Release v1.0.0

services/backend/ops/metal/secrets/__init__.py

@@ -0,0 +1 @@
+# type: ignore

services/backend/ops/metal/secrets/admin.py

@@ -0,0 +1,27 @@
+# -*- coding: utf-8 -*-
+# type: ignore
+from __future__ import annotations
+
+from keep_it_secret import LiteralField, SecretsField
+
+from hotpocket_backend.secrets.admin import AdminSecrets
+
+# isort: off
+from .common import (
+    MetalCelerySecrets,
+    MetalDatabaseSecrets,
+    MetalOIDCSecrets,
+)
+# isort: on
+
+
+class MetalAdminSecrets(AdminSecrets):
+    SECRET_KEY: str = LiteralField.new('thisisntright')
+
+    DATABASE: MetalDatabaseSecrets = SecretsField.new(MetalDatabaseSecrets)
+    CELERY: MetalCelerySecrets = SecretsField.new(MetalCelerySecrets)
+
+    OIDC: MetalOIDCSecrets = SecretsField.new(MetalOIDCSecrets)
+
+
+__secrets__ = MetalAdminSecrets()

services/backend/ops/metal/secrets/common.py

@@ -0,0 +1,54 @@
+# -*- coding: utf-8 -*-
+# type: ignore
+from __future__ import annotations
+
+import json
+import os
+
+from keep_it_secret import EnvField, LiteralField
+
+from hotpocket_backend.secrets.base import (
+    CelerySecrets,
+    DatabaseSecrets,
+    OIDCSecrets,
+)
+
+
+class MetalDatabaseSecrets(DatabaseSecrets):
+    payload: str = LiteralField.new(
+        json.dumps({
+            'engine': os.getenv('HOTPOCKET_BACKEND_DATABASE_ENGINE', 'django.db.backends.postgresql'),
+            'name': os.getenv('HOTPOCKET_BACKEND_DATABASE_NAME', 'hotpocket'),
+            'user': os.getenv('HOTPOCKET_BACKEND_DATABASE_USER', 'hotpocket'),
+            'password': os.getenv('HOTPOCKET_BACKEND_DATABASE_PASSWORD', 'hotpocketm4st3r'),
+            'host': os.getenv('HOTPOCKET_BACKEND_DATABASE_HOST', 'postgres.hotpocket.work.bthlabs.net'),
+            'port': os.getenv('HOTPOCKET_BACKEND_DATABASE_PORT', '5432'),
+        }),
+    )
+
+
+class MetalOIDCSecrets(OIDCSecrets):
+    payload: str = LiteralField.new(
+        json.dumps({
+            'endpoint': os.getenv(
+                'HOTPOCKET_OIDC_ENDPOINT',
+                'https://auth.hotpocket.work.bthlabs.net:8443/realms/hotpocket-development',
+            ),
+            'key': os.getenv('HOTPOCKET_OID_KEY', 'hotpocket-backend'),
+            'secret': os.getenv('HOTPOCKET_OIDC_SECRET', 'eAIhyioDjtlbUJnehIEzKt6ONQtMNs1P'),
+            'display_name': 'auth.hotpocket.work',
+        }),
+    )
+
+
+class MetalCelerySecrets(CelerySecrets):
+    broker_url: str = EnvField.new(
+        'HOTPOCKET_BACKEND_CELERY_BROKER_URL',
+        default='amqp://hotpocket:hotpocketm4st3r@rabbitmq.hotpocket.work.bthlabs.net/hotpocket',
+        required=False,
+    )
+    result_backend: str = EnvField.new(
+        'HOTPOCKET_BACKEND_CELERY_RESULT_BACKEND',
+        default='db+postgresql+psycopg://hotpocket:hotpocketm4st3r@postgres.hotpocket.work.bthlabs.net/hotpocket',
+        required=False,
+    )

services/backend/ops/metal/secrets/webapp.py

@@ -0,0 +1,27 @@
+# -*- coding: utf-8 -*-
+# type: ignore
+from __future__ import annotations
+
+from keep_it_secret import LiteralField, SecretsField
+
+from hotpocket_backend.secrets.webapp import WebAppSecrets
+
+# isort: off
+from .common import (
+    MetalCelerySecrets,
+    MetalDatabaseSecrets,
+    MetalOIDCSecrets,
+)
+# isort: on
+
+
+class MetalWebAppSecrets(WebAppSecrets):
+    SECRET_KEY: str = LiteralField.new('thisisntright')
+
+    DATABASE: MetalDatabaseSecrets = SecretsField.new(MetalDatabaseSecrets)
+    CELERY: MetalCelerySecrets = SecretsField.new(MetalCelerySecrets)
+
+    OIDC: MetalOIDCSecrets = SecretsField.new(MetalOIDCSecrets)
+
+
+__secrets__ = MetalWebAppSecrets()