Add poetry and fix CICD

2023-01-20 14:55:08 +02:00
parent 38f78cf007
commit d3251806fa
12 changed files with 490 additions and 30 deletions
--- a/app/main.py
+++ b/app/main.py
@@ -0,0 +1,31 @@
+import os
+from hvac import Client
+from hvac.api.auth_methods import Kubernetes
+
+VAULT_URL = os.environ['VAULT_ADDR']
+VAULT_ROLE = os.environ['VAULT_ROLE']
+VAULT_PATH = os.environ['VAULT_PATH']
+VAULT_MOUNT = 'kubernetes'
+SECRET_NAME = 'MY_SERCRECT'
+
+def main():
+    print(VAULT_URL)
+    print(VAULT_ROLE)
+
+    client = Client(url=VAULT_URL)
+
+    token = open('/var/run/secrets/kubernetes.io/serviceaccount/token')
+
+    jwt = token.read()
+
+    Kubernetes(client.adapter).login(
+        role = VAULT_ROLE,
+        jwt = jwt,
+        mount_point=VAULT_MOUNT
+    )
+
+    secret = client.read(VAULT_PATH)
+    print(secret['data']['data'][SECRET_NAME])
+
+if __name__ == "__main__":
+    main()