Skip to main content

CLI utilities for p3d

Project description

p3do - let 'em minions do it

PyPI - License PyPI PyPI - Python Version

p3do (pronounced pee-three-duh) is a collection of command-line utilities for p3d. It allows you to conjure some tedious operations right from your magic little fingertips.

p3do in action

InstallationGetting startedCommandsContribute

Installation

p3do is built on Python 3.8 or later installed. You can get Python from your package manager du jour or download and install it from https://www.python.org/downloads/ (looking at you Windows. Mac. Whyihavetobother. Veryannoyingyouare.)

p3do is published to the CheeseShop and hence can be installed with pip:

pip install p3do

p3do installs itself as a command. If your $PATH is set up correctly you will be able to just invoke p3do like so

p3do --help

Getting Started

Light a bonfire and whisper p3do in the most conspirative voice available to you. Then start a terminal.

p3do is hierarchical, self-documenting and discoverable. The best way to start is to just type p3do. This will show you the available commands and some description. From there you can drill down the hierarchy for useful sub-command.

Each sub-command/command group has special flags and configuration. How to use them is explained in Commands for each of them separately. You can also use p3d <group> <command> --help in your terminal for concise on-line help.

Commands

p3do is hierarchical. Commands are batched into groups which can be further nested into parent groups. We follow the same principle in the documentation here.

  • pp: PoolParty commands

    • encrypt: Encrypt a clear text with poolparty encryption
    • decrypt: Decrypt a secret text with poolparty encryption
  • kc: Keycloak commands

pp

Commands in this group allow to perform operations useful for or related to our dear PoolParty.

encrypt

Encrypt a clear text with PoolParty encryption. The parameters for encryption used by PoolParty can usually be found in the poolparty.properties file.

To make sure that your command line processor does not mingle the input, always wrap the clear text, password, and salt it in quotes.

# encrypt "mysecret" with 
# password "H7dwBFDh3gEVDH1YecgikmOBpx9kKZ9nj1wJ5ZuhEeg="
# salt Y+Fw/4dHBajqEGxOsEyfNSGsYYXE7JUyLmc3nRFrB84=
# and 256 rounds
p3do pp encrypt "mysecret" "H7dwBFDh3gEVDH1YecgikmOBpx9kKZ9nj1wJ5ZuhEeg=" "Y+Fw/4dHBajqEGxOsEyfNSGsYYXE7JUyLmc3nRFrB84=" 256

decrypt

Decrypt a secret text encrypted by PoolParty. The parameters for encryption/decryption used by PoolParty can usually be found in the poolparty.properties file.

To make sure that your command line processor does not mingle the input, always wrap the secret, password, and salt it in quotes.

# decrypt 6NjzLmQp7kGM7bbezhQX1G2hrqCoqLrC32ayBTjQVjU= with 
# password H7dwBFDh3gEVDH1YecgikmOBpx9kKZ9nj1wJ5ZuhEeg=
# salt Y+Fw/4dHBajqEGxOsEyfNSGsYYXE7JUyLmc3nRFrB84=
# and 256 rounds
p3do pp decrypt "6NjzLmQp7kGM7bbezhQX1G2hrqCoqLrC32ayBTjQVjU=" "H7dwBFDh3gEVDH1YecgikmOBpx9kKZ9nj1wJ5ZuhEeg=" "Y+Fw/4dHBajqEGxOsEyfNSGsYYXE7JUyLmc3nRFrB84=" 256

kc

Commands in this group allow to perform operations for Keycloak. Most of them need authentication and server information. Please read KC Configuration first on how to add your configuration.

Commands:

KC Configuration

kc commands usually need some information about the server, realm and authentication. This information can be read from a configuration file, given via CLI parameters or interactively if information is missing. CLI parameters take precendence and override any configuration read from a configuration file.

Note: you don't need a configuration file at all. All (partial) parameters can be specified via CLI arguments. Just leave out the --auth_config and --auth flags.

A full configuration file which specifies all available options looks like this:

[test]
server=https://keycloak.example.com/auth/
username=admin
user_realm_name=master
password=password
realm_name=my-app

[test] is the name of the configuration. You can have multiple configurations for different servers in your config file. server, username, password are rather self-explanatory. user_realm_name is the realm the user is in. This is not necessarily the same realm as the one you want to modify. realm_name is the realm name you want to modify (it usually does not make sense to put this into the config file).

To specify the config file and config name you want to use, invoke a p3do command like this:

# `config.ini` is the config file, `test` is the config section you want to use
p3do kc add-mappers --auth_config config.ini --auth test <...other arguments...>

Note that you can override any configuration via CLI arguments:

# Override `admin` from `config.ini` with `admin2`
p3do kc add-mappers --auth_config config.ini --auth test --username admin2 <...other arguments...>

The configuration can also be partial:

[partial-test]
server=https://keycloak.example.com/auth/
username=admin
user_realm_name=master

Note that we don't specify a password or realm_name here. You can now invoke p3do with

# Complete `partial-test` via arguments
p3do kc add-mappers --auth_config config.ini --auth partial-test --password password --realm_name my-other-app <...other arguments...>

You can also just invoke p3do as before and will be asked interactively to fill out the missing pieces:

# No `password` or `realm_name` from `config.ini` or cli arguments
p3do kc add-mappers --auth_config config.ini --auth partial-test <...other arguments...>
# `p3do` will ask you to complete them interactively
Password: password
Realm_name: my-other-app

add-mappers

Add IdP mappers from a realm export .json to a realm. The IdP must already exist and correspond to the IdP name specified in the mapper config. Keycloak does not import mapper configuration by itself (yet?).

# `realm-export.json` is the path the the export file
p3do kc add-mappers --auth_config config.ini --auth test realm-export.json

Contribute

p3do is licensed under MIT and published to PyPI (including source). Do not add sensitive company data. Any sensitive data has to be read from external configuration files.

Contributors

All contributions are welcome. This can be new commands, improvements to the on-line help, documentation or spelling mistakes. Just open a PR with your changes. If your changes are larger, you find a bug but don't know how to fix it, or you are just unsure if your idea fits, open an issue on GitHub first.

Maintainers

The p3do main branch is protected and PRs have to be approved by by maintainers (code owners in GitHub lingo). Tooling like this can easily grow out of control. Maintainers ensure that this is not happening to p3do. Here are some guidelines.

  • Every command in p3do must have a well known and feasible (manual) alternative
  • p3do must not smear over too complicated process. If a process is too complicated fix the process.
  • p3do must not obfuscate processes. If knowledge about how things work isn't spread enough, spread it.
  • p3do must not gatekeep processes. It is not a mechanism for access management.
  • p3do believes in the competency of its users

Release Maintainers

Releases are pushed to PyPI. This requires a token with Maintainer or Owner status on PyPI.

Releases are automatically created and pushed by a GitHub Action when a tagged release is created in GitHub.

Repository and release maintainers is probably but not necessarily the same set of people.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

p3do-0.2.0.tar.gz (9.3 kB view details)

Uploaded Source

Built Distribution

p3do-0.2.0-py3-none-any.whl (8.5 kB view details)

Uploaded Python 3

File details

Details for the file p3do-0.2.0.tar.gz.

File metadata

  • Download URL: p3do-0.2.0.tar.gz
  • Upload date:
  • Size: 9.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.1.13 CPython/3.10.5 Linux/5.13.0-1031-azure

File hashes

Hashes for p3do-0.2.0.tar.gz
Algorithm Hash digest
SHA256 1ec0a2427a99da492cef42d46fa24d7bb6d88ccfad5e925529ca17b0bff7658f
MD5 b2cd35d9d5a3fdbd0ec469d8cf5f927b
BLAKE2b-256 cfbb33a7d4c4ff764496319abc1ac449696e32ff6af5c1d4a38b8987cafe9074

See more details on using hashes here.

File details

Details for the file p3do-0.2.0-py3-none-any.whl.

File metadata

  • Download URL: p3do-0.2.0-py3-none-any.whl
  • Upload date:
  • Size: 8.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.1.13 CPython/3.10.5 Linux/5.13.0-1031-azure

File hashes

Hashes for p3do-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 2e8831023229b44a04055ed35218ccd6611f3f4888043e577c5377e33ee51509
MD5 0e46155742f6ad25b71072ea2c807113
BLAKE2b-256 a05936b9549401d8f49238921b31d8fb6ad52d6e5ac97bb7c16b77accdc51382

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page