当前位置: 首页>>代码示例>>Python>>正文


Python hvac.Client方法代码示例

本文整理汇总了Python中hvac.Client方法的典型用法代码示例。如果您正苦于以下问题:Python hvac.Client方法的具体用法?Python hvac.Client怎么用?Python hvac.Client使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在hvac的用法示例。


在下文中一共展示了hvac.Client方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: _auth_azure

# 需要导入模块: import hvac [as 别名]
# 或者: from hvac import Client [as 别名]
def _auth_azure(self, _client: hvac.Client) -> None:
        if self.auth_mount_point:
            _client.auth.azure.configure(
                tenant_id=self.azure_tenant_id,
                resource=self.azure_resource,
                client_id=self.key_id,
                client_secret=self.secret_id,
                mount_point=self.auth_mount_point
            )
        else:
            _client.auth.azure.configure(
                tenant_id=self.azure_tenant_id,
                resource=self.azure_resource,
                client_id=self.key_id,
                client_secret=self.secret_id
            ) 
开发者ID:apache,项目名称:airflow,代码行数:18,代码来源:vault_client.py

示例2: __init__

# 需要导入模块: import hvac [as 别名]
# 或者: from hvac import Client [as 别名]
def __init__(self,
                 db_path=STORAGE_DEFAULT_PATH_MAPPING['vault'],
                 token=None or os.environ.get('VAULT_TOKEN'),
                 cert=None,
                 stash_name='ghost'):

        if not HVAC_EXISTS:
            raise ImportError('hvac must be installed first')

        if not token:
            raise GhostError(
                'The `VAULT_TOKEN` env var must be set to use this storage '
                'type')

        self.client = hvac.Client(url=db_path, token=token, cert=cert)
        self._stash_name = stash_name 
开发者ID:nir0s,项目名称:ghost,代码行数:18,代码来源:ghost.py

示例3: test_getCert

# 需要导入模块: import hvac [as 别名]
# 或者: from hvac import Client [as 别名]
def test_getCert(mocker):
    clientmock = mocker.MagicMock()
    clientmock.write.return_value = {
        'StatusCode': 200,
        'data': {
            'signed_key': "The Cert"
        }
    }
    hvacmock = mocker.patch('hvac.Client')
    hvacmock.return_value = clientmock
    client = hvac.Client(TESTVAULTCONFIG['vault_addr'])
    vault_ca = VaultCA(client)
    returned = vault_ca.getCert(
        {
            'ssh_backend_mount': 'foo',
            'ssh_backend_role': 'bar',
            'valid_principals': 'test',
            'public_key': 'ssh-rsa stuff',
            'ttl': '500'
        }
    )
    assert returned == 'The Cert' 
开发者ID:lyft,项目名称:python-blessclient,代码行数:24,代码来源:vault_ca_test.py

示例4: test_getCert_NoCert

# 需要导入模块: import hvac [as 别名]
# 或者: from hvac import Client [as 别名]
def test_getCert_NoCert(mocker):
    clientmock = mocker.MagicMock()
    clientmock.write.return_value = {
        'StatusCode': 403,
        'data': {
            'error': "Forbidden"
        }
    }
    hvacmock = mocker.patch('hvac.Client')
    hvacmock.return_value = clientmock
    client = hvac.Client(TESTVAULTCONFIG['vault_addr'])
    vault_ca = VaultCA(client)
    with pytest.raises(Exception) as excinfo:
        vault_ca.getCert(
            {
                'ssh_backend_mount': 'foo',
                'ssh_backend_role': 'bar',
                'valid_principals': 'test',
                'public_key': 'ssh-rsa stuff',
                'ttl': '500'
            }
        )
    assert 'No certificate in response.' in str(excinfo.value) 
开发者ID:lyft,项目名称:python-blessclient,代码行数:25,代码来源:vault_ca_test.py

示例5: hashivault_client

# 需要导入模块: import hvac [as 别名]
# 或者: from hvac import Client [as 别名]
def hashivault_client(params):
    url = params.get('url')
    ca_cert = params.get('ca_cert')
    ca_path = params.get('ca_path')
    client_cert = params.get('client_cert')
    client_key = params.get('client_key')
    cert = (client_cert, client_key)
    check_verify = params.get('verify')
    namespace = params.get('namespace', None)
    if check_verify == '' or check_verify:
        if ca_cert:
            verify = ca_cert
        elif ca_path:
            verify = ca_path
        else:
            verify = check_verify
    else:
        verify = check_verify
    client = hvac.Client(url=url, cert=cert, verify=verify, namespace=namespace)
    return client 
开发者ID:TerryHowe,项目名称:ansible-modules-hashivault,代码行数:22,代码来源:hashivault.py

示例6: connect

# 需要导入模块: import hvac [as 别名]
# 或者: from hvac import Client [as 别名]
def connect():
    '''
    Connect to the vault server and return the
    connected vault client instance.
    '''

    url = os.environ.get('VAULT_ADDR')
    token = os.environ.get('VAULT_TOKEN')

    if not url or not token:
        halt(
            'Failed connecting to vault. ' +
            '`VAULT_ADDR` and `VAULT_TOKEN` must be set in your environment.'
        )

    return Client(url=url, token=token) 
开发者ID:kabirbaidhya,项目名称:boss,代码行数:18,代码来源:vault.py

示例7: _decrypt_block_device

# 需要导入模块: import hvac [as 别名]
# 或者: from hvac import Client [as 别名]
def _decrypt_block_device(args, client, config):
    """Open a LUKS/dm-crypt encrypted block device

    The devices dm-crypt key is retrieved from Vault

    :param: args: argparser generated cli arguments
    :param: client: hvac.Client for Vault access
    :param: config: configparser object of vaultlocker config
    """
    block_uuid = args.uuid[0]

    if _device_exists(block_uuid):
        logger.info('Skipping setup of {} because '
                    'it already exists.'.format(block_uuid))
        return

    vault_path = _get_vault_path(block_uuid, config)

    stored_data = client.read(vault_path)
    if stored_data is None:
        raise ValueError('Unable to locate key for {}'.format(block_uuid))
    key = stored_data['data']['dmcrypt_key']

    dmcrypt.luks_open(key, block_uuid) 
开发者ID:openstack-charmers,项目名称:vaultlocker,代码行数:26,代码来源:shell.py

示例8: get_username_password

# 需要导入模块: import hvac [as 别名]
# 或者: from hvac import Client [as 别名]
def get_username_password(vault_server, vault_token: str) -> Dict[str, str]:
    vault = hvac.Client(url=vault_server, token=vault_token)
    result = {
        'username': vault.read('kv/CSR_USERNAME')['data']['value'],
        'password': vault.read('kv/CSR_PASSWORD')['data']['value'],
    }
    return result 
开发者ID:dmfigol,项目名称:network-programmability-stream,代码行数:9,代码来源:netmiko-vault.py

示例9: vault_client

# 需要导入模块: import hvac [as 别名]
# 或者: from hvac import Client [as 别名]
def vault_client(self):
        """Return configured vault client."""
        if self._vault_client is None and 'hvac' in sys.modules:
            if self.vault_url is not None and self.vault_token is not None:
                self._vault_client = hvac.Client(url=self.vault_url, token=self.vault_token)
        return self._vault_client 
开发者ID:ThreatConnect-Inc,项目名称:tcex,代码行数:8,代码来源:env_store.py

示例10: __init__

# 需要导入模块: import hvac [as 别名]
# 或者: from hvac import Client [as 别名]
def __init__(self, addr=None, token_path=None):
        """
        Connect to Vault and maintain connection

        :param addr: URL to connect to Vault at. If None, defaults to
          :py:attr:`biweeklybudget.settings.VAULT_ADDR`.
        :type addr: str
        :param token_path: path to read Vault token from. If None, defaults to
          :py:attr:`biweeklybudget.settings.TOKEN_PATH`.
        :type token_path: str
        """
        if addr is None and 'VAULT_ADDR' in os.environ:
            addr = os.environ['VAULT_ADDR']
        if token_path is None and 'TOKEN_PATH' in os.environ:
            token_path = os.environ['TOKEN_PATH']
        # if not in constructor or environment, use settings if possible
        if addr is None or token_path is None:
            try:
                from biweeklybudget import settings
                if addr is None:
                    addr = settings.VAULT_ADDR
                if token_path is None:
                    token_path = settings.TOKEN_PATH
            except Exception:
                logger.error('ERROR: you must either set the SETTINGS_MODULE '
                             'environment variable to use a settings module, '
                             'or export VAULT_ADDR and TOKEN_PATH environment '
                             'variables.')
                raise SystemExit(1)
        token_path = os.path.expanduser(token_path)
        logger.debug('Connecting to Vault at %s with token from %s',
                     addr, token_path)
        with open(token_path, 'r') as fh:
            tkn = fh.read().strip()
        self.conn = hvac.Client(url=addr, token=tkn)
        assert self.conn.is_authenticated()
        logger.debug('Connected to Vault') 
开发者ID:jantman,项目名称:biweeklybudget,代码行数:39,代码来源:vault.py

示例11: client

# 需要导入模块: import hvac [as 别名]
# 或者: from hvac import Client [as 别名]
def client(self) -> hvac.Client:
        """
        Return an authenticated Hashicorp Vault client.

        :rtype: hvac.Client
        :return: Vault Client

        """
        _client = hvac.Client(url=self.url, **self.kwargs)
        if self.auth_type == "approle":
            self._auth_approle(_client)
        elif self.auth_type == 'aws_iam':
            self._auth_aws_iam(_client)
        elif self.auth_type == 'azure':
            self._auth_azure(_client)
        elif self.auth_type == "gcp":
            self._auth_gcp(_client)
        elif self.auth_type == "github":
            self._auth_github(_client)
        elif self.auth_type == "kubernetes":
            self._auth_kubernetes(_client)
        elif self.auth_type == "ldap":
            self._auth_ldap(_client)
        elif self.auth_type == "radius":
            self._auth_radius(_client)
        elif self.auth_type == "token":
            self._set_token(_client)
        elif self.auth_type == "userpass":
            self._auth_userpass(_client)
        else:
            raise VaultError(f"Authentication type '{self.auth_type}' not supported")

        if _client.is_authenticated():
            return _client
        else:
            raise VaultError("Vault Authentication Error!") 
开发者ID:apache,项目名称:airflow,代码行数:38,代码来源:vault_client.py

示例12: _auth_userpass

# 需要导入模块: import hvac [as 别名]
# 或者: from hvac import Client [as 别名]
def _auth_userpass(self, _client: hvac.Client) -> None:
        if self.auth_mount_point:
            _client.auth_userpass(username=self.username, password=self.password,
                                  mount_point=self.auth_mount_point)
        else:
            _client.auth_userpass(username=self.username, password=self.password) 
开发者ID:apache,项目名称:airflow,代码行数:8,代码来源:vault_client.py

示例13: _auth_radius

# 需要导入模块: import hvac [as 别名]
# 或者: from hvac import Client [as 别名]
def _auth_radius(self, _client: hvac.Client) -> None:
        if self.auth_mount_point:
            _client.auth.radius.configure(host=self.radius_host,
                                          secret=self.radius_secret,
                                          port=self.radius_port,
                                          mount_point=self.auth_mount_point)
        else:
            _client.auth.radius.configure(host=self.radius_host,
                                          secret=self.radius_secret,
                                          port=self.radius_port) 
开发者ID:apache,项目名称:airflow,代码行数:12,代码来源:vault_client.py

示例14: _auth_ldap

# 需要导入模块: import hvac [as 别名]
# 或者: from hvac import Client [as 别名]
def _auth_ldap(self, _client: hvac.Client) -> None:
        if self.auth_mount_point:
            _client.auth.ldap.login(
                username=self.username, password=self.password, mount_point=self.auth_mount_point)
        else:
            _client.auth.ldap.login(
                username=self.username, password=self.password) 
开发者ID:apache,项目名称:airflow,代码行数:9,代码来源:vault_client.py

示例15: _auth_kubernetes

# 需要导入模块: import hvac [as 别名]
# 或者: from hvac import Client [as 别名]
def _auth_kubernetes(self, _client: hvac.Client) -> None:
        if not self.kubernetes_jwt_path:
            raise VaultError("The kubernetes_jwt_path should be set here. This should not happen.")
        with open(self.kubernetes_jwt_path) as f:
            jwt = f.read()
            if self.auth_mount_point:
                _client.auth_kubernetes(role=self.kubernetes_role, jwt=jwt,
                                        mount_point=self.auth_mount_point)
            else:
                _client.auth_kubernetes(role=self.kubernetes_role, jwt=jwt) 
开发者ID:apache,项目名称:airflow,代码行数:12,代码来源:vault_client.py


注:本文中的hvac.Client方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。