cloudflare-request-cert 0.1.1__tar.gz

cloudflare_request_cert-0.1.1/.env.example

@@ -0,0 +1,12 @@
+# Cloudflare API Token
+# Get this from: https://dash.cloudflare.com/profile/api-tokens
+# Required permissions: Zone:DNS:Edit, Zone:Zone:Read
+CLOUDFLARE_API_TOKEN=your_cloudflare_api_token_here
+
+# Domain and Email (optional - can also be passed as command line arguments)
+DOMAIN=example.com
+EMAIL=admin@example.com
+
+# Optional settings
+STAGING=0
+PROPAGATION_SECONDS=10

cloudflare_request_cert-0.1.1/.github/dependabot.yml

@@ -0,0 +1,35 @@
+# Dependabot configuration for cloudflare-request-cert
+# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  # Monitor Python dependencies in pyproject.toml
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+      time: "09:00"
+    open-pull-requests-limit: 10
+    labels:
+      - "dependencies"
+      - "python"
+    commit-message:
+      prefix: "deps"
+      prefix-development: "deps-dev"
+      include: "scope"
+
+  # Monitor GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+      time: "09:00"
+    open-pull-requests-limit: 5
+    labels:
+      - "dependencies"
+      - "github-actions"
+    commit-message:
+      prefix: "ci"
+      include: "scope"

cloudflare_request_cert-0.1.1/.github/workflows/ci.yml

@@ -0,0 +1,201 @@
+name: CI/CD
+
+permissions:
+  contents: write
+  id-token: write
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  release:
+    types: [published]
+  workflow_dispatch:
+
+jobs:
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+    if: github.event_name != 'release'
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v6
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v7
+        with:
+          enable-cache: true
+
+      - name: Set up Python
+        uses: actions/setup-python@v6
+        with:
+          python-version: "3.10"
+
+      - name: Install dependencies
+        run: uv sync --all-extras
+
+      - name: Run ruff check
+        run: uv run ruff check .
+
+      - name: Run ruff format check
+        run: uv run ruff format --check .
+
+  test:
+    name: Test (Python ${{ matrix.python-version }})
+    runs-on: ubuntu-latest
+    if: github.event_name != 'release'
+    strategy:
+      fail-fast: false
+      matrix:
+        python-version: ["3.10", "3.11", "3.12", "3.13", "3.14"]
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v6
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v7
+        with:
+          enable-cache: true
+
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v6
+        with:
+          python-version: ${{ matrix.python-version }}
+
+      - name: Install dependencies
+        run: uv sync --all-extras
+
+      - name: Run tests with coverage
+        run: |
+          uv run pytest tests/ \
+            --verbose \
+            --cov=. \
+            --cov-report=xml \
+            --cov-report=term-missing \
+            --cov-fail-under=80
+
+      - name: Upload coverage to Codecov
+        if: matrix.python-version == '3.14'
+        uses: codecov/codecov-action@v5
+        with:
+          files: ./coverage.xml
+          flags: unittests
+          name: codecov-umbrella
+          fail_ci_if_error: false
+          token: ${{ secrets.CODECOV_TOKEN }}
+
+  sbom:
+    name: SBOM
+    runs-on: ubuntu-latest
+    if: github.event_name != 'release'
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v6
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v7
+        with:
+          enable-cache: true
+
+      - name: Set up Python
+        uses: actions/setup-python@v6
+        with:
+          python-version: "3.10"
+
+      - name: Install dependencies
+        run: uv sync --all-extras
+
+      - name: Generate SBOM
+        run: make sbom
+
+      - name: Upload SBOM artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: sbom
+          path: bom.json
+
+      - name: GitHub Dependency Submission
+        uses: anchore/sbom-action@v0
+        with:
+          path: .
+          format: cyclonedx-json
+          output-file: anchore-bom.json
+          dependency-snapshot: true
+
+  all-checks:
+    name: All Checks Passed
+    if: always() && github.event_name != 'release'
+    needs: [lint, test, sbom]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check all jobs
+        run: |
+          if [[ "${{ needs.lint.result }}" != "success" ]] || [[ "${{ needs.test.result }}" != "success" ]] || [[ "${{ needs.sbom.result }}" != "success" ]]; then
+            echo "One or more checks failed"
+            exit 1
+          fi
+          echo "All checks passed!"
+
+  draft-release:
+    name: Draft Release
+    runs-on: ubuntu-latest
+    needs: [all-checks]
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v6
+        with:
+          fetch-depth: 0
+
+      - name: Get version
+        id: get_version
+        run: |
+          VERSION=$(grep '^version =' pyproject.toml | cut -d '"' -f 2)
+          echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+      - name: Check if tag exists
+        id: check_tag
+        run: |
+          if git rev-parse "v${{ steps.get_version.outputs.version }}" >/dev/null 2>&1; then
+            echo "exists=true" >> $GITHUB_OUTPUT
+          else
+            echo "exists=false" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Create Release Draft
+        if: steps.check_tag.outputs.exists == 'false'
+        uses: softprops/action-gh-release@v2
+        with:
+          tag_name: v${{ steps.get_version.outputs.version }}
+          name: v${{ steps.get_version.outputs.version }}
+          draft: true
+          generate_release_notes: true
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+  publish:
+    name: Build and Publish
+    runs-on: ubuntu-latest
+    if: github.event_name == 'release' && github.event.action == 'published'
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v6
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v7
+        with:
+          enable-cache: true
+
+      - name: Set up Python
+        uses: actions/setup-python@v6
+        with:
+          python-version: "3.10"
+
+      - name: Build package
+        run: make build
+
+      - name: Publish to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          packages-dir: dist/

cloudflare_request_cert-0.1.1/.gitignore

@@ -0,0 +1,70 @@
+# Python
+__pycache__/
+*.py[cod]
+*$py.class
+*.so
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+
+# Virtual environments
+.venv/
+venv/
+ENV/
+env/
+
+# uv
+.uv/
+
+# Testing
+.pytest_cache/
+.coverage
+htmlcov/
+.tox/
+
+# Linting
+.ruff_cache/
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# IDE
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+
+# Environment variables
+.env
+.env.local
+.env.*.local
+
+# Certificates (don't commit private keys!)
+*.pem
+*.key
+*.crt
+*.csr
+
+# OS
+.DS_Store
+Thumbs.db
+
+# Logs
+*.log
+
+# SBOM
+bom.json

cloudflare_request_cert-0.1.1/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Olof Hellqvist 
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

cloudflare_request_cert-0.1.1/Makefile

@@ -0,0 +1,92 @@
+.PHONY: help venv install sync dev run clean lint format check test build publish
+
+# Default target
+help:
+	@echo "Cloudflare Certificate Request Tool"
+	@echo ""
+	@echo "Available targets:"
+	@echo "  venv                 - Create virtual environment"
+	@echo "  install              - Install uv and sync dependencies (alias for venv)"
+	@echo "  sync                 - Sync dependencies with uv"
+	@echo "  dev                  - Install development dependencies"
+	@echo "  run                  - Run the certificate request tool"
+	@echo "  lint                 - Lint code with ruff"
+	@echo "  format               - Format code with ruff"
+	@echo "  check                - Run all checks (lint + format check)"
+	@echo "  test                 - Run tests"
+	@echo "  sbom                 - Generate SBOM (Software Bill of Materials)"
+	@echo "  build                - Build source and wheel distributions"
+	@echo "  publish              - Publish package to PyPI"
+	@echo "  clean                - Remove virtual environment and cache files"
+	@echo ""
+	@echo "Usage examples:"
+	@echo "  make run DOMAIN=example.com EMAIL=admin@example.com"
+	@echo "  make run DOMAIN=example.com EMAIL=admin@example.com STAGING=1"
+
+# Create virtual environment and install dependencies
+venv:
+	@command -v uv >/dev/null 2>&1 || { \
+		echo "Installing uv..."; \
+		curl -LsSf https://astral.sh/uv/install.sh | sh; \
+	}
+	@echo "Creating virtual environment and syncing dependencies..."
+	uv sync
+
+# Alias for venv
+install: venv
+
+# Sync dependencies
+sync:
+	uv sync
+
+# Install development dependencies
+dev:
+	uv sync --all-extras
+
+# Run the tool
+# Run the tool, forwarding DOMAIN, EMAIL, STAGING, etc. to Python
+run:
+	uv run python -m cloudflare_request_cert.main \
+		$(if $(DOMAIN),-d $(DOMAIN)) \
+		$(if $(EMAIL),-e $(EMAIL)) \
+		$(if $(STAGING),--staging)
+
+# Lint with ruff
+lint:
+	uv run ruff check .
+
+# Format code
+format:
+	uv run ruff format .
+
+# Run all checks
+check: lint
+	uv run ruff format --check .
+
+# Run tests
+test:
+	uv run pytest tests/ -v
+
+# Generate SBOM
+sbom:
+	uv run cyclonedx-py environment --output-file bom.json
+
+# Build package
+build:
+	uv build
+
+# Publish package
+publish: build
+	uv publish
+
+# Clean up
+clean:
+	rm -rf .venv/
+	rm -rf .ruff_cache/
+	rm -rf .pytest_cache/
+	rm -rf __pycache__/
+	rm -rf *.egg-info/
+	rm -rf dist/
+	find . -type d -name __pycache__ -exec rm -rf {} + 2>/dev/null || true
+	find . -type f -name "*.pyc" -delete
+	@echo "Cleaned up cache and virtual environment"