fujin-cli 0.6.0__tar.gz → 0.7.0__tar.gz

fujin_cli-0.7.0/CHANGELOG.md

@@ -0,0 +1,18 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [0.7.0] - 2024-11-22
+
+### 🚀 Features
+
+- Inject secrets via bitwarden and 1password (#29)
+- Add certbot_email configuration for nginx
+
+### 🚜 Refactor
+
+- Move requirements copy to transfer_files
+
+<!-- generated by git-cliff -->

{fujin_cli-0.6.0 → fujin_cli-0.7.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: fujin-cli
-Version: 0.6.0
+Version: 0.7.0
 Summary: Get your project up and running in a few minutes on your own vps.
 Project-URL: Documentation, https://github.com/falcopackages/fujin#readme
 Project-URL: Issues, https://github.com/falcopackages/fujin/issues
@@ -21,36 +21,48 @@ Classifier: Programming Language :: Python :: Implementation :: PyPy
 Requires-Python: >=3.10
 Requires-Dist: cappa>=0.24
 Requires-Dist: fabric>=3.2.2
+Requires-Dist: gevent[recommended]>=24.11.1
 Requires-Dist: msgspec[toml]>=0.18.6
+Requires-Dist: python-dotenv>=1.0.1
 Requires-Dist: rich>=13.9.2
 Description-Content-Type: text/markdown
 
 # fujin
 
+> [!IMPORTANT]
+> This tool is currently contains minimal features and is a work-in-progress
+
+<!-- content:start -->
+
+`fujin` is a simple deployment tool that helps you get your project up and running on a VPS in minutes. It manages your app processes using [systemd](https://systemd.io) and runs your apps behind [caddy](https://caddyserver.com).
+
+[![Publish Package](https://github.com/falcopackages/fujin/actions/workflows/publish.yml/badge.svg)](https://github.com/falcopackages/fujin/actions/workflows/publish.yml)
 [![PyPI - Version](https://img.shields.io/pypi/v/fujin-cli.svg)](https://pypi.org/project/fujin-cli)
 [![PyPI - Python Version](https://img.shields.io/pypi/pyversions/fujin-cli.svg)](https://pypi.org/project/fujin-cli)
 [![MIT License](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/falcopackages/fujin/blob/main/LICENSE.txt)
 [![Status](https://img.shields.io/pypi/status/fujin-cli.svg)](https://pypi.org/project/fujin-cli)
------
 
-> [!IMPORTANT]
-> This package currently contains minimal features and is a work-in-progress
-
-<!-- content:start -->
+## Features
 
-`fujin` is a simple deployment tool that helps you get your project up and running on a VPS in a few minutes. It manages your app processes using `systemd` and runs your apps behind [caddy](https://caddyserver.com/). For Python projects, 
-it expects your app to be a packaged Python application ideally with a CLI entry point defined. For other languages, you need to provide a self-contained single executable file with all necessary dependencies.
-The main job of `fujin` is to bootstrap your server (installing caddy, etc.), copy the files onto the server with a structure that supports rollback, and automatically generate configs for systemd and caddy that you can manually edit if needed.
+- 🚀 One-command server bootstrap
+- 🔄 Rollback broken deployments
+- 🔐 Zero configuration SSL certificates
+- 🔁 Swappable proxy ([caddy](https://caddyserver.com), [nginx](https://nginx.org/en/) and `dummy` to disable proxy)
+- 🛠️ Secrets injection from password managers ([Bitwarden](https://bitwarden.com/), [1Password](https://1password.com), etc.)
+- 📝 Easily customizable `systemd` and `proxy` configurations
+- 👨‍💻 Remote application management and log streaming
+- 🐍 Supports packaged python apps and self-contained binaries
 
-Check out the [documentation📚](https://fujin.oluwatobi.dev/en/latest/) for installation, features, and usage guides.
+For more details, check out the [documentation📚](https://fujin.oluwatobi.dev/en/latest/).
 
 ## Why?
 
 I wanted [kamal](https://kamal-deploy.org/) but without Docker, and I thought the idea was fun. At its core, this project automates versions of this [tutorial](https://www.digitalocean.com/community/tutorials/how-to-set-up-django-with-postgres-nginx-and-gunicorn-on-ubuntu). If you've been a Django beginner 
-trying to get your app in production, you probably went through this. I'm using caddy instead of nginx because it's configurable via an API and it's is a no-brainer for SSL certificates. Systemd is the default on most Linux distributions and does a good enough job.
+trying to get your app in production, you probably went through this.
+
+I'm using `caddy` here by default instead of `nginx` because it's configurable via an API and it's is a no-brainer for SSL certificates. `Systemd` is the default on most Linux distributions and does a good enough job.
 
-Fujin was initially planned to be a Python-only project, but the core concepts can be applied to any language that can produce a single distributable file (e.g., Go, Rust). I wanted to recreate kamal's nice local-to-remote app management API, but I'm skipping Docker to keep things simple. 
-I'm currently rocking SQLite in production for my side projects and ths setup is enough for my use case.
+Fujin was initially planned to be a Python-only project, but the core concepts can be applied to any language that can produce a single distributable file (e.g., Go, Rust).
 
 The goal is to automate deployment while leaving you in full control of your Linux box. It's not a CLI PaaS - it's simple and expects you to be able to SSH into your server and troubleshoot if necessary. For beginners, it makes the initial deployment easier while you get your hands dirty with Linux.
 If you need a never-break, worry-free, set-it-and-forget-it setup that auto-scales and does all the magic, fujin probably isn't for you.
@@ -66,4 +78,4 @@ Fujin draws inspiration from the following tools for their developer experience.
 
 `fujin` is distributed under the terms of the [MIT](https://spdx.org/licenses/MIT.html) license.
 
-<!-- content:end -->
+<!-- content:end -->

{fujin_cli-0.6.0 → fujin_cli-0.7.0}/README.md

@@ -1,29 +1,39 @@
 # fujin
 
+> [!IMPORTANT]
+> This tool is currently contains minimal features and is a work-in-progress
+
+<!-- content:start -->
+
+`fujin` is a simple deployment tool that helps you get your project up and running on a VPS in minutes. It manages your app processes using [systemd](https://systemd.io) and runs your apps behind [caddy](https://caddyserver.com).
+
+[![Publish Package](https://github.com/falcopackages/fujin/actions/workflows/publish.yml/badge.svg)](https://github.com/falcopackages/fujin/actions/workflows/publish.yml)
 [![PyPI - Version](https://img.shields.io/pypi/v/fujin-cli.svg)](https://pypi.org/project/fujin-cli)
 [![PyPI - Python Version](https://img.shields.io/pypi/pyversions/fujin-cli.svg)](https://pypi.org/project/fujin-cli)
 [![MIT License](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/falcopackages/fujin/blob/main/LICENSE.txt)
 [![Status](https://img.shields.io/pypi/status/fujin-cli.svg)](https://pypi.org/project/fujin-cli)
------
 
-> [!IMPORTANT]
-> This package currently contains minimal features and is a work-in-progress
-
-<!-- content:start -->
+## Features
 
-`fujin` is a simple deployment tool that helps you get your project up and running on a VPS in a few minutes. It manages your app processes using `systemd` and runs your apps behind [caddy](https://caddyserver.com/). For Python projects, 
-it expects your app to be a packaged Python application ideally with a CLI entry point defined. For other languages, you need to provide a self-contained single executable file with all necessary dependencies.
-The main job of `fujin` is to bootstrap your server (installing caddy, etc.), copy the files onto the server with a structure that supports rollback, and automatically generate configs for systemd and caddy that you can manually edit if needed.
+- 🚀 One-command server bootstrap
+- 🔄 Rollback broken deployments
+- 🔐 Zero configuration SSL certificates
+- 🔁 Swappable proxy ([caddy](https://caddyserver.com), [nginx](https://nginx.org/en/) and `dummy` to disable proxy)
+- 🛠️ Secrets injection from password managers ([Bitwarden](https://bitwarden.com/), [1Password](https://1password.com), etc.)
+- 📝 Easily customizable `systemd` and `proxy` configurations
+- 👨‍💻 Remote application management and log streaming
+- 🐍 Supports packaged python apps and self-contained binaries
 
-Check out the [documentation📚](https://fujin.oluwatobi.dev/en/latest/) for installation, features, and usage guides.
+For more details, check out the [documentation📚](https://fujin.oluwatobi.dev/en/latest/).
 
 ## Why?
 
 I wanted [kamal](https://kamal-deploy.org/) but without Docker, and I thought the idea was fun. At its core, this project automates versions of this [tutorial](https://www.digitalocean.com/community/tutorials/how-to-set-up-django-with-postgres-nginx-and-gunicorn-on-ubuntu). If you've been a Django beginner 
-trying to get your app in production, you probably went through this. I'm using caddy instead of nginx because it's configurable via an API and it's is a no-brainer for SSL certificates. Systemd is the default on most Linux distributions and does a good enough job.
+trying to get your app in production, you probably went through this.
+
+I'm using `caddy` here by default instead of `nginx` because it's configurable via an API and it's is a no-brainer for SSL certificates. `Systemd` is the default on most Linux distributions and does a good enough job.
 
-Fujin was initially planned to be a Python-only project, but the core concepts can be applied to any language that can produce a single distributable file (e.g., Go, Rust). I wanted to recreate kamal's nice local-to-remote app management API, but I'm skipping Docker to keep things simple. 
-I'm currently rocking SQLite in production for my side projects and ths setup is enough for my use case.
+Fujin was initially planned to be a Python-only project, but the core concepts can be applied to any language that can produce a single distributable file (e.g., Go, Rust).
 
 The goal is to automate deployment while leaving you in full control of your Linux box. It's not a CLI PaaS - it's simple and expects you to be able to SSH into your server and troubleshoot if necessary. For beginners, it makes the initial deployment easier while you get your hands dirty with Linux.
 If you need a never-break, worry-free, set-it-and-forget-it setup that auto-scales and does all the magic, fujin probably isn't for you.
@@ -39,4 +49,4 @@ Fujin draws inspiration from the following tools for their developer experience.
 
 `fujin` is distributed under the terms of the [MIT](https://spdx.org/licenses/MIT.html) license.
 
-<!-- content:end -->
+<!-- content:end -->

fujin_cli-0.7.0/docs/changelog.rst

@@ -0,0 +1,2 @@
+.. include:: ../CHANGELOG.md
+   :parser: myst_parser.sphinx_

{fujin_cli-0.6.0 → fujin_cli-0.7.0}/docs/commands/deploy.rst

@@ -12,23 +12,25 @@ How it works
 
 Here's a high-level overview of what happens when you run the ``deploy`` command:
 
-1. **Build the Application**: Your application is built using the ``build_command`` specified in your configuration.
+1. **Resolve secrets**: If you have defined a ``secrets`` configuration, it will be used to retrieve pull the ``secrets`` defined in your ``envfile``.
 
-2. **Transfer Files**: The environment variables file (``.env``) and the distribution file are transferred to the remote server. Optionally transfers ``requirements`` file (if specified).
+2. **Build the Application**: Your application is built using the ``build_command`` specified in your configuration.
 
-3. **Install the Project**: Depending on the installation mode (Python package or binary), the project is installed on the remote server. For a Python package, a virtual environment is set up, dependencies are installed, and the distribution file (the wheel file) is then installed. For a binary, the binary file for the latest version is linked to the root of the application directory.
+3. **Transfer Files**: The environment variables file (``.env``) and the distribution file are transferred to the remote server. Optionally transfers ``requirements`` file (if specified).
 
-4. **Application Release**: If a ``release_command`` is specified in the configuration, it is executed at this stage. 
+4. **Install the Project**: Depending on the installation mode (Python package or binary), the project is installed on the remote server. For a Python package, a virtual environment is set up, dependencies are installed, and the distribution file (the wheel file) is then installed. For a binary, the binary file for the latest version is linked to the root of the application directory.
 
-5. **Configure and Start Services**: Configuration files for both ``systemd`` and the ``proxy`` (e.g., Caddy, by default) are generated or copied if previously exported. These configuration files are moved to their appropriate directories. A configuration reload is performed, and all relevant services are restarted.  
+5. **Application Release**: If a ``release_command`` is specified in the configuration, it is executed at this stage. 
 
-6. **Update Version History**: The deployed version is recorded in the ``.versions`` file on the remote server.
+6. **Configure and Start Services**: Configuration files for both ``systemd`` and the ``proxy`` (e.g., Caddy, by default) are generated or copied if previously exported. These configuration files are moved to their appropriate directories. A configuration reload is performed, and all relevant services are restarted.  
 
-7. **Prune Old Assets**: Old versions of the application are removed based on the ``versions_to_keep`` configuration.
+7. **Update Version History**: The deployed version is recorded in the ``.versions`` file on the remote server.
 
-8. **Completion**: A success message is displayed, and the URL to access the deployed project is provided.
+8. **Prune Old Assets**: Old versions of the application are removed based on the ``versions_to_keep`` configuration.
 
-Below is an example file layout and structure of the deployed application:
+9. **Completion**: A success message is displayed, and the URL to access the deployed project is provided.
+
+Below is an example of the layout and structure of a deployed application:
 
 .. tab-set::
 
@@ -63,5 +65,4 @@ Below is an example file layout and structure of the deployed application:
             ├── v1.2.2/
             │   └── ...
             └── v1.2.1/
-                └── ...
-         
+                └── ...

{fujin_cli-0.6.0 → fujin_cli-0.7.0}/docs/commands/index.rst

@@ -15,10 +15,10 @@ Commands
    docs
    down
    init
+   printenv
    prune
    proxy
    redeploy
    rollback
-   secrets
    server
    up

fujin_cli-0.6.0/docs/commands/secrets.rst → fujin_cli-0.7.0/docs/commands/printenv.rst

@@ -1,7 +1,7 @@
 secrets
 =======
 
-.. cappa:: fujin.commands.secrets.Secrets
+.. cappa:: fujin.commands.printenv.Printenv
    :style: terminal
    :terminal-width: 0
 

fujin_cli-0.7.0/docs/index.rst

@@ -0,0 +1,30 @@
+fujin documentation
+===================
+
+
+.. important::
+
+   This a work in progress, not ready for production use yet.
+
+.. raw:: html
+
+   <script src="https://asciinema.org/a/687274.js" id="asciicast-687274" async="true"></script>
+
+.. include:: ../README.md
+   :parser: myst_parser.sphinx_
+   :start-after: <!-- content:start -->
+   :end-before: <!-- content:end -->
+
+.. toctree::
+   :maxdepth: 2
+   :caption: Contents:
+   :hidden:
+
+   installation
+   tutorial
+   configuration
+   commands/index
+   secrets
+   hooks
+   changelog
+

fujin_cli-0.7.0/docs/installation.rst

@@ -0,0 +1,23 @@
+Installation
+============
+
+If you have `uv <https://docs.astral.sh/uv/getting-started/installation/>`_ installed, run:
+
+.. code-block:: shell
+
+    uv tool install fujin-cli
+
+If not, download a binary version from the GitHub `releases page <https://github.com/falcopackages/fujin/releases>`_ and move the downloaded file
+to a directory in your PATH.
+
+Here is an example of how to install the binary on x86 macOS:
+
+.. code-block:: shell
+
+    curl -LsSfO https://github.com/falcopackages/fujin/releases/download/v0.6.0/fujin_cli-x86_64-osx
+    chmod +x fujin_cli-x86_64-osx
+    mv fujin_cli-x86_64-osx /usr/local/bin/fujin
+
+.. note::
+
+    If you install ``fujin`` via the GitHub release, you can keep it up to date with ``fujin self update``.

fujin_cli-0.7.0/docs/requirements.txt

@@ -0,0 +1,138 @@
+# This file was autogenerated by uv via the following command:
+#    uv export --no-hashes --group docs --format requirements-txt
+-e .
+alabaster==1.0.0
+annotated-types==0.7.0
+anyio==4.6.2.post1
+appnope==0.1.4 ; platform_system == 'Darwin'
+asgiref==3.8.1
+astroid==3.3.5
+asttokens==2.4.1
+attrs==24.2.0
+babel==2.16.0
+bcrypt==4.2.0
+beautifulsoup4==4.12.3
+bleach==6.2.0
+bracex==2.5.post1
+bump-my-version==0.28.0
+cappa==0.24.0
+certifi==2024.8.30
+cffi==1.17.1
+charset-normalizer==3.4.0
+click==8.1.7
+colorama==0.4.6
+comm==0.2.2
+cryptography==43.0.1
+debugpy==1.8.7
+decorator==5.1.1
+defusedxml==0.7.1
+deprecated==1.2.14
+django==5.1.2
+docutils==0.21.2
+exceptiongroup==1.2.2 ; python_full_version < '3.11'
+executing==2.1.0
+fabric==3.2.2
+faker==30.8.1
+fastapi==0.115.4
+fastjsonschema==2.20.0
+git-cliff==2.6.1
+h11==0.14.0
+httpcore==1.0.6
+httpx==0.27.2
+idna==3.10
+imagesize==1.4.1
+invoke==2.2.0
+ipykernel==6.29.5
+ipython==8.18.0
+ipywidgets==8.1.5
+jedi==0.19.1
+jinja2==3.1.4
+jsonschema==4.23.0
+jsonschema-specifications==2024.10.1
+jupyter-client==8.6.3
+jupyter-core==5.7.2
+jupyter-sphinx==0.5.3
+jupyterlab-pygments==0.3.0
+jupyterlab-widgets==3.0.13
+litestar==2.12.1
+markdown-it-py==3.0.0
+markupsafe==3.0.2
+matplotlib-inline==0.1.7
+mdit-py-plugins==0.4.2
+mdurl==0.1.2
+mistune==3.0.2
+msgspec==0.18.6
+multidict==6.1.0
+myst-parser==4.0.0
+nbclient==0.10.0
+nbconvert==7.16.4
+nbformat==5.10.4
+nest-asyncio==1.6.0
+packaging==24.1
+pandocfilters==1.5.1
+paramiko==3.5.0
+parso==0.8.4
+pexpect==4.9.0 ; sys_platform != 'win32'
+platformdirs==4.3.6
+polyfactory==2.17.0
+prompt-toolkit==3.0.36
+psutil==6.1.0
+ptyprocess==0.7.0 ; sys_platform != 'win32'
+pure-eval==0.2.3
+pycparser==2.22
+pydantic==2.9.2
+pydantic-core==2.23.4
+pydantic-settings==2.6.0
+pygments==2.18.0
+pynacl==1.5.0
+python-dateutil==2.9.0.post0
+python-dotenv==1.0.1
+pywin32==308 ; platform_python_implementation != 'PyPy' and sys_platform == 'win32'
+pyyaml==6.0.2
+pyzmq==26.2.0
+questionary==2.0.1
+referencing==0.35.1
+requests==2.32.3
+rich==13.9.2
+rich-click==1.8.3
+rpds-py==0.20.1
+setuptools==75.5.0
+shibuya==2024.10.15
+six==1.16.0
+sniffio==1.3.1
+snowballstemmer==2.2.0
+soupsieve==2.6
+sphinx==8.1.3
+sphinx-autobuild==2024.10.3
+sphinx-autodoc2==0.5.0
+sphinx-copybutton==0.5.2
+sphinx-design==0.6.1
+sphinx-togglebutton==0.3.2
+sphinxcontrib-applehelp==2.0.0
+sphinxcontrib-devhelp==2.0.0
+sphinxcontrib-htmlhelp==2.1.0
+sphinxcontrib-jsmath==1.0.1
+sphinxcontrib-qthelp==2.0.0
+sphinxcontrib-serializinghtml==2.0.0
+sqlparse==0.5.1
+stack-data==0.6.3
+starlette==0.41.0
+tinycss2==1.4.0
+tomli==2.0.2 ; python_full_version < '3.11'
+tomli-w==1.1.0
+tomlkit==0.13.2
+tornado==6.4.1
+traitlets==5.14.3
+type-lens==0.2.3
+typing-extensions==4.12.2
+tzdata==2024.2 ; sys_platform == 'win32'
+urllib3==2.2.3
+uvicorn==0.32.0
+watchfiles==0.24.0
+wcmatch==10.0
+wcwidth==0.2.13
+webencodings==0.5.1
+websockets==13.1
+wheel==0.45.0
+widgetsnbextension==4.0.13
+wrapt==1.16.0

fujin_cli-0.7.0/docs/secrets.rst

@@ -0,0 +1,50 @@
+Secrets  
+=======  
+
+Bitwarden  
+---------  
+
+First, download and install the `Bitwarden CLI <https://bitwarden.com/help/cli/#download-and-install>`_. Make sure to log in to your account.  
+You should be able to run ``bw get password <name_of_secret>`` and get the value for the secret. This is the command that will be executed when pulling your secrets.  
+
+Add the following to your ``fujin.toml`` file:  
+
+.. code-block:: toml  
+
+    [secrets]  
+    adapter = "bitwarden"  
+    password_env = "BW_PASSWORD"  
+
+To unlock the Bitwarden vault, the password is required. You can set the ``BW_PASSWORD`` environment variable in your shell, which will be used to unlock the vault.  
+When Fujin signs in, it will always sync the vault first.  
+
+Alternatively, you can set the ``BW_SESSION`` environment variable. If ``BW_SESSION`` is present, Fujin will use it directly without signing in or syncing the vault. In this case, the ``password_env`` configuration is not required.  
+
+.. code-block:: text  
+    :caption: Example of an environment file with Bitwarden secrets  
+
+    DEBUG=False  
+    AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID  
+    AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY  
+
+Note the ``$`` sign, which indicates to ``fujin`` that it is a secret.  
+
+1Password  
+---------  
+
+Download and install the `1Password CLI <https://developer.1password.com/docs/cli>`_, and sign in to your account.  
+You need to be actively signed in for Fujin to work with 1Password.  
+
+Update your ``fujin.toml`` file with the following configuration:  
+
+.. code-block:: toml  
+
+    [secrets]  
+    adapter = "1password"  
+
+.. code-block:: text  
+    :caption: Example of an environment file with 1Password secrets  
+
+    DEBUG=False  
+    AWS_ACCESS_KEY_ID=$op://personal/aws-access-key-id/password  
+    AWS_SECRET_ACCESS_KEY=$op://personal/aws-secret-access-key/password  

{fujin_cli-0.6.0 → fujin_cli-0.7.0}/justfile

@@ -49,7 +49,7 @@ fujin *ARGS:
     uv run --group docs sphinx-autobuild docs docs/_build/html --port 8002 --watch src/fujin
 
 @docs-requirements:
-    uv export --group docs --format requirements-txt > docs/requirements.txt
+    uv export --no-hashes --group docs --format requirements-txt > docs/requirements.txt
 
 # -------------------------------------------------------------------------
 # RELEASE UTILITIES

{fujin_cli-0.6.0 → fujin_cli-0.7.0}/pyproject.toml

@@ -7,7 +7,7 @@ requires = [
 
 [project]
 name = "fujin-cli"
-version = "0.6.0"
+version = "0.7.0"
 description = "Get your project up and running in a few minutes on your own vps."
 readme = "README.md"
 keywords = [
@@ -40,7 +40,9 @@ classifiers = [
 dependencies = [
   "cappa>=0.24",
   "fabric>=3.2.2",
+  "gevent[recommended]>=24.11.1",
   "msgspec[toml]>=0.18.6",
+  "python-dotenv>=1.0.1",
   "rich>=13.9.2",
 ]
 
@@ -152,7 +154,7 @@ lint.isort.required-imports = [
 lint.pyupgrade.keep-runtime-typing = true
 
 [tool.bumpversion]
-current_version = "0.6.0"
+current_version = "0.7.0"
 parse = "(?P<major>\\d+)\\.(?P<minor>\\d+)\\.(?P<patch>\\d+)"
 serialize = [
   "{major}.{minor}.{patch}",

{fujin_cli-0.6.0 → fujin_cli-0.7.0}/src/fujin/__main__.py

@@ -1,3 +1,7 @@
+from gevent import monkey
+
+monkey.patch_all()
+
 import shlex
 import sys
 from pathlib import Path
@@ -16,6 +20,7 @@ from fujin.commands.redeploy import Redeploy
 from fujin.commands.rollback import Rollback
 from fujin.commands.server import Server
 from fujin.commands.up import Up
+from fujin.commands.printenv import Printenv
 
 if sys.version_info >= (3, 11):
     import tomllib
@@ -38,6 +43,7 @@ class Fujin:
         | Down
         | Rollback
         | Prune
+        | Printenv
     ]
 
 

{fujin_cli-0.6.0 → fujin_cli-0.7.0}/src/fujin/commands/deploy.py

@@ -7,6 +7,7 @@ import cappa
 
 from fujin.commands import BaseCommand
 from fujin.config import InstallationMode
+from fujin.secrets import resolve_secrets
 from fujin.connection import Connection
 
 
@@ -15,14 +16,16 @@ from fujin.connection import Connection
 )
 class Deploy(BaseCommand):
     def __call__(self):
+        parsed_env = self.parse_envfile()
         self.build_app()
 
         with self.connection() as conn:
             process_manager = self.create_process_manager(conn)
             conn.run(f"mkdir -p {self.app_dir}")
+            conn.run(f"mkdir -p {self.versioned_assets_dir}")
             with conn.cd(self.app_dir):
                 self.create_hook_manager(conn).pre_deploy()
-                self.transfer_files(conn)
+                self.transfer_files(conn, env=parsed_env)
                 self.install_project(conn)
             with self.app_environment() as app_conn:
                 self.release(app_conn)
@@ -48,16 +51,31 @@ class Deploy(BaseCommand):
     def versioned_assets_dir(self) -> str:
         return f"{self.app_dir}/v{self.config.version}"
 
-    def transfer_files(self, conn: Connection):
+    def parse_envfile(self) -> str:
         if not self.config.host.envfile.exists():
             raise cappa.Exit(f"{self.config.host.envfile} not found", code=1)
-        conn.put(str(self.config.host.envfile), f"{self.app_dir}/.env")
-        conn.run(f"mkdir -p {self.versioned_assets_dir}")
+        if self.config.secret_config:
+            self.stdout.output("[blue]Reading secrets....[/blue]")
+            return resolve_secrets(self.config.host.envfile, self.config.secret_config)
+        return self.config.host.envfile.read_text()
+
+    def transfer_files(
+        self, conn: Connection, env: str, skip_requirements: bool = False
+    ):
+        conn.run(f"echo '{env}' > {self.app_dir}/.env")
         distfile_path = self.config.get_distfile_path()
         conn.put(
             str(distfile_path),
             f"{self.versioned_assets_dir}/{distfile_path.name}",
         )
+        if not skip_requirements and self.config.requirements:
+            requirements = Path(self.config.requirements)
+            if not requirements.exists():
+                raise cappa.Exit(f"{self.config.requirements} not found", code=1)
+            conn.put(
+                Path(self.config.requirements).resolve(),
+                f"{self.versioned_assets_dir}/requirements.txt",
+            )
 
     def install_project(
         self, conn: Connection, version: str | None = None, *, skip_setup: bool = False
@@ -71,14 +89,6 @@ class Deploy(BaseCommand):
     def _install_python_package(
         self, conn: Connection, version: str, skip_setup: bool = False
     ):
-        if not skip_setup and self.config.requirements:
-            requirements = Path(self.config.requirements)
-            if not requirements.exists():
-                raise cappa.Exit(f"{self.config.requirements} not found", code=1)
-            conn.put(
-                Path(self.config.requirements).resolve(),
-                f"{self.versioned_assets_dir}/requirements.txt",
-            )
         appenv = f"""
 set -a  # Automatically export all variables
 source .env

fujin_cli-0.7.0/src/fujin/commands/printenv.py

@@ -0,0 +1,16 @@
+import cappa
+
+from fujin.commands import BaseCommand
+from fujin.secrets import resolve_secrets
+
+
+@cappa.command(
+    help="Print the content of the envfile with extracted secrets (for debugging)"
+)
+class Printenv(BaseCommand):
+    def __call__(self):
+        if self.config.secret_config:
+            result = resolve_secrets(self.config.host.envfile, self.config.secret_config)
+        else:
+            result = self.config.host.envfile.read_text()
+        self.stdout.output(result)

{fujin_cli-0.6.0 → fujin_cli-0.7.0}/src/fujin/commands/redeploy.py

@@ -15,13 +15,17 @@ from fujin.connection import Connection
 class Redeploy(BaseCommand):
     def __call__(self):
         deploy = Deploy()
+        parsed_env = deploy.parse_envfile()
         deploy.build_app()
 
         with self.app_environment() as conn:
             hook_manager = self.create_hook_manager(conn)
             hook_manager.pre_deploy()
-            deploy.transfer_files(conn)
+            conn.run(f"mkdir -p {deploy.versioned_assets_dir}")
             requirements_copied = self._copy_requirements_if_needed(conn)
+            deploy.transfer_files(
+                conn, env=parsed_env, skip_requirements=requirements_copied
+            )
             deploy.install_project(conn, skip_setup=requirements_copied)
             deploy.release(conn)
             self.create_process_manager(conn).restart_services()