Commit 98d052dcb1184e7061384039e502787d4a4b6d53 - bundlewrap

+10

-0

CHANGELOG.md less more

	0	# 3.7.0
	1
	2	2019-10-07
	3
	4	* Faults are now accepted as item attribute values
	5	* Filter objects, iterators and such can now be used as item attribute values
	6	* `BW_VAULT_DUMMY_MODE` will now yield dummy passwords of requested length
	7	* added `repo.vault.random_bytes_as_base64_for()`
	8
	9
0	10	# 3.6.2
1	11
2	12	2019-07-25

+0

-4

README.md less more

9	9
10	10	<a href="https://travis-ci.org/bundlewrap/bundlewrap">
11	11	<img src="http://img.shields.io/travis/bundlewrap/bundlewrap/master.svg" alt="Build status">
12		</a>
13
14		<a href="https://landscape.io/github/bundlewrap/bundlewrap/master">
15		<img src="https://landscape.io/github/bundlewrap/bundlewrap/master/landscape.svg?style=flat" alt="Code health">
16	12	</a>
17	13
18	14	<a href="https://pypi.python.org/pypi/bundlewrap/">

+1

-1

bundlewrap/__init__.py less more

0	0	# -- coding: utf-8 --
1	1	from __future__ import unicode_literals
2	2
3		VERSION = (3, 6, 2)
	3	VERSION = (3, 7, 0)
4	4	VERSION_STRING = ".".join([str(v) for v in VERSION])

+34

-9

bundlewrap/items/__init__.py less more

76	76	@property
77	77	def correct(self):
78	78	return not self.must_be_deleted and not self.must_be_created and not bool(self.keys_to_fix)
	79
	80
	81	def make_normalize(attribute_default):
	82	"""
	83	This is to ensure you can pass filter() results and such in place of
	84	lists and have them converted to the proper type automatically.
	85	"""
	86	if type(attribute_default) in (list, dict):
	87	return type(attribute_default)
	88	else:
	89	return copy
79	90
80	91
81	92	class Item(object):

156	167	self._faults_missing_for_attributes.add(_("unknown"))
157	168
158	169	for attribute_name, attribute_default in BUILTIN_ITEM_ATTRIBUTES.items():
159		setattr(self, attribute_name, force_text(attributes.get(
160		attribute_name,
161		copy(attribute_default),
162		)))
	170	normalize = make_normalize(attribute_default)
	171	try:
	172	setattr(self, attribute_name, force_text(normalize(attributes.get(
	173	attribute_name,
	174	copy(attribute_default),
	175	))))
	176	except FaultUnavailable:
	177	self._faults_missing_for_attributes.add(attribute_name)
	178	setattr(self, attribute_name, BUILTIN_ITEM_ATTRIBUTES[attribute_name])
163	179
164	180	for attribute_name, attribute_default in self.ITEM_ATTRIBUTES.items():
165	181	if attribute_name not in BUILTIN_ITEM_ATTRIBUTES:
	182	normalize = make_normalize(attribute_default)
166	183	try:
167		self.attributes[attribute_name] = force_text(attributes.get(
	184	self.attributes[attribute_name] = force_text(normalize(attributes.get(
168	185	attribute_name,
169		attribute_default,
170		))
	186	copy(attribute_default),
	187	)))
171	188	except FaultUnavailable:
172	189	self._faults_missing_for_attributes.add(attribute_name)
173	190
174	191	for attribute_name, attribute_default in self.WHEN_CREATING_ATTRIBUTES.items():
175		self.when_creating[attribute_name] = \
176		attributes.get('when_creating', {}).get(attribute_name, attribute_default)
	192	normalize = make_normalize(attribute_default)
	193	try:
	194	self.when_creating[attribute_name] = force_text(normalize(
	195	attributes.get('when_creating', {}).get(
	196	attribute_name,
	197	copy(attribute_default),
	198	)
	199	))
	200	except FaultUnavailable:
	201	self._faults_missing_for_attributes.add('when_creating/' + attribute_name)
177	202
178	203	if self.cascade_skip is None:
179	204	self.cascade_skip = not (self.unless or self.triggered)

+16

-1

bundlewrap/secrets.py less more

208	208	PRNG allows for more control over password length and complexity.
209	209	"""
210	210	if environ.get("BW_VAULT_DUMMY_MODE", "0") != "0":
211		return "generatedpassword"
	211	return ("generatedpassword"*length)[:length]
212	212
213	213	prng = self._get_prng(identifier, key)
214	214

217	217	alphabet += punctuation
218	218
219	219	return "".join([choice_prng(alphabet, prng) for i in range(length)])
	220
	221	def _generate_random_bytes_as_base64(self, identifier=None, key='generate', length=32):
	222	if environ.get("BW_VAULT_DUMMY_MODE", "0") != "0":
	223	return b64encode(bytearray([ord("a") for i in range(length)])).decode()
	224
	225	prng = self._get_prng(identifier, key)
	226	return b64encode(bytearray([next(prng) for i in range(length)])).decode()
220	227
221	228	def _get_prng(self, identifier, key):
222	229	try:

332	339	length=length,
333	340	symbols=symbols,
334	341	)
	342
	343	def random_bytes_as_base64_for(self, identifier, key='generate', length=32):
	344	return Fault(
	345	self._generate_random_bytes_as_base64,
	346	identifier=identifier,
	347	key=key,
	348	length=length,
	349	)

+7

-2

debian/changelog less more

0		bundlewrap (3.6.2-2) UNRELEASED; urgency=medium
	0	bundlewrap (3.7.0-1) unstable; urgency=medium
1	1
	2	[ Ondřej Nový ]
2	3	* d/changelog: Remove trailing whitespaces.
3	4
4		-- Ondřej Nový <onovy@debian.org> Sun, 25 Aug 2019 17:00:36 +0200
	5	[ Jonathan Carter ]
	6	* New upstream release
	7	* Update standards version to 4.5.0
	8
	9	-- Jonathan Carter <jcc@debian.org> Tue, 08 Oct 2019 20:24:26 +0200
5	10
6	11	bundlewrap (3.6.2-1) unstable; urgency=medium
7	12

+1

-1

debian/control less more

9	9	python3-setuptools,
10	10	python3-requests,
11	11	python3-cryptography
12		Standards-Version: 4.4.0
	12	Standards-Version: 4.5.0
13	13	Homepage: http://bundlewrap.org/
14	14	Vcs-Git: https://salsa.debian.org/python-team/applications/bundlewrap.git
15	15	Vcs-Browser: https://salsa.debian.org/python-team/applications/bundlewrap

+10

-0

docs/content/guide/secrets.md less more

40	40	### "Human" passwords
41	41
42	42	As an alternative to `password_for()`, which generates random strings, you can use `human_password_for()`.It generates strings like `Wiac-Kaobl-Teuh-Kumd-40`. They are easier to handle for human beings. You might want to use them if you have to type those passwords on a regular basis.
	43
	44	### Random bytes
	45
	46	`password_for()` and `human_password_for()` are meant for passwords. If you need plain random bytes, you can use `random_bytes_as_base64_for()`. As the name implies, it will return the data base64 encoded. Some examples:
	47
	48	<pre><code class="nohighlight">$ bw debug -c 'print(repo.vault.random_bytes_as_base64_for("foo"))'
	49	qczM0GUKW7YlXEuW8HGPYkjCGaX4Vu9Fja5SIZWga7w=
	50	$ bw debug -c 'print(repo.vault.random_bytes_as_base64_for("foo", length=1))'
	51	qQ==
	52	</code></pre>
43	53
44	54	<br>
45	55

+1

-1

setup.py less more

16	16
17	17	setup(
18	18	name="bundlewrap",
19		version="3.6.2",
	19	version="3.7.0",
20	20	description="Config management with Python",
21	21	long_description=(
22	22	"By allowing for easy and low-overhead config management, BundleWrap fills the gap between complex deployments using Chef or Puppet and old school system administration over SSH.\n"

+18

-0

tests/integration/secrets.py less more

127	127	assert stdout == b"Xaint-Heep-13\n"
128	128	assert stderr == b""
129	129	assert rcode == 0
	130
	131
	132	def test_random_bytes_as_base64(tmpdir):
	133	make_repo(tmpdir)
	134
	135	stdout, stderr, rcode = run("bw debug -c 'print(repo.vault.random_bytes_as_base64_for(\"foo\"))'", path=str(tmpdir))
	136	assert stdout == b"rt+Dgv0yA10DS3ux94mmtEg+isChTJvgkfklzmWkvyg=\n"
	137	assert stderr == b""
	138	assert rcode == 0
	139
	140
	141	def test_random_bytes_as_base64_length(tmpdir):
	142	make_repo(tmpdir)
	143
	144	stdout, stderr, rcode = run("bw debug -c 'print(repo.vault.random_bytes_as_base64_for(\"foo\", length=1))'", path=str(tmpdir))
	145	assert stdout == b"rg==\n"
	146	assert stderr == b""
	147	assert rcode == 0