envdrift 4.2.1__py3-none-any.whl

envdrift/__init__.py

@@ -0,0 +1,30 @@
+"""Prevent environment variable drift with Pydantic schema validation.
+
+envdrift helps you:
+- Validate .env files against Pydantic schemas
+- Detect drift between environments (dev, staging, prod)
+- Integrate with pre-commit hooks and CI/CD pipelines
+- Support dotenvx encryption for secure .env files
+"""
+
+try:
+    from envdrift._version import __version__
+except ImportError:
+    # Fallback for editable installs before build
+    try:
+        from importlib.metadata import PackageNotFoundError, version
+    except ImportError:
+        # Very old Python without importlib.metadata
+        __version__ = "0.0.0+unknown"
+    else:
+        try:
+            __version__ = version("envdrift")
+        except PackageNotFoundError:
+            __version__ = "0.0.0+unknown"
+
+__author__ = "Jainal Gosaliya"
+__email__ = "gosaliya.jainal@gmail.com"
+
+from envdrift.api import diff, init, validate
+
+__all__ = ["__version__", "diff", "init", "validate"]

envdrift/_version.py

@@ -0,0 +1,34 @@
+# file generated by setuptools-scm
+# don't change, don't track in version control
+
+__all__ = [
+    "__version__",
+    "__version_tuple__",
+    "version",
+    "version_tuple",
+    "__commit_id__",
+    "commit_id",
+]
+
+TYPE_CHECKING = False
+if TYPE_CHECKING:
+    from typing import Tuple
+    from typing import Union
+
+    VERSION_TUPLE = Tuple[Union[int, str], ...]
+    COMMIT_ID = Union[str, None]
+else:
+    VERSION_TUPLE = object
+    COMMIT_ID = object
+
+version: str
+__version__: str
+__version_tuple__: VERSION_TUPLE
+version_tuple: VERSION_TUPLE
+commit_id: COMMIT_ID
+__commit_id__: COMMIT_ID
+
+__version__ = version = '4.2.1'
+__version_tuple__ = version_tuple = (4, 2, 1)
+
+__commit_id__ = commit_id = None

envdrift/api.py

@@ -0,0 +1,192 @@
+"""Core functionality for envdrift - high-level API functions."""
+
+from __future__ import annotations
+
+from pathlib import Path
+
+from envdrift.core.diff import DiffEngine, DiffResult
+from envdrift.core.parser import EnvParser
+from envdrift.core.schema import SchemaLoader
+from envdrift.core.validator import ValidationResult, Validator
+
+
+def validate(
+    env_file: Path | str = ".env",
+    schema: str | None = None,
+    service_dir: Path | str | None = None,
+    check_encryption: bool = True,
+) -> ValidationResult:
+    """
+    Validate an .env file against a Pydantic Settings class schema.
+
+    Parameters:
+        env_file: Path or string to the .env file to validate.
+        schema: Dotted path to the Pydantic Settings class (e.g., "app.config:Settings"); required.
+        service_dir: Optional directory to add to sys.path to assist importing the schema.
+        check_encryption: If true, perform additional checks for encrypted or sensitive values.
+
+    Returns:
+        ValidationResult: Result containing validation status and any issues found.
+
+    Raises:
+        ValueError: If `schema` is not provided.
+        FileNotFoundError: If the env file does not exist or cannot be read.
+        SchemaLoadError: If the specified schema cannot be imported or loaded.
+    """
+    if schema is None:
+        raise ValueError("schema is required. Example: 'app.config:Settings'")
+
+    env_file = Path(env_file)
+
+    # Parse env file
+    parser = EnvParser()
+    env = parser.parse(env_file)
+
+    # Load schema
+    loader = SchemaLoader()
+    settings_cls = loader.load(schema, service_dir)
+    schema_meta = loader.extract_metadata(settings_cls)
+
+    # Validate
+    validator = Validator()
+    return validator.validate(env, schema_meta, check_encryption=check_encryption)
+
+
+def diff(
+    env1: Path | str,
+    env2: Path | str,
+    schema: str | None = None,
+    service_dir: Path | str | None = None,
+    mask_values: bool = True,
+) -> DiffResult:
+    """
+    Compute differences between two .env files.
+
+    Parameters:
+        env1 (Path | str): Path to the first .env file.
+        env2 (Path | str): Path to the second .env file.
+        schema (str | None): Optional dotted path to a Pydantic Settings class used to identify sensitive fields.
+        service_dir (Path | str | None): Optional directory to add to imports when loading the schema.
+        mask_values (bool): If true, mask sensitive values in the resulting diff.
+
+    Returns:
+        DiffResult: Differences between the files, including added, removed, and changed variables. Sensitive values are masked when requested.
+
+    Raises:
+        FileNotFoundError: If either env1 or env2 does not exist.
+    """
+    env1 = Path(env1)
+    env2 = Path(env2)
+
+    # Parse env files
+    parser = EnvParser()
+    env_file1 = parser.parse(env1)
+    env_file2 = parser.parse(env2)
+
+    # Load schema if provided
+    schema_meta = None
+    if schema:
+        loader = SchemaLoader()
+        settings_cls = loader.load(schema, service_dir)
+        schema_meta = loader.extract_metadata(settings_cls)
+
+    # Diff
+    engine = DiffEngine()
+    return engine.diff(env_file1, env_file2, schema=schema_meta, mask_values=mask_values)
+
+
+def init(
+    env_file: Path | str = ".env",
+    output: Path | str = "settings.py",
+    class_name: str = "Settings",
+    detect_sensitive: bool = True,
+) -> Path:
+    """
+    Generate a Pydantic BaseSettings subclass file from an existing .env file.
+
+    Parses the provided env file, optionally detects variables that appear sensitive, and writes a Python module defining a Pydantic Settings class with inferred type hints and defaults. Sensitive fields are marked with `json_schema_extra={"sensitive": True}`.
+
+    Parameters:
+        env_file (Path | str): Path to the source .env file.
+        output (Path | str): Path where the generated Python module will be written.
+        class_name (str): Name to use for the generated Settings class.
+        detect_sensitive (bool): If True, attempt to detect sensitive variables and mark them in the generated fields.
+
+    Returns:
+        Path: The path to the written settings file.
+
+    Raises:
+        FileNotFoundError: If the specified env_file does not exist or cannot be read.
+    """
+    from envdrift.core.encryption import EncryptionDetector
+
+    env_file = Path(env_file)
+    output = Path(output)
+
+    # Parse env file
+    parser = EnvParser()
+    env = parser.parse(env_file)
+
+    # Detect sensitive variables if requested
+    detector = EncryptionDetector()
+    sensitive_vars = set()
+    if detect_sensitive:
+        for var_name, env_var in env.variables.items():
+            is_name_sens = detector.is_name_sensitive(var_name)
+            is_val_susp = detector.is_value_suspicious(env_var.value)
+            if is_name_sens or is_val_susp:
+                sensitive_vars.add(var_name)
+
+    # Generate settings class
+    lines = [
+        '"""Auto-generated Pydantic Settings class."""',
+        "",
+        "from pydantic import Field",
+        "from pydantic_settings import BaseSettings, SettingsConfigDict",
+        "",
+        "",
+        f"class {class_name}(BaseSettings):",
+        f'    """Settings generated from {env_file}."""',
+        "",
+        "    model_config = SettingsConfigDict(",
+        f'        env_file="{env_file}",',
+        '        extra="forbid",',
+        "    )",
+        "",
+    ]
+
+    for var_name, env_var in sorted(env.variables.items()):
+        is_sensitive = var_name in sensitive_vars
+
+        # Try to infer type from value
+        value = env_var.value
+        if value.lower() in ("true", "false"):
+            type_hint = "bool"
+            default_val = value.lower() == "true"
+        elif value.isdigit():
+            type_hint = "int"
+            default_val = int(value)
+        else:
+            type_hint = "str"
+            default_val = None
+
+        # Build field
+        if is_sensitive:
+            extra = 'json_schema_extra={"sensitive": True}'
+            if default_val is not None:
+                lines.append(
+                    f"    {var_name}: {type_hint} = Field(default={default_val!r}, {extra})"
+                )
+            else:
+                lines.append(f"    {var_name}: {type_hint} = Field({extra})")
+        else:
+            if default_val is not None:
+                lines.append(f"    {var_name}: {type_hint} = {default_val!r}")
+            else:
+                lines.append(f"    {var_name}: {type_hint}")
+
+    lines.append("")
+
+    # Write output
+    output.write_text("\n".join(lines))
+    return output

envdrift/cli.py

@@ -0,0 +1,42 @@
+"""Command-line interface for envdrift."""
+
+from __future__ import annotations
+
+import typer
+
+from envdrift.cli_commands.diff import diff
+from envdrift.cli_commands.encryption import decrypt_cmd, encrypt_cmd
+from envdrift.cli_commands.hook import hook
+from envdrift.cli_commands.init_cmd import init as init_cmd
+from envdrift.cli_commands.partial import pull_cmd as pull_partial_cmd
+from envdrift.cli_commands.partial import push as push_cmd
+from envdrift.cli_commands.sync import lock, pull, sync
+from envdrift.cli_commands.validate import validate
+from envdrift.cli_commands.vault import vault_push
+from envdrift.cli_commands.version import version
+
+app = typer.Typer(
+    name="envdrift",
+    help="Prevent environment variable drift with Pydantic schema validation.",
+    no_args_is_help=True,
+)
+
+app.command()(validate)
+app.command()(diff)
+app.command("encrypt")(encrypt_cmd)
+app.command("decrypt")(decrypt_cmd)
+app.command("init")(init_cmd)
+app.command()(hook)
+app.command()(sync)
+app.command()(pull)
+app.command()(lock)
+app.command("vault-push")(vault_push)
+app.command()(version)
+
+# Partial encryption commands
+app.command("push")(push_cmd)
+app.command("pull-partial")(pull_partial_cmd)
+
+
+if __name__ == "__main__":
+    app()

envdrift/cli_commands/__init__.py

@@ -0,0 +1 @@
+"""Command implementations for the envdrift CLI."""

envdrift/cli_commands/diff.py

@@ -0,0 +1,91 @@
+"""Diff command for envdrift."""
+
+from __future__ import annotations
+
+import json
+from pathlib import Path
+from typing import Annotated
+
+import typer
+
+from envdrift.core.diff import DiffEngine
+from envdrift.core.parser import EnvParser
+from envdrift.core.schema import SchemaLoader, SchemaLoadError
+from envdrift.output.rich import console, print_diff_result, print_error, print_warning
+
+
+def diff(
+    env1: Annotated[Path, typer.Argument(help="First .env file (e.g., .env.dev)")],
+    env2: Annotated[Path, typer.Argument(help="Second .env file (e.g., .env.prod)")],
+    schema: Annotated[
+        str | None,
+        typer.Option("--schema", "-s", help="Schema for sensitive field detection"),
+    ] = None,
+    service_dir: Annotated[
+        Path | None,
+        typer.Option("--service-dir", "-d", help="Service directory for imports"),
+    ] = None,
+    show_values: Annotated[
+        bool, typer.Option("--show-values", help="Don't mask sensitive values")
+    ] = False,
+    format_: Annotated[
+        str, typer.Option("--format", "-f", help="Output format: table (default), json")
+    ] = "table",
+    include_unchanged: Annotated[
+        bool, typer.Option("--include-unchanged", help="Include unchanged variables")
+    ] = False,
+) -> None:
+    """
+    Compare two .env files and display their differences.
+
+    Parameters:
+        env1 (Path): Path to the first .env file (e.g., .env.dev).
+        env2 (Path): Path to the second .env file (e.g., .env.prod).
+        schema (str | None): Optional dotted path to a Pydantic Settings class used to detect sensitive fields; if provided, the schema will be loaded for masking decisions.
+        service_dir (Path | None): Optional directory to add to import resolution when loading the schema.
+        show_values (bool): If True, do not mask sensitive values in the output.
+        format_ (str): Output format, either "table" (default) for human-readable output or "json" for machine-readable output.
+        include_unchanged (bool): If True, include variables that are unchanged between the two files in the output.
+    """
+    # Check files exist
+    if not env1.exists():
+        print_error(f"ENV file not found: {env1}")
+        raise typer.Exit(code=1)
+    if not env2.exists():
+        print_error(f"ENV file not found: {env2}")
+        raise typer.Exit(code=1)
+
+    # Load schema if provided
+    schema_meta = None
+    if schema:
+        loader = SchemaLoader()
+        try:
+            settings_cls = loader.load(schema, service_dir)
+            schema_meta = loader.extract_metadata(settings_cls)
+        except SchemaLoadError as e:
+            print_warning(f"Could not load schema: {e}")
+
+    # Parse env files
+    parser = EnvParser()
+    try:
+        env_file1 = parser.parse(env1)
+        env_file2 = parser.parse(env2)
+    except FileNotFoundError as e:
+        print_error(str(e))
+        raise typer.Exit(code=1) from None
+
+    # Diff
+    engine = DiffEngine()
+    result = engine.diff(
+        env_file1,
+        env_file2,
+        schema=schema_meta,
+        mask_values=not show_values,
+        include_unchanged=include_unchanged,
+    )
+
+    # Output
+    if format_ == "json":
+        console.print_json(json.dumps(engine.to_dict(result), indent=2))
+    else:
+        print_diff_result(result, show_unchanged=include_unchanged)