shrub/sh/poke-gcp-account-json
Jōshin 08791901b7 sh/poke-gcp-account-json: poke gcp storage values
To support GCP storage, we want to poke entries from a service account
JSON file into settings-store. This script does that.
2021-02-23 21:10:50 +00:00

54 lines
1.7 KiB
Python
Executable File

#!/usr/bin/env python3
import json
import re
import subprocess
import sys
def herb_poke_gcp_setting(pier, key, val):
"""
Poke a value into settings-store under the %gcp-store bucket.
This does not sanitize or check its inputs. Please make sure they are
correct before calling this function.
:pier: Pier of the ship to poke.
:key: Key to poke. Must be a @tas (i.e. include the '%').
:val: Value to poke. Must be a @t. (will be passed through crude_t.)
"""
print('herb_poke ' + key)
# XXX use +same because herb's cell parser is cursed.
poke_arg = "(same %put-entry %gcp-store {} %s {})".format(
key, crude_t(val))
return subprocess.run(['herb', pier, '-p', 'settings-store', '-d',
poke_arg, '-m', 'settings-event'],
check=True)
def crude_t(pin):
"""
Very crude, bad, dangerous, and evil @t transform.
Puts single quotes around the string. Escapes instances of single quote and
backslash within the string, and turns newlines into \0a.
"""
replaces = [(r'\\', r'\\\\'), ("'", r"\\'"), ("\n", r'\\0a')]
for pattern, replace in replaces:
pin = re.sub(pattern, replace, pin, flags=re.MULTILINE)
return "'{}'".format(pin)
def read_gcp_json(keyfile):
with open(keyfile, 'r') as f:
return json.loads(f.read())
def main():
pier, keyfile = sys.argv[1:]
obj = read_gcp_json(keyfile)
herb_poke_gcp_setting(pier, '%token-uri', obj['token_uri'])
herb_poke_gcp_setting(pier, '%client-email', obj['client_email'])
herb_poke_gcp_setting(pier, '%private-key-id', obj['private_key_id'])
herb_poke_gcp_setting(pier, '%private-key', obj['private_key'])
if __name__ == '__main__':
main()