Have auth0 persist config in file

2i2c-org · Mar 14, 2023 · d0f8cd0 · d0f8cd0
1 parent 6500365
commit d0f8cd0
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 6 deletions.
diff --git a/deployer/auth0_app.py b/deployer/auth0_app.py
@@ -1,4 +1,3 @@
-import json
 import re
 
 import typer
@@ -8,7 +7,11 @@
 from yarl import URL
 
 from .cli_app import app
-from .file_acquisition import get_decrypted_file
+from .file_acquisition import (
+    build_absolute_path_to_hub_encrypted_config_file,
+    get_decrypted_file,
+    persist_config_in_encrypted_file,
+)
 
 yaml = YAML(typ="safe")
 
@@ -208,6 +211,10 @@ def auth0_client_create(
         ...,
         help="Name of the hub for which a new Auth0 client will be created",
     ),
+    hub_type: str = typer.Argument(
+        "basehub",
+        help="Type of hub for which we'll create an Auth0 client (ex: basehub, daskhub)",
+    ),
     hub_domain: str = typer.Argument(
         ...,
         help="The hub domain, as specified in `cluster.yaml` (ex: staging.2i2c.cloud)",
@@ -219,6 +226,9 @@ def auth0_client_create(
 ):
     """Create an Auth0 client app for a hub."""
     domain, admin_id, admin_secret = get_2i2c_auth0_admin_credentials()
+    config_filename = build_absolute_path_to_hub_encrypted_config_file(
+        cluster_name, hub_name
+    )
     auth_provider = KeyProvider(domain, admin_id, admin_secret)
     # Users will be redirected to this URL after they log out
     logout_url = f"https://{hub_domain}"
@@ -232,6 +242,7 @@ def auth0_client_create(
         connection_name=connection_type,
     )
 
+    auth_config = {}
     jupyterhub_config = {
         "jupyterhub": {
             "hub": {
@@ -245,7 +256,15 @@ def auth0_client_create(
         }
     }
 
-    print(json.dumps(jupyterhub_config, sort_keys=True, indent=4))
+    if hub_type != "basehub":
+        auth_config["basehub"] = jupyterhub_config
+    else:
+        auth_config = jupyterhub_config
+
+    persist_config_in_encrypted_file(config_filename, auth_config)
+    print(
+        f"Successfully persisted the encrypted Auth0 client app credentials to file {config_filename}"
+    )
 
 
 @app.command()

diff --git a/deployer/file_acquisition.py b/deployer/file_acquisition.py
@@ -92,7 +92,7 @@ def build_absolute_path_to_hub_encrypted_config_file(cluster_name, hub_name):
     return encrypted_file_path
 
 
-def persist_config_in_encrypted_file(encrypted_file, config):
+def persist_config_in_encrypted_file(encrypted_file, new_config):
     """
     Write `config` to `encrypted_file` file.
     If `encrypted_file` doesn't exist, create it first.
@@ -102,7 +102,7 @@ def persist_config_in_encrypted_file(encrypted_file, config):
         subprocess.check_call(["sops", "--decrypt", "--in-place", encrypted_file])
         with open(encrypted_file, "r+") as f:
             config = yaml.load(f)
-            config.update(config)
+            config.update(new_config)
             f.seek(0)
             yaml.dump(config, f)
             f.truncate()
@@ -111,7 +111,7 @@ def persist_config_in_encrypted_file(encrypted_file, config):
         )
 
     with open(encrypted_file, "a+") as f:
-        yaml.dump(config, f)
+        yaml.dump(new_config, f)
     return subprocess.check_call(["sops", "--encrypt", "--in-place", encrypted_file])