requested sink changes

varonix0 · varonix0 · commit f10e6fb3fc7c · 2025-04-03T08:54:50.000+04:00
diff --git a/.gitignore b/.gitignore
@@ -67,3 +67,5 @@ target/
 
 # IDEs
 .idea
+
+.env
diff --git a/sink/.env.example b/sink/.env.example
@@ -0,0 +1,6 @@
+SECRETS_PROJECT_ID=<secrets-project-id>
+SECRETS_ENVIRONMENT_SLUG=<secrets-environment-slug>
+MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_ID=<machine-identity-universal-auth-client-id>
+MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_SECRET=<machine-identity-universal-auth-client-secret>
+SITE_URL=<site-url>
+KMS_PROJECT_ID=<kms-project-id>
diff --git a/sink/cache_deletion_test.py b/sink/cache_deletion_test.py
@@ -0,0 +1,78 @@
+from infisical_sdk import InfisicalSDKClient
+import time
+import os
+import random
+import string
+
+
+def loadEnvVarsFromFileIntoEnv():
+  d = dict()
+  with open("./.env", "r") as fp:
+      for line in fp:
+          line = line.strip()
+          if line and not line.startswith("#"):
+            line = line.split("=", 1)
+            d[line[0]] = line[1]
+
+  for key, value in d.items():
+    os.environ[key] = value
+
+loadEnvVarsFromFileIntoEnv()
+
+SECRETS_PROJECT_ID = os.getenv("SECRETS_PROJECT_ID")
+SECRETS_ENVIRONMENT_SLUG = os.getenv("SECRETS_ENVIRONMENT_SLUG")
+
+MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_ID = os.getenv("MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_ID")
+MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_SECRET = os.getenv("MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_SECRET")
+SITE_URL = os.getenv("SITE_URL")
+
+cache_enabled_client = InfisicalSDKClient(host=SITE_URL, cache_ttl=10)
+cache_enabled_client.auth.universal_auth.login(MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_ID, MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_SECRET)
+
+
+time_start_cache_disabled = time.time()
+
+def randomStringNoSpecialChars(length: int = 10) -> str:
+    return ''.join(random.choices(string.ascii_letters + string.digits, k=length))
+
+created_sec = cache_enabled_client.secrets.create_secret_by_name(
+    secret_name=f"TEST_{randomStringNoSpecialChars()}",
+    project_id=SECRETS_PROJECT_ID,
+    environment_slug=SECRETS_ENVIRONMENT_SLUG,
+    secret_path="/",
+    secret_value=f"secret_value_{randomStringNoSpecialChars()}",
+)
+
+
+single_secret_cached = cache_enabled_client.secrets.get_secret_by_name(
+    secret_name=created_sec.secretKey,
+    project_id=SECRETS_PROJECT_ID,
+    environment_slug=SECRETS_ENVIRONMENT_SLUG,
+    secret_path="/",
+    expand_secret_references=True,
+    include_imports=True)
+
+print(single_secret_cached)
+
+
+deleted_secret = cache_enabled_client.secrets.delete_secret_by_name(
+    secret_name=created_sec.secretKey,
+    project_id=SECRETS_PROJECT_ID,
+    environment_slug=SECRETS_ENVIRONMENT_SLUG,
+    secret_path="/",
+)
+
+print(deleted_secret)
+
+# Should error
+try:
+    single_secret_cached = cache_enabled_client.secrets.get_secret_by_name(
+        secret_name=created_sec.secretKey,
+        project_id=SECRETS_PROJECT_ID,
+        environment_slug=SECRETS_ENVIRONMENT_SLUG,
+        secret_path="/",
+        expand_secret_references=True,
+        include_imports=True)
+except Exception as e:
+    print(e)
+    print("Good, we errored as expected!")
diff --git a/sink/cache_expire_test.py b/sink/cache_expire_test.py
@@ -1,13 +1,28 @@
 from infisical_sdk import InfisicalSDKClient
 
 import time
+import os
 
-SECRETS_PROJECT_ID = "8770e386-6392-4bfa-a377-a1e2d981668a"
-SECRETS_ENVIRONMENT_SLUG = "dev"
+def loadEnvVarsFromFileIntoEnv():
+  d = dict()
+  with open("./.env", "r") as fp:
+      for line in fp:
+          line = line.strip()
+          if line and not line.startswith("#"):
+            line = line.split("=", 1)
+            d[line[0]] = line[1]
 
-MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_ID = "<client-id>"
-MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_SECRET = "<client-secret>"
-SITE_URL = "http://localhost:8080"
+  for key, value in d.items():
+    os.environ[key] = value
+
+loadEnvVarsFromFileIntoEnv()
+
+SECRETS_PROJECT_ID = os.getenv("SECRETS_PROJECT_ID")
+SECRETS_ENVIRONMENT_SLUG = os.getenv("SECRETS_ENVIRONMENT_SLUG")
+
+MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_ID = os.getenv("MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_ID")
+MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_SECRET = os.getenv("MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_SECRET")
+SITE_URL = os.getenv("SITE_URL")
 
 cache_enabled_client = InfisicalSDKClient(host=SITE_URL, cache_ttl=10)
 cache_enabled_client.auth.universal_auth.login(MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_ID, MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_SECRET)
diff --git a/sink/cache_test.py b/sink/cache_test.py
@@ -1,12 +1,28 @@
 from infisical_sdk import InfisicalSDKClient
 import time
+import os
 
-SECRETS_PROJECT_ID = "8770e386-6392-4bfa-a377-a1e2d981668a"
-SECRETS_ENVIRONMENT_SLUG = "dev"
 
-MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_ID = "<client-id>"
-MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_SECRET = "<client-secret>"
-SITE_URL = "http://localhost:8080"
+def loadEnvVarsFromFileIntoEnv():
+  d = dict()
+  with open("./.env", "r") as fp:
+      for line in fp:
+          line = line.strip()
+          if line and not line.startswith("#"):
+            line = line.split("=", 1)
+            d[line[0]] = line[1]
+
+  for key, value in d.items():
+    os.environ[key] = value
+
+loadEnvVarsFromFileIntoEnv()
+
+SECRETS_PROJECT_ID = os.getenv("SECRETS_PROJECT_ID")
+SECRETS_ENVIRONMENT_SLUG = os.getenv("SECRETS_ENVIRONMENT_SLUG")
+
+MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_ID = os.getenv("MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_ID")
+MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_SECRET = os.getenv("MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_SECRET")
+SITE_URL = os.getenv("SITE_URL")
 
 cache_disabled_client = InfisicalSDKClient(host=SITE_URL, cache_ttl=None)
 cache_disabled_client.auth.universal_auth.login(MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_ID, MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_SECRET)
diff --git a/sink/example.py b/sink/example.py
@@ -2,18 +2,36 @@
 
 import random
 import base64
+import os
 import string
 
-sdkInstance = InfisicalSDKClient(host="http://localhost:8080")
+def loadEnvVarsFromFileIntoEnv():
+  d = dict()
+  with open("./.env", "r") as fp:
+      for line in fp:
+          line = line.strip()
+          if line and not line.startswith("#"):
+            line = line.split("=", 1)
+            d[line[0]] = line[1]
 
-MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_ID = "<client-id>"
-MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_SECRET = "<client-secret>"
+  for key, value in d.items():
+    os.environ[key] = value
 
-sdkInstance.auth.universal_auth.login(MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_ID, MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_SECRET)
+loadEnvVarsFromFileIntoEnv()
+
+sdkInstance = InfisicalSDKClient(host=os.getenv("SITE_URL"))
+
+
+SECRETS_PROJECT_ID = os.getenv("SECRETS_PROJECT_ID")
+KMS_PROJECT_ID = os.getenv("KMS_PROJECT_ID")
+SECRETS_ENVIRONMENT_SLUG = os.getenv("SECRETS_ENVIRONMENT_SLUG")
 
-SECRETS_PROJECT_ID = "8770e386-6392-4bfa-a377-a1e2d981668a"
-SECRETS_ENVIRONMENT_SLUG = "staging"
-KMS_PROJECT_ID = "c54edf7a-f861-4131-afdc-b0ad5faec5dc"
+MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_ID = os.getenv("MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_ID")
+MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_SECRET = os.getenv("MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_SECRET")
+SITE_URL = os.getenv("SITE_URL")
+
+
+sdkInstance.auth.universal_auth.login(MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_ID, MACHINE_IDENTITY_UNIVERSAL_AUTH_CLIENT_SECRET)
 
 
 def random_string(length: int = 10) -> str:
@@ -75,6 +93,8 @@ def random_string(length: int = 10) -> str:
     include_imports=True
 )
 
+
+all_secrets.secrets = [secret for secret in all_secrets.secrets if secret.secretKey != "TEST"]
 if len(all_secrets.secrets) != 1:
     raise Exception("Expected 1 secret, got {}".format(len(all_secrets.secrets)))
 

-Original file line number
+Diff line change
 # IDEs
 .idea
++
 +.env