bartvdbraak/keyweave
1
0
Fork 0
mirror of https://github.com/bartvdbraak/keyweave.git synced 2025-04-28 15:21:21 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #44 from bartvdbraak/renovate/azure_identity-0.x

Browse source
This commit is contained in:
Bart van der Braak 2023-12-12 15:14:42 +01:00 committed by GitHub
commit c759fbf36e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 133 additions and 80 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

126
Cargo.lock generated
View file

@ -43,9 +43,9 @@ dependencies = [
[[package]] [[package]]
name = "anstream" name = "anstream"
version = "0.6.4" version = "0.6.5"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2ab91ebe16eb252986481c5b62f6098f3b698a45e34b5b98200cf20dd2484a44" checksum = "d664a92ecae85fd0a7392615844904654d1d5f5514837f471ddef4a057aba1b6"
dependencies = [ dependencies = [
"anstyle", "anstyle",
"anstyle-parse", "anstyle-parse",
@ -63,30 +63,30 @@ checksum = "7079075b41f533b8c61d2a4d073c4676e1f8b249ff94a393b0595db304e0dd87"
[[package]] [[package]]
name = "anstyle-parse" name = "anstyle-parse"
version = "0.2.2" version = "0.2.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "317b9a89c1868f5ea6ff1d9539a69f45dffc21ce321ac1fd1160dfa48c8e2140" checksum = "c75ac65da39e5fe5ab759307499ddad880d724eed2f6ce5b5e8a26f4f387928c"
dependencies = [ dependencies = [
"utf8parse", "utf8parse",
] ]
[[package]] [[package]]
name = "anstyle-query" name = "anstyle-query"
version = "1.0.0" version = "1.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5ca11d4be1bab0c8bc8734a9aa7bf4ee8316d462a08c6ac5052f888fef5b494b" checksum = "e28923312444cdd728e4738b3f9c9cac739500909bb3d3c94b43551b16517648"
dependencies = [ dependencies = [
"windows-sys 0.48.0", "windows-sys 0.52.0",
] ]
[[package]] [[package]]
name = "anstyle-wincon" name = "anstyle-wincon"
version = "3.0.1" version = "3.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f0699d10d2f4d628a98ee7b57b289abbc98ff3bad977cb3152709d4bf2330628" checksum = "1cd54b81ec8d6180e24654d0b371ad22fc3dd083b6ff8ba325b72e00c87660a7"
dependencies = [ dependencies = [
"anstyle", "anstyle",
"windows-sys 0.48.0", "windows-sys 0.52.0",
] ]
[[package]] [[package]]
@ -138,9 +138,9 @@ dependencies = [
[[package]] [[package]]
name = "async-lock" name = "async-lock"
version = "3.1.2" version = "3.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dea8b3453dd7cc96711834b75400d671b73e3656975fa68d9f277163b7f7e316" checksum = "7125e42787d53db9dd54261812ef17e937c95a51e4d291373b670342fa44310c"
dependencies = [ dependencies = [
"event-listener 4.0.0", "event-listener 4.0.0",
"event-listener-strategy", "event-listener-strategy",
@ -181,6 +181,32 @@ dependencies = [
"paste", "paste",
"pin-project", "pin-project",
"rand 0.8.5", "rand 0.8.5",
"rustc_version",
"serde",
"serde_json",
"time",
"url",
"uuid",
]
[[package]]
name = "azure_core"
version = "0.18.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a6218987c374650fdad0b476bfc675729762c28dfb35f58608a38a2b1ea337dd"
dependencies = [
"async-trait",
"base64 0.21.5",
"bytes",
"dyn-clone",
"futures",
"getrandom 0.2.11",
"http-types",
"log",
"once_cell",
"paste",
"pin-project",
"rand 0.8.5",
"reqwest", "reqwest",
"rustc_version", "rustc_version",
"serde", "serde",
@ -192,19 +218,18 @@ dependencies = [
[[package]] [[package]]
name = "azure_identity" name = "azure_identity"
version = "0.17.0" version = "0.18.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8bd7ea32ca7eb66ff4757f83baac702ff11d469e5de365b6bc6f79f9c25d3436" checksum = "9e1eacc4f7fb2a73d57c39139d0fc3aed78435606055779ddaef4b43cdf919a8"
dependencies = [ dependencies = [
"async-lock", "async-lock",
"async-trait", "async-trait",
"azure_core", "azure_core 0.18.0",
"futures", "futures",
"log", "log",
"oauth2", "oauth2",
"pin-project", "pin-project",
"serde", "serde",
"serde_json",
"time", "time",
"tz-rs", "tz-rs",
"url", "url",
@ -213,17 +238,16 @@ dependencies = [
[[package]] [[package]]
name = "azure_security_keyvault" name = "azure_security_keyvault"
version = "0.17.0" version = "0.18.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2304ad09313aef2847451c3ac10a160922afec260e93e752b70c7a458d4007f1" checksum = "a7b31bc2b045f0fe1fe377960df975fcf578a22277268c1565fb2b239d9a7ffa"
dependencies = [ dependencies = [
"async-trait", "async-trait",
"azure_core", "azure_core 0.18.0",
"futures", "futures",
"serde", "serde",
"serde_json", "serde_json",
"time", "time",
"url",
] ]
[[package]] [[package]]
@ -375,9 +399,9 @@ checksum = "acbf1af155f9b9ef647e42cdc158db4b64a1b61f743629225fde6f3e0be2a7c7"
[[package]] [[package]]
name = "concurrent-queue" name = "concurrent-queue"
version = "2.3.0" version = "2.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f057a694a54f12365049b0958a1685bb52d567f5593b355fbf685838e873d400" checksum = "d16048cd947b08fa32c24458a22f5dc5e835264f689f4f5653210c69fd107363"
dependencies = [ dependencies = [
"crossbeam-utils", "crossbeam-utils",
] ]
@ -471,9 +495,9 @@ dependencies = [
[[package]] [[package]]
name = "deranged" name = "deranged"
version = "0.3.9" version = "0.3.10"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0f32d04922c60427da6f9fef14d042d9edddef64cb9d4ce0d64d0685fbeb1fd3" checksum = "8eb30d70a07a3b04884d2677f06bec33509dc67ca60d92949e5535352d3191dc"
dependencies = [ dependencies = [
"powerfmt", "powerfmt",
"serde", "serde",
@ -837,9 +861,9 @@ dependencies = [
[[package]] [[package]]
name = "http-body" name = "http-body"
version = "0.4.5" version = "0.4.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d5f38f16d184e36f2408a55281cd658ecbd3ca05cce6d6510a176eca393e26d1" checksum = "7ceab25649e9960c0311ea418d17bee82c0dcec1bd053b5f9a66e265a693bed2"
dependencies = [ dependencies = [
"bytes", "bytes",
"http", "http",
@ -1006,9 +1030,9 @@ dependencies = [
[[package]] [[package]]
name = "itoa" name = "itoa"
version = "1.0.9" version = "1.0.10"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "af150ab688ff2122fcef229be89cb50dd66af9e01a4ff320cc137eecc9bacc38" checksum = "b1a46d1a171d865aa5f83f92695765caa047a9b4cbae2cbf37dbd613a793fd4c"
[[package]] [[package]]
name = "js-sys" name = "js-sys"
@ -1026,7 +1050,7 @@ dependencies = [
"anyhow", "anyhow",
"assert_cmd", "assert_cmd",
"assert_fs", "assert_fs",
"azure_core", "azure_core 0.17.0",
"azure_identity", "azure_identity",
"azure_security_keyvault", "azure_security_keyvault",
"clap", "clap",
@ -1046,9 +1070,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
[[package]] [[package]]
name = "libc" name = "libc"
version = "0.2.150" version = "0.2.151"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "89d92a4743f9a61002fae18374ed11e7973f530cb3a3255fb354818118b2203c" checksum = "302d7ab3130588088d277783b1e2d2e10c9e9e4a16dd9050e6ec93fb3e7048f4"
[[package]] [[package]]
name = "linux-raw-sys" name = "linux-raw-sys"
@ -1104,9 +1128,9 @@ dependencies = [
[[package]] [[package]]
name = "mio" name = "mio"
version = "0.8.9" version = "0.8.10"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3dce281c5e46beae905d4de1870d8b1509a9142b62eedf18b443b011ca8343d0" checksum = "8f3d0b296e374a4e6f3c7b0a1f5a51d748a0d34c85e7dc48fc3fa9a87657fe09"
dependencies = [ dependencies = [
"libc", "libc",
"wasi 0.11.0+wasi-snapshot-preview1", "wasi 0.11.0+wasi-snapshot-preview1",
@ -1195,15 +1219,15 @@ dependencies = [
[[package]] [[package]]
name = "once_cell" name = "once_cell"
version = "1.18.0" version = "1.19.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d" checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92"
[[package]] [[package]]
name = "openssl" name = "openssl"
version = "0.10.60" version = "0.10.61"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "79a4c6c3a2b158f7f8f2a2fc5a969fa3a068df6fc9dbb4a43845436e3af7c800" checksum = "6b8419dc8cc6d866deb801274bba2e6f8f6108c1bb7fcc10ee5ab864931dbb45"
dependencies = [ dependencies = [
"bitflags 2.4.1", "bitflags 2.4.1",
"cfg-if", "cfg-if",
@ -1233,18 +1257,18 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf"
[[package]] [[package]]
name = "openssl-src" name = "openssl-src"
version = "300.1.6+3.1.4" version = "300.2.1+3.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "439fac53e092cd7442a3660c85dde4643ab3b5bd39040912388dcdabf6b88085" checksum = "3fe476c29791a5ca0d1273c697e96085bbabbbea2ef7afd5617e78a4b40332d3"
dependencies = [ dependencies = [
"cc", "cc",
] ]
[[package]] [[package]]
name = "openssl-sys" name = "openssl-sys"
version = "0.9.96" version = "0.9.97"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3812c071ba60da8b5677cc12bcb1d42989a65553772897a7e0355545a819838f" checksum = "c3eaad34cdd97d81de97964fc7f29e2d104f483840d906ef56daa1912338460b"
dependencies = [ dependencies = [
"cc", "cc",
"libc", "libc",
@ -1565,9 +1589,9 @@ dependencies = [
[[package]] [[package]]
name = "rustix" name = "rustix"
version = "0.38.26" version = "0.38.28"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9470c4bf8246c8daf25f9598dca807fb6510347b1e1cfa55749113850c79d88a" checksum = "72e572a5e8ca657d7366229cdde4bd14c4eb5499a9573d4d366fe1b599daa316"
dependencies = [ dependencies = [
"bitflags 2.4.1", "bitflags 2.4.1",
"errno", "errno",
@ -1578,9 +1602,9 @@ dependencies = [
[[package]] [[package]]
name = "ryu" name = "ryu"
version = "1.0.15" version = "1.0.16"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1ad4cc8da4ef723ed60bced201181d83791ad433213d8c24efffda1eec85d741" checksum = "f98d2aa92eebf49b69786be48e4477826b256916e84a57ff2a4f21923b48eb4c"
[[package]] [[package]]
name = "same-file" name = "same-file"
@ -1787,9 +1811,9 @@ checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623"
[[package]] [[package]]
name = "syn" name = "syn"
version = "2.0.39" version = "2.0.40"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "23e78b90f2fcf45d3e842032ce32e3f2d1545ba6636271dcbf24fa306d87be7a" checksum = "13fa70a4ee923979ffb522cacce59d34421ebdea5625e1073c4326ef9d2dd42e"
dependencies = [ dependencies = [
"proc-macro2", "proc-macro2",
"quote", "quote",
@ -1984,9 +2008,9 @@ dependencies = [
[[package]] [[package]]
name = "try-lock" name = "try-lock"
version = "0.2.4" version = "0.2.5"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3528ecfd12c466c6f163363caf2d02a71161dd5e1cc6ae7b34207ea2d42d81ed" checksum = "e421abadd41a4225275504ea4d6566923418b7f05506fbc9c0fe86ba7396114b"
[[package]] [[package]]
name = "typenum" name = "typenum"
@ -2005,9 +2029,9 @@ dependencies = [
[[package]] [[package]]
name = "unicode-bidi" name = "unicode-bidi"
version = "0.3.13" version = "0.3.14"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "92888ba5573ff080736b3648696b70cafad7d250551175acbaa4e0385b3e1460" checksum = "6f2528f27a9eb2b21e69c95319b30bd0efd85d09c379741b0f78ea1d86be2416"
[[package]] [[package]]
name = "unicode-ident" name = "unicode-ident"

4
Cargo.toml
View file

@ -12,8 +12,8 @@ repository = "https://github.com/bartvdbraak/keyweave/"
[dependencies] [dependencies]
anyhow = "1.0.75" anyhow = "1.0.75"
azure_core = "0.17.0" azure_core = "0.17.0"
azure_identity = "0.17.0" azure_identity = "0.18.1"
azure_security_keyvault = "0.17.0" azure_security_keyvault = "0.18.0"
clap = { version = "4.4.11", features = ["derive"] } clap = { version = "4.4.11", features = ["derive"] }
futures = "0.3.29" futures = "0.3.29"
paris = { version = "1.5.15", features = ["macros"] } paris = { version = "1.5.15", features = ["macros"] }

67
src/main.rs
View file

@ -1,17 +1,31 @@
use anyhow::Result; use anyhow::Result;
use azure_core::error::HttpError;
use azure_identity::DefaultAzureCredential; use azure_identity::DefaultAzureCredential;
use azure_security_keyvault::prelude::KeyVaultGetSecretsResponse; use azure_security_keyvault::prelude::KeyVaultGetSecretsResponse;
use azure_security_keyvault::KeyvaultClient; use azure_security_keyvault::KeyvaultClient;
use clap::Parser; use clap::Parser;
use futures::stream::StreamExt; use futures::stream::StreamExt;
use paris::{error, Logger}; use paris::{error, Logger};
use std::error::Error;
use std::fmt;
use std::fs::File; use std::fs::File;
use std::io::Write; use std::io::Write;
use std::sync::Arc; use std::sync::Arc;
use tokio::sync::mpsc; use tokio::sync::mpsc;
use tokio::sync::Semaphore; use tokio::sync::Semaphore;
#[derive(Debug)]
struct CustomError {
message: String,
}
impl fmt::Display for CustomError {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
write!(f, "{}", self.message)
}
}
impl Error for CustomError {}
#[derive(Parser, Debug)] #[derive(Parser, Debug)]
#[clap(author, version, about, long_about = None)] #[clap(author, version, about, long_about = None)]
struct Opts { struct Opts {
@ -35,12 +49,15 @@ async fn check_vault_dns(vault_name: &str) -> Result<()> {
match lookup_result { match lookup_result {
Ok(_) => Ok(()), Ok(_) => Ok(()),
Err(err) => { Err(_err) => {
error!("DNS lookup failed for Key Vault: {}", vault_name); error!("DNS lookup failed for Key Vault: {}", vault_name);
error!( error!(
"Please check that the Key Vault exists or that you have no connectivity issues." "Please check that the Key Vault exists or that you have no connectivity issues."
); );
Err(err.into()) Err(CustomError {
message: "An error occurred while fetching secrets".to_string(),
}
.into())
} }
} }
} }
@ -56,27 +73,33 @@ async fn fetch_secrets_from_key_vault(
let page = match page { let page = match page {
Ok(p) => p, Ok(p) => p,
Err(err) => { Err(err) => {
error!("\n"); Logger::new().newline(1);
error!("Failed to fetch secrets."); match err.as_http_error() {
let specific_error = err.downcast_ref::<HttpError>(); Some(err) => {
if let Some(specific_error) = specific_error { if err
if specific_error
.error_message() .error_message()
.unwrap() .unwrap()
.to_string()
.contains("does not have secrets list permission on key vault") .contains("does not have secrets list permission on key vault")
{ {
error!("Make sure you have List permissions on the Key Vault."); error!("Make sure you have List permissions on the Key Vault.")
} else if specific_error } else if err
.error_message() .error_message()
.unwrap() .unwrap()
.to_string()
.contains("is not authorized and caller is not a trusted service") .contains("is not authorized and caller is not a trusted service")
{ {
error!("Make sure you're on the Key Vaults Firewall allowlist."); error!("Make sure you're on the Key Vaults Firewall allowlist.")
} else {
error!("HTTP Error: {}", err);
} }
} }
return Err(err.into()); _ => {
error!("Error: {}", err);
}
};
return Err(CustomError {
message: "An error occurred while fetching secrets".to_string(),
}
.into());
} }
}; };
secret_values secret_values
@ -154,15 +177,21 @@ fn create_env_file(secrets: Vec<(String, String)>, output_file: &str) -> Result<
Ok(f) => f, Ok(f) => f,
Err(err) => { Err(err) => {
error!("Failed to create output file: {}", err); error!("Failed to create output file: {}", err);
return Err(err.into()); return Err(CustomError {
message: "n Aerror occurred creating file".to_string(),
}
.into());
} }
}; };
for (key, value) in secrets { for (key, value) in secrets {
if let Some(secret_name) = key.split('/').last() { if let Some(secret_name) = key.split('/').last() {
if let Err(err) = writeln!(file, "{}={}", secret_name, value) { if let Err(_err) = writeln!(file, "{}={}", secret_name, value) {
error!("Failed to write to output file: {}: {}", output_file, err); error!("Failed to write to output file: {}", output_file);
return Err(err.into()); return Err(CustomError {
message: "An error occurred while writing secrets to file".to_string(),
}
.into());
} }
} }
} }
@ -203,7 +232,7 @@ mod tests {
#[tokio::main] #[tokio::main]
async fn main() -> Result<()> { async fn main() -> Result<()> {
let opts: Opts = Opts::parse(); let opts: Opts = Opts::parse();
let mut log = Logger::new(); let mut log: Logger<'_> = Logger::new();
let vault_url = format!("https://{}.vault.azure.net", opts.vault_name); let vault_url = format!("https://{}.vault.azure.net", opts.vault_name);