augint-github 1.0.0__tar.gz

augint_github-1.0.0/PKG-INFO

@@ -0,0 +1,40 @@
+Metadata-Version: 2.3
+Name: augint-github
+Version: 1.0.0
+Summary: GitHub tools for Augmenting Integrations
+License: AGPL-3.0-only
+Author: Samuel Vange
+Author-email: 7166607+svange@users.noreply.github.com
+Requires-Python: >=3.12,<4.0
+Classifier: License :: OSI Approved :: GNU Affero General Public License v3
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Requires-Dist: click (>=8.1.8,<9.0.0)
+Requires-Dist: loguru (>=0.7.3,<0.8.0)
+Requires-Dist: pygithub (>=2.5.0,<3.0.0)
+Requires-Dist: python-dotenv (>=1.0.1,<2.0.0)
+Requires-Dist: rich (>=13.9.4,<14.0.0)
+Project-URL: Homepage, https://github.com/svange/augint-github
+Description-Content-Type: text/markdown
+
+# Augmenting Integrations GitHub Tools
+![ci status](https://github.com/svange/augint-github/actions/workflows/pipeline.yaml/badge.svg?branch=main)
+
+![PyPI - Version](https://img.shields.io/pypi/v/openbrain)
+[![License: AGPL v3](https://img.shields.io/badge/License-AGPL_v3-blue.svg)](https://www.gnu.org/licenses/agpl-3.0)[![Ruff](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json)](https://github.com/astral-sh/ruff)
+<a href="https://github.com/psf/black"><img alt="Code style: black" src="https://img.shields.io/badge/code%20style-black-000000.svg"></a>
+[![Conventional Commits](https://img.shields.io/badge/Conventional%20Commits-1.0.0-yellow.svg?style=flat-square)](https://conventionalcommits.org)
+[![pre-commit](https://img.shields.io/badge/pre--commit-enabled-brightgreen?style=flat-square&logo=pre-commit&logoColor=white)](https://github.com/pre-commit/pre-commit)
+[![Made with GH Actions](https://img.shields.io/badge/CI-GitHub_Actions-blue?logo=github-actions&logoColor=white)](https://github.com/features/actions "Go to GitHub Actions homepage")
+[![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg)](https://github.com/semantic-release/semantic-release)
+
+# Variables and Secrets
+Push variables and secrets from .env to GH Actions.
+
+
+Here is a draft for a `README.md` section that provides a general overview of the `LeadmoApiV1` class, its capabilities, and usage examples:
+
+---
+
+

augint_github-1.0.0/README.md

@@ -0,0 +1,19 @@
+# Augmenting Integrations GitHub Tools
+![ci status](https://github.com/svange/augint-github/actions/workflows/pipeline.yaml/badge.svg?branch=main)
+
+![PyPI - Version](https://img.shields.io/pypi/v/openbrain)
+[![License: AGPL v3](https://img.shields.io/badge/License-AGPL_v3-blue.svg)](https://www.gnu.org/licenses/agpl-3.0)[![Ruff](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json)](https://github.com/astral-sh/ruff)
+<a href="https://github.com/psf/black"><img alt="Code style: black" src="https://img.shields.io/badge/code%20style-black-000000.svg"></a>
+[![Conventional Commits](https://img.shields.io/badge/Conventional%20Commits-1.0.0-yellow.svg?style=flat-square)](https://conventionalcommits.org)
+[![pre-commit](https://img.shields.io/badge/pre--commit-enabled-brightgreen?style=flat-square&logo=pre-commit&logoColor=white)](https://github.com/pre-commit/pre-commit)
+[![Made with GH Actions](https://img.shields.io/badge/CI-GitHub_Actions-blue?logo=github-actions&logoColor=white)](https://github.com/features/actions "Go to GitHub Actions homepage")
+[![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg)](https://github.com/semantic-release/semantic-release)
+
+# Variables and Secrets
+Push variables and secrets from .env to GH Actions.
+
+
+Here is a draft for a `README.md` section that provides a general overview of the `LeadmoApiV1` class, its capabilities, and usage examples:
+
+---
+

augint_github-1.0.0/pyproject.toml

@@ -0,0 +1,237 @@
+[tool.poetry]
+name = "augint-github"
+version = "1.0.0"
+description = "GitHub tools for Augmenting Integrations"
+authors = ["Samuel Vange <7166607+svange@users.noreply.github.com>"]
+readme = "README.md"
+license = "AGPL-3.0-only"
+homepage = "https://github.com/svange/augint-github"
+packages = [
+    { include = "*", from = "src" },
+]
+
+[tool.poetry.scripts]
+ai-gh-push = "gh_secrets_and_vars_async:cli"
+
+[tool.poetry.plugins."commitizen.plugin"] # completely untested
+cz_conventional_commits = "commitizen.cz.conventional_commits:ConventionalCommitsCz"
+#cz_jira = "commitizen.cz.jira:JiraSmartCz"
+cz_customize = "commitizen.cz.customize:CustomizeCommitsCz"
+cargo = "commitizen.providers:CargoProvider"
+commitizen = "commitizen.providers:CommitizenProvider"
+composer = "commitizen.providers:ComposerProvider"
+npm = "commitizen.providers:NpmProvider"
+pep621 = "commitizen.providers:Pep621Provider"
+poetry = "commitizen.providers:PoetryProvider"
+scm = "commitizen.providers:ScmProvider"
+
+
+[tool.poetry.group.dev.dependencies]
+pytest = "^8.3.4"
+pytest-html = "^4.1.1"
+pytest-cov = "^6.0.0"
+
+[tool.semantic_release]
+major_on_zero = false
+commit_message = "chore(release): release {version}"
+
+[tool.semantic_release.branches.main]
+match = "main"
+#commit_message = "chore(release): release {version}"
+prerelease = false
+
+[tool.semantic_release.branches.dev]
+match = "dev"
+#commit_message = "chore(pre-release): release {version}"
+prerelease_token = "dev"
+prerelease = true
+
+version_toml = [
+    "pyproject.toml:tool.poetry.version",
+]
+version_variable = [
+    "__init__.py:__version__",
+]
+build_command = "pip install poetry && poetry build"
+#logging_use_named_masks = true
+#major_on_zero = true
+tag_format = "v{version}"
+#exclude_commit_patterns = [
+#    'skip: ',
+#]
+
+[tool.semantic_release.publish]
+dist_glob_patterns = ["dist/*"]
+upload_to_vcs_release = true
+type = "github"
+
+[tool.semantic_release.remote.token]
+env = "GITHUB_TOKEN"
+fallback_env = "GH_TOKEN"
+
+
+
+[tool.commitizen]
+name = "cz_conventional_commits"
+tag_format = "v$version"
+version_scheme = "SemVer"
+version_provider = "poetry" #"scm"
+update_changelog_on_bump = true
+major_version_zero = true
+#version = "3.9.1"
+#version_files = [
+#  "pyproject.toml:version",
+#  "openbrain/__version__.py",
+#  ".pre-commit-config.yaml:rev:.+Openbrain",
+#]
+
+[tool.poetry.plugins."commitizen.scheme"]
+pep440 = "commitizen.version_schemes:Pep440"
+semver = "commitizen.version_schemes:SemVer"
+
+[tool.poetry.dependencies]
+python = "^3.12"
+click = "^8.1.8"
+python-dotenv = "^1.0.1"
+rich = "^13.9.4"
+loguru = "^0.7.3"
+pygithub = "^2.5.0"
+
+
+[tool.coverage] # not tested
+[tool.coverage.report]
+show_missing = true
+exclude_lines = [
+    # Have to re-enable the standard pragma
+    'pragma: no cover',
+    # Don't complain about missing debug-only code:
+    'def __repr__',
+    'if self\.debug',
+    # Don't complain if tests don't hit defensive assertion code:
+    'raise AssertionError',
+    'raise NotImplementedError',
+    # Don't complain if non-runnable code isn't run:
+    'if 0:',
+    'if __name__ == .__main__.:',
+    'if TYPE_CHECKING:',
+]
+omit = [
+    'env/*',
+    'venv/*',
+    '.venv/*',
+    '*/virtualenv/*',
+    '*/virtualenvs/*',
+    '*/tests/*',
+]
+
+[tool.pytest.ini_options]
+addopts = '-m "not redundant and not skip_ci" --html=report.html --self-contained-html'
+log_cli = true
+log_cli_level = "INFO"
+log_format = "%(asctime)s %(levelname)s %(message)s"
+log_date_format = "%Y-%m-%d %H:%M:%S"
+log_file = "pytest.log"
+log_file_level = "INFO"
+#environment_table_redact_list = ".*key.*"
+#render_collapsed = "failed,error"
+markers = [
+    "redudant: mark test as redundant",
+    "end_to_end: mark test as an end-to-end test, meant for running in CI/CD against a live environment",
+    "no_infra: mark test as not requiring infrastructure, intended for running in CI/CD against local web server (to the runner)",
+    "skip_ci: mark as not suitable for ci",
+]
+
+[tool.ruff]
+line-length = 130
+lint.ignore = [
+    "E501",
+    "D1",
+    "D415"
+]
+# Enable pycodestyle (`E`) and Pyflakes (`F`) codes by default.
+lint.select = ["E", "F"]
+
+[tool.lint.isort]
+known-first-party = ["commitizen", "tests"]
+
+[tool.lint.pydocstyle]
+convention = "restructuredtext"
+
+[tool.mypy]
+files = "commitizen"
+disallow_untyped_decorators = true
+disallow_subclassing_any = true
+warn_return_any = true
+warn_redundant_casts = true
+warn_unused_ignores = true
+warn_unused_configs = true
+
+[[tool.mypy.overrides]]
+module = "py.*"  # Legacy pytest dependencies
+ignore_missing_imports = true
+
+[tool.black]
+line-length = 130
+target-version = ['py312']
+include = '\.pyi?$'
+exclude = '''
+/(
+    \.git
+| \.hg
+| \.mypy_cache
+| \.tox
+| \.venv
+| _build
+| buck-out
+| build
+)/
+'''
+
+[tool.flake8]
+max-line-length = 130
+extend-ignore = ["D203", "E203", "E251", "E266", "E302", "E305", "E401", "E402", "E501", "F401", "F403", "W503"]
+exclude = [".git", "__pycache__", "dist"]
+max-complexity = 10
+
+[tool.isort]
+atomic = true
+profile = "black"
+line_length = 130
+skip_gitignore = true
+
+# Allow autofix for all enabled rules (when `--fix`) is provided.
+fixable = ["A", "B", "C", "D", "E", "F", "G", "I", "N", "Q", "S", "T", "W", "ANN", "ARG", "BLE", "COM", "DJ", "DTZ", "EM", "ERA", "EXE", "FBT", "ICN", "INP", "ISC", "NPY", "PD", "PGH", "PIE", "PL", "PT", "PTH", "PYI", "RET", "RSE", "RUF", "SIM", "SLF", "TCH", "TID", "TRY", "UP", "YTT"]
+unfixable = []
+
+# Exclude a variety of commonly ignored directories.
+exclude = [
+    ".bzr",
+    ".direnv",
+    ".eggs",
+    ".git",
+    ".git-rewrite",
+    ".hg",
+    ".mypy_cache",
+    ".nox",
+    ".pants.d",
+    ".pytype",
+    ".ruff_cache",
+    ".svn",
+    ".tox",
+    ".venv",
+    "__pypackages__",
+    "_build",
+    "buck-out",
+    "build",
+    "dist",
+    "node_modules",
+    "venv",
+]
+
+# Same as Black.
+line-length = 130
+
+# Allow unused variables when underscore-prefixed.
+dummy-variable-rgx = "^(_+|(_+[a-zA-Z0-9_]*[a-zA-Z0-9]+?))$"
+
+target-version = "py312"

augint_github-1.0.0/src/gh_secrets_and_vars_async.py

@@ -0,0 +1,178 @@
+import asyncio
+import os
+from pathlib import Path
+
+import click
+import github.GithubException
+from dotenv import load_dotenv
+from github import Github, Auth
+from github.Repository import Repository
+from github.GithubException import UnknownObjectException
+from rich import print
+from loguru import logger
+
+
+@click.command()
+@click.option("--verbose", "-v", is_flag=True, help="Print all the output.")
+@click.option("--dry-run", "-d", is_flag=True, help="Run through the process, but make no changes to GitHub.")
+@click.argument("filename", type=click.Path(exists=True, readable=True), default=".env")
+def cli(verbose: bool, dry_run: bool, filename: click.Path):
+    """
+    Update GitHub repository secrets and environment variables from a .env file. Requires the values for `GH_REPO`, `GH_ACCOUNT`, and `GH_TOKEN` in your .env file. This script finds sensitive key/value pairs in FILENAME (by looking for substrins like KEY, TOKEN, SECRET, etc. in the key name) and updates the GitHub repository secrets with them. It then updates the GitHub repository environment variables with the remaining key/value pairs.
+    """
+
+    if dry_run:
+        logger.info("Dry run mode enabled. No changes will be made to GitHub.")
+    results = asyncio.run(perform_update(filename, verbose, dry_run))
+    if verbose:
+        print(results)
+    total_secrets = len(results["SECRETS"])
+    total_vars = len(results["VARIABLES"])
+    print(f"Updated {total_secrets} secrets and {total_vars} variables.")
+
+
+async def perform_update(filename: click.Path, verbose: bool = False, dry_run: bool = False):
+    """
+    Performs the update of the GitHub repository secrets and environment variables.
+    :param filename: file to use for secrets, variables, and github repo
+    :return:
+    """
+    if not filename:
+        raise ValueError("No filename specified. Exiting to avoid an accident.")
+
+    load_dotenv(str(filename), override=True)
+    github_repo = os.environ.get("GH_REPO", None)
+    github_account = os.environ.get("GH_ACCOUNT", None)
+
+    file_path = Path(filename.__str__())
+    # Read the .env file and convert it to a JSON object
+    secrets = {}
+    not_secrets = {}
+    SECRETS_INDICATORS = ["secret", "key", "token", "bearer", "password", "pass", "pwd", "pword", "hash"]
+    logger.debug(f"Reading file {file_path}")
+
+    with file_path.open("r") as file:
+        for line in file:
+            line = line.strip()
+            if not line or line.startswith("#") or line.startswith(";") or "=" not in line:
+                continue
+            key, value = line.strip().split("=", 1)
+
+            match key:
+                case key if key.startswith("AWS_PROFILE"):
+                    continue
+                case key if any(indicator in key.casefold() for indicator in SECRETS_INDICATORS):
+                    secrets[key] = value
+                case _:
+                    not_secrets[key] = value
+
+    try:
+        repo = get_github_repo(github_account, github_repo)
+    except github.GithubException as e:
+        logger.critical(f"Repo {github_repo} not found. Ensure GH_REPO and GH_ACCOUNT are in your env file.")
+        exit(1)
+
+    secret_update_result = await create_or_update_github_secrets(repo=repo, env_data=secrets, dry_run=dry_run)
+    not_secret_update_result = await create_or_update_github_variables(repo=repo, env_data=not_secrets, dry_run=dry_run)
+
+    results = {"SECRETS": secret_update_result, "VARIABLES": not_secret_update_result}
+
+    return results
+
+
+def get_github_repo(github_account, github_repo_name) -> Repository:
+    """
+    Get the GitHub repository object.
+    :param github_account: Name of your GitHub account (i.e. your username), or the name of the organization.
+    :param github_repo_name: Name of the repository.
+    :return: a GitHub repository object
+    """
+    auth = Auth.Token(os.environ.get("GH_TOKEN", None))
+    g = Github(auth=auth)
+    try:
+        repo = g.get_user(github_account).get_repo(github_repo_name)
+    except UnknownObjectException as e:
+        logger.critical(e)
+        repo = g.get_organization(github_account).get_repo(github_repo_name)
+        logger.critical("You must add GH_USER to your env file.")
+
+    return repo
+
+
+async def create_or_update_github_secrets(repo, env_data, dry_run: bool = False):
+    """
+    Create or update GitHub repository secrets.
+    :param dry_run: run through the process, but make no changes to GitHub
+    :param repo: the repository on which to operate
+    :param env_data: the secrets and their values in a dictionary
+    :return: list of results
+    """
+    secrets = await asyncio.to_thread(repo.get_secrets)
+    secret_names = [secret.name for secret in secrets]
+    dry_run_prefix = "[DRY RUN] " if dry_run else ""
+
+    tasks = []
+    for env_var_name, env_var_value in env_data.items():
+        # Create or update secrets
+        if env_var_name in secret_names:
+            logger.info(f"{dry_run_prefix}Updating secret {env_var_name}...")
+            tasks.append(asyncio.to_thread(repo.create_secret, env_var_name, env_var_value))
+        else:
+            logger.info(f"{dry_run_prefix}Creating secret {env_var_name}...")
+            tasks.append(asyncio.to_thread(repo.create_secret, env_var_name, env_var_value))
+
+    for secret_name in secret_names:
+        if secret_name not in env_data.keys():
+            logger.info(f"{dry_run_prefix}Deleting secret {secret_name}...")
+            tasks.append(asyncio.to_thread(repo.delete_secret, secret_name))
+
+    if dry_run:
+        results = [secret for secret in secrets]
+    else:
+        results = await asyncio.gather(*tasks)
+    return results
+
+
+async def create_or_update_github_variables(repo, env_data, dry_run: bool = False):
+    """
+    Create or update GitHub repository environment variables.
+    :param repo: the repository on which to operate
+    :param dry_run: run through the process, but make no changes to GitHub
+    :param env_data: the secrets and their values in a dictionary
+    :return: list of results
+    """
+    vars = await asyncio.to_thread(repo.get_variables)
+    var_names = [var.name for var in vars]
+    dry_run_prefix = "[DRY RUN] " if dry_run else ""
+
+    tasks = []
+    for env_var_name, env_var_value in env_data.items():
+        # Create or update secrets
+        if env_var_name in var_names:
+            logger.info(f"{dry_run_prefix}Updating variable {env_var_name}...")
+
+            def delete_then_create_variable(repo, env_var_name, env_var_value):
+                repo.delete_variable(env_var_name)
+                return repo.create_variable(env_var_name, env_var_value)
+
+            # tasks.append(asyncio.to_thread(repo.delete_variable, env_var_name))
+            tasks.append(asyncio.to_thread(delete_then_create_variable, repo, env_var_name, env_var_value))
+        else:
+            logger.info(f"{dry_run_prefix}Creating variable {env_var_name}...")
+            tasks.append(asyncio.to_thread(repo.create_variable, env_var_name, env_var_value))
+
+    for var_name in var_names:
+        if var_name not in env_data.keys():
+            logger.info(f"{dry_run_prefix}Deleting variable {var_name}...")
+            tasks.append(asyncio.to_thread(repo.delete_variable, var_name))
+
+    if dry_run:
+        results = [var for var in vars]
+    else:
+        results = await asyncio.gather(*tasks)
+
+    return results
+
+
+if __name__ == "__main__":
+    cli()