generate-config

This is an enc plumbing command.

Generate config files as per the supplied versions and keys.

This program populates the config file for easier parsing by other enc commands.

usage: enc generate-config [-h] [-v | -q] -i INPUT_FILE [-o OUTPUT_STREAM] -k KEY_FILE [{v0}]

Positional Arguments

config_version

Possible choices: v0

Optional parameter: Config version to generate the config for. config_version is usually picked-up from the input_file but can be supplied if another config version generation strategy is required.

Named Arguments

-v, --verbose

Specify verbosity level as -v, -vv or -vvv.

By default the VCS (Git) or OS call command logs are always displayed. For more fine grain tuning on the verbosity of logs use: -v to show INFO logs additionally. -vv to show INFO and DEBUG logs additionally. -vvv to show INFO, DEBUG and TRACE logs, this level also enables exception tracebacks.

-q, --quiet

Quiet logs as -q, -qq or -qqq.

By default the VCS (Git) or OS call command logs are always displayed. For more fine grain tuning on quietness of logs use: -q to Disable VCS (git) or OS call command logs and WARNINGS; ERROR and FATAL will still show. -qq to Additionally disable ERRORS; FATAL logs will still show. -qqq to Disable full logging.

-i

File to take as an input as generator config. Only readable files will be accepted. Since ‘-’ as a filename opens <stdin> and because we want to store the gen config for later use hence ‘-’ as a filename is not accepted. Likewise, Directories are also not accepted.

-o

File to write output into. Output is written to stdout if the value for this option is ‘-’ or not provided.

Default: -

-k, --key-file

Path to the key file. This file is used as a key/passphrase file to encrypt and decrypt the files/filenames for further usage. Only readable files will be accepted. Since ‘-’ as a filename opens <stdin> and because we want to store the key-file for later use hence ‘-’ as a filename is not accepted. Likewise, Directories are also not accepted.

Command Examples

gc is an alias of generate-config.

1) Normal run

Generate the config using key file, input config and output config path

enc gc -k {key_file} -i {config_gen_file} -o {dummy_file}

EncGCCLITest(command).run()

2) Can Output to stdout if -o option is absent

Outputs to stdout if -o option is absent.

enc gc -k {key_file} -i {config_gen_file} > {dummy_file}

StrictCLITest(command).run()

3) Can Output to stdout if -o option is -

Outputs to stdout if -o option is -.

enc gc -k {key_file} -i {config_gen_file} -o - > {dummy_file}

StrictCLITest(command).run()

4) Input File is mandatory in CLI argument

Input files must be always be provided.

enc gc -k {key_file}

EncGCCLITest(command).exits_with_err_code(ENC_ERR_INVALID_USAGE)

5) Does not accept input files from stdin

- argument to -i instructs program to read input-file from stdin and since input-file details are later required for encryption and hence - is disallowed as an input value for -i.

enc gc -i -

EncGCCLITest(command).exits_with_err_code(ENC_ERR_INVALID_USAGE)

6) Key File is mandatory in CLI argument

The config file may contain encryption and decryption keys which can use the key-file. This makes the key-file required in the CLI argument list.

enc gc -i {config_gen_file}

EncGCCLITest(command).exits_with_err_code(ENC_ERR_INVALID_USAGE)

7) Does not accept key files from stdin

- argument to -k/–key-file instructs program to read key-file from stdin and since key-file details are later required for encryption and hence - is disallowed as an input value for -k/–key-file.

enc gc -k -

EncGCCLITest(command).exits_with_err_code(ENC_ERR_INVALID_USAGE)

8) Does not accept non-existing key files

Absent key files obviously do not provide any keys which will disallow encryption/decryption of the vcs tree.

enc gc -k {non_existing_key_file}

EncGCCLITest(command).exits_with_err_code(ENC_ERR_INVALID_USAGE)

9) Can take inputs from config gen files and write to config files

Config gen files can be provided as inputs from CLI using the -i option. Similarly output can be written to a file passed to the -o option.

enc gc -k {key_file} -i {config_gen_file} -o {dummy_file}

EncGCCLITest(command).run()

10) Can write generated config file as output to to stdout using IO redirection

Config gen files can be written as outputs to stdout using IO redirection when -o option is absent.

enc generate-config -k {key_file} -i {config_gen_file} > {dummy_file}

StrictCLITest(command).run()

11) Does not accept unregistered config-versions

Only registered config-version:

1. v0 (default)

can be supplied.

enc gc --config-version unregistered -k {key_file}

EncGCCLITest(command).exits_with_err_code(ENC_ERR_INVALID_USAGE)

Examples for gen config

1) Correct run with full-featured sample gen-config

Full-featured sample gen-config: sample-correct-gen-config

enc gc -k {key_file} -i \"%(cfg_gen_file)s\" -o {dummy_file}

cfg_gen_file = full_path(pathlib.Path('generate-config-static', 'sample-correct-gen-config.ini'))
EncGCCLITest(command % dict(cfg_gen_file=cfg_gen_file)).run()

2) enc-file missing from file-name section

enc-file is the key which facilitates file encryption and/or scrambling and hence must be present in a file section.

# FAULTY config
# ; VERSION = v0
#
# Required ``enc-file`` key missing

# Multiple files can be specified by separating filenames by a | to indicate ORed pattern.
[.enc/.config|.enc/local.config]
# enc-file missing
dec-file=cat "%F"
enc-file-name=echo "%F"
dec-file-name=echo "%F"

enc gc -k {key_file} -i \"%(cfg_gen_file)s\" -o {dummy_file}

cfg_gen_file = full_path('generate-config-static/enc-file-key-missing-gen-config.ini')
EncGCCLITest(command % dict(cfg_gen_file=cfg_gen_file)).exits_with_err_code(ENC_ERR_DATA_FORMAT_ERR)

3) dec-file missing from file-name section

dec-file is the key which facilitates file decryption and/or descrambling and hence must be present in a file section.

# FAULTY config
# ; VERSION = v0
#
# Required ``dec-file`` key missing

# Multiple files can be specified by separating filenames by a | to indicate ORed pattern.
[.enc/.config|.enc/local.config]
enc-file=cat "%F"
# dec-file=cat "%F"
enc-file-name=echo "%F"
dec-file-name=echo "%F"

enc gc -k {key_file} -i \"%(cfg_gen_file)s\" -o {dummy_file}

cfg_gen_file = full_path('generate-config-static/dec-file-key-missing-gen-config.ini')
EncGCCLITest(command % dict(cfg_gen_file=cfg_gen_file)).exits_with_err_code(ENC_ERR_DATA_FORMAT_ERR)

4) dec-file-name missing from file-name section

dec-file-name is the key which facilitates filename decryption and/or descrambling and hence must be present in a file section.

# FAULTY config
# ; VERSION = v0
#
# Required ``dec-file-name`` key missing

[.enc/config]
enc-file=(enc manip randomize 10 io --per-line < "%F" | enc manip randomize 10 io | enc manip offset 2 io --per-line | gpg -ac --passphrase-file "%K" --batch | enc manip randomize 10 io | enc manip randomize 10 io --per-line) && cp ${ENC_DIR_NAME}/${REPO_GEN_CONFIG_FILE_NAME} ${ENCRYPT_DIR}/${ENC_DIR_NAME}/${REPO_GEN_CONFIG_FILE_NAME}
dec-file=enc manip randomize 10 io --per-line -i < "%F" | enc manip randomize 10 io -i | gpg -ad --passphrase-file "%K" --batch | enc manip offset 2 io -i --per-line | enc manip randomize 10 io -i | enc manip randomize 10 io -i --per-line
enc-file-name=echo "%F" | sed "s,/,/sx-xyx/le/,g" | enc manip randomize 18 io --per-line | awk -v prefix='.' '{print prefix$0}'
# dec-file-name key missing

enc gc -k {key_file} -i \"%(cfg_gen_file)s\" -o {dummy_file}

cfg_gen_file = full_path('generate-config-static/dec-filename-key-missing-gen-config.ini')
EncGCCLITest(command % dict(cfg_gen_file=cfg_gen_file)).exits_with_err_code(ENC_ERR_DATA_FORMAT_ERR)

5) enc-file-name missing from file-name section

enc-file-name is the key which facilitates filename encryption and/or scrambling and hence must be present in a file section.

# FAULTY config
# ; VERSION = v0
#
# Required ``enc-file-name`` key missing

[.enc/config]
enc-file=(enc manip randomize 10 io --per-line < "%F" | enc manip randomize 10 io | enc manip offset 2 io --per-line | gpg -ac --passphrase-file "%K" --batch | enc manip randomize 10 io | enc manip randomize 10 io --per-line) && cp ${ENC_DIR_NAME}/${REPO_GEN_CONFIG_FILE_NAME} ${ENCRYPT_DIR}/${ENC_DIR_NAME}/${REPO_GEN_CONFIG_FILE_NAME}
dec-file=enc manip randomize 10 io --per-line -i < "%F" | enc manip randomize 10 io -i | gpg -ad --passphrase-file "%K" --batch | enc manip offset 2 io -i --per-line | enc manip randomize 10 io -i | enc manip randomize 10 io -i --per-line
# enc-file-name key missing
dec-file-name=echo "%F" | cut -d '.' -f2- | enc manip randomize 18 io --per-line -i | sed "s,/sx-xyx/le/,/,g"

enc gc -k {key_file} -i \"%(cfg_gen_file)s\" -o {dummy_file}

cfg_gen_file = full_path('generate-config-static/enc-filename-key-missing-gen-config.ini')
EncGCCLITest(command % dict(cfg_gen_file=cfg_gen_file)).exits_with_err_code(ENC_ERR_DATA_FORMAT_ERR)

6) cipher-strategy missing from commit section

cipher-strategy is the key which facilitates commit related encryption and/or scrambling and hence must be present in a commit-related section.

# FAULTY config
# ; VERSION = v0
#
# Required ``cipher-strategy`` key missing

# Encrypt/Decrypt and/or Scramble/Descramble commit messages
# Strategies can read inputs from stdin and write to stdout
[<commit-message>|<commit-author-name>]
# cipher-strategy=enc randomize 10 io --per-line | enc randomize 10 io | enc offset 2 io --per-line
decipher-strategy=enc offset 2 io --per-line -i | enc randomize 10 io -i | enc randomize 10 io --per-line -i

enc gc -k {key_file} -i \"%(cfg_gen_file)s\" -o {dummy_file}

cfg_gen_file = full_path('generate-config-static/cipher-key-missing-gen-config.ini')
EncGCCLITest(command % dict(cfg_gen_file=cfg_gen_file)).exits_with_err_code(ENC_ERR_DATA_FORMAT_ERR)

7) decipher-strategy missing from commit section

decipher-strategy is the key which facilitates commit related decryption and/or descrambling and hence must be present in a commit-related section.

# FAULTY config
# ; VERSION = v0
#
# Required ``decipher-strategy`` key missing

# Encrypt/Decrypt and/or Scramble/Descramble commit messages
# Strategies can read inputs from stdin and write to stdout
[<commit-message>|<commit-author-name>]
cipher-strategy=enc randomize 10 io --per-line | enc randomize 10 io | enc offset 2 io --per-line
# decipher-strategy=enc offset 2 io --per-line -i | enc randomize 10 io -i | enc randomize 10 io --per-line -i

enc gc -k {key_file} -i \"%(cfg_gen_file)s\" -o {dummy_file}

cfg_gen_file = full_path('generate-config-static/decipher-key-missing-gen-config.ini')
EncGCCLITest(command % dict(cfg_gen_file=cfg_gen_file)).exits_with_err_code(ENC_ERR_DATA_FORMAT_ERR)

Command text in {} such as {non_existing_process_stage} and {key_file} are test fixtures. Check them out at ../_static/enc-cli-help.md.