From f72f39fbac550566c10b5f9e8336bf0ee7db7f33 Mon Sep 17 00:00:00 2001 From: Egor Tensin Date: Sat, 31 Jul 2021 12:54:34 +0300 Subject: cgitize.config: allow passing secrets via environment --- cgitize/config.py | 18 +++++++++++++++--- examples/cgitize.toml | 6 ++++-- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/cgitize/config.py b/cgitize/config.py index 8171860..223dcd2 100644 --- a/cgitize/config.py +++ b/cgitize/config.py @@ -6,7 +6,7 @@ import configparser import importlib import logging -import os.path +import os import sys from cgitize.repo import Repo, GitHub as GitHubRepo, Bitbucket as BitbucketRepo @@ -56,7 +56,13 @@ class GitHub(Section): @property def access_token(self): - return self._get_config_value('access_token', required=False) + access_token = self._get_config_value('access_token', required=False) + if access_token is not None: + return access_token + env_var = 'CGITIZE_GITHUB_ACCESS_TOKEN' + if env_var in os.environ: + return os.environ[env_var] + return None def enum_repositories(self): return self.repositories.enum_repositories() @@ -69,7 +75,13 @@ class Bitbucket(Section): @property def app_password(self): - return self._get_config_value('app_password', required=False) + app_password = self._get_config_value('app_password', required=False) + if app_password is not None: + return app_password + env_var = 'CGITIZE_BITBUCKET_APP_PASSWORD' + if env_var in os.environ: + return os.environ[env_var] + return None def enum_repositories(self): return self.repositories.enum_repositories() diff --git a/examples/cgitize.toml b/examples/cgitize.toml index ed89878..6046e36 100644 --- a/examples/cgitize.toml +++ b/examples/cgitize.toml @@ -16,7 +16,8 @@ owner = "Your Name" [github] # If some of the repositories hosted on GitHub are private, you can use -# "personal access tokens" to access them. +# "personal access tokens" to access them. Also can be provided using the +# CGITIZE_GITHUB_ACCESS_TOKEN environment variable. #access_token = "XXX" # Some random repositories hosted on GitHub: @@ -27,7 +28,8 @@ id = "bobfang1992/pytomlpp" [bitbucket] # If some of the repositories hosted on Bitbucket are private, you can use "app -# passwords" to access them. +# passwords" to access them. Also can be provided using the +# CGITIZE_BITBUCKET_APP_PASSWORD environment variable. #app_password = "XXX" # Some random repositories hosted on Bitbucket: -- cgit v1.2.3