envdrift 4.2.1__py3-none-any.whl

envdrift/integrations/precommit.py

@@ -0,0 +1,266 @@
+"""Pre-commit hook integration for envdrift."""
+
+from __future__ import annotations
+
+from pathlib import Path
+
+# Pre-commit hook configuration template
+HOOK_CONFIG = """# envdrift pre-commit hooks
+# Add this to your .pre-commit-config.yaml
+
+repos:
+  - repo: local
+    hooks:
+      - id: envdrift-validate
+        name: Validate env files against schema
+        entry: envdrift validate --ci
+        language: system
+        files: ^\\.env\\.(production|staging|development)$
+        pass_filenames: true
+        description: Validates .env files match Pydantic schema
+
+      - id: envdrift-encryption
+        name: Check env encryption status
+        entry: envdrift encrypt --check
+        language: system
+        files: ^\\.env\\.(production|staging)$
+        pass_filenames: true
+        description: Ensures sensitive .env files are encrypted
+"""
+
+# Minimal hook entry for injection
+HOOK_ENTRY = {
+    "repo": "local",
+    "hooks": [
+        {
+            "id": "envdrift-validate",
+            "name": "Validate env files against schema",
+            "entry": "envdrift validate --ci",
+            "language": "system",
+            "files": r"^\.env\.(production|staging|development)$",
+            "pass_filenames": True,
+        },
+        {
+            "id": "envdrift-encryption",
+            "name": "Check env encryption status",
+            "entry": "envdrift encrypt --check",
+            "language": "system",
+            "files": r"^\.env\.(production|staging)$",
+            "pass_filenames": True,
+        },
+    ],
+}
+
+
+def get_hook_config() -> str:
+    """
+    Provide the default pre-commit hook configuration template for envdrift.
+
+    Returns:
+        The YAML string containing the pre-commit configuration for envdrift hooks.
+    """
+    return HOOK_CONFIG
+
+
+def find_precommit_config(start_dir: Path | None = None) -> Path | None:
+    """
+    Locate a .pre-commit-config.yaml file by searching the given directory and its parents.
+
+    Parameters:
+        start_dir (Path | None): Directory to start the search from. If None, the current working directory is used.
+
+    Returns:
+        Path | None: Path to the first .pre-commit-config.yaml found while walking upward, or `None` if no file is found.
+    """
+    if start_dir is None:
+        start_dir = Path.cwd()
+
+    current = start_dir.resolve()
+
+    while True:
+        config_path = current / ".pre-commit-config.yaml"
+        if config_path.exists():
+            return config_path
+        if current == current.parent:
+            # Reached filesystem root
+            break
+        current = current.parent
+
+    return None
+
+
+def install_hooks(
+    config_path: Path | None = None,
+    create_if_missing: bool = True,
+) -> bool:
+    """Install envdrift hooks to .pre-commit-config.yaml.
+
+    Args:
+        config_path: Path to pre-commit config (auto-detected if None)
+        create_if_missing: Create config file if it doesn't exist
+
+    Returns:
+        True if hooks were installed/updated
+
+    Raises:
+        FileNotFoundError: If config not found and create_if_missing=False
+    """
+    try:
+        import yaml
+    except ImportError:
+        raise ImportError(
+            "PyYAML is required for pre-commit integration. Install with: pip install pyyaml"
+        )
+
+    # Find or create config
+    if config_path is None:
+        config_path = find_precommit_config()
+
+    if config_path is None:
+        if create_if_missing:
+            config_path = Path.cwd() / ".pre-commit-config.yaml"
+        else:
+            raise FileNotFoundError(
+                ".pre-commit-config.yaml not found. "
+                "Run from repository root or specify --config path."
+            )
+
+    # Load existing config or create new
+    if config_path.exists():
+        content = config_path.read_text()
+        config = yaml.safe_load(content) or {}
+    else:
+        config = {}
+
+    # Initialize repos list if needed
+    if "repos" not in config:
+        config["repos"] = []
+
+    # Check if envdrift hooks already exist
+    has_envdrift = False
+    for repo in config["repos"]:
+        if repo.get("repo") == "local":
+            hooks = repo.get("hooks", [])
+            for hook in hooks:
+                if hook.get("id", "").startswith("envdrift-"):
+                    has_envdrift = True
+                    break
+
+    # Add hooks if not present
+    if not has_envdrift:
+        # Find existing local repo or create new one
+        local_repo = None
+        for repo in config["repos"]:
+            if repo.get("repo") == "local":
+                local_repo = repo
+                break
+
+        if local_repo:
+            # Add to existing local repo
+            if "hooks" not in local_repo:
+                local_repo["hooks"] = []
+            local_repo["hooks"].extend(HOOK_ENTRY["hooks"])
+        else:
+            # Add new local repo entry
+            config["repos"].append(HOOK_ENTRY)
+
+    # Write config
+    with open(config_path, "w") as f:
+        yaml.dump(config, f, default_flow_style=False, sort_keys=False)
+
+    return True
+
+
+def uninstall_hooks(config_path: Path | None = None) -> bool:
+    """
+    Remove any envdrift hooks from a .pre-commit-config.yaml file.
+
+    Parameters:
+        config_path (Path | None): Path to the pre-commit config file. If None, the repository tree is searched upward to locate .pre-commit-config.yaml.
+
+    Returns:
+        bool: `True` if one or more envdrift hooks were removed and the file was updated, `False` otherwise.
+
+    Raises:
+        ImportError: If PyYAML is not available.
+    """
+    try:
+        import yaml
+    except ImportError:
+        raise ImportError("PyYAML is required for pre-commit integration.")
+
+    if config_path is None:
+        config_path = find_precommit_config()
+
+    if config_path is None or not config_path.exists():
+        return False
+
+    content = config_path.read_text()
+    config = yaml.safe_load(content) or {}
+
+    if "repos" not in config:
+        return False
+
+    modified = False
+
+    for repo in config["repos"]:
+        if repo.get("repo") == "local":
+            hooks = repo.get("hooks", [])
+            original_count = len(hooks)
+
+            # Remove envdrift hooks
+            repo["hooks"] = [
+                hook for hook in hooks if not hook.get("id", "").startswith("envdrift-")
+            ]
+
+            if len(repo["hooks"]) != original_count:
+                modified = True
+
+    if modified:
+        # Remove empty local repos
+        config["repos"] = [
+            repo
+            for repo in config["repos"]
+            if not (repo.get("repo") == "local" and not repo.get("hooks"))
+        ]
+
+        with open(config_path, "w") as f:
+            yaml.dump(config, f, default_flow_style=False, sort_keys=False)
+
+    return modified
+
+
+def verify_hooks_installed(config_path: Path | None = None) -> dict[str, bool]:
+    """
+    Check which envdrift pre-commit hooks are present in a given pre-commit configuration.
+
+    Parameters:
+        config_path (Path | None): Path to a .pre-commit-config.yaml file. If None, the file is searched for by walking up from the current working directory.
+
+    Returns:
+        dict[str, bool]: Mapping of hook id to installation status: `{"envdrift-validate": bool, "envdrift-encryption": bool}`. Returns both `False` if the config file is missing or unreadable, or if the PyYAML package is not available.
+    """
+    try:
+        import yaml
+    except ImportError:
+        return {"envdrift-validate": False, "envdrift-encryption": False}
+
+    if config_path is None:
+        config_path = find_precommit_config()
+
+    if config_path is None or not config_path.exists():
+        return {"envdrift-validate": False, "envdrift-encryption": False}
+
+    content = config_path.read_text()
+    config = yaml.safe_load(content) or {}
+
+    result = {"envdrift-validate": False, "envdrift-encryption": False}
+
+    for repo in config.get("repos", []):
+        if repo.get("repo") == "local":
+            for hook in repo.get("hooks", []):
+                hook_id = hook.get("id", "")
+                if hook_id in result:
+                    result[hook_id] = True
+
+    return result

envdrift/integrations/sops.py

@@ -0,0 +1,85 @@
+"""SOPS installer helpers for optional auto-install."""
+
+from __future__ import annotations
+
+import json
+import platform
+import stat
+import urllib.request
+from pathlib import Path
+
+from envdrift.integrations.dotenvx import get_platform_info, get_venv_bin_dir
+
+
+class SopsInstallError(Exception):
+    """Failed to install SOPS."""
+
+    pass
+
+
+def _load_constants() -> dict:
+    constants_path = Path(__file__).parent.parent / "constants.json"
+    with open(constants_path) as f:
+        return json.load(f)
+
+
+def _get_sops_version() -> str:
+    return _load_constants()["sops_version"]
+
+
+def _get_download_url_templates() -> dict[str, str]:
+    return _load_constants()["sops_download_urls"]
+
+
+SOPS_VERSION = _get_sops_version()
+
+_URL_TEMPLATES = _get_download_url_templates()
+SOPS_DOWNLOAD_URLS = {
+    ("Darwin", "x86_64"): _URL_TEMPLATES["darwin_amd64"],
+    ("Darwin", "arm64"): _URL_TEMPLATES["darwin_arm64"],
+    ("Linux", "x86_64"): _URL_TEMPLATES["linux_amd64"],
+    ("Linux", "aarch64"): _URL_TEMPLATES["linux_arm64"],
+    ("Windows", "AMD64"): _URL_TEMPLATES["windows_amd64"],
+    ("Windows", "x86_64"): _URL_TEMPLATES["windows_amd64"],
+}
+
+
+def get_sops_path() -> Path:
+    bin_dir = get_venv_bin_dir()
+    binary_name = "sops.exe" if platform.system() == "Windows" else "sops"
+    return bin_dir / binary_name
+
+
+class SopsInstaller:
+    """Install SOPS binary to the virtual environment or user bin directory."""
+
+    def __init__(self, version: str = SOPS_VERSION):
+        self.version = version
+
+    def _get_download_url(self) -> str:
+        system, machine = get_platform_info()
+        template = SOPS_DOWNLOAD_URLS.get((system, machine))
+        if not template:
+            raise SopsInstallError(f"Unsupported platform: {system} {machine}")
+        return template.format(version=self.version)
+
+    def install(self, target_path: Path | None = None) -> Path:
+        if target_path is None:
+            target_path = get_sops_path()
+
+        target_path.parent.mkdir(parents=True, exist_ok=True)
+        url = self._get_download_url()
+        tmp_path = target_path.with_suffix(target_path.suffix + ".download")
+
+        try:
+            urllib.request.urlretrieve(url, tmp_path)  # nosec B310
+            if platform.system() != "Windows":
+                st = tmp_path.stat()
+                tmp_path.chmod(st.st_mode | stat.S_IEXEC)
+            tmp_path.replace(target_path)
+        except Exception as e:  # nosec B110
+            if tmp_path.exists():
+                tmp_path.unlink()
+            raise SopsInstallError(f"Failed to install SOPS: {e}") from e
+
+        return target_path

envdrift/output/__init__.py

@@ -0,0 +1,21 @@
+"""Output formatting modules."""
+
+from envdrift.output.rich import (
+    console,
+    print_diff_result,
+    print_encryption_report,
+    print_error,
+    print_success,
+    print_validation_result,
+    print_warning,
+)
+
+__all__ = [
+    "console",
+    "print_diff_result",
+    "print_encryption_report",
+    "print_error",
+    "print_success",
+    "print_validation_result",
+    "print_warning",
+]