-
Notifications
You must be signed in to change notification settings - Fork 0
/
fill_docker_compose_secrets.py
95 lines (78 loc) · 2.84 KB
/
fill_docker_compose_secrets.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
import os
import typing as t
from yaml import dump, safe_load
from python_scripts.utils import (
find_file_path,
get_secret,
load_secrets_from_file,
)
creds_env_file: t.Optional[str | None] = find_file_path(
target_file_name="creds.env",
source_file_name=__file__,
)
docker_compose_file: t.Optional[str | None] = find_file_path(
target_file_name="docker-compose.yml", source_file_name=__file__
)
load_secrets_from_file(target_file_name="creds.env", source_file_name=__file__)
if not creds_env_file:
raise ValueError("creds.env file not found")
with open(file=creds_env_file, mode="r", encoding="utf-8") as creds_file:
creds_file: t.TextIO
secrets_values: str = creds_file.read()
secrets_values_list: t.List[str] = secrets_values.split(sep="\n")
secrets: t.List[str] = []
for secret_pair in secrets_values_list:
if secret_pair.startswith("#"):
continue
split_secret: t.List[str] = secret_pair.split(sep="=")
if os.environ.get(split_secret[0], default=None):
secrets.append(split_secret[0])
if not docker_compose_file:
raise ValueError("docker-compose.yml file not found")
with open(
file=docker_compose_file,
mode="r",
encoding="utf-8",
) as docker_compose_file_read:
docker_compose_config: t.Dict[
str, t.Dict[str, t.Dict[str, t.Union[str, t.List[str]]]]
] = safe_load(stream=docker_compose_file_read)
db_secrets_path: t.Union[str, t.List[str]] = (
docker_compose_config.get("services", {}).get("db", {}).get("environment", [])
)
pgadmin_secrets_path: t.Union[str, t.List[str]] = (
docker_compose_config.get(
"services",
{},
)
.get("pgadmin", {})
.get("environment", [])
)
total_secrets: t.List[str] = []
if isinstance(db_secrets_path, list) and isinstance(pgadmin_secrets_path, list):
total_secrets.extend(db_secrets_path + pgadmin_secrets_path)
postgres_secrets: t.Sequence[str] = []
pgadmin_secrets: t.Sequence[str] = []
for secret in total_secrets:
docker_secret_value: t.List[str] = secret.split(sep="=")
secret_name: str = docker_secret_value[0]
if secret_name not in secrets:
raise ValueError(f"Secret {secret_name} not found in creds.env file")
secret_value: str = get_secret(secret_name=secret_name)
if "POSTGRES" in secret_name:
postgres_secrets.append(f"{secret_name}={secret_value}")
if "PGADMIN" in secret_name:
pgadmin_secrets.append(f"{secret_name}={secret_value}")
docker_compose_config.get("services", {}).get("db", {})["environment"] = (
postgres_secrets
)
docker_compose_config.get("services", {}).get("pgadmin", {})["environment"] = (
pgadmin_secrets
)
with open(
file=docker_compose_file,
mode="w",
encoding="utf-8",
) as docker_compose_file_write:
docker_compose_file_write: t.TextIO
dump(data=docker_compose_config, stream=docker_compose_file_write)