D7net
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
opt
/
saltstack
/
salt
/
lib
/
python3.10
/
site-packages
/
salt
/
pillar
/
Filename :
sqlcipher.py
back
Copy
""" Retrieve Pillar data by running a SQLCipher query .. versionadded:: 2016.3.0 Python SQLCipher support is provided by the pysqlcipher Python package. You need this module installed to query Pillar data from a SQLCipher database. This module is a concrete implementation of the sql_base ext_pillar for SQLCipher. :maturity: new :depends: pysqlcipher (for py2) or pysqlcipher3 (for py3) :platform: all Configuring the sqlcipher ext_pillar ==================================== Use the 'sqlcipher' key under ext_pillar for configuration of queries. SQLCipher database connection configuration requires the following values configured in the master config: * ``sqlcipher.database`` - The SQLCipher database to connect to. Defaults to ``'/var/lib/salt/pillar-sqlcipher.db'``. * ``sqlcipher.pass`` - The SQLCipher database decryption password. * ``sqlcipher.timeout`` - The connection timeout in seconds. Example configuration .. code-block:: yaml sqlcipher: database: /var/lib/salt/pillar-sqlcipher.db pass: strong_pass_phrase timeout: 5.0 Complete Example ================ .. code-block:: yaml sqlcipher: database: '/var/lib/salt/pillar-sqlcipher.db' pass: strong_pass_phrase timeout: 5.0 ext_pillar: - sqlcipher: fromdb: query: 'SELECT col1,col2,col3,col4,col5,col6,col7 FROM some_random_table WHERE minion_pattern LIKE ?' depth: 5 as_list: True with_lists: [1,3] """ import logging from contextlib import contextmanager from salt.pillar.sql_base import SqlBaseExtPillar # Set up logging log = logging.getLogger(__name__) try: from pysqlcipher import dbapi2 as sqlcipher HAS_SQLCIPHER = True except ImportError: HAS_SQLCIPHER = False def __virtual__(): if not HAS_SQLCIPHER: return False return True class SQLCipherExtPillar(SqlBaseExtPillar): """ This class receives and processes the database rows from SQLCipher. """ @classmethod def _db_name(cls): return "SQLCipher" def _get_options(self): """ Returns options used for the SQLCipher connection. """ defaults = { "database": "/var/lib/salt/pillar-sqlcipher.db", "pass": "strong_pass_phrase", "timeout": 5.0, } _options = {} _opts = __opts__.get("sqlcipher", {}) for attr in defaults: if attr not in _opts: log.debug("Using default for SQLCipher pillar %s", attr) _options[attr] = defaults[attr] continue _options[attr] = _opts[attr] return _options @contextmanager def _get_cursor(self): """ Yield a SQLCipher cursor """ _options = self._get_options() conn = sqlcipher.connect( _options.get("database"), timeout=float(_options.get("timeout")) ) conn.execute('pragma key="{}"'.format(_options.get("pass"))) cursor = conn.cursor() try: yield cursor except sqlcipher.Error as err: log.exception("Error in ext_pillar SQLCipher: %s", err.args) finally: conn.close() def ext_pillar(minion_id, pillar, *args, **kwargs): """ Execute queries against SQLCipher, merge and return as a dict """ return SQLCipherExtPillar().fetch(minion_id, pillar, *args, **kwargs)