notifier/backend-api-internal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Switched to HVAC Agent instead of connecting to the vault directly

Browse Source
This commit is contained in:
florian 2025-10-04 22:14:47 +02:00
parent d356ec8428
commit f67fd99333
1 changed files with 10 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
hvac_handler.py
View File

@ -1,18 +1,14 @@
import base64
import hvac import hvac
import base64
import os
HVAC_AGENT_URL = os.getenv("HVAC_AGENT_URL","http://vault-agent:8201")
client = hvac.Client( client = hvac.Client(url=HVAC_AGENT_URL)
url='http://127.0.0.1:8200',
token='root'
)
def decrypt_token(ciphertext: str) -> str: def decrypt_token(ciphertext: str) -> str:
response = client.secrets.transit.decrypt_data( response = client.secrets.transit.decrypt_data(
name='push-tokens', name="push-tokens",
ciphertext=ciphertext ciphertext=ciphertext
) )
plaintext_b64 = response['data']['plaintext'] plaintext_b64 = response["data"]["plaintext"]
return base64.b64decode(plaintext_b64).decode() return base64.b64decode(plaintext_b64).decode()