jw-pkg/src/python/jw/pkg/cmds/secrets/Cmd.py

# -*- coding: utf-8 -*-

from __future__ import annotations

from typing import TYPE_CHECKING

from ..Cmd import Cmd as Base

if TYPE_CHECKING:
    from typing import Iterable
    from ...lib.Distro import Distro
    from ..CmdDistro import CmdDistro

from .lib.util import *

class Cmd(Base): # export

    async def _match_files(self, packages: Iterable[str], pattern: str) -> list[str]:
        return await match_files(self.distro, packages, pattern)

    async def _list_template_files(self, packages: Iterable[str]) -> list[str]:
        return await list_template_files(self.distro, packages)

    async def _list_secret_paths(self, packages: Iterable[str], ignore_missing: bool=False) -> list[str]:
        return await list_secret_paths(self.distro, packages, ignore_missing)

    async def _list_compilation_targets(self, packages: Iterable[str], ignore_missing: bool=False) -> list[str]:
        return await list_compilation_targets(self.distro, packages, ignore_missing)

    async def _remove_compilation_targets(self, packages: Iterable[str]) -> list[str]:
        return await remove_compilation_targets(self.distro, packages)

    async def _compile_template_files(self, packages: Iterable[str], default_attrs: Attrs) -> list[str]:
        return await compile_template_files(self.distro, packages, default_attrs)

    def __init__(self, parent: CmdDistro, name: str, help: str) -> None:
        super().__init__(parent, name, help)

    def add_arguments(self, parser: ArgumentParser) -> None:
        super().add_arguments(parser)
        parser.add_argument("packages", nargs='*', help="Package names")
cmds.CmdSecrets: Add command class + subcommands jw-pkg.py secrets [sub-command] [packages] is a set of utility commands designed to manage configuration files containing secrets. To keep secrets from leaking via version control or packages, a _template_ should be packaged for every sensitive configuration file. Then, during post-install, configuration files can be generated from packaged templates via jw-pkg.py secrets compile-templates <package> <package> ... During post-uninstall jw-pkg.py secrets rm-compilation-output <package> <package> ... removes them. Not specifying any packages will compile or remove all templates on the system. To identify which files to consider and generate or remove, the compilation scans <package> for files ending in .jw-tmpl. For each match, e.g. /path/to/some.conf.jw-tmpl it will read key-value pairs from /path/to/some.conf.jw-secret and generate /path/to/some.conf from it, replacing all keys by their respective values. The file attributes of the generated file can be determined by the first line: of some.conf.jw-tmpl or some.conf.jw-secret: # conf: owner=mysql; group=mysql; mode=0640 There are other commands for managing all secrets on the system at once, see jw-pkg.py secrets --help: compile-templates Compile package template files list-compilation-output List package compilation output files list-secrets List package secret files list-templates List package template files rm-compilation-output Remove package compilation output files Signed-off-by: Jan Lindemann <jan@janware.com> 2026-03-05 11:01:18 +01:00			`# -- coding: utf-8 --`

			`from __future__ import annotations`

			`from typing import TYPE_CHECKING`

cmds.secrets.lib.util: Add module To be able to use secret handling code from other modules, move the bulk of it from the "secrets"-command centric implementation in cmds.secrets.Cmd into a new module cmds.secrets.lib.util. Signed-off-by: Jan Lindemann <jan@janware.com> 2026-04-11 10:16:54 +02:00			`from ..Cmd import Cmd as Base`

cmds.CmdSecrets: Add command class + subcommands jw-pkg.py secrets [sub-command] [packages] is a set of utility commands designed to manage configuration files containing secrets. To keep secrets from leaking via version control or packages, a _template_ should be packaged for every sensitive configuration file. Then, during post-install, configuration files can be generated from packaged templates via jw-pkg.py secrets compile-templates <package> <package> ... During post-uninstall jw-pkg.py secrets rm-compilation-output <package> <package> ... removes them. Not specifying any packages will compile or remove all templates on the system. To identify which files to consider and generate or remove, the compilation scans <package> for files ending in .jw-tmpl. For each match, e.g. /path/to/some.conf.jw-tmpl it will read key-value pairs from /path/to/some.conf.jw-secret and generate /path/to/some.conf from it, replacing all keys by their respective values. The file attributes of the generated file can be determined by the first line: of some.conf.jw-tmpl or some.conf.jw-secret: # conf: owner=mysql; group=mysql; mode=0640 There are other commands for managing all secrets on the system at once, see jw-pkg.py secrets --help: compile-templates Compile package template files list-compilation-output List package compilation output files list-secrets List package secret files list-templates List package template files rm-compilation-output Remove package compilation output files Signed-off-by: Jan Lindemann <jan@janware.com> 2026-03-05 11:01:18 +01:00			`if TYPE_CHECKING:`
			`from typing import Iterable`
			`from ...lib.Distro import Distro`
			`from ..CmdDistro import CmdDistro`

cmds.secrets.lib.util: Add module To be able to use secret handling code from other modules, move the bulk of it from the "secrets"-command centric implementation in cmds.secrets.Cmd into a new module cmds.secrets.lib.util. Signed-off-by: Jan Lindemann <jan@janware.com> 2026-04-11 10:16:54 +02:00			`from .lib.util import *`
cmds.CmdSecrets: Add command class + subcommands jw-pkg.py secrets [sub-command] [packages] is a set of utility commands designed to manage configuration files containing secrets. To keep secrets from leaking via version control or packages, a _template_ should be packaged for every sensitive configuration file. Then, during post-install, configuration files can be generated from packaged templates via jw-pkg.py secrets compile-templates <package> <package> ... During post-uninstall jw-pkg.py secrets rm-compilation-output <package> <package> ... removes them. Not specifying any packages will compile or remove all templates on the system. To identify which files to consider and generate or remove, the compilation scans <package> for files ending in .jw-tmpl. For each match, e.g. /path/to/some.conf.jw-tmpl it will read key-value pairs from /path/to/some.conf.jw-secret and generate /path/to/some.conf from it, replacing all keys by their respective values. The file attributes of the generated file can be determined by the first line: of some.conf.jw-tmpl or some.conf.jw-secret: # conf: owner=mysql; group=mysql; mode=0640 There are other commands for managing all secrets on the system at once, see jw-pkg.py secrets --help: compile-templates Compile package template files list-compilation-output List package compilation output files list-secrets List package secret files list-templates List package template files rm-compilation-output Remove package compilation output files Signed-off-by: Jan Lindemann <jan@janware.com> 2026-03-05 11:01:18 +01:00
			`class Cmd(Base): # export`

			`async def _match_files(self, packages: Iterable[str], pattern: str) -> list[str]:`
cmds.secrets.lib.util: Add module To be able to use secret handling code from other modules, move the bulk of it from the "secrets"-command centric implementation in cmds.secrets.Cmd into a new module cmds.secrets.lib.util. Signed-off-by: Jan Lindemann <jan@janware.com> 2026-04-11 10:16:54 +02:00			`return await match_files(self.distro, packages, pattern)`
cmds.CmdSecrets: Add command class + subcommands jw-pkg.py secrets [sub-command] [packages] is a set of utility commands designed to manage configuration files containing secrets. To keep secrets from leaking via version control or packages, a _template_ should be packaged for every sensitive configuration file. Then, during post-install, configuration files can be generated from packaged templates via jw-pkg.py secrets compile-templates <package> <package> ... During post-uninstall jw-pkg.py secrets rm-compilation-output <package> <package> ... removes them. Not specifying any packages will compile or remove all templates on the system. To identify which files to consider and generate or remove, the compilation scans <package> for files ending in .jw-tmpl. For each match, e.g. /path/to/some.conf.jw-tmpl it will read key-value pairs from /path/to/some.conf.jw-secret and generate /path/to/some.conf from it, replacing all keys by their respective values. The file attributes of the generated file can be determined by the first line: of some.conf.jw-tmpl or some.conf.jw-secret: # conf: owner=mysql; group=mysql; mode=0640 There are other commands for managing all secrets on the system at once, see jw-pkg.py secrets --help: compile-templates Compile package template files list-compilation-output List package compilation output files list-secrets List package secret files list-templates List package template files rm-compilation-output Remove package compilation output files Signed-off-by: Jan Lindemann <jan@janware.com> 2026-03-05 11:01:18 +01:00
			`async def _list_template_files(self, packages: Iterable[str]) -> list[str]:`
cmds.secrets.lib.util: Add module To be able to use secret handling code from other modules, move the bulk of it from the "secrets"-command centric implementation in cmds.secrets.Cmd into a new module cmds.secrets.lib.util. Signed-off-by: Jan Lindemann <jan@janware.com> 2026-04-11 10:16:54 +02:00			`return await list_template_files(self.distro, packages)`
cmds.CmdSecrets: Add command class + subcommands jw-pkg.py secrets [sub-command] [packages] is a set of utility commands designed to manage configuration files containing secrets. To keep secrets from leaking via version control or packages, a _template_ should be packaged for every sensitive configuration file. Then, during post-install, configuration files can be generated from packaged templates via jw-pkg.py secrets compile-templates <package> <package> ... During post-uninstall jw-pkg.py secrets rm-compilation-output <package> <package> ... removes them. Not specifying any packages will compile or remove all templates on the system. To identify which files to consider and generate or remove, the compilation scans <package> for files ending in .jw-tmpl. For each match, e.g. /path/to/some.conf.jw-tmpl it will read key-value pairs from /path/to/some.conf.jw-secret and generate /path/to/some.conf from it, replacing all keys by their respective values. The file attributes of the generated file can be determined by the first line: of some.conf.jw-tmpl or some.conf.jw-secret: # conf: owner=mysql; group=mysql; mode=0640 There are other commands for managing all secrets on the system at once, see jw-pkg.py secrets --help: compile-templates Compile package template files list-compilation-output List package compilation output files list-secrets List package secret files list-templates List package template files rm-compilation-output Remove package compilation output files Signed-off-by: Jan Lindemann <jan@janware.com> 2026-03-05 11:01:18 +01:00
cmds.secrets.CmdXX: Add option --all Support option --all to jw-pkg.py secrets list-compilation-output and list-secrets (CmdListCompilationOutput & CmdSecrets). This allows them to also report non-existent files. Signed-off-by: Jan Lindemann <jan@janware.com> 2026-03-08 07:43:37 +01:00			`async def _list_secret_paths(self, packages: Iterable[str], ignore_missing: bool=False) -> list[str]:`
cmds.secrets.lib.util: Add module To be able to use secret handling code from other modules, move the bulk of it from the "secrets"-command centric implementation in cmds.secrets.Cmd into a new module cmds.secrets.lib.util. Signed-off-by: Jan Lindemann <jan@janware.com> 2026-04-11 10:16:54 +02:00			`return await list_secret_paths(self.distro, packages, ignore_missing)`
cmds.CmdSecrets: Add command class + subcommands jw-pkg.py secrets [sub-command] [packages] is a set of utility commands designed to manage configuration files containing secrets. To keep secrets from leaking via version control or packages, a _template_ should be packaged for every sensitive configuration file. Then, during post-install, configuration files can be generated from packaged templates via jw-pkg.py secrets compile-templates <package> <package> ... During post-uninstall jw-pkg.py secrets rm-compilation-output <package> <package> ... removes them. Not specifying any packages will compile or remove all templates on the system. To identify which files to consider and generate or remove, the compilation scans <package> for files ending in .jw-tmpl. For each match, e.g. /path/to/some.conf.jw-tmpl it will read key-value pairs from /path/to/some.conf.jw-secret and generate /path/to/some.conf from it, replacing all keys by their respective values. The file attributes of the generated file can be determined by the first line: of some.conf.jw-tmpl or some.conf.jw-secret: # conf: owner=mysql; group=mysql; mode=0640 There are other commands for managing all secrets on the system at once, see jw-pkg.py secrets --help: compile-templates Compile package template files list-compilation-output List package compilation output files list-secrets List package secret files list-templates List package template files rm-compilation-output Remove package compilation output files Signed-off-by: Jan Lindemann <jan@janware.com> 2026-03-05 11:01:18 +01:00
cmds.secrets.CmdXX: Add option --all Support option --all to jw-pkg.py secrets list-compilation-output and list-secrets (CmdListCompilationOutput & CmdSecrets). This allows them to also report non-existent files. Signed-off-by: Jan Lindemann <jan@janware.com> 2026-03-08 07:43:37 +01:00			`async def _list_compilation_targets(self, packages: Iterable[str], ignore_missing: bool=False) -> list[str]:`
cmds.secrets.lib.util: Add module To be able to use secret handling code from other modules, move the bulk of it from the "secrets"-command centric implementation in cmds.secrets.Cmd into a new module cmds.secrets.lib.util. Signed-off-by: Jan Lindemann <jan@janware.com> 2026-04-11 10:16:54 +02:00			`return await list_compilation_targets(self.distro, packages, ignore_missing)`
cmds.CmdSecrets: Add command class + subcommands jw-pkg.py secrets [sub-command] [packages] is a set of utility commands designed to manage configuration files containing secrets. To keep secrets from leaking via version control or packages, a _template_ should be packaged for every sensitive configuration file. Then, during post-install, configuration files can be generated from packaged templates via jw-pkg.py secrets compile-templates <package> <package> ... During post-uninstall jw-pkg.py secrets rm-compilation-output <package> <package> ... removes them. Not specifying any packages will compile or remove all templates on the system. To identify which files to consider and generate or remove, the compilation scans <package> for files ending in .jw-tmpl. For each match, e.g. /path/to/some.conf.jw-tmpl it will read key-value pairs from /path/to/some.conf.jw-secret and generate /path/to/some.conf from it, replacing all keys by their respective values. The file attributes of the generated file can be determined by the first line: of some.conf.jw-tmpl or some.conf.jw-secret: # conf: owner=mysql; group=mysql; mode=0640 There are other commands for managing all secrets on the system at once, see jw-pkg.py secrets --help: compile-templates Compile package template files list-compilation-output List package compilation output files list-secrets List package secret files list-templates List package template files rm-compilation-output Remove package compilation output files Signed-off-by: Jan Lindemann <jan@janware.com> 2026-03-05 11:01:18 +01:00
			`async def _remove_compilation_targets(self, packages: Iterable[str]) -> list[str]:`
cmds.secrets.lib.util: Add module To be able to use secret handling code from other modules, move the bulk of it from the "secrets"-command centric implementation in cmds.secrets.Cmd into a new module cmds.secrets.lib.util. Signed-off-by: Jan Lindemann <jan@janware.com> 2026-04-11 10:16:54 +02:00			`return await remove_compilation_targets(self.distro, packages)`
cmds.CmdSecrets: Add command class + subcommands jw-pkg.py secrets [sub-command] [packages] is a set of utility commands designed to manage configuration files containing secrets. To keep secrets from leaking via version control or packages, a _template_ should be packaged for every sensitive configuration file. Then, during post-install, configuration files can be generated from packaged templates via jw-pkg.py secrets compile-templates <package> <package> ... During post-uninstall jw-pkg.py secrets rm-compilation-output <package> <package> ... removes them. Not specifying any packages will compile or remove all templates on the system. To identify which files to consider and generate or remove, the compilation scans <package> for files ending in .jw-tmpl. For each match, e.g. /path/to/some.conf.jw-tmpl it will read key-value pairs from /path/to/some.conf.jw-secret and generate /path/to/some.conf from it, replacing all keys by their respective values. The file attributes of the generated file can be determined by the first line: of some.conf.jw-tmpl or some.conf.jw-secret: # conf: owner=mysql; group=mysql; mode=0640 There are other commands for managing all secrets on the system at once, see jw-pkg.py secrets --help: compile-templates Compile package template files list-compilation-output List package compilation output files list-secrets List package secret files list-templates List package template files rm-compilation-output Remove package compilation output files Signed-off-by: Jan Lindemann <jan@janware.com> 2026-03-05 11:01:18 +01:00
cmds.secrets.CmdCompileTemplates: Support -ogm Add support for the -o (--owner) -g (--group) -m (--mode) options. They allow to specify a default for compiling templates, but _don't_ override what's in the #conf: specification line in .jw-tmpl or .jw-secret files. Signed-off-by: Jan Lindemann <jan@janware.com> 2026-03-08 10:41:58 +01:00			`async def _compile_template_files(self, packages: Iterable[str], default_attrs: Attrs) -> list[str]:`
cmds.secrets.lib.util: Add module To be able to use secret handling code from other modules, move the bulk of it from the "secrets"-command centric implementation in cmds.secrets.Cmd into a new module cmds.secrets.lib.util. Signed-off-by: Jan Lindemann <jan@janware.com> 2026-04-11 10:16:54 +02:00			`return await compile_template_files(self.distro, packages, default_attrs)`
cmds.CmdSecrets: Add command class + subcommands jw-pkg.py secrets [sub-command] [packages] is a set of utility commands designed to manage configuration files containing secrets. To keep secrets from leaking via version control or packages, a _template_ should be packaged for every sensitive configuration file. Then, during post-install, configuration files can be generated from packaged templates via jw-pkg.py secrets compile-templates <package> <package> ... During post-uninstall jw-pkg.py secrets rm-compilation-output <package> <package> ... removes them. Not specifying any packages will compile or remove all templates on the system. To identify which files to consider and generate or remove, the compilation scans <package> for files ending in .jw-tmpl. For each match, e.g. /path/to/some.conf.jw-tmpl it will read key-value pairs from /path/to/some.conf.jw-secret and generate /path/to/some.conf from it, replacing all keys by their respective values. The file attributes of the generated file can be determined by the first line: of some.conf.jw-tmpl or some.conf.jw-secret: # conf: owner=mysql; group=mysql; mode=0640 There are other commands for managing all secrets on the system at once, see jw-pkg.py secrets --help: compile-templates Compile package template files list-compilation-output List package compilation output files list-secrets List package secret files list-templates List package template files rm-compilation-output Remove package compilation output files Signed-off-by: Jan Lindemann <jan@janware.com> 2026-03-05 11:01:18 +01:00
			`def __init__(self, parent: CmdDistro, name: str, help: str) -> None:`
			`super().__init__(parent, name, help)`

			`def add_arguments(self, parser: ArgumentParser) -> None:`
			`super().add_arguments(parser)`
			`parser.add_argument("packages", nargs='*', help="Package names")`