Create a persistent default random secret key if none are set
If there are no SECRET_KEY or ARA_SECRET_KEY environment variables set or if there is no configuration file with the SECRET_KEY variable set, settings.py will generate a random secret key once and it will be persisted to the default configuration. Change-Id: Idf2f1ee5f8a70bc2411de51a154bc4504705d89a
This commit is contained in:
parent
eadd3712b5
commit
8b8bc03f7c
|
@ -2,6 +2,7 @@ import os
|
||||||
import textwrap
|
import textwrap
|
||||||
|
|
||||||
import yaml
|
import yaml
|
||||||
|
from django.utils.crypto import get_random_string
|
||||||
from dynaconf import LazySettings
|
from dynaconf import LazySettings
|
||||||
|
|
||||||
settings = LazySettings(GLOBAL_ENV_FOR_DYNACONF="ARA", ENVVAR_FOR_DYNACONF="ARA_SETTINGS")
|
settings = LazySettings(GLOBAL_ENV_FOR_DYNACONF="ARA", ENVVAR_FOR_DYNACONF="ARA_SETTINGS")
|
||||||
|
@ -19,7 +20,14 @@ CORS_ORIGIN_ALLOW_ALL = settings.get("CORS_ORIGIN_ALLOW_ALL", False)
|
||||||
|
|
||||||
ADMINS = settings.get("ADMINS", ())
|
ADMINS = settings.get("ADMINS", ())
|
||||||
|
|
||||||
SECRET_KEY = settings.get("SECRET_KEY")
|
|
||||||
|
def get_secret_key():
|
||||||
|
if not settings.get("SECRET_KEY"):
|
||||||
|
return get_random_string(length=25)
|
||||||
|
return settings.get("SECRET_KEY")
|
||||||
|
|
||||||
|
|
||||||
|
SECRET_KEY = get_secret_key()
|
||||||
|
|
||||||
# We're not expecting ARA to use multiple concurrent databases.
|
# We're not expecting ARA to use multiple concurrent databases.
|
||||||
# Make it easier for users to specify the configuration for a single database.
|
# Make it easier for users to specify the configuration for a single database.
|
||||||
|
@ -157,7 +165,7 @@ if not os.path.exists(DEFAULT_CONFIG):
|
||||||
ALLOWED_HOSTS=ALLOWED_HOSTS,
|
ALLOWED_HOSTS=ALLOWED_HOSTS,
|
||||||
CORS_ORIGIN_WHITELIST=CORS_ORIGIN_WHITELIST,
|
CORS_ORIGIN_WHITELIST=CORS_ORIGIN_WHITELIST,
|
||||||
CORS_ORIGIN_ALLOW_ALL=CORS_ORIGIN_ALLOW_ALL,
|
CORS_ORIGIN_ALLOW_ALL=CORS_ORIGIN_ALLOW_ALL,
|
||||||
SECRET_KEY="please-change-this",
|
SECRET_KEY=SECRET_KEY,
|
||||||
DATABASES=DATABASES,
|
DATABASES=DATABASES,
|
||||||
STATIC_URL=STATIC_URL,
|
STATIC_URL=STATIC_URL,
|
||||||
STATIC_ROOT=STATIC_ROOT,
|
STATIC_ROOT=STATIC_ROOT,
|
||||||
|
@ -178,3 +186,5 @@ if not os.path.exists(DEFAULT_CONFIG):
|
||||||
"""
|
"""
|
||||||
config_file.write(textwrap.dedent(comment))
|
config_file.write(textwrap.dedent(comment))
|
||||||
yaml.dump({"default": CONFIG}, config_file, default_flow_style=False)
|
yaml.dump({"default": CONFIG}, config_file, default_flow_style=False)
|
||||||
|
|
||||||
|
ARA_SETTINGS = os.getenv("ARA_SETTINGS", DEFAULT_CONFIG)
|
||||||
|
|
3
tox.ini
3
tox.ini
|
@ -26,7 +26,6 @@ setenv =
|
||||||
ARA_DEBUG=true
|
ARA_DEBUG=true
|
||||||
ARA_LOG_LEVEL=DEBUG
|
ARA_LOG_LEVEL=DEBUG
|
||||||
ARA_BASE_DIR={toxinidir}/.tox/ansible-integration/tmp/ara
|
ARA_BASE_DIR={toxinidir}/.tox/ansible-integration/tmp/ara
|
||||||
ARA_SECRET_KEY=testing
|
|
||||||
|
|
||||||
[testenv:runserver]
|
[testenv:runserver]
|
||||||
commands =
|
commands =
|
||||||
|
@ -37,7 +36,6 @@ setenv =
|
||||||
ARA_DEBUG=true
|
ARA_DEBUG=true
|
||||||
ARA_LOG_LEVEL=DEBUG
|
ARA_LOG_LEVEL=DEBUG
|
||||||
ARA_BASE_DIR={toxinidir}/.tox/ansible-integration/tmp/ara
|
ARA_BASE_DIR={toxinidir}/.tox/ansible-integration/tmp/ara
|
||||||
ARA_SECRET_KEY=testing
|
|
||||||
|
|
||||||
# Temporary venv to help bootstrap integration
|
# Temporary venv to help bootstrap integration
|
||||||
[testenv:ansible-integration]
|
[testenv:ansible-integration]
|
||||||
|
@ -52,7 +50,6 @@ setenv =
|
||||||
ARA_DEBUG=true
|
ARA_DEBUG=true
|
||||||
ARA_LOG_LEVEL=DEBUG
|
ARA_LOG_LEVEL=DEBUG
|
||||||
ARA_BASE_DIR={toxinidir}/.tox/ansible-integration/tmp/ara
|
ARA_BASE_DIR={toxinidir}/.tox/ansible-integration/tmp/ara
|
||||||
ARA_SECRET_KEY=testing
|
|
||||||
whitelist_externals =
|
whitelist_externals =
|
||||||
rm
|
rm
|
||||||
bash
|
bash
|
||||||
|
|
Loading…
Reference in New Issue