ots-containers 0.3.0__py3-none-any.whl → 0.3.1__py3-none-any.whl

ots_containers/__init__.py

@@ -1,3 +1,5 @@
 # src/ots_containers/__init__.py
 
-__version__ = "0.2.2"
+from importlib.metadata import version
+
+__version__ = version("ots-containers")

ots_containers/commands/README.md

@@ -12,10 +12,10 @@ ots-containers <topic> <command> [identifiers] [flags]
 
 Three container types, each with explicit naming:
 
-| Type | Systemd Unit | Identifier | Use |
-|------|--------------|------------|-----|
-| `web` | `onetime-web@{port}` | Port number | HTTP servers |
-| `worker` | `onetime-worker@{id}` | Name or number | Background jobs |
+| Type        | Systemd Unit             | Identifier     | Use             |
+| ----------- | ------------------------ | -------------- | --------------- |
+| `web`       | `onetime-web@{port}`     | Port number    | HTTP servers    |
+| `worker`    | `onetime-worker@{id}`    | Name or number | Background jobs |
 | `scheduler` | `onetime-scheduler@{id}` | Name or number | Scheduled tasks |
 
 ## Command Syntax
@@ -39,14 +39,14 @@ ots instances logs --scheduler -f   # only scheduler logs
 
 Each topic is a separate module with its own `cyclopts.App`:
 
-| Topic | Purpose |
-|-------|---------|
-| `instance` | Container lifecycle and runtime control |
-| `service` | Native systemd services (Valkey, Redis) |
-| `image` | Container image management |
-| `assets` | Static asset management |
-| `cloudinit` | Cloud-init configuration generation |
-| `env` | Environment file management |
+| Topic       | Purpose                                 |
+| ----------- | --------------------------------------- |
+| `instance`  | Container lifecycle and runtime control |
+| `service`   | Native systemd services (Valkey, Redis) |
+| `image`     | Container image management              |
+| `assets`    | Static asset management                 |
+| `cloudinit` | Cloud-init configuration generation     |
+| `env`       | Environment file management             |
 
 To add a new topic, create a module and register it in `cli.py`.
 
@@ -55,24 +55,28 @@ To add a new topic, create a module and register it in `cli.py`.
 Commands are categorized by their impact:
 
 ### High-level (affects config + state)
+
 Commands that modify quadlet templates, database records, or both:
+
 - `deploy`, `redeploy`, `undeploy`
 
 These commands should document their config impact in the docstring.
 
 ### Low-level (runtime control only)
+
 Commands that only interact with systemd, no config changes:
+
 - `start`, `stop`, `restart`, `status`, `logs`, `enable`, `disable`, `exec`
 
 These commands should explicitly state they do NOT refresh config.
 
 ## Naming Conventions
 
-| Pattern | Example | Use for |
-|---------|---------|---------|
-| Verb | `deploy`, `sync` | Actions |
-| `--flag` | `--force`, `--yes` | Boolean options |
-| `--option VALUE` | `--delay 5`, `--lines 50` | Value options |
+| Pattern            | Example                            | Use for                 |
+| ------------------ | ---------------------------------- | ----------------------- |
+| Verb               | `deploy`, `sync`                   | Actions                 |
+| `--flag`           | `--force`, `--yes`                 | Boolean options         |
+| `--option VALUE`   | `--delay 5`, `--lines 50`          | Value options           |
 | `--type` shortcuts | `--web`, `--worker`, `--scheduler` | Instance type selection |
 
 ## Default Commands

ots_containers/commands/assets.py

@@ -1,4 +1,5 @@
 # src/ots_containers/commands/assets.py
+
 """Asset management commands for OTS containers."""
 
 from typing import Annotated

ots_containers/commands/cloudinit/app.py

@@ -1,4 +1,5 @@
 # src/ots_containers/commands/cloudinit/app.py
+
 """Cloud-init configuration generation commands.
 
 Generates cloud-init YAML with Debian 13 (Trixie) DEB822-style apt sources.
@@ -74,7 +75,10 @@ def generate(
             "Warning: --include-postgresql specified but no --postgresql-key provided",
             file=sys.stderr,
         )
-        print("PostgreSQL repository will use inline key placeholder", file=sys.stderr)
+        print(
+            "PostgreSQL repository will use inline key placeholder",
+            file=sys.stderr,
+        )
 
     if include_valkey and valkey_key:
         valkey_gpg = Path(valkey_key).read_text()

ots_containers/commands/cloudinit/templates.py

@@ -1,4 +1,5 @@
 # src/ots_containers/commands/cloudinit/templates.py
+
 """Cloud-init configuration templates with Debian 13 DEB822 apt sources."""
 
 

ots_containers/commands/common.py

@@ -1,4 +1,5 @@
 # src/ots_containers/commands/common.py
+
 """Shared CLI annotations for consistency across commands.
 
 All common flags use long+short forms for consistency:

ots_containers/commands/env/app.py

@@ -1,4 +1,5 @@
 # src/ots_containers/commands/env/app.py
+
 """Environment file management commands.
 
 Process environment files to extract secrets and prepare for container deployment.
@@ -274,7 +275,10 @@ def quadlet_lines(
     parsed = EnvFile.parse(path)
 
     if not parsed.secret_variable_names:
-        print("Error: No SECRET_VARIABLE_NAMES defined in environment file.", file=sys.stderr)
+        print(
+            "Error: No SECRET_VARIABLE_NAMES defined in environment file.",
+            file=sys.stderr,
+        )
         return 1
 
     secrets, messages = extract_secrets(parsed)

ots_containers/commands/image/app.py

@@ -1,4 +1,5 @@
 # src/ots_containers/commands/image/app.py
+
 """Image management commands for OTS containers.
 
 Supports pulling from multiple registries:
@@ -33,12 +34,12 @@ app = cyclopts.App(
 @app.command
 def pull(
     tag: Annotated[
-        str,
+        str | None,
         cyclopts.Parameter(
             name=["--tag", "-t"],
-            help="Image tag to pull (e.g., v0.23.0, latest)",
+            help="Image tag to pull (default: from TAG env var)",
         ),
-    ],
+    ] = None,
     image: Annotated[
         str,
         cyclopts.Parameter(
@@ -60,6 +61,13 @@ def pull(
             help="Pull from private registry (uses configured OTS_REGISTRY)",
         ),
     ] = False,
+    platform: Annotated[
+        str | None,
+        cyclopts.Parameter(
+            name=["--platform", "-p"],
+            help="Target platform (e.g., linux/amd64, linux/arm64)",
+        ),
+    ] = None,
     quiet: Quiet = False,
 ):
     """Pull a container image from registry.
@@ -67,11 +75,19 @@ def pull(
     Examples:
         ots image pull --tag v0.23.0
         ots image pull --tag latest --current
+        TAG=dev ots image pull                  # Use TAG env var
         ots image pull --tag v0.23.0 --image docker.io/onetimesecret/onetimesecret
         ots image pull --tag v0.23.0 --private  # Pull from private registry
+        ots image pull --tag dev --platform linux/amd64  # Pull amd64 on Apple Silicon
     """
     cfg = Config()
 
+    # Resolve tag from env var if not provided
+    resolved_tag = tag or cfg.tag
+    if not resolved_tag:
+        print("Error: --tag is required (or set TAG env var)")
+        raise SystemExit(1)
+
     # Use private registry if requested
     if private:
         if not cfg.private_image:
@@ -79,20 +95,23 @@ def pull(
             raise SystemExit(1)
         image = cfg.private_image
 
-    full_image = f"{image}:{tag}"
+    full_image = f"{image}:{resolved_tag}"
 
     if not quiet:
         print(f"Pulling {full_image}...")
 
     try:
         # Use auth file for authenticated registries
-        podman.pull(
-            full_image,
-            authfile=str(cfg.registry_auth_file),
-            check=True,
-            capture_output=True,
-            text=True,
-        )
+        pull_kwargs = {
+            "authfile": str(cfg.registry_auth_file),
+            "check": True,
+            "capture_output": True,
+            "text": True,
+        }
+        if platform:
+            pull_kwargs["platform"] = platform
+
+        podman.pull(full_image, **pull_kwargs)
         if not quiet:
             print(f"Successfully pulled {full_image}")
     except Exception as e:
@@ -100,7 +119,7 @@ def pull(
         db.record_deployment(
             cfg.db_path,
             image=image,
-            tag=tag,
+            tag=resolved_tag,
             action="pull",
             success=False,
             notes=str(e),
@@ -111,19 +130,19 @@ def pull(
     db.record_deployment(
         cfg.db_path,
         image=image,
-        tag=tag,
+        tag=resolved_tag,
         action="pull",
         success=True,
     )
 
     # Set as current if requested
     if set_as_current:
-        previous = db.set_current(cfg.db_path, image, tag)
+        previous = db.set_current(cfg.db_path, image, resolved_tag)
         if not quiet:
             if previous:
-                print(f"Set CURRENT to {tag} (previous: {previous})")
+                print(f"Set CURRENT to {resolved_tag} (previous: {previous})")
             else:
-                print(f"Set CURRENT to {tag}")
+                print(f"Set CURRENT to {resolved_tag}")
 
 
 @app.default

ots_containers/commands/init.py

@@ -1,4 +1,5 @@
 # src/ots_containers/commands/init.py
+
 """Init command for idempotent setup of ots-containers.
 
 Creates required directories and initializes the deployment database.
@@ -157,7 +158,11 @@ def init(
         print("\nSystem Configuration:")
     quadlet_dir = cfg.web_template_path.parent
     users_dir = quadlet_dir / "users"
-    template_paths = [cfg.web_template_path, cfg.worker_template_path, cfg.scheduler_template_path]
+    template_paths = [
+        cfg.web_template_path,
+        cfg.worker_template_path,
+        cfg.scheduler_template_path,
+    ]
     if check:
         for template_path in template_paths:
             if template_path.exists():

ots_containers/commands/instance/__init__.py

@@ -14,6 +14,7 @@ from .annotations import (
 )
 from .app import (
     app,
+    config_transform,
     deploy,
     disable,
     enable,
@@ -23,6 +24,7 @@ from .app import (
     redeploy,
     restart,
     run,
+    shell,
     show_env,
     start,
     status,
@@ -39,6 +41,7 @@ __all__ = [
     "WebFlag",
     "WorkerFlag",
     "app",
+    "config_transform",
     "deploy",
     "disable",
     "enable",
@@ -49,6 +52,7 @@ __all__ = [
     "resolve_instance_type",
     "restart",
     "run",
+    "shell",
     "show_env",
     "start",
     "status",

ots_containers/commands/instance/_helpers.py

@@ -1,11 +1,14 @@
 # src/ots_containers/commands/instance/_helpers.py
+
 """Internal helper functions for instance commands."""
 
 import shlex
 import time
 from collections.abc import Callable, Sequence
+from pathlib import Path
 
 from ots_containers import systemd
+from ots_containers.environment_file import get_secrets_from_env_file
 
 from .annotations import InstanceType
 
@@ -19,25 +22,26 @@ def format_command(cmd: Sequence[str]) -> str:
     return " ".join(shlex.quote(arg) for arg in cmd)
 
 
-def format_journalctl_hint(instances: dict[InstanceType, list[str]]) -> str:
-    """Generate a journalctl command to view logs for the given instances.
+def build_secret_args(env_file: Path) -> list[str]:
+    """Build podman --secret arguments from environment file.
+
+    Reads SECRET_VARIABLE_NAMES from the env file and generates
+    corresponding --secret flags for podman run.
 
     Args:
-        instances: Dict mapping InstanceType to list of identifiers
+        env_file: Path to environment file (e.g., /etc/default/onetimesecret)
 
     Returns:
-        A journalctl command string with -t flags for each instance.
+        List of command arguments: ["--secret", "name,type=env,target=VAR", ...]
     """
-    tags = []
-    for itype, ids in instances.items():
-        for id_ in ids:
-            tags.append(f"onetime-{itype.value}-{id_}")
-
-    if not tags:
-        return ""
+    if not env_file.exists():
+        return []
 
-    tag_args = " ".join(f"-t {tag}" for tag in tags)
-    return f"journalctl {tag_args} -f"
+    secret_specs = get_secrets_from_env_file(env_file)
+    args: list[str] = []
+    for spec in secret_specs:
+        args.extend(["--secret", f"{spec.secret_name},type=env,target={spec.env_var_name}"])
+    return args
 
 
 def resolve_identifiers(
@@ -117,8 +121,6 @@ def for_each_instance(
     delay: int,
     action: Callable[[InstanceType, str], None],
     verb: str,
-    *,
-    show_logs_hint: bool = False,
 ) -> int:
     """Run action for each instance with delay between.
 
@@ -127,7 +129,6 @@ def for_each_instance(
         delay: Seconds to wait between operations
         action: Callable taking (instance_type, identifier)
         verb: Present participle for logging (e.g., "Restarting")
-        show_logs_hint: If True, print journalctl command to view logs
 
     Returns:
         Total number of instances processed.
@@ -152,10 +153,4 @@ def for_each_instance(
             time.sleep(delay)
 
     print(f"Processed {total} instance(s)")
-
-    if show_logs_hint:
-        hint = format_journalctl_hint(instances)
-        if hint:
-            print(f"\nView logs: {hint}")
-
     return total

ots_containers/commands/instance/annotations.py

@@ -1,4 +1,5 @@
 # src/ots_containers/commands/instance/annotations.py
+
 """Type annotations for instance commands.
 
 Instance types: