request) Successful in 8m33s
Details
Smoke Test / Run basic test suite (pull_request) Successful in 4m19s
Details

Browse Source
This commit is contained in:
Thomas E Lackey 2024-08-24 00:54:07 -05:00
parent d808da4314
commit 970351db92
1 changed files with 12 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
stack_orchestrator/deploy/webapp/deploy_webapp_from_registry.py
View File

@ -21,6 +21,7 @@ import sys
import tempfile import tempfile
import time import time
import uuid import uuid
import yaml
import click import click
import gnupg import gnupg
@ -42,9 +43,6 @@ from stack_orchestrator.deploy.webapp.util import (
skip_by_tag, skip_by_tag,
confirm_payment, confirm_payment,
) )
from stack_orchestrator.util import get_yaml
yaml = get_yaml()
def process_app_deployment_request( def process_app_deployment_request(
@ -62,6 +60,7 @@ def process_app_deployment_request(
recreate_on_deploy, recreate_on_deploy,
deployer_record, deployer_record,
gpg, gpg,
private_key_passphrase,
config_upload_dir, config_upload_dir,
logger, logger,
): ):
@ -121,8 +120,8 @@ def process_app_deployment_request(
f"{config_upload_dir}/{app_deployment_request.attributes.config.ref}", f"{config_upload_dir}/{app_deployment_request.attributes.config.ref}",
"rb", "rb",
) as file: ) as file:
decrypted = gpg.decrypt_file(file) decrypted = gpg.decrypt_file(file, passphrase=private_key_passphrase)
parsed = AttrDict(yaml.load(decrypted)) parsed = AttrDict(yaml.safe_load(decrypted))
if "env" in parsed.config: if "env" in parsed.config:
env.update(parsed.config.env) env.update(parsed.config.env)
@ -354,6 +353,12 @@ def dump_known_requests(filename, requests, status="SEEN"):
@click.option( @click.option(
"--private-key-file", help="The private key for decrypting config.", required=True "--private-key-file", help="The private key for decrypting config.", required=True
) )
@click.option(
"--private-key-passphrase",
help="The passphrase for the private key.",
required=True,
)
@click.pass_context
@click.pass_context @click.pass_context
def command( # noqa: C901 def command( # noqa: C901
ctx, ctx,
@ -379,6 +384,7 @@ def command( # noqa: C901
lrn, lrn,
config_upload_dir, config_upload_dir,
private_key_file, private_key_file,
private_key_passphrase,
all_requests, all_requests,
): ):
if request_id and discover: if request_id and discover:
@ -627,6 +633,7 @@ def command( # noqa: C901
recreate_on_deploy, recreate_on_deploy,
deployer_record, deployer_record,
gpg, gpg,
private_key_passphrase,
config_upload_dir, config_upload_dir,
build_logger, build_logger,
) )