Fix Permission denied error when exporting profile (#279)

* Fix Permission denied error when exporting profile

#277

On Windows, the temp file was being opened twice which caused a
`Permission denied` error. The solution was to create a temp file,
close it, then pass the file name of the closed file. To make sure
it was removed, a `finally` statement is used to remove the temp
file, if it exists.

* In test, config file is string not bytes.

With the changes, the prior may have been storing the config
as bytes, but now it is stored as string. The decode() in the string
was breaking it.

integration/keeper_secrets_manager_cli/README.md

@@ -6,6 +6,10 @@ For more information see our official documentation page https://docs.keeper.io/
 
 # Change History
 
+## 1.0.12
+
+* Fix problem with the same temp file being opened when exporting profile. Was causing a `Permission denied` error.
+
 ## 1.0.11
 
 * Fix missing linefeed when selecting `immutable` for k8s token init.

integration/keeper_secrets_manager_cli/keeper_secrets_manager_cli/export.py

@@ -2,9 +2,11 @@
 import tempfile
 import base64
 import json
+import os
 
 from keeper_secrets_manager_core.utils import base64_to_bytes
 from keeper_secrets_manager_core.keeper_globals import keeper_servers
+from .exception import KsmCliException
 
 
 class Export:
@@ -45,8 +47,17 @@ def _format_ini(self):
         # Apparently the config parser doesn't like temp files. So create a
         # temp file, then open a file for writing and use that to write
         # the config. Then read the temp file to get our new config.
-        with tempfile.NamedTemporaryFile() as tf:
-            config = Config(ini_file=tf.name)
+
+        temp_file_name = None
+        try:
+            # Create temp file and close it. We want a filename. Prevent the temp file from being deleted
+            # when we close it. Remove it with a "finally".
+            tf = tempfile.NamedTemporaryFile(delete=False)
+            temp_file_name = tf.name
+            tf.close()
+
+            # Make a configuration with one profile and the save it to the temp file.
+            config = Config(ini_file=temp_file_name)
             config.set_profile(Profile.default_profile,
                                client_id=self.config.client_id,
                                private_key=self.config.private_key,
@@ -57,9 +68,16 @@ def _format_ini(self):
             config.config.active_profile = Profile.default_profile
             config.save()
 
-            tf.seek(0)
-            config_str = tf.read()
-            tf.close()
+            # Open the temp file and read the configuration that was created above.
+            with open(temp_file_name, "r") as config_fh:
+                config_str = config_fh.read()
+                config_fh.close()
+        except Exception as err:
+            raise KsmCliException("Could not export profile: {}".format(err))
+        finally:
+            # Make sure we delete the temp file.
+            if temp_file_name is not None and os.path.exists(temp_file_name) is True:
+                os.unlink(temp_file_name)
 
         return config_str
 

integration/keeper_secrets_manager_cli/setup.py

@@ -25,7 +25,7 @@
 # Version set in the keeper_secrets_manager_cli.version file.
 setup(
     name="keeper-secrets-manager-cli",
-    version="1.0.11",
+    version="1.0.12",
     description="Command line tool for Keeper Secrets Manager",
     long_description=long_description,
     long_description_content_type="text/markdown",

integration/keeper_secrets_manager_cli/tests/config_test.py

@@ -19,7 +19,7 @@ def setUp(self) -> None:
         # Make a fake keeper.ini file.
         export = Export(config=MockConfig().make_config(), file_format="ini", plain=True)
         with open("keeper.ini", "w") as fh:
-            fh.write(export.run().decode())
+            fh.write(export.run())
             fh.close()
 
     def tearDown(self) -> None: