New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(Config
): read from QubesDB if available; otherwise from environment variables
#1883
base: main
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is really great, I think it demonstrates the value in this approach pretty well
44cd324 gives a naïve wrapper script user@sd:~/securedrop-client$ ./with-qubesdb -h
usage: with-qubesdb [-h] [-k KEY]
Use -k/--key one or more times to read the specified key from QubesDB. All subsequent
arguments will be interpreted as the command to be invoked with those keys set as
environment variables.
optional arguments:
-h, --help show this help message and exit
-k KEY, --key KEY
user@sd:~/securedrop-client$ ./with-qubesdb -k SD_PROXY_ORIGIN env
SD_PROXY_ORIGIN=foobar
user@sd:~/securedrop-client$ ./with-qubesdb -k SD_PROXY_ORIGIN -k NONESUCH env
SD_PROXY_ORIGIN=foobar
NONESUCH= My claim is that with user@sd:~/securedrop-client$ cat > i-know-this-isnt-a-real-tor-config.json <<EOF
{"hidsrv": "\${SD_PROXY_ORIGIN}"}
EOF
user@sd:~/securedrop-client$ cat i-know-this-isnt-a-real-tor-config.json | ./with-qubesdb -k SD_PROXY_ORIGIN envsubst
{"hidsrv": "foobar"} |
I'm not opposed to envsubst but I don't really see the advantage of using it - in the with-qubesdb script, couldn't we use something like basic Python string formatting (or even jinja2) and avoid the indirection of setting things in the environment? The changes you made to the QubesDB usage in the client LGTM. |
On Mon, Mar 11, 2024 at 08:23:59AM -0700, Kunal Mehta wrote:
I'm not opposed to envsubst but I don't really see the advantage of
using it - in the with-qubesdb script, couldn't we use something like
basic Python string formatting (or even jinja2) and avoid the
indirection of setting things in the environment?
Perhaps my twelve-factor bias is showing here: I'd much rather use the
environment, which is scoped because ephemeral, than deal with files.
The counterargument is that scoping the environment this way puts us in
subprocess territory, whereas if we deal with files we can just write
them and get out of the way. :-) Forthcoming....
|
At c1734bf: user@sd:~/securedrop-client$ cat > i-know-this-isnt-a-real-tor-config.json.jinja2 <<EOF
> {"hidsrv": "{{ SD_PROXY_ORIGIN }}"}
> EOF
user@sd:~/securedrop-client$ ./with-qubesdb -k SD_PROXY_ORIGIN i-know-this-isnt-a-real-tor-config.json.jinja2 i-know-this-isnt-a-real-tor-config.json
user@sd:~/securedrop-client$ cat i-know-this-isnt-a-real-tor-config.json
{"hidsrv": "foobar"} |
@@ -86,7 +87,7 @@ def __init__(self, sdc_home: str, session_maker: scoped_session, is_qubes: bool) | |||
self.is_qubes = is_qubes | |||
self.session_maker = session_maker | |||
|
|||
config = Config.from_home_dir(self.sdc_home) | |||
config: Any = Config.load() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@legoktm, do you see a way around the Any
annotation here if Config
is populated via setattr()
?
Rebased from |
3d334ef
to
da587b7
Compare
…ent variables This has the nice side effect of simplifying tests: we have to care only about getting the values we expect, not about whether certain files are in the right place, have the right contents, &c.
…ailable We have so few items that it's not a big deal to do this in each iteration of the loop. But this is more elegant anyway. thread: https://github.com/freedomofpress/securedrop-client/pull/1883/files#r1508504213
It's not very happy with some of the code, but that's another issue...
Status
Work in progress
Description
Updates the Client for compatibility with freedomofpress/securedrop-workstation#956.
vm-config.*
features securedrop-workstation#956Blocked on Poetry fails withsystem-site-packages
on bullseye #1882main
Test Plan
Checklist
If these changes modify code paths involving cryptography, the opening of files in VMs or network (via the RPC service) traffic, Qubes testing in the staging environment is required. For fine tuning of the graphical user interface, testing in any environment in Qubes is required. Please check as applicable:
If these changes add or remove files other than client code, the AppArmor profile may need to be updated. Please check as applicable:
If these changes modify the database schema, you should include a database migration. Please check as applicable:
main
and confirmed that the migration is self-contained and applies cleanlymain
and would like the reviewer to do so