Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-hvac for openSUSE:Factory checked in at 2021-04-23 17:50:39 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-hvac (Old) and /work/SRC/openSUSE:Factory/.python-hvac.new.12324 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-hvac" Fri Apr 23 17:50:39 2021 rev:6 rq:887883 version:0.10.8 Changes: -------- --- /work/SRC/openSUSE:Factory/python-hvac/python-hvac.changes 2021-02-02 14:25:54.803414370 +0100 +++ /work/SRC/openSUSE:Factory/.python-hvac.new.12324/python-hvac.changes 2021-04-23 17:50:55.798825569 +0200 @@ -1,0 +2,8 @@ +Thu Apr 22 20:22:43 UTC 2021 - Dirk M??ller <[email protected]> + +- update to 0.10.8: + - K8s Auth: Allow wildcards for service account and namespace. GH-669 + - Add token_type support to create_kubernetes_role. GH-664 + - Support database secrets static roles. GH-662 + +------------------------------------------------------------------- Old: ---- v0.10.6.tar.gz New: ---- v0.10.8.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-hvac.spec ++++++ --- /var/tmp/diff_new_pack.shPdPk/_old 2021-04-23 17:50:56.226826305 +0200 +++ /var/tmp/diff_new_pack.shPdPk/_new 2021-04-23 17:50:56.230826312 +0200 @@ -18,7 +18,7 @@ %{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: python-hvac -Version: 0.10.6 +Version: 0.10.8 Release: 0 Summary: HashiCorp Vault API client License: BSD-3-Clause ++++++ v0.10.6.tar.gz -> v0.10.8.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/.bumpversion.cfg new/hvac-0.10.8/.bumpversion.cfg --- old/hvac-0.10.6/.bumpversion.cfg 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/.bumpversion.cfg 2021-02-08 16:37:19.000000000 +0100 @@ -1,5 +1,5 @@ [bumpversion] -current_version = 0.10.6 +current_version = 0.10.8 commit = True tag = True diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/.github/workflows/python-package.yml new/hvac-0.10.8/.github/workflows/python-package.yml --- old/hvac-0.10.6/.github/workflows/python-package.yml 1970-01-01 01:00:00.000000000 +0100 +++ new/hvac-0.10.8/.github/workflows/python-package.yml 2021-02-08 16:37:19.000000000 +0100 @@ -0,0 +1,42 @@ +name: Test + +on: + push: + branches: [ develop ] + pull_request: + branches: [ develop ] + +jobs: + build: + + runs-on: ubuntu-latest + strategy: + matrix: + python-version: [3.6] + vault-version: [1.3.10, 1.4.7, 1.5.7, 1.6.2] + steps: + - uses: actions/checkout@v2 + + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v2 + with: + python-version: ${{ matrix.python-version }} + + - name: Install dependencies + run: | + tests/scripts/install-consul.sh + tests/scripts/install-vault.sh ${{ matrix.vault-version }} enterprise + pip install -r requirements-dev.txt + echo "$HOME/.local/bin" >> $GITHUB_PATH + + - name: Lint with flake8 + run: flake8 . --count --exit-zero --statistics + + - name: Test with pytest + run: pytest --cov=hvac tests/ + + - name: Codecov - Process coverage + uses: codecov/codecov-action@v1 + with: + fail_ci_if_error: true + verbose: true diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/.github/workflows/python-publish.yml new/hvac-0.10.8/.github/workflows/python-publish.yml --- old/hvac-0.10.6/.github/workflows/python-publish.yml 1970-01-01 01:00:00.000000000 +0100 +++ new/hvac-0.10.8/.github/workflows/python-publish.yml 2021-02-08 16:37:19.000000000 +0100 @@ -0,0 +1,28 @@ +name: Upload Python Package + +on: + release: + types: [published] + +jobs: + deploy: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + - name: Set up Python + uses: actions/setup-python@v2 + with: + python-version: '3.x' + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install setuptools wheel twine + - name: Build and publish + env: + TWINE_USERNAME: ${{ secrets.PYPI_USERNAME }} + TWINE_PASSWORD: ${{ secrets.PYPI_PASSWORD }} + run: | + python setup.py sdist bdist_wheel + twine upload dist/* diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/.gitignore new/hvac-0.10.8/.gitignore --- old/hvac-0.10.6/.gitignore 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/.gitignore 2021-02-08 16:37:19.000000000 +0100 @@ -5,7 +5,6 @@ /build /dist /*.egg-info -/.tox test/*.log /.coverage /cover diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/.travis.yml new/hvac-0.10.8/.travis.yml --- old/hvac-0.10.6/.travis.yml 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/.travis.yml 1970-01-01 01:00:00.000000000 +0100 @@ -1,48 +0,0 @@ -dist: xenial -language: python -python: - - '3.7' - - '2.7' -env: - - HVAC_VAULT_VERSION=1.5.0 HVAC_VAULT_LICENSE=enterprise - - HVAC_VAULT_VERSION=1.4.3 HVAC_VAULT_LICENSE=enterprise - - HVAC_VAULT_VERSION=1.3.7 HVAC_VAULT_LICENSE=enterprise - - HVAC_VAULT_VERSION=1.2.4 HVAC_VAULT_LICENSE=enterprise - - HVAC_VAULT_VERSION=STABLE HVAC_VAULT_LICENSE=OSS - - TOXENV=flake8 -matrix: - include: - - name: 'Vault OSS - Latest hvac-tested Release on Python 3.7' - python: '3.7' - env: HVAC_VAULT_VERSION=1.2.4 HVAC_VAULT_LICENSE=OSS - - name: 'Test Documentation Build - Sphinx: "make html"' - env: TOXENV=docs - - stage: PyPi Release - name: 'Publish to PyPI During Git "tag" Builds' - install: skip - script: skip - before_deploy: - - make package - deploy: - provider: pypi - user: hvac-bot - password: - secure: s9LLuUp1+ZTE3xvXdW9tF9hPUk7jxsFvol3PouDXdSVBNeVUhyHG1fMxOi1p8UOhx7e/iOGv8Bi77z0gDQgcynrFywhHEGbuna92Am40wMFT/Lu+JzHi8y2zBdahNsi80FnlNhW3MEtCNkXI6HgIlBpzEcfSm0ovfuncT0+5fCI= - distributions: "sdist bdist_wheel" - skip_cleanup: true - on: - tags: true - allow_failures: - # Ignore failed tests run against Vault development builds compiled from https://github.com/hashicorp/vault. - - env: HVAC_VAULT_VERSION=STABLE HVAC_VAULT_LICENSE=OSS - # Don't wait on the "allow_failures" build jobs before reporting on the overall success/failure of the current build. - fast_finish: true -install: - - tests/scripts/install-consul.sh - - tests/scripts/install-vault.sh ${HVAC_VAULT_VERSION} ${HVAC_VAULT_LICENSE} - - pip install tox-travis -script: - - make test -notifications: - webhooks: - secure: "IuHvo7I77oZKo++O9QSq1TOtYOvZnqSTg7uO1lr7/+6fMsFLZE4YQVVqa3qyJwn5Q2DafAIdzVj5OyWT9FK8hDTAhqkDL4iVnh+Bk+ph1WBYA0OzFv32K0M46byUwTMmeq51DIuTozhJ/v58pYk6d95MJT9J5/cXCeGmr2vAUqo=" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/CHANGELOG.md new/hvac-0.10.8/CHANGELOG.md --- old/hvac-0.10.6/CHANGELOG.md 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/CHANGELOG.md 2021-02-08 16:37:19.000000000 +0100 @@ -1,5 +1,24 @@ # Changelog +## 0.10.8 (February 8th, 2021) + +### ???? Features + +- K8s Auth: Allow wildcards for service account and namespace. GH-669 +- Add token_type support to create_kubernetes_role. GH-664 + +## 0.10.7 (February 1st, 2021) + +### ???? Features + +- Support database secrets static roles. GH-662 + +### ???? Miscellaneous + +- Replace Travis CI w/ GitHub actions. GH-666 + +Thanks to @jeffwecan, @krish7919 and Krish for their lovely contributions. + ## 0.10.6 (December 14th, 2020) ### ???? Features @@ -397,7 +416,7 @@ MISCELLANEOUS: -* Note: Starting after release 0.7.0, `develop` is the main integration branch for the hvac project. The `master` branch is now intended to capture the state of the most recent release. +* Note: Starting after release 0.7.0, `develop` is the main integration branch for the hvac project. The `main` branch is now intended to capture the state of the most recent release. * Test cases for hvac are no longer included in the release artifacts published to PyPi. [GH-334](https://github.com/hvac/hvac/pull/334) * The `create_or_update_policy` system backend method now supports a "pretty_print" argument for different JSON formatting. This allows create more viewable policy documents when retrieve existing policies (e.g., from within the Vault UI interface). [GH-342](https://github.com/hvac/hvac/pull/342) * Explicit support for Vault v0.8.3 dropped. CI/CD tests updated to run against Vault v1.0.0. [GH-344](https://github.com/hvac/hvac/pull/344) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/CONTRIBUTING.md new/hvac-0.10.8/CONTRIBUTING.md --- old/hvac-0.10.6/CONTRIBUTING.md 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/CONTRIBUTING.md 2021-02-08 16:37:19.000000000 +0100 @@ -79,7 +79,7 @@ ``` git commit CHANGELOG.md -m "Changelog updates for v$(grep -oP '(?<=current_version = ).*' .bumpversion.cfg)" ``` -- [ ] Git push the updated develop branch (`git push`) and open a PR to rebase merge the develop branch into master: [https://github.com/hvac/hvac/compare/master...develop](https://github.com/hvac/hvac/compare/master...develop). Ensure the PR has the "release" label applied and then merge it. +- [ ] Git push the updated develop branch (`git push`) and open a PR to rebase merge the develop branch into main: [https://github.com/hvac/hvac/compare/main...develop](https://github.com/hvac/hvac/compare/main...develop). Ensure the PR has the "release" label applied and then merge it. -- [ ] Publish the draft release on GitHub: [https://github.com/hvac/hvac/releases](https://github.com/hvac/hvac/releases). Ensure the tag is set to the release name (e.g., vX.X.X) and the target is the master branch. +- [ ] Publish the draft release on GitHub: [https://github.com/hvac/hvac/releases](https://github.com/hvac/hvac/releases). Ensure the tag is set to the release name (e.g., vX.X.X) and the target is the main branch. NOTE: [release-drafter](https://github.com/toolmantim/release-drafter) sets the release name by default. If performing a minor or major update, these values will need to be manually updated before publishing the draft release subsequently. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/Makefile new/hvac-0.10.8/Makefile --- old/hvac-0.10.6/Makefile 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/Makefile 2021-02-08 16:37:19.000000000 +0100 @@ -4,13 +4,13 @@ .PHONY: clean package publish test update-all-requirements $(addsuffix .txt, $(REQUIREMENTS_FILES)) docs/requirements.txt test: - tox + pytest --cov=hvac tests/ clean: rm -rf dist hvac.egg-info distclean: clean - rm -rf build .tox + rm -rf build package: python setup.py sdist bdist_wheel diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/README.md new/hvac-0.10.8/README.md --- old/hvac-0.10.6/README.md 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/README.md 2021-02-08 16:37:19.000000000 +0100 @@ -1,18 +1,18 @@ # hvac - + -[HashiCorp](https://hashicorp.com/) [Vault](https://www.vaultproject.io) API client for Python 2.7/3.x +[HashiCorp](https://hashicorp.com/) [Vault](https://www.vaultproject.io) API client for Python 3.x -[](https://travis-ci.org/hvac/hvac) -[](https://codecov.io/gh/hvac/hvac) +[](https://github.com/hvac/hvac/actions?query=workflow%3ATest) +[](https://codecov.io/gh/hvac/hvac) [](https://hvac.readthedocs.io/en/latest/?badge=latest) [](https://badge.fury.io/py/hvac) [](https://twitter.com/python_hvac) [](https://gitter.im/hvac/community) Tested against the latest release, HEAD ref, and 3 previous minor versions (counting back from the latest release) of Vault. -Current official support covers Vault v1.2.4 or later. +Current official support covers Vault v1.3.10 or later. ## Installation diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/docs/conf.py new/hvac-0.10.8/docs/conf.py --- old/hvac-0.10.6/docs/conf.py 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/docs/conf.py 2021-02-08 16:37:19.000000000 +0100 @@ -16,9 +16,9 @@ author = u'Ian Unruh, Jeffrey Hogan' # The short X.Y version -version = '0.10.6' +version = '0.10.8' # The full version, including alpha/beta/rc tags -release = '0.10.6' +release = '0.10.8' # -- General configuration --------------------------------------------------- @@ -108,8 +108,9 @@ def skip(app, what, name, obj, skip, options): - """Method to override default autodoc skip call. Ensures class constructor (e.g., __init__()) methods are included - regardless of if private methods are included in the documentation generally. + """Method to override default autodoc skip call. Ensures class constructor + (e.g., __init__()) methods are included regardless of if private methods + are included in the documentation generally. """ if name == "__init__": return False diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/docs/requirements.in new/hvac-0.10.8/docs/requirements.in --- old/hvac-0.10.6/docs/requirements.in 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/docs/requirements.in 2021-02-08 16:37:19.000000000 +0100 @@ -1,5 +1,4 @@ -r ../requirements-dev.txt --r ../requirements.txt autodocsumm m2r2 sphinx diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/docs/requirements.txt new/hvac-0.10.8/docs/requirements.txt --- old/hvac-0.10.6/docs/requirements.txt 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/docs/requirements.txt 2021-02-08 16:37:19.000000000 +0100 @@ -5,59 +5,54 @@ # pip-compile --output-file=docs/requirements.txt docs/requirements.in # alabaster==0.7.12 # via sphinx -appdirs==1.4.4 # via -r docs/../requirements-dev.txt, virtualenv +attrs==20.3.0 # via -r docs/../requirements-dev.txt, pytest authlib==0.14.3 # via -r docs/../requirements-dev.txt autodocsumm==0.1.13 # via -r docs/requirements.in babel==2.8.0 # via sphinx -certifi==2020.6.20 # via -r docs/../requirements-dev.txt, -r docs/../requirements.txt, requests +certifi==2020.6.20 # via -r docs/../requirements-dev.txt, requests cffi==1.14.0 # via -r docs/../requirements-dev.txt, cryptography -chardet==3.0.4 # via -r docs/../requirements-dev.txt, -r docs/../requirements.txt, requests +chardet==3.0.4 # via -r docs/../requirements-dev.txt, requests click==7.1.2 # via -r docs/../requirements-dev.txt, flask codecov==2.1.8 # via -r docs/../requirements-dev.txt -configparser==4.0.2 # via -r docs/../requirements-dev.txt -contextlib2==0.6.0.post1 # via -r docs/../requirements-dev.txt -coverage==5.2.1 # via -r docs/../requirements-dev.txt, codecov -cryptography==1.7.2 # via -r docs/../requirements-dev.txt, authlib, jwcrypto -distlib==0.3.1 # via -r docs/../requirements-dev.txt, virtualenv +coverage==5.2.1 # via -r docs/../requirements-dev.txt, codecov, pytest-cov +cryptography==3.3.1 # via -r docs/../requirements-dev.txt, authlib, jwcrypto docutils==0.16 # via m2r2, sphinx -enum34==1.1.10 # via -r docs/../requirements-dev.txt -filelock==3.0.12 # via -r docs/../requirements-dev.txt, tox, virtualenv +flake8==3.8.4 # via -r docs/../requirements-dev.txt flask-sqlalchemy==2.4.4 # via -r docs/../requirements-dev.txt flask==1.1.2 # via -r docs/../requirements-dev.txt, flask-sqlalchemy -funcsigs==1.0.2 # via -r docs/../requirements-dev.txt -idna==2.10 # via -r docs/../requirements-dev.txt, -r docs/../requirements.txt, cryptography, requests +idna==2.10 # via -r docs/../requirements-dev.txt, requests imagesize==1.2.0 # via sphinx -importlib-metadata==1.7.0 # via -r docs/../requirements-dev.txt -importlib-resources==3.0.0 # via -r docs/../requirements-dev.txt +iniconfig==1.1.1 # via -r docs/../requirements-dev.txt, pytest ipaddress==1.0.23 # via -r docs/../requirements-dev.txt itsdangerous==1.1.0 # via -r docs/../requirements-dev.txt, flask jinja2==2.11.2 # via -r docs/../requirements-dev.txt, flask, sphinx jwcrypto==0.7 # via -r docs/../requirements-dev.txt, python-jwt m2r2==0.2.5 # via -r docs/requirements.in markupsafe==1.1.1 # via -r docs/../requirements-dev.txt, jinja2 +mccabe==0.6.1 # via -r docs/../requirements-dev.txt, flake8 mistune==0.8.4 # via m2r2 mock==3.0.5 # via -r docs/../requirements-dev.txt nose==1.3.7 # via -r docs/../requirements-dev.txt -packaging==20.4 # via -r docs/../requirements-dev.txt, sphinx, tox +packaging==20.4 # via -r docs/../requirements-dev.txt, pytest, sphinx parameterized==0.7.4 # via -r docs/../requirements-dev.txt -pathlib2==2.3.5 # via -r docs/../requirements-dev.txt -pluggy==0.13.1 # via -r docs/../requirements-dev.txt, tox +pluggy==0.13.1 # via -r docs/../requirements-dev.txt, pytest py4j==0.10.9 # via -r docs/../requirements-dev.txt, python-ldap-test -py==1.9.0 # via -r docs/../requirements-dev.txt, tox -pyasn1==0.4.8 # via -r docs/../requirements-dev.txt, cryptography +py==1.9.0 # via -r docs/../requirements-dev.txt, pytest +pycodestyle==2.6.0 # via -r docs/../requirements-dev.txt, flake8 pycparser==2.20 # via -r docs/../requirements-dev.txt, cffi +pyflakes==2.2.0 # via -r docs/../requirements-dev.txt, flake8 pygments==2.6.1 # via sphinx -pyhcl==0.4.4 # via -r docs/../requirements.txt +pyhcl==0.4.4 # via -r docs/../requirements-dev.txt pyparsing==2.4.7 # via -r docs/../requirements-dev.txt, packaging +pytest-cov==2.11.1 # via -r docs/../requirements-dev.txt +pytest==6.2.2 # via -r docs/../requirements-dev.txt, pytest-cov python-jwt==3.2.6 # via -r docs/../requirements-dev.txt python-ldap-test==0.3.1 # via -r docs/../requirements-dev.txt pytz==2020.1 # via babel requests-mock==1.8.0 # via -r docs/../requirements-dev.txt -requests==2.24.0 # via -r docs/../requirements-dev.txt, -r docs/../requirements.txt, codecov, requests-mock, sphinx -scandir==1.10.0 # via -r docs/../requirements-dev.txt +requests==2.24.0 # via -r docs/../requirements-dev.txt, codecov, requests-mock, sphinx semantic-version==2.8.5 # via -r docs/../requirements-dev.txt -singledispatch==3.4.0.3 # via -r docs/../requirements-dev.txt -six==1.15.0 # via -r docs/../requirements-dev.txt, -r docs/../requirements.txt, cryptography, mock, packaging, pathlib2, requests-mock, singledispatch, tox, virtualenv +six==1.15.0 # via -r docs/../requirements-dev.txt, cryptography, mock, packaging, requests-mock snowballstemmer==2.0.0 # via sphinx sphinx-rtd-theme==0.5.0 # via -r docs/requirements.in sphinx==3.1.2 # via -r docs/requirements.in, autodocsumm, sphinx-rtd-theme @@ -68,13 +63,9 @@ sphinxcontrib-qthelp==1.0.3 # via sphinx sphinxcontrib-serializinghtml==1.1.4 # via sphinx sqlalchemy==1.3.18 # via -r docs/../requirements-dev.txt, flask-sqlalchemy -toml==0.10.1 # via -r docs/../requirements-dev.txt, tox -tox==3.18.0 # via -r docs/../requirements-dev.txt -typing==3.5.3.0 # via -r docs/../requirements-dev.txt -urllib3==1.25.10 # via -r docs/../requirements-dev.txt, -r docs/../requirements.txt, requests -virtualenv==20.0.28 # via -r docs/../requirements-dev.txt, tox +toml==0.10.1 # via -r docs/../requirements-dev.txt, pytest +urllib3==1.25.10 # via -r docs/../requirements-dev.txt, requests werkzeug==1.0.1 # via -r docs/../requirements-dev.txt, flask -zipp==1.2.0 # via -r docs/../requirements-dev.txt, importlib-metadata # The following packages are considered to be unsafe in a requirements file: # setuptools diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/docs/usage/auth_methods/approle.rst new/hvac-0.10.8/docs/usage/auth_methods/approle.rst --- old/hvac-0.10.6/docs/usage/auth_methods/approle.rst 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/docs/usage/auth_methods/approle.rst 2021-02-08 16:37:19.000000000 +0100 @@ -1,9 +1,88 @@ Approle ======= +.. contents:: + +Enabling +-------- + +:py:meth:`hvac.api.system_backend.Auth.enable_auth_method` + +.. code:: python + + import hvac + client = hvac.Client() + + client.sys.enable_auth_method( + method_type='approle', + ) + + # Mount approle auth method under a different path: + client.sys.enable_auth_method( + method_type='approle', + path='my-approle', + ) + Authentication -------------- +:py:meth:`hvac.api.auth_methods.AppRole.login` + +.. code:: python + + import hvac + client = hvac.Client() + + + client.auth.approle.login( + role_id='<some_role_id>', + secret_id='<some_secret_id>', + ) + +Create or Update AppRole +------------------------ + +:py:meth:`hvac.api.auth_methods.AppRole.create_or_update_approle` + +.. code:: python + + import hvac + client = hvac.Client() + + client.auth.approle.create_or_update_approle( + role_name='some-role', + token_policies=['some-policy'], + token_type='service, + ) + +Read Role ID +------------ + +:py:meth:`hvac.api.auth_methods.AppRole.read_role_id` + .. code:: python - client.auth_approle('MY_ROLE_ID', 'MY_SECRET_ID') + import hvac + client = hvac.Client() + + resp = client.auth.approle.read_role_id( + role_name='some-role', + ) + print(f'AppRole role ID for some-role: {resp["data"]["role_id"]}') + + +Generate Secret ID +------------------ + +:py:meth:`hvac.api.auth_methods.AppRole.generate_secret_id` + +.. code:: python + + import hvac + client = hvac.Client() + + resp = client.auth.approle.generate_secret_id( + role_name='some-role', + cidr_list=['127.0.0.1/32'], + ) + print(f'AppRole secret ID for some-role: {resp["data"]["role_id"]}') diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/docs/usage/auth_methods/jwt-oidc.rst new/hvac-0.10.8/docs/usage/auth_methods/jwt-oidc.rst --- old/hvac-0.10.6/docs/usage/auth_methods/jwt-oidc.rst 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/docs/usage/auth_methods/jwt-oidc.rst 2021-02-08 16:37:19.000000000 +0100 @@ -143,6 +143,7 @@ :py:meth:`hvac.api.auth_methods.JWT.oidc_authorization_url_request` .. code:: python + import webbrowser import http.server import hvac @@ -166,7 +167,7 @@ auth_result = client.auth.oidc.oidc_callback( code=token, path='oidc', nonce=auth_url_nonce, state=auth_url_state ) - + print('Client token returned: %s' % auth_result['auth']['client_token']) # handles the callback diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/hvac/api/auth_methods/kubernetes.py new/hvac-0.10.8/hvac/api/auth_methods/kubernetes.py --- old/hvac-0.10.6/hvac/api/auth_methods/kubernetes.py 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/hvac/api/auth_methods/kubernetes.py 2021-02-08 16:37:19.000000000 +0100 @@ -104,10 +104,10 @@ :param name: Name of the role. :type name: str | unicode :param bound_service_account_names: List of service account names able to access this role. If set to "*" - all names are allowed, both this and bound_service_account_namespaces can not be "*". + all names are allowed. :type bound_service_account_names: list | str | unicode :param bound_service_account_namespaces: List of namespaces allowed to access this role. If set to "*" all - namespaces are allowed, both this and bound_service_account_names can not be set to "*". + namespaces are allowed. :type bound_service_account_namespaces: list | str | unicode :param ttl: The TTL period of tokens issued using this role in seconds. :type ttl: str | unicode @@ -135,11 +135,6 @@ param_argument=param_argument, ) - if bound_service_account_names in ("*", ["*"]) and bound_service_account_namespaces in ("*", ["*"]): - error_msg = 'unsupported combination of `bind_service_account_names` and ' \ - '`bound_service_account_namespaces` arguments. Both of them can not be set to `*`' - raise exceptions.ParamValidationError(error_msg) - params = { 'bound_service_account_names': comma_delimited_to_list(bound_service_account_names), 'bound_service_account_namespaces': comma_delimited_to_list(bound_service_account_namespaces), diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/hvac/api/secrets_engines/database.py new/hvac-0.10.8/hvac/api/secrets_engines/database.py --- old/hvac-0.10.6/hvac/api/secrets_engines/database.py 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/hvac/api/secrets_engines/database.py 2021-02-08 16:37:19.000000000 +0100 @@ -171,6 +171,40 @@ json=params ) + def create_static_role(self, name, db_name, username, rotation_statements, + rotation_period=86400, mount_point=DEFAULT_MOUNT_POINT): + """This endpoint creates or updates a static role definition. + + :param name: Specifies the name of the role to create. + :type name: str | unicode + :param db_name: The name of the database connection to use for this role. + :type db_name: str | unicode + :param username: Specifies the database username that the Vault role `name` above corresponds to. + :type username: str | unicode + :param rotation_statements: Specifies the database statements to be executed to rotate the password for the configured database user. + Not every plugin type will support this functionality. See the plugin's API page for more information on support and + formatting for this parameter. + :type rotation_statements: list + :param rotation_period: Specifies the amount of time Vault should wait before rotating the password. The minimum is 5 seconds. + :type rotation_period: int + :param mount_point: The "path" the method/backend was mounted on. + :type mount_point: str | unicode + :return: The response of the request. + :rtype: requests.Response + """ + + params = { + "db_name": db_name, + "username": username, + "rotation_statements": rotation_statements, + "rotation_period": rotation_period, + } + + api_path = utils.format_url( + "/v1/{mount_point}/static-roles/{name}", mount_point=mount_point, name=name + ) + return self._adapter.post(url=api_path, json=params) + def read_role(self, name, mount_point=DEFAULT_MOUNT_POINT): """This endpoint queries the role definition. @@ -202,6 +236,20 @@ url=api_path, ) + def list_static_roles(self, mount_point=DEFAULT_MOUNT_POINT): + """This endpoint returns a list of available static roles. + + :param mount_point: The "path" the method/backend was mounted on. + :type mount_point: str | unicode + :return: The response of the request. + :rtype: requests.Response + """ + + api_path = utils.format_url( + "/v1/{mount_point}/static-roles", mount_point=mount_point + ) + return self._adapter.list(url=api_path,) + def delete_role(self, name, mount_point=DEFAULT_MOUNT_POINT): """This endpoint deletes the role definition. @@ -217,6 +265,21 @@ url=api_path, ) + def delete_static_role(self, name, mount_point=DEFAULT_MOUNT_POINT): + """This endpoint deletes the static role definition. + + :param name: Specifies the name of the role to delete. + :type name: str | unicode + :param mount_point: The "path" the method/backend was mounted on. + :type mount_point: str | unicode + :return: The response of the request. + :rtype: requests.Response + """ + api_path = utils.format_url( + "/v1/{mount_point}/static-roles/{name}", mount_point=mount_point, name=name + ) + return self._adapter.delete(url=api_path,) + def generate_credentials(self, name, mount_point=DEFAULT_MOUNT_POINT): """This endpoint generates a new set of dynamic credentials based on the named role. @@ -232,4 +295,23 @@ return self._adapter.get( url=api_path, + ) + + def get_static_credentials(self, name, mount_point=DEFAULT_MOUNT_POINT): + """This endpoint returns the current credentials based on the named static role. + + :param name: Specifies the name of the role to create credentials against + :type name: str | unicode + :param mount_point: The "path" the method/backend was mounted on. + :type mount_point: str | unicode + :return: The response of the request. + :rtype: requests.Response + """ + + api_path = utils.format_url( + "/v1/{mount_point}/static-creds/{name}", mount_point=mount_point, name=name + ) + + return self._adapter.get( + url=api_path, ) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/hvac/v1/__init__.py new/hvac-0.10.8/hvac/v1/__init__.py --- old/hvac-0.10.6/hvac/v1/__init__.py 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/hvac/v1/__init__.py 2021-02-08 16:37:19.000000000 +0100 @@ -1623,7 +1623,7 @@ return self._adapter.get(url) def create_kubernetes_role(self, name, bound_service_account_names, bound_service_account_namespaces, ttl="", - max_ttl="", period="", policies=None, mount_point='kubernetes'): + max_ttl="", period="", policies=None, token_type="", mount_point='kubernetes'): """POST /auth/<mount_point>/role/:name :param name: Name of the role. @@ -1646,6 +1646,7 @@ :type policies: list. :param mount_point: The "path" the k8s auth backend was mounted on. Vault currently defaults to "kubernetes". :type mount_point: str. + :type token_type: str. :return: Will be an empty body with a 204 status code upon success :rtype: requests.Response. """ @@ -1661,6 +1662,9 @@ 'period': period, 'policies': policies, } + if token_type: + params['token_type'] = token_type + url = 'v1/auth/{0}/role/{1}'.format(mount_point, name) return self._adapter.post(url, json=params) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/requirements-dev.in new/hvac-0.10.8/requirements-dev.in --- old/hvac-0.10.6/requirements-dev.in 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/requirements-dev.in 2021-02-08 16:37:19.000000000 +0100 @@ -1,4 +1,6 @@ +-r ./requirements.txt Authlib +flake8 Flask Flask-SQLAlchemy codecov @@ -7,9 +9,10 @@ mock nose parameterized +pytest +pytest-cov python-ldap-test python_jwt requests_mock semantic_version -tox Werkzeug diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/requirements-dev.txt new/hvac-0.10.8/requirements-dev.txt --- old/hvac-0.10.6/requirements-dev.txt 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/requirements-dev.txt 2021-02-08 16:37:19.000000000 +0100 @@ -4,58 +4,47 @@ # # pip-compile --output-file=requirements-dev.txt requirements-dev.in # -appdirs==1.4.4 # via virtualenv +attrs==20.3.0 # via pytest authlib==0.14.3 # via -r requirements-dev.in -certifi==2020.6.20 # via requests +certifi==2020.6.20 # via -r ./requirements.txt, requests cffi==1.14.0 # via cryptography -chardet==3.0.4 # via requests +chardet==3.0.4 # via -r ./requirements.txt, requests click==7.1.2 # via flask codecov==2.1.8 # via -r requirements-dev.in -configparser==4.0.2 # via importlib-metadata -contextlib2==0.6.0.post1 # via importlib-metadata, importlib-resources, zipp -coverage==5.2.1 # via -r requirements-dev.in, codecov -cryptography==1.7.2 # via authlib, jwcrypto -distlib==0.3.1 # via virtualenv -enum34==1.1.10 # via cryptography -filelock==3.0.12 # via tox, virtualenv +coverage==5.2.1 # via -r requirements-dev.in, codecov, pytest-cov +cryptography==3.3.1 # via authlib, jwcrypto +flake8==3.8.4 # via -r requirements-dev.in flask-sqlalchemy==2.4.4 # via -r requirements-dev.in flask==1.1.2 # via -r requirements-dev.in, flask-sqlalchemy -funcsigs==1.0.2 # via mock -idna==2.10 # via cryptography, requests -importlib-metadata==1.7.0 # via pluggy, tox, virtualenv -importlib-resources==3.0.0 # via virtualenv -ipaddress==1.0.23 # via -r requirements-dev.in, cryptography +idna==2.10 # via -r ./requirements.txt, requests +iniconfig==1.1.1 # via pytest +ipaddress==1.0.23 # via -r requirements-dev.in itsdangerous==1.1.0 # via flask jinja2==2.11.2 # via flask jwcrypto==0.7 # via python-jwt markupsafe==1.1.1 # via jinja2 +mccabe==0.6.1 # via flake8 mock==3.0.5 # via -r requirements-dev.in nose==1.3.7 # via -r requirements-dev.in -packaging==20.4 # via tox +packaging==20.4 # via pytest parameterized==0.7.4 # via -r requirements-dev.in -pathlib2==2.3.5 # via importlib-metadata, importlib-resources, virtualenv -pluggy==0.13.1 # via tox +pluggy==0.13.1 # via pytest py4j==0.10.9 # via python-ldap-test -py==1.9.0 # via tox -pyasn1==0.4.8 # via cryptography +py==1.9.0 # via pytest +pycodestyle==2.6.0 # via flake8 pycparser==2.20 # via cffi +pyflakes==2.2.0 # via flake8 +pyhcl==0.4.4 # via -r ./requirements.txt pyparsing==2.4.7 # via packaging +pytest-cov==2.11.1 # via -r requirements-dev.in +pytest==6.2.2 # via -r requirements-dev.in, pytest-cov python-jwt==3.2.6 # via -r requirements-dev.in python-ldap-test==0.3.1 # via -r requirements-dev.in requests-mock==1.8.0 # via -r requirements-dev.in -requests==2.24.0 # via codecov, requests-mock -scandir==1.10.0 # via pathlib2 +requests==2.24.0 # via -r ./requirements.txt, codecov, requests-mock semantic-version==2.8.5 # via -r requirements-dev.in -singledispatch==3.4.0.3 # via importlib-resources -six==1.15.0 # via cryptography, mock, packaging, pathlib2, requests-mock, tox, virtualenv +six==1.15.0 # via -r ./requirements.txt, cryptography, mock, packaging, requests-mock sqlalchemy==1.3.18 # via flask-sqlalchemy -toml==0.10.1 # via tox -tox==3.18.0 # via -r requirements-dev.in -typing==3.5.3.0 # via importlib-resources -urllib3==1.25.10 # via requests -virtualenv==20.0.28 # via tox +toml==0.10.1 # via pytest +urllib3==1.25.10 # via -r ./requirements.txt, requests werkzeug==1.0.1 # via -r requirements-dev.in, flask -zipp==1.2.0 # via importlib-metadata, importlib-resources - -# The following packages are considered to be unsafe in a requirements file: -# setuptools diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/setup.py new/hvac-0.10.8/setup.py --- old/hvac-0.10.6/setup.py 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/setup.py 2021-02-08 16:37:19.000000000 +0100 @@ -10,7 +10,7 @@ setup( name='hvac', - version='0.10.6', + version='0.10.8', description='HashiCorp Vault API client', long_description=load_long_description(), long_description_content_type="text/markdown", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/tests/integration_tests/api/auth_methods/test_kubernetes.py new/hvac-0.10.8/tests/integration_tests/api/auth_methods/test_kubernetes.py --- old/hvac-0.10.6/tests/integration_tests/api/auth_methods/test_kubernetes.py 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/tests/integration_tests/api/auth_methods/test_kubernetes.py 2021-02-08 16:37:19.000000000 +0100 @@ -130,10 +130,9 @@ bound_service_account_namespaces=['default'], ), param( - 'both bounds wildcard', + 'both bounds wildcard permitted', bound_service_account_names=['*'], bound_service_account_namespaces=['*'], - raises=exceptions.ParamValidationError, ), ]) def test_create_role(self, label, bound_service_account_names=None, bound_service_account_namespaces=None, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/tests/scripts/install-consul.sh new/hvac-0.10.8/tests/scripts/install-consul.sh --- old/hvac-0.10.6/tests/scripts/install-consul.sh 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/tests/scripts/install-consul.sh 2021-02-08 16:37:19.000000000 +0100 @@ -2,7 +2,7 @@ set -eux DEFAULT_CONSUL_VERSION="1.4.0" -DEFAULT_CONSUL_DIRECTORY="${HOME}/bin" +DEFAULT_CONSUL_DIRECTORY="${HOME}/.local/bin" HVAC_CONSUL_VERSION="${1:-$DEFAULT_CONSUL_VERSION}" HVAC_CONSUL_DIRECTORY="${2:-$DEFAULT_CONSUL_DIRECTORY}" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/tests/scripts/install-vault.sh new/hvac-0.10.8/tests/scripts/install-vault.sh --- old/hvac-0.10.6/tests/scripts/install-vault.sh 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/tests/scripts/install-vault.sh 2021-02-08 16:37:19.000000000 +0100 @@ -3,7 +3,7 @@ DEFAULT_VAULT_VERSION="1.5.0" DEFAULT_VAULT_LICENSE="oss" -DEFAULT_VAULT_DIRECTORY="${HOME}/bin" +DEFAULT_VAULT_DIRECTORY="${HOME}/.local/bin" HVAC_VAULT_VERSION="${1:-$DEFAULT_VAULT_VERSION}" HVAC_VAULT_LICENSE="${2:-$DEFAULT_VAULT_LICENSE}" HVAC_VAULT_DIRECTORY="${3:-$DEFAULT_VAULT_DIRECTORY}" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hvac-0.10.6/tox.ini new/hvac-0.10.8/tox.ini --- old/hvac-0.10.6/tox.ini 2020-12-18 00:12:44.000000000 +0100 +++ new/hvac-0.10.8/tox.ini 2021-02-08 16:37:19.000000000 +0100 @@ -1,7 +1,3 @@ -[tox] -envlist = py{27,36,37}, flake8, doctest, docs -skip_missing_interpreters = true - [flake8] max-line-length = 160 exclude = @@ -11,34 +7,3 @@ .idea, venv, docs/ext - -[travis] -python = - 2.7: py27 - 3.6: py36, doctest - 3.7: py37, doctest - -[testenv] -commands = nosetests -s --with-coverage --cover-package=hvac --cover-html {posargs} - codecov -deps = -rrequirements.txt - -rrequirements-dev.txt -passenv = CI TRAVIS TRAVIS_* HVAC_* - -[testenv:flake8] -deps = flake8 -commands = flake8 {posargs} - -[testenv:docs] -commands = make html -deps = {[testenv]deps} - -r docs/requirements.txt -changedir = docs -whitelist_externals = make - -[testenv:doctest] -commands = make doctest -deps = {[testenv:docs]deps} -changedir = {[testenv:docs]changedir} -whitelist_externals = {[testenv:docs]whitelist_externals} -passenv = {[testenv]passenv}
