Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| b3ba980f9f |
+7
-2
@@ -47,8 +47,11 @@ def get_vault_client() -> hvac.Client:
|
|||||||
logger.error("VAULT_ROLE_ID environment variable is required")
|
logger.error("VAULT_ROLE_ID environment variable is required")
|
||||||
raise ValueError("VAULT_ROLE_ID environment variable is required")
|
raise ValueError("VAULT_ROLE_ID environment variable is required")
|
||||||
|
|
||||||
# Initialize Vault client
|
# Initialize Vault client with CA certificate
|
||||||
client = hvac.Client(url=vault_addr)
|
client = hvac.Client(
|
||||||
|
url=vault_addr,
|
||||||
|
verify='/etc/pki/tls/cert.pem'
|
||||||
|
)
|
||||||
|
|
||||||
# Authenticate using AppRole
|
# Authenticate using AppRole
|
||||||
try:
|
try:
|
||||||
@@ -84,6 +87,7 @@ def get_api_tokens() -> Tuple[str, str]:
|
|||||||
# Read GitHub token
|
# Read GitHub token
|
||||||
try:
|
try:
|
||||||
github_secret = client.secrets.kv.v2.read_secret_version(
|
github_secret = client.secrets.kv.v2.read_secret_version(
|
||||||
|
mount_point='kv',
|
||||||
path='service/github/neoloc/tokens/read-only-token'
|
path='service/github/neoloc/tokens/read-only-token'
|
||||||
)
|
)
|
||||||
github_token = github_secret['data']['data']['token']
|
github_token = github_secret['data']['data']['token']
|
||||||
@@ -95,6 +99,7 @@ def get_api_tokens() -> Tuple[str, str]:
|
|||||||
# Read Gitea token
|
# Read Gitea token
|
||||||
try:
|
try:
|
||||||
gitea_secret = client.secrets.kv.v2.read_secret_version(
|
gitea_secret = client.secrets.kv.v2.read_secret_version(
|
||||||
|
mount_point='kv',
|
||||||
path='service/gitea/unkinben/tokens/read-only-packages'
|
path='service/gitea/unkinben/tokens/read-only-packages'
|
||||||
)
|
)
|
||||||
gitea_token = gitea_secret['data']['data']['token']
|
gitea_token = gitea_secret['data']['data']['token']
|
||||||
|
|||||||
+7
-2
@@ -47,8 +47,11 @@ def get_vault_client() -> hvac.Client:
|
|||||||
logger.error("VAULT_ROLE_ID environment variable is required")
|
logger.error("VAULT_ROLE_ID environment variable is required")
|
||||||
raise ValueError("VAULT_ROLE_ID environment variable is required")
|
raise ValueError("VAULT_ROLE_ID environment variable is required")
|
||||||
|
|
||||||
# Initialize Vault client
|
# Initialize Vault client with CA certificate
|
||||||
client = hvac.Client(url=vault_addr)
|
client = hvac.Client(
|
||||||
|
url=vault_addr,
|
||||||
|
verify='/etc/pki/tls/cert.pem'
|
||||||
|
)
|
||||||
|
|
||||||
# Authenticate using AppRole
|
# Authenticate using AppRole
|
||||||
try:
|
try:
|
||||||
@@ -84,6 +87,7 @@ def get_api_tokens() -> Tuple[str, str]:
|
|||||||
# Read GitHub token
|
# Read GitHub token
|
||||||
try:
|
try:
|
||||||
github_secret = client.secrets.kv.v2.read_secret_version(
|
github_secret = client.secrets.kv.v2.read_secret_version(
|
||||||
|
mount_point='kv',
|
||||||
path='service/github/neoloc/tokens/read-only-token'
|
path='service/github/neoloc/tokens/read-only-token'
|
||||||
)
|
)
|
||||||
github_token = github_secret['data']['data']['token']
|
github_token = github_secret['data']['data']['token']
|
||||||
@@ -95,6 +99,7 @@ def get_api_tokens() -> Tuple[str, str]:
|
|||||||
# Read Gitea token
|
# Read Gitea token
|
||||||
try:
|
try:
|
||||||
gitea_secret = client.secrets.kv.v2.read_secret_version(
|
gitea_secret = client.secrets.kv.v2.read_secret_version(
|
||||||
|
mount_point='kv',
|
||||||
path='service/gitea/unkinben/tokens/read-only-packages'
|
path='service/gitea/unkinben/tokens/read-only-packages'
|
||||||
)
|
)
|
||||||
gitea_token = gitea_secret['data']['data']['token']
|
gitea_token = gitea_secret['data']['data']['token']
|
||||||
|
|||||||
Reference in New Issue
Block a user