On Wed, Jul 17, 2019 at 01:53:59PM +0200, Andrea Bolognani wrote:
We don't want sensitive information such as the API token to be stored into the script, both because it could lead to them being leaked by mistake and because it makes it needlessly complicated for users to take advantage of the tool.
We arguably don't want the token stored cleartext in a config file either. How about making use of the system keyring - there's a python module that looks to make this fairly easy https://pypi.org/project/keyring/
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- guests/quayadmin | 25 +++++++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-)
diff --git a/guests/quayadmin b/guests/quayadmin index 25128e5..4e60653 100755 --- a/guests/quayadmin +++ b/guests/quayadmin @@ -19,15 +19,32 @@ # with this program. If not, see <https://www.gnu.org/licenses/>.
import argparse +import configparser +import os import pprint import requests import sys
def get_config(): - config = { - "baseurl": "https://quay.io/api/v1", - "token": "xxx", - } + try: + path = os.environ["XDG_CONFIG_HOME"] + except KeyError: + path = os.path.join(os.environ["HOME"], ".config") + path = os.path.join(os.path.join(path, "quayadmin"), "config.ini") + + try: + parser = configparser.ConfigParser() + parser.read_file(open(path)) + except Exception as ex: + raise Exception("Cannot load config: {}".format(ex)) + + try: + config = { + "baseurl": "https://quay.io/api/v1", + "token": parser["DEFAULT"]["token"], + } + except KeyError: + raise Exception("Token not found in {}".format(path))
return config
-- 2.21.0
-- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|