CLI utilities for p3d
Project description
p3do - let 'em minions do it
p3do (pronounced pee-three-duh) is a collection of command-line utilities for p3d. It allows you to conjure some tedious operations right from your magic little fingertips.
Installation
p3do
is built on Python 3.8 or later installed. You can get Python from your
package manager du jour or download and install it from
https://www.python.org/downloads/ (looking at you Windows. Mac.
Whyihavetobother. Veryannoyingyouare.)
p3do
is published to the CheeseShop and
hence can be installed with pip:
pip install p3do
p3do
installs itself as a command. If your $PATH
is set up correctly you
will be able to just invoke p3do
like so
p3do --help
Getting Started
Light a bonfire and whisper p3do in the most conspirative voice available to you. Then start a terminal.
p3do
is hierarchical, self-documenting and discoverable. The best way to start
is to just type p3do
. This will show you the available commands and some
description. From there you can drill down the hierarchy for useful sub-command.
Each sub-command/command group has special flags and configuration. How to use
them is explained in Commands for each of them separately. You can
also use p3d <group> <command> --help
in your terminal for concise on-line
help.
Commands
p3do
is hierarchical. Commands are batched into groups which can be further
nested into parent groups. We follow the same principle in the documentation
here.
-
pp
: PoolParty commands -
kc
: Keycloak commands- KC Configuration: Not a command but read this first!
add-mappers
: Add mappers to IdPs from realm export
pp
Commands in this group allow to perform operations useful for or related to our dear PoolParty.
encrypt
Encrypt a clear text with PoolParty encryption. The parameters for encryption
used by PoolParty can usually be found in the poolparty.properties
file.
To make sure that your command line processor does not mingle the input, always wrap the clear text, password, and salt it in quotes.
# encrypt "mysecret" with
# password "H7dwBFDh3gEVDH1YecgikmOBpx9kKZ9nj1wJ5ZuhEeg="
# salt Y+Fw/4dHBajqEGxOsEyfNSGsYYXE7JUyLmc3nRFrB84=
# and 256 rounds
p3do pp encrypt "mysecret" "H7dwBFDh3gEVDH1YecgikmOBpx9kKZ9nj1wJ5ZuhEeg=" "Y+Fw/4dHBajqEGxOsEyfNSGsYYXE7JUyLmc3nRFrB84=" 256
decrypt
Decrypt a secret text encrypted by PoolParty. The parameters for encryption/decryption used
by PoolParty can usually be found in the poolparty.properties
file.
To make sure that your command line processor does not mingle the input, always wrap the secret, password, and salt it in quotes.
# decrypt 6NjzLmQp7kGM7bbezhQX1G2hrqCoqLrC32ayBTjQVjU= with
# password H7dwBFDh3gEVDH1YecgikmOBpx9kKZ9nj1wJ5ZuhEeg=
# salt Y+Fw/4dHBajqEGxOsEyfNSGsYYXE7JUyLmc3nRFrB84=
# and 256 rounds
p3do pp decrypt "6NjzLmQp7kGM7bbezhQX1G2hrqCoqLrC32ayBTjQVjU=" "H7dwBFDh3gEVDH1YecgikmOBpx9kKZ9nj1wJ5ZuhEeg=" "Y+Fw/4dHBajqEGxOsEyfNSGsYYXE7JUyLmc3nRFrB84=" 256
kc
Commands in this group allow to perform operations for Keycloak. Most of them need authentication and server information. Please read KC Configuration first on how to add your configuration.
Commands:
- KC Configuration: Not a command but read this first!
add-mappers
: Add mappers to IdPs from realm export
KC Configuration
kc commands usually need some information about the server, realm and authentication. This information can be read from a configuration file, given via CLI parameters or interactively if information is missing. CLI parameters take precendence and override any configuration read from a configuration file.
Note: you don't need a configuration file at all. All (partial) parameters
can be specified via CLI arguments. Just leave out the --auth_config
and
--auth
flags.
A full configuration file which specifies all available options looks like this:
[test]
server=https://keycloak.example.com/auth/
username=admin
user_realm_name=master
password=password
realm_name=my-app
[test]
is the name of the configuration. You can have multiple configurations
for different servers in your config file. server
, username
, password
are
rather self-explanatory. user_realm_name
is the realm the user is in. This
is not necessarily the same realm as the one you want to modify. realm_name
is
the realm name you want to modify (it usually does not make sense to put this
into the config file).
To specify the config file and config name you want to use, invoke a p3do
command like this:
# `config.ini` is the config file, `test` is the config section you want to use
p3do kc add-mappers --auth_config config.ini --auth test <...other arguments...>
Note that you can override any configuration via CLI arguments:
# Override `admin` from `config.ini` with `admin2`
p3do kc add-mappers --auth_config config.ini --auth test --username admin2 <...other arguments...>
The configuration can also be partial:
[partial-test]
server=https://keycloak.example.com/auth/
username=admin
user_realm_name=master
Note that we don't specify a password
or realm_name
here. You can now invoke p3do
with
# Complete `partial-test` via arguments
p3do kc add-mappers --auth_config config.ini --auth partial-test --password password --realm_name my-other-app <...other arguments...>
You can also just invoke p3do
as before and will be asked interactively to fill out the missing pieces:
# No `password` or `realm_name` from `config.ini` or cli arguments
p3do kc add-mappers --auth_config config.ini --auth partial-test <...other arguments...>
# `p3do` will ask you to complete them interactively
Password: password
Realm_name: my-other-app
add-mappers
Add IdP mappers from a realm export .json
to a realm. The IdP must already
exist and correspond to the IdP name specified in the mapper config. Keycloak
does not import mapper configuration by itself (yet?).
# `realm-export.json` is the path the the export file
p3do kc add-mappers --auth_config config.ini --auth test realm-export.json
Contribute
p3do
is licensed under MIT and published to PyPI (including source). Do not
add sensitive company data. Any sensitive data has to be read from external
configuration files.
Contributors
All contributions are welcome. This can be new commands, improvements to the on-line help, documentation or spelling mistakes. Just open a PR with your changes. If your changes are larger, you find a bug but don't know how to fix it, or you are just unsure if your idea fits, open an issue on GitHub first.
Maintainers
The p3do
main branch is protected and PRs have to be approved by by
maintainers (code owners in GitHub lingo). Tooling like this can
easily grow out of control. Maintainers ensure that this is not happening to
p3do
. Here are some guidelines.
- Every command in
p3do
must have a well known and feasible (manual) alternative p3do
must not smear over too complicated process. If a process is too complicated fix the process.p3do
must not obfuscate processes. If knowledge about how things work isn't spread enough, spread it.p3do
must not gatekeep processes. It is not a mechanism for access management.p3do
believes in the competency of its users
Release Maintainers
Releases are pushed to PyPI. This requires a token with Maintainer or Owner status on PyPI.
Releases are automatically created and pushed by a GitHub Action when a tagged release is created in GitHub.
Repository and release maintainers is probably but not necessarily the same set of people.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file p3do-0.2.0.tar.gz
.
File metadata
- Download URL: p3do-0.2.0.tar.gz
- Upload date:
- Size: 9.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.1.13 CPython/3.10.5 Linux/5.13.0-1031-azure
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 1ec0a2427a99da492cef42d46fa24d7bb6d88ccfad5e925529ca17b0bff7658f |
|
MD5 | b2cd35d9d5a3fdbd0ec469d8cf5f927b |
|
BLAKE2b-256 | cfbb33a7d4c4ff764496319abc1ac449696e32ff6af5c1d4a38b8987cafe9074 |
File details
Details for the file p3do-0.2.0-py3-none-any.whl
.
File metadata
- Download URL: p3do-0.2.0-py3-none-any.whl
- Upload date:
- Size: 8.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.1.13 CPython/3.10.5 Linux/5.13.0-1031-azure
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 2e8831023229b44a04055ed35218ccd6611f3f4888043e577c5377e33ee51509 |
|
MD5 | 0e46155742f6ad25b71072ea2c807113 |
|
BLAKE2b-256 | a05936b9549401d8f49238921b31d8fb6ad52d6e5ac97bb7c16b77accdc51382 |