{ "info": { "author": "Marcus LaFerrera", "author_email": "marcus@randomhack.org", "bugtrack_url": null, "classifiers": [ "Development Status :: 4 - Beta", "Intended Audience :: Developers", "Intended Audience :: Information Technology", "Intended Audience :: System Administrators", "License :: OSI Approved :: MIT License", "Programming Language :: Python :: 3.5", "Programming Language :: Python :: 3.6", "Programming Language :: Python :: 3.7", "Topic :: Security", "Topic :: Utilities" ], "description": "## wisely - simple secrets store for Google Cloud KMS\n\n# Overview\n\nWisely is a simple secrets management library. Secrets are stored in an encrypted\nform in Google Cloud Storage (GCS) buckets. Encryption routines leverage Google\nCloud's Key Management Store (KMS) service. Once secrets are decrypted, they are\nreadily available as a `dict()` within Python.\n\n# Installation\n\n pip3 install wisely\n\n# Usage\n\n## Configuration\n\nWisley requires a simple configuration before you get started. For the sake of,\nsimplcity, this documentation assumes that you have already [created a GCS bucket](https://cloud.google.com/storage/docs/creating-buckets)\nfor secret storage, and have also [created a KMS keyring and key](https://cloud.google.com/kms/docs/creating-keys).\n\nLet's get familar with some basic terms required for the configuration:\n\n- **project_id**: Google Cloud project ID\n- **secret_path**: Filename of secret file in GCS\n- **keyring_id**: KMS keyring name\n- **crypto_id**: KMS key name within the specified keyring\n- **location_id**: Google Cloud zone the keyring is located in\n- **bucket_name**: GCS bucket name to store secrets\n- **mode**: Method used to parse secrets. Valid options are kv, json, or raw\n- **delim**: Delimiter for key/values when in mode kv\n\n wisley.cfg\n\n ***\n\n The wisely configuration file is a simple `yaml` file. By default, wisely will\n look for the configuration file in `~/.wisley`. The basic construct is:\n\n [secret_name]\n project_id = my_google_project-10234\n secret_path = secrets.txt\n keyring_id = my_soooper_keyring\n crypto_id = the_key\n location_id = us-west1-a\n bucket_name = sooper-secret-bucket-12312321\n mode = kv\n delim = :\n\n If the `[global]` configuration section exists, wisley will load those first. For\n instance, if there is a shared `project_id` across all of your secrets, you may\n want to define `project_id` in `[global]`:\n\n [global]\n project_id = my_google_project-10234\n\n [secret_name_one]\n secret_path = secrets-one.txt\n keyring_id = my_soooper_keyring\n crypto_id = the_key_one\n location_id = us-west1-a\n bucket_name = sooper-secret-bucket-12312321\n\n [secret_name_two]\n secret_path = secrets-two.txt\n keyring_id = my_soooper_keyring\n crypto_id = the_key_two\n location_id = us-west1-a\n bucket_name = sooper-secret-bucket-12312321\n\n Environment Variables\n\n ***\n\n If no configuration options are defined, wisely will attempt to gather the\n required configuration options from environment variables:\n\n WISELY_PROJECT_ID=my_google_project-10234\n WISELY_SECRET_PATH=secrets.txt\n WISELY_KEYRING_ID=my_soooper_keyring\n WISELY_CRYPTO_ID=the_key\n WISELY_LOCATION_ID=us-east1-a\n WISELY_BUCKET_NAME=sooper-secret-bucket-12312321\n\n## Adding/Updating Secret Configuration\n\nWisley provides a simple cli interface that allows for adding secret configurations:\n\n wisley secret_name --path secrets.txt --project my_google_project-10234 \\\n --keyring my_soooper_keyring --crypto the_key \\\n --bucket sooper-secret-bucket-12312321 --location us-west1-a\n\nLikewise, if you would like to update an individual secret configuration, such as\nupdating the bucket name, simply add the `--update` argument:\n\n wisley secret_name --update --bucket new-secret-bucket-121321\n\n## Adding Secrets\n\nA secrets file can be plaintext, key/value pairs, or json. By default, wisely will\nassume that the mode is a key/value pair.\n\nFor example:\n\n USER=joebob\n PASS=soopersecret321\n\nOr, if json:\n\n {\"USER\": \"joebob\", \"PASS\": \"soopersecret321\"}\n\nThe secrets file may also be plaintext, which will not be parsed in any way by wisely.\n\nTo add a new secret, simply run:\n\n wisely encrypt secret_name cleartext-file.txt\n\nOnce completed, the encrypted file will be encrypted and uploaded to the specified\nGCS bucket. If you want to update the encrypted secrets file:\n\n wisely decrypt secret_name -o cleartext-file.txt\n\n## Using in scripts\n\nUsing wisely in scripts is extremely easy. There are two ways to instantiate `Wisley`.\n\nYou can either pass all of the required configuration options:\n\n from wisely import Wisely\n\n project_id = 'my_google_project-10234'\n secret_path = 'secrets.txt'\n keyring_id = 'my_soooper_keyring'\n crypto_id = 'the_key'\n location = 'us-west1-a'\n bucket_name = 'sooper-secret-bucket-12312321'\n mode = 'json'\n\n wise = Wisley(\n project_id=project_id, secret_path=secret_path, keyring_id=keyring_id,\n crypto_id=crypto_id, location=location, bucket_name=bucket_name,\n mode=mode)\n\n secrets = wise.decrypt()\n\n user = secrets['USER']\n pass = secrets['PASS']\n\n print('User: {}, Pass: {}'.format(user, pass))\n\nOr, if all enviroment variables are properly defined:\n\n from wisely import Wisely\n\n wise = Wisely()\n secrets = wise.decrypt()\n\n user = secrets['USER']\n pass = secrets['PASS']\n\n print('User: {}, Pass: {}'.format(user, pass))", "description_content_type": "text/markdown", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/mlaferrera/wisely", "keywords": "secrets management,google cloud,google kms", "license": "MIT", "maintainer": "", "maintainer_email": "", "name": "wisely", "package_url": "https://pypi.org/project/wisely/", "platform": "", "project_url": "https://pypi.org/project/wisely/", "project_urls": { "Homepage": "https://github.com/mlaferrera/wisely" }, "release_url": "https://pypi.org/project/wisely/0.5.2/", "requires_dist": null, "requires_python": ">=3.5", "summary": "Simple secrets store for Google Cloud", "version": "0.5.2" }, "last_serial": 4708236, "releases": { "0.3": [ { "comment_text": "", "digests": { "md5": "61965d15108a0fec467fed3a0db49242", "sha256": "182ed8a007ed2ca8e56f5142723a26a7d2446665a8b4cbe0a03aa7b2398de610" }, "downloads": -1, "filename": "wisely-0.3-py3-none-any.whl", "has_sig": false, "md5_digest": "61965d15108a0fec467fed3a0db49242", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.5", "size": 5720, "upload_time": "2018-03-20T17:20:50", "url": "https://files.pythonhosted.org/packages/de/93/3846e257a77b961a2621097b1998145ef511afc88a6d5809022f8c881a53/wisely-0.3-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "18c991bb8c36ea85151536a9034195d7", "sha256": "bd5dc14623f7c1c566ddb184ff2eb8c2c5d685c7641c00b423df79b06e4be45b" }, "downloads": -1, "filename": "wisely-0.3.tar.gz", "has_sig": false, "md5_digest": "18c991bb8c36ea85151536a9034195d7", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.5", "size": 5772, "upload_time": "2018-03-20T17:20:51", "url": "https://files.pythonhosted.org/packages/79/44/59f6b4349607edf0f67b1ca64c4925cdc4eb8658df0a9f6aa2eb1666b55a/wisely-0.3.tar.gz" } ], "0.5.2": [ { "comment_text": "", "digests": { "md5": "db3213c60f8282038b650b497c447d1b", "sha256": "0773cc1699fe624a1f7c8743e39779d089e8e4488da34f51cafbb442cb89cebb" }, "downloads": -1, "filename": "wisely-0.5.2.tar.gz", "has_sig": false, "md5_digest": "db3213c60f8282038b650b497c447d1b", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.5", "size": 6658, "upload_time": "2019-01-17T14:27:00", "url": "https://files.pythonhosted.org/packages/82/74/485dfedbb5a494449f683e8204ac69f6912faf71e810cd9d78499215a4c1/wisely-0.5.2.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "db3213c60f8282038b650b497c447d1b", "sha256": "0773cc1699fe624a1f7c8743e39779d089e8e4488da34f51cafbb442cb89cebb" }, "downloads": -1, "filename": "wisely-0.5.2.tar.gz", "has_sig": false, "md5_digest": "db3213c60f8282038b650b497c447d1b", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.5", "size": 6658, "upload_time": "2019-01-17T14:27:00", "url": "https://files.pythonhosted.org/packages/82/74/485dfedbb5a494449f683e8204ac69f6912faf71e810cd9d78499215a4c1/wisely-0.5.2.tar.gz" } ] }