encrypt_secret: Allow file scheme for public key
Allow the use of a file:///key.pub URL to load the project public key. Change-Id: If11ec2232625b630252cf334efa996573b55752b
This commit is contained in:
parent
d7b835debb
commit
622c1f8bcc
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
features:
|
||||||
|
- A local project key file URI (eg. ``file:///path/to/key.pub``) is now
|
||||||
|
supported by the encrypt_secret.py tool. This allows encrypting secrets
|
||||||
|
without directly accessing the Zuul web API to retrieve the project key.
|
|
@ -45,9 +45,12 @@ def main():
|
||||||
parser = argparse.ArgumentParser(description=DESCRIPTION)
|
parser = argparse.ArgumentParser(description=DESCRIPTION)
|
||||||
parser.add_argument('url',
|
parser.add_argument('url',
|
||||||
help="The base URL of the zuul server. "
|
help="The base URL of the zuul server. "
|
||||||
"E.g., https://zuul.example.com/")
|
"E.g., https://zuul.example.com/ or path"
|
||||||
parser.add_argument('project',
|
" to project public key file. E.g.,"
|
||||||
help="The name of the project.")
|
" file:///path/to/key.pub")
|
||||||
|
parser.add_argument('project', default=None, nargs="?",
|
||||||
|
help="The name of the project. Required when using"
|
||||||
|
" the Zuul API to fetch the public key.")
|
||||||
parser.add_argument('--tenant',
|
parser.add_argument('--tenant',
|
||||||
default=None,
|
default=None,
|
||||||
help="The name of the Zuul tenant. This may be "
|
help="The name of the Zuul tenant. This may be "
|
||||||
|
@ -75,6 +78,9 @@ def main():
|
||||||
"unencrypted connection. Your secret may get "
|
"unencrypted connection. Your secret may get "
|
||||||
"compromised.\n")
|
"compromised.\n")
|
||||||
|
|
||||||
|
if url.scheme == 'file':
|
||||||
|
req = Request(args.url)
|
||||||
|
else:
|
||||||
# Check if tenant is white label
|
# Check if tenant is white label
|
||||||
req = Request("%s/api/info" % (args.url.rstrip('/'),))
|
req = Request("%s/api/info" % (args.url.rstrip('/'),))
|
||||||
info = json.loads(urlopen(req).read().decode('utf8'))
|
info = json.loads(urlopen(req).read().decode('utf8'))
|
||||||
|
|
Loading…
Reference in New Issue