Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

#1093 Add VAULT_TOKEN_RENEW_FOR_DYNACONF config/code #1094

Merged
merged 3 commits into from
May 28, 2024
Merged

#1093 Add VAULT_TOKEN_RENEW_FOR_DYNACONF config/code #1094

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
50c310e
#1093 Add VAULT_TOKEN_RENEW_FOR_DYNACONF config/code
asyd Apr 29, 2024
d60f288
Fix formatting
pedro-psb May 28, 2024
81f6756
Workaround fix for django-debug-toolbar 4.4.0 breaking change
pedro-psb May 28, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
1 change: 0 additions & 1 deletion Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,6 @@ citest:
make coverage-report

ciinstall:
# curl -SL https://github.com/docker/compose/releases/download/v2.20.0/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose
python -m pip install --upgrade pip
python -m pip install -r requirements_dev.txt

Expand Down
4 changes: 3 additions & 1 deletion docs/secrets.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,8 @@ VAULT_AUTH_WITH_IAM_FOR_DYNACONF=True
VAULT_AUTH_ROLE_FOR_DYNACONF="vault-role"
# Authenticate with root token
VAULT_ROOT_TOKEN_FOR_DYNACONF="root-token"
# If you want to perform (can be useful when using orphan VAULT_TOKEN_FOR_DYNACONF)
VAULT_TOKEN_RENEW_FOR_DYNACONF="true"
```

Or pass it to the `Dynaconf` instance.
Expand Down Expand Up @@ -249,4 +251,4 @@ print(settings.MYSQL_HOST) # This data is being read from redis imediatelly!

Do you want to store settings in other databases like NoSQL, Relational Databases or other services?

Please see how to [extend dynaconf](advanced.md) to add your custom loaders.
Please see how to [extend dynaconf](advanced.md) to add your custom loaders.
1 change: 1 addition & 0 deletions dynaconf/default_settings.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -202,6 +202,7 @@ def reload(load_dotenv=None, *args, **kwargs):
VAULT_SECRET_ID_FOR_DYNACONF = get("VAULT_SECRET_ID_FOR_DYNACONF", None)
VAULT_USERNAME_FOR_DYNACONF = get("VAULT_USERNAME_FOR_DYNACONF", None)
VAULT_PASSWORD_FOR_DYNACONF = get("VAULT_PASSWORD_FOR_DYNACONF", None)
VAULT_TOKEN_RENEW_FOR_DYNACONF = get("VAULT_TOKEN_RENEW_FOR_DYNACONF", False)

# Only core loaders defined on this list will be invoked
core_loaders = ["YAML", "TOML", "INI", "JSON", "PY"]
Expand Down
4 changes: 4 additions & 0 deletions dynaconf/loaders/vault_loader.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,10 @@ def get_client(obj):
credentials.token,
role=obj.VAULT_AUTH_ROLE_FOR_DYNACONF,
)

if obj.VAULT_TOKEN_RENEW_FOR_DYNACONF:
client.auth.token.renew_self()

assert client.is_authenticated(), (
"Vault authentication error: is VAULT_TOKEN_FOR_DYNACONF or "
"VAULT_ROLE_ID_FOR_DYNACONF defined?"
Expand Down
5 changes: 4 additions & 1 deletion requirements_dev.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,10 @@ setuptools>=38.6.0
configobj
hvac
django
django-debug-toolbar
# django-debug-toolbar 4.4.0 has a breaking change for our tests
# this is a workaround, we may adapt it later
# https://django-debug-toolbar.readthedocs.io/en/latest/changes.html#id3
django-debug-toolbar~=4.3.0
boto3

# release
Expand Down