fix(api): secrets

cmdb-api/api/commands/click_cmdb.py

@@ -319,6 +319,9 @@ def cmdb_index_table_upgrade():
 
 
 def valid_address(address):
+    if not address:
+        return False
+
     if not address.startswith(("http://127.0.0.1", "https://127.0.0.1")):
         response = {
             "message": "Address should start with http://127.0.0.1 or https://127.0.0.1",
@@ -326,6 +329,7 @@ def valid_address(address):
         }
         KeyManage.print_response(response)
         return False
+
     return True
 
 

cmdb-api/api/lib/secrets/inner.py

@@ -1,21 +1,22 @@
+import os
+import secrets
+import sys
 from base64 import b64decode, b64encode
+
+from Cryptodome.Protocol.SecretSharing import Shamir
 from colorama import Back
 from colorama import Fore
-from colorama import init as colorama_init
 from colorama import Style
-from Cryptodome.Protocol.SecretSharing import Shamir
+from colorama import init as colorama_init
 from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives import hashes
 from cryptography.hazmat.primitives import padding
-from cryptography.hazmat.primitives.ciphers import algorithms
 from cryptography.hazmat.primitives.ciphers import Cipher
+from cryptography.hazmat.primitives.ciphers import algorithms
 from cryptography.hazmat.primitives.ciphers import modes
 from cryptography.hazmat.primitives.ciphers.aead import AESGCM
 from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
 from flask import current_app
-import os
-import secrets
-import sys
 
 global_iv_length = 16
 global_key_shares = 5  # Number of generated key shares
@@ -64,10 +65,11 @@ class KeyManage:
             self.backend = Backend(backend)
 
     def init_app(self, app, backend=None):
-        if sys.argv[0].endswith("gunicorn") or sys.argv[1] == "run":
+        if sys.argv[0].endswith("gunicorn") or (len(sys.argv) > 1 and sys.argv[1] == "run"):
             self.trigger = app.config.get("INNER_TRIGGER_TOKEN")
             if not self.trigger:
                 return
+
             self.backend = backend
             resp = self.auto_unseal()
             self.print_response(resp)

cmdb-api/api/lib/secrets/secrets.py

@@ -11,11 +11,12 @@ class InnerKVManger(object):
         res = InnerKV.create(**data)
         if res.key == key:
             return "success", True
+
         return "add failed", False
 
     @classmethod
     def get(cls, key):
-        res = InnerKV.get_by(first=True, to_dict=False, **{"key": key})
+        res = InnerKV.get_by(first=True, to_dict=False, key=key)
         if not res:
             return None
 
@@ -23,11 +24,12 @@ class InnerKVManger(object):
 
     @classmethod
     def update(cls, key, value):
-        res = InnerKV.get_by(first=True, to_dict=False, **{"key": key})
+        res = InnerKV.get_by(first=True, to_dict=False, key=key)
         if not res:
-            return None
+            return cls.add(key, value)
-        res.value = value
+
-        t = res.update()
+        t = res.update(value=value)
         if t.key == key:
             return "success", True
+
         return "update failed", True

cmdb-api/api/views/cmdb/inner_secrets.py

@@ -1,10 +1,9 @@
+from flask import request
+
 from api.lib.perm.auth import auth_abandoned
-from api.resource import APIView
 from api.lib.secrets.inner import KeyManage
 from api.lib.secrets.secrets import InnerKVManger
-
+from api.resource import APIView
-from flask import current_app
-from flask import request
 
 
 class InnerSecretUnSealView(APIView):