Skip to content

Commit

Permalink
[6.12.z] Fix vault makescripts with capture output (#12976)
Browse files Browse the repository at this point in the history
Fix vault makescripts with capture output (#12909)

* Fix vault makescripts with capture output

* Handle topped Vault enablement in .env file

(cherry picked from commit 291698f)

Co-authored-by: Jitendra Yejare <[email protected]>
  • Loading branch information
Satellite-QE and jyejare authored Oct 25, 2023
1 parent fbe57ac commit d5d6150
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 11 deletions.
3 changes: 1 addition & 2 deletions pytest_plugins/auto_vault.py
Original file line number Diff line number Diff line change
@@ -1,10 +1,9 @@
"""Plugin enables pytest to notify and update the requirements"""
import subprocess

from robottelo.utils.vault import Vault


def pytest_addoption(parser):
"""Options to allow user to update the requirements"""
with Vault() as vclient:
vclient.login(stdout=subprocess.PIPE, stderr=subprocess.PIPE)
vclient.login()
17 changes: 8 additions & 9 deletions robottelo/utils/vault.py
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ def __init__(self, env_file='.env'):
def setup(self):
if self.env_path.exists():
self.envdata = self.env_path.read_text()
is_enabled = re.findall('\nVAULT_ENABLED_FOR_DYNACONF=(.*)', self.envdata)
is_enabled = re.findall('^(?:.*\n)*VAULT_ENABLED_FOR_DYNACONF=(.*)', self.envdata)
if is_enabled:
self.vault_enabled = is_enabled[0]
self.export_vault_addr()
Expand Down Expand Up @@ -53,7 +53,7 @@ def exec_vault_command(self, command: str, **kwargs):
:param comamnd str: The vault CLI command
:param kwargs dict: Arguments to the subprocess run command to customize the run behavior
"""
vcommand = subprocess.run(command, shell=True, **kwargs) # capture_output=True
vcommand = subprocess.run(command, shell=True, capture_output=True, **kwargs)
if vcommand.returncode != 0:
verror = str(vcommand.stderr)
if vcommand.returncode == 127:
Expand All @@ -63,7 +63,7 @@ def exec_vault_command(self, command: str, **kwargs):
if 'Error revoking token' in verror:
logger.info("Token is alredy revoked!")
elif 'Error looking up token' in verror:
logger.warning("Warning! Vault not logged in!")
logger.info("Vault is not logged in!")
else:
logger.error(f"Error! {verror}")
return vcommand
Expand All @@ -75,7 +75,7 @@ def login(self, **kwargs):
and 'VAULT_SECRET_ID_FOR_DYNACONF' not in os.environ
):
if self.status(**kwargs).returncode != 0:
logger.warning(
logger.info(
"Warning! The browser is about to open for vault OIDC login, "
"close the tab once the sign-in is done!"
)
Expand All @@ -86,9 +86,7 @@ def login(self, **kwargs):
self.exec_vault_command(command="vault token renew -i 10h", **kwargs)
logger.info("Success! Vault OIDC Logged-In and extended for 10 hours!")
# Fetching tokens
token = self.exec_vault_command(
"vault token lookup --format json", capture_output=True
).stdout
token = self.exec_vault_command("vault token lookup --format json").stdout
token = json.loads(str(token.decode('UTF-8')))['data']['id']
# Setting new token in env file
_envdata = re.sub(
Expand All @@ -107,8 +105,9 @@ def logout(self):
'.*VAULT_TOKEN_FOR_DYNACONF=.*', "# VAULT_TOKEN_FOR_DYNACONF=myroot", self.envdata
)
self.env_path.write_text(_envdata)
self.exec_vault_command('vault token revoke -self')
logger.info("Success! OIDC token removed from Env file successfully!")
vstatus = self.exec_vault_command('vault token revoke -self')
if vstatus.returncode == 0:
logger.info("Success! OIDC token removed from Env file successfully!")

def status(self, **kwargs):
vstatus = self.exec_vault_command('vault token lookup', **kwargs)
Expand Down

0 comments on commit d5d6150

Please sign in to comment.