Write new secret manager using existing RSA logic

2025-06-22 17:17:56 +02:00
parent 5985a726e3
commit 82ec7fabb4
34 changed files with 2042 additions and 640 deletions
--- a/packages/sshecret-admin/migrations/env.py
+++ b/packages/sshecret-admin/migrations/env.py
@ -1,11 +1,11 @@
 import os
 from logging.config import fileConfig

-from sqlalchemy import engine_from_config
-from sqlalchemy import pool
+from sqlalchemy import Engine, engine_from_config, pool, create_engine

 from alembic import context
 from sshecret_admin.auth.models import Base
+from sshecret_admin.core.settings import AdminServerSettings

 # this is the Alembic Config object, which provides
 # access to the values within the .ini file in use.
@ -14,9 +14,30 @@ config = context.config

 def get_database_url() -> str | None:
    """Get database URL."""
-    if db_file := os.getenv("SSHECRET_ADMIN_DATABASE"):
-        return f"sqlite:///{db_file}"
-    return config.get_main_option("sqlalchemy.url")
+    try:
+        settings = AdminServerSettings()  # pyright: ignore[reportCallIssue]
+        return str(settings.admin_db)
+    except Exception:
+        if db_file := os.getenv("SSHECRET_ADMIN_DATABASE"):
+            return f"sqlite:///{db_file}"
+        return config.get_main_option("sqlalchemy.url")
+
+
+def get_engine() -> Engine:
+    """Get engine."""
+    try:
+        settings = AdminServerSettings()  # pyright: ignore[reportCallIssue]
+        engine = create_engine(settings.admin_db)
+        return engine
+    except Exception:
+        connectable = engine_from_config(
+            config.get_section(config.config_ini_section, {}),
+            prefix="sqlalchemy.",
+            poolclass=pool.NullPool,
+        )
+        return connectable
+
+


 # Interpret the config file for Python logging.
@ -68,12 +89,7 @@ def run_migrations_online() -> None:
    and associate a connection with the context.

    """
-    connectable = engine_from_config(
-        config.get_section(config.config_ini_section, {}),
-        prefix="sqlalchemy.",
-        poolclass=pool.NullPool,
-    )
-
+    connectable = get_engine()
    with connectable.connect() as connection:
        context.configure(
            connection=connection, target_metadata=target_metadata, render_as_batch=True