feat(script): Decrypt an example GPG-encrypted file

2025-03-02 20:54:37 +01:00 · 2025-03-02 20:54:37 +01:00 · f68fad468e
commit f68fad468e
parent 3878fd841b
1 changed files with 13 additions and 13 deletions
--- a/main.py
+++ b/main.py
@ -2,8 +2,14 @@
 import atexit
 import json
 import logging.config
+import os
 import pathlib

+import gnupg
+from rich.traceback import install
+
+install(show_locals=True)
+
 logger = logging.getLogger("vm_management")


@ -21,19 +27,13 @@ def setup_logging():

 def main():
    setup_logging()
-    logger.debug("Logging configured")
-    logger.info("Logging configured")
-    logger.warning("Logging configured")
-    logger.error("Logging configured")
-    logger.critical("Logging configured")
-
-    # ä gnupg = gnupg.GPG()
-    # logging.basicConfig(level=logging.INFO)
-
-    # gpg = gnupg.GPG(gnupghome="~/.gnupg", verbose=True)
-    # gpg.encoding="utf-8"
-    # with open("~/Downloads/hashicorp_vault_token.gpg", "r") as file:
-    #    # secret = file.read()
+    gnupg_home = os.path.expanduser("~/.gnupg")
+    gpg = gnupg.GPG(gnupghome=gnupg_home)
+    gpg.encoding = "utf-8"
+    vault_secret_file = os.path.expanduser("~/Downloads/hashicorp_vault_token.gpg")
+    with open(vault_secret_file, "rb") as vault_secret_file:
+        vault_secret = gpg.decrypt_file(vault_secret_file, passphrase="pw")
+        logger.debug("vault secret: %s", vault_secret)


 if __name__ == "__main__":