-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathwrite-secrets-to-env.py
80 lines (64 loc) · 2.42 KB
/
write-secrets-to-env.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
import citygeo_secrets as cgs
import os
from os.path import expanduser
cgs.set_config(
log_level='error',
keeper_dir='~')
TEMP_ENV='citygeo_secrets_env_vars.bash'
INSERT_MARKER='# Below is automatically inserted by write-secrets-to-env.py'
cgs.generate_env_file('keeper',
RDS_ENGINE_DB_PASS = (
'ais-engine (green and blue) - ais_engine',
'password'),
RDS_SUPER_ENGINE_DB_PASS = (
'ais-engine (green and blue) - postgres',
'password'),
LOCAL_POSTGRES_ENGINE_DB_PASS = (
'AIS local build postgres',
'password'),
LOCAL_ENGINE_DB_PASS = (
'ais_engine/on-prem',
'password'),
AWS_ACCESS_KEY_ID = (
'Citygeo AWS Key Pair PROD',
'access_key'),
AWS_SECRET_ACCESS_KEY = (
'Citygeo AWS Key Pair PROD',
'secret_key')
)
with open('.env', 'r') as f:
lines = f.readlines()
# Find the index of the line that matches the insert_marker
insert_index = -1
for i, line in enumerate(lines):
if line.strip() == INSERT_MARKER:
insert_index = i
break
# Truncate the file from the matched line onward
with open('.env', 'w') as f:
f.writelines(lines[:insert_index+1])
# Append contents of the new file
with open(TEMP_ENV, 'r') as new_file:
new_contents = new_file.read()
with open('.env', 'a') as f:
f.write('\n' + new_contents)
os.remove(TEMP_ENV)
##############################
# Update ~/.aws/credentials
aws_creds = cgs.get_secrets('Citygeo AWS Key Pair PROD')
access_key_id = aws_creds["Citygeo AWS Key Pair PROD"]['access_key']
secret_access_key = aws_creds["Citygeo AWS Key Pair PROD"]['secret_key']
aws_creds = cgs.get_secrets('Mulesoft AWS Key Pair PROD')
ms_access_key_id = aws_creds["Mulesoft AWS Key Pair PROD"]['login']
ms_secret_access_key = aws_creds["Mulesoft AWS Key Pair PROD"]['password']
home = expanduser("~")
aws_credentials_path = os.path.join(home, '.aws/credentials')
# Open the file in write mode ('w') to ensure it will be overwritten if it exists
with open(aws_credentials_path, 'w') as file:
file.write(f"[default]\n")
file.write(f"aws_access_key_id = {access_key_id}\n")
file.write(f"aws_secret_access_key = {secret_access_key}\n")
file.write(f"[mulesoft]\n")
file.write(f"aws_access_key_id = {ms_access_key_id}\n")
file.write(f"aws_secret_access_key = {ms_secret_access_key}\n")
print("AWS credentials file created and overwritten successfully.")