File Manager

003 File Manager

Current Path: /usr/local/lib/python3.8/site-packages/salt/pillar

usr / local / lib / python3.8 / site-packages / salt / pillar /

📁 ..
📄 __init__.py(48.72 KB)
📁 __pycache__
📄 azureblob.py(13.88 KB)
📄 cmd_json.py(787 B)
📄 cmd_yaml.py(893 B)
📄 cmd_yamlex.py(674 B)
📄 cobbler.py(1.64 KB)
📄 confidant.py(3.29 KB)
📄 consul_pillar.py(11.61 KB)
📄 csvpillar.py(1.85 KB)
📄 digicert.py(1007 B)
📄 django_orm.py(7.74 KB)
📄 ec2_pillar.py(10.12 KB)
📄 etcd_pillar.py(2.36 KB)
📄 extra_minion_data_in_pillar.py(2.18 KB)
📄 file_tree.py(18.03 KB)
📄 foreman.py(3.66 KB)
📄 git_pillar.py(19.61 KB)
📄 gpg.py(560 B)
📄 hg_pillar.py(3.19 KB)
📄 hiera.py(846 B)
📄 http_json.py(2.43 KB)
📄 http_yaml.py(2.43 KB)
📄 libvirt.py(5.78 KB)
📄 makostack.py(21.99 KB)
📄 mongo.py(5.6 KB)
📄 mysql.py(3.76 KB)
📄 nacl.py(744 B)
📄 netbox.py(29.5 KB)
📄 neutron.py(2.41 KB)
📄 nodegroups.py(1.7 KB)
📄 pepa.py(20.98 KB)
📄 pillar_ldap.py(10.95 KB)
📄 postgres.py(2.82 KB)
📄 puppet.py(846 B)
📄 reclass_adapter.py(4 KB)
📄 redismod.py(3.28 KB)
📄 rethinkdb_pillar.py(4.71 KB)
📄 s3.py(14.4 KB)
📄 saltclass.py(1.49 KB)
📄 sql_base.py(15.38 KB)
📄 sqlcipher.py(3.42 KB)
📄 sqlite3.py(2.67 KB)
📄 stack.py(22.07 KB)
📄 svn_pillar.py(5.74 KB)
📄 varstack_pillar.py(1.1 KB)
📄 vault.py(4.03 KB)
📄 venafi.py(966 B)
📄 virtkey.py(586 B)
📄 vmware_pillar.py(16.83 KB)

Editing: confidant.py

"""
An external pillar module for getting credentials from confidant.

Configuring the Confidant module
================================

The module can be configured via ext_pillar in the minion config:

.. code-block:: yaml

ext_pillar:
  - confidant:
      profile:
        # The URL of the confidant web service
        url: 'https://confidant-production.example.com'
        # The context to use for KMS authentication
        auth_context:
        from: example-production-iad
        to: confidant-production-iad
        user_type: service
        # The KMS master key to use for authentication
        auth_key: "alias/authnz"
        # Cache file for KMS auth token
        token_cache_file: /run/confidant/confidant_token
        # The duration of the validity of a token, in minutes
        token_duration: 60
        # key, keyid and region can be defined in the profile, but it's
        # generally best to use IAM roles or environment variables for AWS
        # auth.
        keyid: 98nh9h9h908h09kjjk
        key: jhf908gyeghehe0he0g8h9u0j0n0n09hj09h0
        region: us-east-1

:depends: confidant-common, confidant-client

Module Documentation
====================
"""

import copy
import logging

try:
    # pylint: disable=no-name-in-module
    import confidant.client
    import confidant.formatter

HAS_LIBS = True
    # pylint: enable=no-name-in-module
except ImportError:
    HAS_LIBS = False

# Set up logging
log = logging.getLogger(__name__)

__virtualname__ = "confidant"

def __virtual__():
    """
    Only return if requests and boto are installed.
    """
    if HAS_LIBS:
        return __virtualname__
    else:
        return False

def ext_pillar(minion_id, pillar, profile=None):
    """
    Read pillar data from Confidant via its API.
    """
    if profile is None:
        profile = {}
    # default to returning failure
    ret = {
        "credentials_result": False,
        "credentials": None,
        "credentials_metadata": None,
    }
    profile_data = copy.deepcopy(profile)
    if profile_data.get("disabled", False):
        ret["result"] = True
        return ret
    token_version = profile_data.get("token_version", 1)
    try:
        url = profile_data["url"]
        auth_key = profile_data["auth_key"]
        auth_context = profile_data["auth_context"]
        role = auth_context["from"]
    except (KeyError, TypeError):
        msg = "profile has undefined url, auth_key or auth_context"
        log.debug(msg)
        return ret
    region = profile_data.get("region", "us-east-1")
    token_duration = profile_data.get("token_duration", 60)
    retries = profile_data.get("retries", 5)
    token_cache_file = profile_data.get("token_cache_file")
    backoff = profile_data.get("backoff", 1)
    client = confidant.client.ConfidantClient(
        url,
        auth_key,
        auth_context,
        token_lifetime=token_duration,
        token_version=token_version,
        token_cache_file=token_cache_file,
        region=region,
        retries=retries,
        backoff=backoff,
    )
    try:
        data = client.get_service(role, decrypt_blind=True)
    except confidant.client.TokenCreationError:
        return ret
    if not data["result"]:
        return ret
    ret = confidant.formatter.combined_credential_pair_format(data)
    ret["credentials_result"] = True
    return ret

003 File Manager

Editing: confidant.py

Upload File

Create Folder