Update secrets programmatically (#1122)

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
This commit is contained in:
jbirddog 2024-02-29 09:55:09 -05:00 committed by GitHub
parent 2387a3e7ac
commit 840dd74cea
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 32 additions and 3 deletions

View File

@ -18,6 +18,8 @@ IN_ARENA ?= $(DOCKER_COMPOSE) run $(ARENA_CONTAINER)
IN_BACKEND ?= $(DOCKER_COMPOSE) run $(BACKEND_CONTAINER) IN_BACKEND ?= $(DOCKER_COMPOSE) run $(BACKEND_CONTAINER)
IN_FRONTEND ?= $(DOCKER_COMPOSE) run $(FRONTEND_CONTAINER) IN_FRONTEND ?= $(DOCKER_COMPOSE) run $(FRONTEND_CONTAINER)
SPIFFWORKFLOW_BACKEND_ENV ?= local_development
YML_FILES := -f docker-compose.yml \ YML_FILES := -f docker-compose.yml \
-f $(BACKEND_DEV_OVERLAY) \ -f $(BACKEND_DEV_OVERLAY) \
-f $(FRONTEND_DEV_OVERLAY) \ -f $(FRONTEND_DEV_OVERLAY) \
@ -59,6 +61,13 @@ be-ruff:
be-sh: be-sh:
$(IN_BACKEND) /bin/bash $(IN_BACKEND) /bin/bash
be-sqlite:
@if [ ! -f "$(BACKEND_CONTAINER)/src/instance/db_$(SPIFFWORKFLOW_BACKEND_ENV).sqlite3" ]; then \
echo "SQLite database file does not exist: $(BACKEND_CONTAINER)/src/instance/db_$(SPIFFWORKFLOW_BACKEND_ENV).sqlite3"; \
exit 1; \
fi
$(IN_BACKEND) sqlite3 src/instance/db_$(SPIFFWORKFLOW_BACKEND_ENV).sqlite3
be-tests: be-clear-log-file be-tests: be-clear-log-file
$(IN_BACKEND) poetry run pytest $(IN_BACKEND) poetry run pytest
@ -94,7 +103,7 @@ take-ownership:
.PHONY: build-images dev-env \ .PHONY: build-images dev-env \
start-dev stop-dev \ start-dev stop-dev \
be-clear-log-file be-logs be-mypy be-poetry-i be-recreate-db be-ruff be-sh be-tests be-tests-par \ be-clear-log-file be-logs be-mypy be-poetry-i be-recreate-db be-ruff be-sh be-sqlite be-tests be-tests-par \
fe-lint-fix fe-logs fe-npm-i fe-sh \ fe-lint-fix fe-logs fe-npm-i fe-sh \
poetry-i pre-commit run-pyl \ poetry-i pre-commit run-pyl \
take-ownership take-ownership

View File

@ -5,7 +5,7 @@ WORKDIR /app
RUN apt-get update \ RUN apt-get update \
&& apt-get install -y -q \ && apt-get install -y -q \
gcc libssl-dev libpq-dev default-libmysqlclient-dev \ gcc libssl-dev libpq-dev default-libmysqlclient-dev \
pkg-config libffi-dev git-core curl \ pkg-config libffi-dev git-core curl sqlite3 \
&& apt-get clean \ && apt-get clean \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*

View File

@ -10,7 +10,7 @@ services:
POETRY_VIRTUALENVS_IN_PROJECT: "true" POETRY_VIRTUALENVS_IN_PROJECT: "true"
POETRY_CACHE_DIR: "/app/.cache/poetry" POETRY_CACHE_DIR: "/app/.cache/poetry"
SPIFFWORKFLOW_BACKEND_DATABASE_URI: "" SPIFFWORKFLOW_BACKEND_DATABASE_URI: ""
SPIFFWORKFLOW_BACKEND_ENV: "local_development" SPIFFWORKFLOW_BACKEND_ENV: "${SPIFFWORKFLOW_BACKEND_ENV:-local_development}"
SPIFFWORKFLOW_BACKEND_LOAD_FIXTURE_DATA: "" SPIFFWORKFLOW_BACKEND_LOAD_FIXTURE_DATA: ""
volumes: volumes:
- ./spiffworkflow-backend:/app - ./spiffworkflow-backend:/app

View File

@ -0,0 +1,20 @@
from typing import Any
from flask import g
from spiffworkflow_backend.models.script_attributes_context import ScriptAttributesContext
from spiffworkflow_backend.scripts.script import Script
from spiffworkflow_backend.services.secret_service import SecretService
class SetSecret(Script):
def get_description(self) -> str:
return "Allows setting a secret value programmatically."
def run(self, script_attributes_context: ScriptAttributesContext, *args: Any, **kwargs: Any) -> Any:
if len(args) < 2:
raise ValueError("Expected at least two arguments: secret_key and secret_value")
if not hasattr(g, "user") or not g.user:
raise RuntimeError("User context is not set")
secret_key = args[0]
secret_value = args[1]
SecretService.update_secret(secret_key, secret_value, g.user.id, True)