generate_secrets: Lazily import crypto module.

matt- · Apr 30, 2020 · 522ee7f · 522ee7f
1 parent 66392af
commit 522ee7f
Showing 1 changed file with 7 additions and 3 deletions.
diff --git a/scripts/setup/generate_secrets.py b/scripts/setup/generate_secrets.py
@@ -14,7 +14,6 @@
 
 os.environ['DJANGO_SETTINGS_MODULE'] = 'zproject.settings'
 
-from django.utils.crypto import get_random_string
 import argparse
 import uuid
 import configparser
@@ -30,12 +29,17 @@
     'thumbor_key',
 ]
 
+def random_string(cnt: int) -> str:
+    from django.utils.crypto import get_random_string
+    return get_random_string(cnt)
+
 def random_token() -> str:
     from zerver.lib.utils import generate_random_token
     return generate_random_token(64)
 
 def generate_django_secretkey() -> str:
     """Secret key generation taken from Django's startproject.py"""
+    from django.utils.crypto import get_random_string
     chars = 'abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)'
     return get_random_string(50, chars)
 
@@ -82,7 +86,7 @@ def add_secret(name: str, value: str) -> None:
         settings.SECRET_KEY = secret_key
 
     if need_secret('camo_key'):
-        add_secret('camo_key', get_random_string(64))
+        add_secret('camo_key', random_string(64))
 
     if (
         not development
@@ -126,7 +130,7 @@ def add_secret(name: str, value: str) -> None:
     # zulip_org_id does not require a secure CPRNG,
     # it only needs to be unique.
     if need_secret('zulip_org_key'):
-        add_secret('zulip_org_key', get_random_string(64))
+        add_secret('zulip_org_key', random_string(64))
     if need_secret('zulip_org_id'):
         add_secret('zulip_org_id', str(uuid.uuid4()))