Release v3.0.0: New features: db-engine, kubernetes auth, delete kv2 …

…secret, fix vulnerabilities and refactoring of module structure (#48) ## v3.0.0 - 2024-06-12 ### What's Changed **Full Changelog**: v2.0.4...v3.0.0 by @obervinov in #48 #### 💥 Breaking Changes * Changed environment variables. More details in the https://github.com/obervinov/vault-package/blob/v3.0.0/DEPRECATED.md * Changed general class `VaultClient` incoming parameters. More details in the https://github.com/obervinov/vault-package/blob/v3.0.0/vault/client.py#L29-L89 * Decomposition of one overloaded `VaultClient` class into several smaller classes responsible for their own aspect of interaction with vault. More details in the https://github.com/obervinov/vault-package/blob/v3.0.0/DEPRECATED.md * Remove outdated methods and classes. More details in the https://github.com/obervinov/vault-package/blob/v3.0.0/DEPRECATED.md #### 📚 Documentation * Update `*.md` templates for issues and pull requests * Update documentation for the new version of the module * Add `DEPRECATED.md` with information about deprecated methods and classes #### 🚀 Features * https://github.com/obervinov/vault-package/security/dependabot/1 * https://github.com/obervinov/vault-package/security/dependabot/2 * #46 * #38 * #32 * #39
obervinov · Jun 12, 2024 · 73b8d04 · 73b8d04
1 parent 54a312b
commit 73b8d04
Show file tree

Hide file tree

Showing 30 changed files with 1,328 additions and 1,030 deletions.
diff --git a/.flake8 b/.flake8
@@ -1,4 +1,4 @@
 [flake8]
-max-line-length=100
+max-line-length=170
 exclude = .git,__pycache__
 extend-ignore =
diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -1,38 +1,35 @@
 ---
 name: Bug report
-about: Create a report to help us improve
-title: ''
-labels: ''
-assignees: ''
+about: Create a bug report to help us improve
+title: 'Bug: <describe>'
+labels: 'bug' 
+assignees: 'obervinov'
 
 ---
+**Choose the component of the module where the bug is located**
+- [ ] KV2 Engine
+- [ ] DB Engine
+- [ ] Authentication in Vault
 
 **Describe the bug**
-A clear and concise description of what the bug is.
+Not working <describe> in <class> as expected.
+Log link: [link](<paste here>)
+Error message:
+```bash
+<error message>
+```
 
-**To Reproduce**
-Steps to reproduce the behavior:
-1. Go to '...'
-2. Click on '....'
-3. Scroll down to '....'
-4. See error
+**Additional context**
+- Vault version: <version>
+- Module version: <version>
+- Auth method: <method one of: token, approle, kubernetes>
+- Engine: <engine one of: kv2, db>
 
-**Expected behavior**
-A clear and concise description of what you expected to happen.
+**Possible correction**
+If you have a possible solution to the bug, please describe it.
 
 **Screenshots**
 If applicable, add screenshots to help explain your problem.
 
-**Desktop (please complete the following information):**
- - OS: [e.g. iOS]
- - Browser [e.g. chrome, safari]
- - Version [e.g. 22]
-
-**Smartphone (please complete the following information):**
- - Device: [e.g. iPhone6]
- - OS: [e.g. iOS8.1]
- - Browser [e.g. stock browser, safari]
- - Version [e.g. 22]
-
-**Additional context**
-Add any other context about the problem here.
+**Check list after fixing the bug**
+- [ ] Fix 1 in workflow 1 tested and working
diff --git a/.github/ISSUE_TEMPLATE/custom.md b/.github/ISSUE_TEMPLATE/custom.md
@@ -1,9 +1,9 @@
 ---
 name: Custom issue template
 about: Describe this issue template's purpose here.
-title: ''
-labels: ''
-assignees: ''
+title: 'Custom issue: <description>'
+labels: 'help wanted'
+assignees: 'obervinov'
 
 ---
 

diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -1,9 +1,9 @@
 ---
 name: Feature request
-about: Suggest an idea for this project
-title: ''
-labels: ''
-assignees: ''
+about: Suggest an idea for this module
+title: 'Feature request: <description>'
+labels: 'enhancement'
+assignees: 'obervinov'
 
 ---
 

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -9,3 +9,7 @@ updates:
     directory: "/"
     schedule:
       interval: "weekly"
+  - package-ecosystem: "github-actions"
+    directory: "/workflows"
+    schedule:
+      interval: "weekly"
diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
@@ -1,16 +1,19 @@
-# PR-1: NAME
-## VERSION - YYYY-MM-DD
+---
+name: 'Pull request'
+about: Create a release to help us improve
+title: 'Release <version>: <description>'
+labels: ''
+assignees: 'obervinov'
+
+---
+## <version> - <YYYY-MM-DD>
 ### What's Changed
-**full changelog**: https://github.com/obervinov/vault-package/compare/1...2 by @ obervinov https://github.com/obervinov/vault-package/pull/1
+**Full Changelog**: https://github.com/obervinov/vault-package/compare/1...2 by @obervinov in https://github.com/obervinov/vault-package/pull/1
 #### 🐛 Bug Fixes
 * 
-* 
 #### 📚 Documentation
 * 
-* 
 #### 💥 Breaking Changes
 * 
-* 
 #### 🚀 Features
-* 
-* 
+* 
diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml
@@ -10,13 +10,17 @@ on:
 
 jobs:
   changelog:
-    uses: obervinov/_templates/.github/workflows/changelog.yaml@v1.0.13
+    uses: obervinov/_templates/.github/workflows/changelog.yaml@v1.2.6
 
   pylint:
-    uses: obervinov/_templates/.github/workflows/pylint.yaml@v1.0.13
+    uses: obervinov/_templates/.github/workflows/pylint.yaml@v1.2.6
 
   pytest:
-    uses: obervinov/_templates/.github/workflows/pytest-with-vault.yaml@v1.0.13
+    uses: obervinov/_templates/.github/workflows/pytest-with-vault.yaml@v1.2.6
 
   pyproject:
-    uses: obervinov/_templates/.github/workflows/pyproject.yaml@v1.0.13
+    uses: obervinov/_templates/.github/workflows/pyproject.yaml@v1.2.6
+
+  pr:
+    uses: obervinov/_templates/.github/workflows/pr.yaml@v1.2.6
+    needs: [changelog, pylint, pytest, pyproject]
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -9,17 +9,17 @@ on:
 
 jobs:
   changelog:
-    uses: obervinov/_templates/.github/workflows/changelog.yaml@v1.0.13
+    uses: obervinov/_templates/.github/workflows/changelog.yaml@v1.2.6
 
   pylint:
-    uses: obervinov/_templates/.github/workflows/pylint.yaml@v1.0.13
+    uses: obervinov/_templates/.github/workflows/pylint.yaml@v1.2.6
 
   pytest:
-    uses: obervinov/_templates/.github/workflows/pytest-with-vault.yaml@v1.0.13
+    uses: obervinov/_templates/.github/workflows/pytest-with-vault.yaml@v1.2.6
 
   pyproject:
-    uses: obervinov/_templates/.github/workflows/pyproject.yaml@v1.0.13
+    uses: obervinov/_templates/.github/workflows/pyproject.yaml@v1.2.6
 
   create-release:
-    uses: obervinov/_templates/.github/workflows/release.yaml@v1.0.13
+    uses: obervinov/_templates/.github/workflows/release.yaml@v1.2.6
     needs: [changelog, pylint, pytest, pyproject]
diff --git a/.pylintrc b/.pylintrc
@@ -330,7 +330,7 @@ indent-after-paren=4
 indent-string='    '
 
 # Maximum number of characters on a single line.
-max-line-length=100
+max-line-length=170
 
 # Maximum number of lines in a module.
 max-module-lines=1000

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -3,6 +3,27 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/) and this project adheres to [Semantic Versioning](http://semver.org/).
 
 
+## v3.0.0 - 2024-06-12
+### What's Changed
+**Full Changelog**: https://github.com/obervinov/vault-package/compare/v2.0.4...v3.0.0 by @obervinov in https://github.com/obervinov/vault-package/pull/48
+#### 💥 Breaking Changes
+* Changed environment variables. More details in the https://github.com/obervinov/vault-package/blob/v3.0.0/DEPRECATED.md
+* Changed general class `VaultClient()` incoming parameters. More details in the https://github.com/obervinov/vault-package/blob/v3.0.0/vault/client.py#L29-L89
+* Decomposition of one overloaded `VaultClient()` class into several smaller classes responsible for their own aspect of interaction with vault. More details in the https://github.com/obervinov/vault-package/blob/v3.0.0/DEPRECATED.md
+* Remove outdated methods and classes. More details in the https://github.com/obervinov/vault-package/blob/v3.0.0/DEPRECATED.md
+#### 📚 Documentation
+* Update `*.md` templates for issues and pull requests
+* Update documentation for the new version of the module
+* Add `DEPRECATED.md` with information about deprecated methods and classes
+#### 🚀 Features
+* [cryptography NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override ](https://github.com/obervinov/vault-package/security/dependabot/1)
+* [Internationalized Domain Names in Applications (IDNA) vulnerable to denial of service from specially crafted inputs to idna.encode](https://github.com/obervinov/vault-package/security/dependabot/2)
+* [Return `None` if the path does not exist when the `list_secrets()` method is called](https://github.com/obervinov/vault-package/issues/46)
+* [Add delete() method in class](https://github.com/obervinov/vault-package/issues/38)
+* [Add support for the database engine component](https://github.com/obervinov/vault-package/issues/32)
+* [Add support kubernetes auth](https://github.com/obervinov/vault-package/issues/39)
+
+
 ## v2.0.4 - 2024-02-07
 ### What's Changed
 **Full Changelog**: https://github.com/obervinov/vault-package/compare/v2.0.3...v2.0.4 by @obervinov in https://github.com/obervinov/vault-package/pull/43

diff --git a/DEPRECATED.md b/DEPRECATED.md
@@ -0,0 +1,25 @@
+# Deprecated Methods
+
+This document provides information about deprecated methods in the project.
+
+## Deprecated Methods
+
+| Method | Reason for Deprecation | Date of Deprecation | Alternative |
+| ------------------------------------ | ------------------------------------------------------------------------ | ------------------------------------ | -------------------------------------- |
+| `VaultClient.read_secret()` | Revising the code structure for easier scaling when adding new functions | Was removed in version `3.0.0` | `VaultClient.kv2engine.read_secret()` |
+| `VaultClient.write_secret()` | Revising the code structure for easier scaling when adding new functions | Was removed in version `3.0.0` | `VaultClient.kv2engine.write_secret()` |
+| `VaultClient.list_secrets()` | Revising the code structure for easier scaling when adding new functions | Was removed in version `3.0.0` | `VaultClient.kv2engine.list_secrets()` |
+| `VaultClient.get_env()` | Moved to `__init__` of the `VaultClient()` class and now works automatically to retrieve the necessary environment variables to run the module | Was removed in version `3.0.0` | `VaultClient()` |
+| `VaultClient.prepare_client_configurator()` | All functionality related to the configuration of a new vault instance has been removed from the module (as the preparation of infrastructures is not part of the concept of this module). | Was removed in version `3.0.0` | - |
+| `VaultClient.prepare_client_secrets()` | Moved to `__init__` of a separate subclass of KV2Engine() and now works automatically to retrieve the necessary environment variables to run the module | Was removed in version `3.0.0` | `KV2Engine()` |
+| `VaultClient.init_instance()` | All functionality related to the configuration of a new vault instance has been removed from the module (as the preparation of infrastructures is not part of the concept of this module). | Was removed in version `3.0.0` | - |
+| `VaultClient.create_namespace()` | All functionality related to the configuration of a new vault instance has been removed from the module (as the preparation of infrastructures is not part of the concept of this module). | Was removed in version `3.0.0` | - |
+| `VaultClient.create_policy()` | All functionality related to the configuration of a new vault instance has been removed from the module (as the preparation of infrastructures is not part of the concept of this module). | Was removed in version `3.0.0` | - |
+| `VaultClient.create_approle()` | All functionality related to the configuration of a new vault instance has been removed from the module (as the preparation of infrastructures is not part of the concept of this module). | Was removed in version `3.0.0` | - |
+
+## Deprecated Environment Variables
+
+| Variable            | Reason for Deprecation | Date of Deprecation | Alternative |
+| ------------------- | --------------------------------------------------------------------  | ------------------------------- | ---------------------- |
+| `VAULT_MOUNT_POINT` | The name of the variable has been changed to a more appropriate name  | Was replaced in version `3.0.0` | `VAULT_NAMESPACE` |
+| `VAULT_APPROLE_SECRETID` | A cosmetic change to keep the eye from twitching.                | Was replaced in version `3.0.0` | `VAULT_APPROLE_SECRET_ID` |
diff --git a/LICENSE b/LICENSE
@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2022 obervinov
+Copyright (c) 2024 obervinov
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal