zhangyiss/the-littlest-jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/the-littlest-jupyterhub.git synced 2025-12-18 21:54:05 +08:00
Code Issues Packages Projects Releases Wiki Activity

add load_secrets as an explicit stage

Browse Source 
during load_config

rather than applying directly to defaults, which should be left static
This commit is contained in:
Min RK
2019-02-22 11:41:50 +01:00
parent af36ee73e4
commit 7c9bea377f
2 changed files with 45 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
tests/test_configurer.py
View File

@@ -1,7 +1,9 @@
""" """
Test Test configurer
""" """
import os
from tljh import configurer from tljh import configurer
@@ -161,7 +163,7 @@ def test_auth_github():
assert c.GitHubOAuthenticator.client_secret == 'something-else' assert c.GitHubOAuthenticator.client_secret == 'something-else'
def test_auth_api_default(): def test_traefik_api_default():
""" """
Test default traefik api authentication settings with no overrides Test default traefik api authentication settings with no overrides
""" """
@@ -171,15 +173,28 @@ def test_auth_api_default():
assert len(c.TraefikTomlProxy.traefik_api_password) == 0 assert len(c.TraefikTomlProxy.traefik_api_password) == 0
def test_set_auth_api(): def test_set_traefik_api():
""" """
Test setting per traefik api credentials Test setting per traefik api credentials
""" """
c = apply_mock_config({ c = apply_mock_config({
'auth_api': { 'traefik_api': {
'username': 'some_user', 'username': 'some_user',
'password': '1234' 'password': '1234'
} }
}) })
assert c.TraefikTomlProxy.traefik_api_username == 'some_user' assert c.TraefikTomlProxy.traefik_api_username == 'some_user'
assert c.TraefikTomlProxy.traefik_api_password == '1234' assert c.TraefikTomlProxy.traefik_api_password == '1234'
def test_load_secrets(tljh_dir):
"""
Test loading secret files
"""
with open(os.path.join(tljh_dir, 'state', 'traefik-api.secret'), 'w') as f:
f.write("traefik-password")
tljh_config = configurer.load_config()
assert tljh_config['traefik_api']['password'] == "traefik-password"
c = apply_mock_config(tljh_config)
assert c.TraefikTomlProxy.traefik_api_password == "traefik-password"

27
tljh/configurer.py
View File

@@ -68,8 +68,10 @@ def load_config(config_file=CONFIG_FILE):
else: else:
config_overrides = {} config_overrides = {}
generate_traefik_api_credentials() secrets = load_secrets()
return _merge_dictionaries(dict(default), config_overrides) config = _merge_dictionaries(dict(default), secrets)
config = _merge_dictionaries(config, config_overrides)
return config
def apply_config(config_overrides, c): def apply_config(config_overrides, c):
@@ -93,12 +95,29 @@ def set_if_not_none(parent, key, value):
if value is not None: if value is not None:
setattr(parent, key, value) setattr(parent, key, value)
def generate_traefik_api_credentials():
def load_traefik_api_credentials():
"""Load traefik api secret from a file"""
proxy_secret_path = os.path.join(STATE_DIR, 'traefik-api.secret') proxy_secret_path = os.path.join(STATE_DIR, 'traefik-api.secret')
if not os.path.exists(proxy_secret_path):
return {}
with open(proxy_secret_path,'r') as f: with open(proxy_secret_path,'r') as f:
password = f.read() password = f.read()
return {
'traefik_api': {
'password': password,
}
}
default['traefik_api']['password'] = password
def load_secrets():
"""Load any secret values stored on disk
Returns dict to be merged into config during load
"""
config = {}
config = _merge_dictionaries(config, load_traefik_api_credentials())
return config
def update_auth(c, config): def update_auth(c, config):