Last active
September 22, 2024 12:48
-
-
Save superstes/c6e626d356131d87f52b238615cc1dd0 to your computer and use it in GitHub Desktop.
Python3 pass secrets over named-pipe
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # this is handy if you need to pass secrets between two processes | |
| # the secrets are not written to disk and can only be read once | |
| from os import mkfifo | |
| from pathlib import Path | |
| from os import remove as remove_file | |
| from threading import Thread | |
| def write_pipe_0600(file: (str, Path), content: str): | |
| mkfifo(file, mode=0o600) | |
| def pipe_writer(f: (str, Path), c: str): | |
| # will be blocked until ansible connects to the other end of the pipe | |
| with open(f, 'wb') as fh: | |
| fh.write(c.encode('utf-8')) | |
| remove_file(file) | |
| Thread(target=pipe_writer, args=(file, content)).start() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment