Coverage for pydaconf/plugins/sealed.py: 84.00%

21 statements  

« prev     ^ index     » next       coverage.py v7.6.11, created at 2025-02-16 17:46 +0000

1import os 

2from collections.abc import Callable 

3 

4from pydaconf.plugins.base import PluginBase 

5from pydaconf.utils.exceptions import ProviderException 

6 

7 

8class SealedPlugin(PluginBase): 

9 """Load sealed secret. Load/Decrypt sealed secret as variable based on prefix SEALED:///""" 

10 

11 PREFIX='SEALED' 

12 

13 def __init__(self) -> None: 

14 self.cache: dict[str, str] = {} 

15 

16 def run(self, value: str, on_update_callback: Callable[[str], None]) -> str: 

17 if value not in self.cache: 17 ↛ 32line 17 didn't jump to line 32 because the condition on line 17 was always true

18 key = os.environ.get('PYDACONF_SEALED_KEY') 

19 if key is None: 19 ↛ 20line 19 didn't jump to line 20 because the condition on line 19 was never true

20 raise ProviderException(f"PYDACONF_SEALED_KEY environment variable is required to decrypt '{value}'") 

21 

22 try: 

23 from cryptography.fernet import Fernet 

24 encryption_provider = Fernet(key) 

25 except ImportError as e: 

26 raise ImportError('Cryptography is not installed, run `pip install pydaconf[cryptography]`') from e 

27 

28 content = encryption_provider.decrypt(value) 

29 

30 self.cache[value] = content.decode() 

31 

32 return self.cache[value] 

33