Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env python
- import json
- import os
- import subprocess
- import tempfile
- import yaml
- VAULT_BIN = "/usr/local/bin/vault"
- VAULT_PATH = "secret/salt/pillar_data"
- DEFAULT_EDITOR = "/usr/bin/emacs"
- def main():
- if 'VAULT_ADDR' not in os.environ:
- print("you do not have $VAULT_ADDR set")
- print("remember to set that and authenticate yourself before running this")
- return
- # read existing data from vault
- v = subprocess.check_output("%s read -format=yaml %s" % (VAULT_BIN, VAULT_PATH), shell=True)
- d = yaml.load(v)['data']
- print("--- read data from vault ---")
- # save a YAML version to temp file
- with tempfile.NamedTemporaryFile(suffix='yaml') as t:
- t.write(yaml.dump(d, indent=2, default_flow_style=False))
- t.flush()
- print("--- wrote yaml temp file ---")
- # pop the user into an editor to modify
- editor = os.environ.get('EDITOR', DEFAULT_EDITOR)
- subprocess.call([editor, t.name])
- # read it back in
- t.seek(0, 0)
- text = t.read()
- try:
- updated = yaml.load(text)
- print("--- read the yaml back in and parsed it ---")
- # write it out as json (vault can only read json)
- with tempfile.NamedTemporaryFile() as json_out:
- json_out.write(json.dumps(updated))
- json_out.flush()
- print("--- wrote out a JSON version ---")
- # then put it back into vault
- subprocess.call("%s write %s @%s" % (VAULT_BIN, VAULT_PATH, json_out.name), shell=True)
- except yaml.YAMLError, exc:
- print("YAML Error:", exc)
- print("update aborted. please try again")
- if __name__ == "__main__":
- main()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement