Wip1 #7
@ -8,6 +8,7 @@ cryptography==46.0.2
|
||||
fastapi==0.118.0
|
||||
h11==0.16.0
|
||||
idna==3.10
|
||||
lib-secret-manager[encryption] @ git+https://git.gansejunge.com/notifier/lib-secret-manager.git@main
|
||||
lib-uvicorn-config @ git+https://git.gansejunge.com/notifier/lib-uvicorn-config.git@main
|
||||
mysql-connector-python==9.4.0
|
||||
prometheus_client==0.23.1
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
from mysql.connector import pooling, Error
|
||||
import threading
|
||||
from secret_handler import return_credentials
|
||||
from secret_manager import return_credentials
|
||||
import os
|
||||
import time
|
||||
from simple_logger_handler import setup_logger
|
||||
|
||||
11
src/main.py
11
src/main.py
@ -5,7 +5,8 @@ from starlette.exceptions import HTTPException as StarletteHTTPException
|
||||
from typing import Optional,List
|
||||
from pydantic import BaseModel
|
||||
from validator import is_valid_platform,is_valid_token,verify_api_key
|
||||
from secret_handler import encrypt_token
|
||||
from secret_manager.fernet_encryption import encrypt_token
|
||||
from secret_manager import cleanup_secret_files
|
||||
from db import get_db, create_connection_pool, close_connection_pool, start_healthcheck_thread
|
||||
from simple_logger_handler import setup_logger, LOG_LEVEL
|
||||
import uuid
|
||||
@ -44,6 +45,14 @@ async def lifespan(app: FastAPI):
|
||||
|
||||
start_healthcheck_thread()
|
||||
logger.info("MySQL healthcheck thread started.")
|
||||
|
||||
SECRET_PATHS = frozenset({
|
||||
"/etc/secrets/encryption_key",
|
||||
"/etc/secrets/db_username",
|
||||
"/etc/secrets/db_password"
|
||||
})
|
||||
cleanup_secret_files(SECRET_PATHS)
|
||||
|
||||
yield
|
||||
logger.info("Closing MySQL connection pool...")
|
||||
close_connection_pool()
|
||||
|
||||
@ -1,35 +0,0 @@
|
||||
from cryptography.fernet import Fernet
|
||||
from simple_logger_handler import setup_logger
|
||||
|
||||
logger = setup_logger(__name__)
|
||||
|
||||
try:
|
||||
with open("/etc/secrets/encryption_key","rb") as file:
|
||||
encryption_key = file.read()
|
||||
except FileNotFoundError:
|
||||
logger.fatal("[FATAL] Encryption key not found")
|
||||
raise
|
||||
except Exception as e:
|
||||
logger.fatal(f"[FATAL]Failed to read encryption key: {e}")
|
||||
raise
|
||||
|
||||
fernet = Fernet(encryption_key)
|
||||
|
||||
def encrypt_token(token:str)->str:
|
||||
return fernet.encrypt(token.encode()).decode()
|
||||
|
||||
def decrypt_token(token:str)->str:
|
||||
return fernet.decrypt(token.encode()).decode()
|
||||
|
||||
def return_credentials(path: str)->str:
|
||||
try:
|
||||
with open (path) as file:
|
||||
return file.read().strip()
|
||||
except FileNotFoundError:
|
||||
logger.fatal(f"[FATAL] Secret file not found: {path}")
|
||||
raise
|
||||
except Exception as e:
|
||||
logger.fatal(f"[FATAL] Failed to read secret file {path}: {e}")
|
||||
raise
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user