feat: update action.yml to use pwsh shell and enhance vm.py with start option; add credential management scripts
This commit is contained in:
Executable
+37
@@ -0,0 +1,37 @@
|
||||
#!/opt/ci/venv/bin/python
|
||||
"""Verify a CI credential is readable via KeyringCredentialStore.get() logic.
|
||||
|
||||
Usage:
|
||||
sudo -u ci-runner /opt/ci/venv/bin/python tools/ci-cred-check.py <target>
|
||||
|
||||
Examples:
|
||||
sudo -u ci-runner /opt/ci/venv/bin/python tools/ci-cred-check.py BuildVMGuest
|
||||
sudo -u ci-runner /opt/ci/venv/bin/python tools/ci-cred-check.py GiteaPAT
|
||||
"""
|
||||
import sys
|
||||
|
||||
try:
|
||||
import keyring
|
||||
except ImportError:
|
||||
sys.exit("keyring not installed")
|
||||
|
||||
target = sys.argv[1] if len(sys.argv) > 1 else "BuildVMGuest"
|
||||
|
||||
# 1. native (Windows Credential Manager, Secret Service with D-Bus session)
|
||||
cred = keyring.get_credential(target, None)
|
||||
if cred:
|
||||
print(f"OK (native) username={cred.username!r} password={'*' * len(cred.password)}")
|
||||
sys.exit(0)
|
||||
|
||||
# 2. two-entry scheme (PlaintextKeyring / headless file backend)
|
||||
username = keyring.get_password(f"{target}:meta", "username")
|
||||
if username:
|
||||
password = keyring.get_password(target, username)
|
||||
if password:
|
||||
print(f"OK (file) username={username!r} password={'*' * len(password)}")
|
||||
sys.exit(0)
|
||||
print(f"PARTIAL: username={username!r} found but password missing")
|
||||
sys.exit(1)
|
||||
|
||||
print(f"NOT FOUND: {target!r}")
|
||||
sys.exit(1)
|
||||
Reference in New Issue
Block a user