diff --git a/_modules/zr.py b/_modules/zr.py --- a/_modules/zr.py +++ b/_modules/zr.py @@ -21,17 +21,37 @@ "The Zemke-Rhyne execution module cannot be loaded: zr not installed." -def _assert_stricly_positive_integer(value): +def _build_pillar_key(expression): + return "zr_credentials:" + expression.replace(".", ":") + + +def _get_credential_id_from_pillar_key(expression): + '''Gets credentials id from a dot pillar path, e.g. nasqueron.foo.bar''' + key = _build_pillar_key(expression) + return __salt__['pillar.get'](key) + + +def get_credential_id(expression): try: - number = int(value) + # Case I - expression is an integer + number = int(expression) + if number < 1: raise ValueError( - value, "A strictly positive integer was expected.") + expression, "A strictly positive integer was expected.") + + return number except ValueError: - raise + # Case II - expression is a pillar key + id = _get_credential_id_from_pillar_key(expression) + + if id is None: + raise ValueError(expression, "Pillar key not found") + return id -def get_password(credential_id): + +def get_password(credential_expression): """ A function to fetch credential through Zemke-Rhyne @@ -40,16 +60,17 @@ salt equatower zr.get_password 124 - :param credential_id: The credential number (K...) in Phabricator + :param credential_expression: The credential number (K...) in Phabricator + or a key in zr_credentials pillar entry :return: The secret value """ - _assert_stricly_positive_integer(credential_id) + credential_id = get_credential_id(credential_expression) zr_command = "zr getcredentials {0}".format(credential_id) return __salt__['cmd.shell'](zr_command) -def get_username(credential_id): +def get_username(credential_expression): """ A function to fetch the username associated to a credential through Zemke-Rhyne @@ -58,10 +79,12 @@ salt equatower zr.get_username 124 - :param credential_id: The credential number (K...) in Phabricator + :param credential_expression: The credential number (K...) in Phabricator + or a key in zr_credentials pillar entry + :return: The username """ - _assert_stricly_positive_integer(credential_id) + credential_id = get_credential_id(credential_expression) zr_command = "zr getcredentials {0} username".format(credential_id) return __salt__['cmd.shell'](zr_command) diff --git a/pillar/credentials/zr.sls b/pillar/credentials/zr.sls new file mode 100644 --- /dev/null +++ b/pillar/credentials/zr.sls @@ -0,0 +1,24 @@ +# ------------------------------------------------------------- +# Salt configuration for Nasqueron servers +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Project: Nasqueron +# Created: 2018-09-12 +# License: Trivial work, not eligible to copyright +# ------------------------------------------------------------- + +zr_credentials: + + # + # Credentials used by Nasqueron services + # + + nasqueron: + + # status.nasqueron.org + cachet: + mysql: 47 + + # pad.nasqueron.org + etherpad: + # This API key is used by Wolfplex API to access to the pad lists + api: 125 diff --git a/pillar/paas/docker.sls b/pillar/paas/docker.sls --- a/pillar/paas/docker.sls +++ b/pillar/paas/docker.sls @@ -139,7 +139,7 @@ cachet: app_port: 39080 host: status.nasqueron.org - credential: 47 + credential: nasqueron.cachet.mysql mysql_link: acquisitariat etherpad: @@ -149,7 +149,7 @@ aliases: - pad.wolfplex.org - pad.wolfplex.be - credential: 125 + credential: nasqueron.etherpad.api mysql_link: acquisitariat # phpBB SaaS diff --git a/pillar/top.sls b/pillar/top.sls --- a/pillar/top.sls +++ b/pillar/top.sls @@ -20,6 +20,7 @@ eglide: - shellserver.quassel equatower: + - credentials.zr - paas.docker - saas.jenkins - saas.phpbb