feat(Config): read from QubesDB if available; otherwise from environment variables
#1883
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
3 tasks
legoktm
reviewed
Mar 1, 2024
|
44cd324 gives a naïve wrapper script user@sd:~/securedrop-client$ ./with-qubesdb -h
usage: with-qubesdb [-h] [-k KEY]
Use -k/--key one or more times to read the specified key from QubesDB. All subsequent
arguments will be interpreted as the command to be invoked with those keys set as
environment variables.
optional arguments:
-h, --help show this help message and exit
-k KEY, --key KEY
user@sd:~/securedrop-client$ ./with-qubesdb -k SD_PROXY_ORIGIN env
SD_PROXY_ORIGIN=foobar
user@sd:~/securedrop-client$ ./with-qubesdb -k SD_PROXY_ORIGIN -k NONESUCH env
SD_PROXY_ORIGIN=foobar
NONESUCH=My claim is that with user@sd:~/securedrop-client$ cat > i-know-this-isnt-a-real-tor-config.json <<EOF
{"hidsrv": "\${SD_PROXY_ORIGIN}"}
EOF
user@sd:~/securedrop-client$ cat i-know-this-isnt-a-real-tor-config.json | ./with-qubesdb -k SD_PROXY_ORIGIN envsubst
{"hidsrv": "foobar"} |
|
I'm not opposed to envsubst but I don't really see the advantage of using it - in the with-qubesdb script, couldn't we use something like basic Python string formatting (or even jinja2) and avoid the indirection of setting things in the environment? The changes you made to the QubesDB usage in the client LGTM. |
legoktm
reviewed
Mar 11, 2024
|
On Mon, Mar 11, 2024 at 08:23:59AM -0700, Kunal Mehta wrote:
I'm not opposed to envsubst but I don't really see the advantage of
using it - in the with-qubesdb script, couldn't we use something like
basic Python string formatting (or even jinja2) and avoid the
indirection of setting things in the environment?
Perhaps my twelve-factor bias is showing here: I'd much rather use the
environment, which is scoped because ephemeral, than deal with files.
The counterargument is that scoping the environment this way puts us in
subprocess territory, whereas if we deal with files we can just write
them and get out of the way. :-) Forthcoming....
|
|
At c1734bf: user@sd:~/securedrop-client$ cat > i-know-this-isnt-a-real-tor-config.json.jinja2 <<EOF
> {"hidsrv": "{{ SD_PROXY_ORIGIN }}"}
> EOF
user@sd:~/securedrop-client$ ./with-qubesdb -k SD_PROXY_ORIGIN i-know-this-isnt-a-real-tor-config.json.jinja2 i-know-this-isnt-a-real-tor-config.json
user@sd:~/securedrop-client$ cat i-know-this-isnt-a-real-tor-config.json
{"hidsrv": "foobar"} |
cfm
commented
Apr 3, 2024
| @@ -86,7 +87,7 @@ def __init__(self, sdc_home: str, session_maker: scoped_session, is_qubes: bool) | |||
| self.is_qubes = is_qubes | |||
| self.session_maker = session_maker | |||
|
|
|||
| config = Config.from_home_dir(self.sdc_home) | |||
| config: Any = Config.load() | |||
There was a problem hiding this comment.
@legoktm, do you see a way around the Any annotation here if Config is populated via setattr()?
|
Rebased from |
cfm
force-pushed
the
sdw-936-vm-config
branch
2 times, most recently
from
3d334ef
to
da587b7
Compare
…ent variables This has the nice side effect of simplifying tests: we have to care only about getting the values we expect, not about whether certain files are in the right place, have the right contents, &c.
…ailable We have so few items that it's not a big deal to do this in each iteration of the loop. But this is more elegant anyway. thread: https://github.com/freedomofpress/securedrop-client/pull/1883/files#r1508504213
It's not very happy with some of the code, but that's another issue...
Merged
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Status
Work in progress
Description
Updates the Client for compatibility with freedomofpress/securedrop-workstation#956.
vm-config.*features securedrop-workstation#956Blocked on Poetry fails withsystem-site-packageson bullseye #1882mainTest Plan
Checklist
If these changes modify code paths involving cryptography, the opening of files in VMs or network (via the RPC service) traffic, Qubes testing in the staging environment is required. For fine tuning of the graphical user interface, testing in any environment in Qubes is required. Please check as applicable:
If these changes add or remove files other than client code, the AppArmor profile may need to be updated. Please check as applicable:
If these changes modify the database schema, you should include a database migration. Please check as applicable:
mainand confirmed that the migration is self-contained and applies cleanlymainand would like the reviewer to do so