Add requirements.txt, handle an empty cert file

This commit is contained in:
Yann Verry 2019-05-05 22:59:35 +02:00 committed by Verry Yann
parent 882c473d2b
commit d062ceafa4
No known key found for this signature in database
GPG key ID: 9AAFFD75444F4F19
3 changed files with 25 additions and 8 deletions

View file

@ -20,4 +20,5 @@ python vault-cert-openssh.py ~/.ssh/<your SSH key>-cert.pub
Prerequisite:
* Python >=3.7
* hvac
* pipreqs
* Vault

13
requirements.txt Normal file
View file

@ -0,0 +1,13 @@
Cython==0.29.7
pyOpenSSL==19.0.0
cryptography==2.6.1
protobuf==3.7.1
hvac==0.8.2
ipaddr==2.2.0
lxml==4.3.3
mock==3.0.4
numpy==1.16.3
ordereddict==1.1
simplejson==3.16.0
usercustomize==1.0.0
wincertstore==0.2

View file

@ -31,7 +31,7 @@ import time, os
import base64
from struct import unpack
def vaultrenewkey(filename, vault_var):
def vaultRenewKey(filename, vault_var):
sshKey = filename.replace('-cert','')
public_key = open(sshKey,'r')
client = hvac.Client(url=vault_var['VAULT_ADDR'], token=vault_var['VAULT_TOKEN'])
@ -162,13 +162,16 @@ if __name__ == "__main__":
exit(1)
if len(sys.argv) > 1:
with open(sys.argv[1],'r') as f:
key = Decode(f.read().split(" ")[1])
if int(time.time()) > key['valid before']:
print("Need to renew" + sys.argv[1])
vaultrenewkey(sys.argv[1],vault_var)
else:
print("Nothing to do")
try:
with open(sys.argv[1],'r') as f:
key = Decode(f.read().split(" ")[1])
if int(time.time()) > key['valid before']:
print("Need to renew" + sys.argv[1])
vaultRenewKey(sys.argv[1],vault_var)
else:
print("Nothing to do")
except FileNotFoundError:
vaultRenewKey(sys.argv[1],vault_var)
else:
print("Usage: %s [path to certificate]" % sys.argv[0])
exit(1)