0 purchases
yayclcrypt 0.4.0
# yaycl Encrypted Yaml SupportA [yaycl](https://github.com/seandst/yaycl) plugin to seamlessly load encypted yamls,as well as helper methods for encrypting and decrypting yaycl yamls.# Usage```python# Set the crypt key one of these ways:conf = yaycl.Config('/path/to/yamls', crypt_key='my secret')conf = yaycl.Config('/path/to/yamls', crypt_key_file='/path/to/a/file/containing/my/secret')# Or set them after instantiating conf if you like (but it's a little less pretty):conf._yaycl['crypt_key'] = 'my secret'conf._yaycl['crypt_key_file'] = '/path/to/a/file/containing/my/secret'# Or set the correspnding environment vars before loading python:# - YAYCL_CRYPT_KEY corresponds to 'crypt_key' kwarg# - YAYCL_CRYPT_KEY_FILE corresponds to 'crypt_key_file' kwarg# Assuming you've loaded "test.yaml" from your yaml conf dir,# this will encrypt it and remove the unencrypted version:yaycl_crypt.encrypt_yaml(conf, 'test')# Encrypted yamls have the extension '.eyaml', and (assuming the crypt key is set)# will be loaded just like an unencrypted yaml. If the yaml being loaded has no extension,# yaycl_crypt will append the extension '.e' to the unencrypted yaml name# To decrypt:yaycl_crypt.decrypt_yaml(conf, 'test')# As before (but going the other way), the .eyaml file will be deleted,# leaving just the unencrypted yaml file in the conf dir```# Notes- If both an encrypted an unencrypted yaml exist, `yaycl_crypt` will issue a warning and punt to the next `yaycl` loader, which is most likely the default loader. This means the unencrypted yaml gets loaded, under the assumption that an unencrypted yaml next to an encrypted yaml probably means the unencrypted yaml is being actively edited.- If `yaycl_crypt.decrypt_yaml` is called, and an unencrypted yaml already exists, `yaycl_crypt` will refuse to overwrite the existing unencrypted conf, again under the assumption that the unencrypted conf is being actively worked on. If it isn't, the simplest way to remove it is likely to encrypt it first to delete the unencrypted file, then decrypt it.- `yaycl_crypt.encrypt_yaml` has no similar qualms about overwriting encrypted yamls, since the most likely reason for using this function is to write config changes in a recently unencrypted config file.- Both `encrypt_yaml` and `decrypt_yaml` take a `delete` kwarg, which defaults to `True`. If set to `False`, `encrypt_yaml` will *not* delete the unencrypted config of the same name, and `decrypt_yaml` will similarly *not* delete its encrypted counterpart.- `yaml_crypt` isn't guaranteed to be completely "secure"; its main goal is to obfuscate configuration files with private data in a way that is not trivial to circumvent. Anyone with access to a python interpreter that can read your eyaml files has access to your secret key.[![Coverage Status](https://coveralls.io/repos/seandst/yaycl-crypt/badge.svg?branch=master)](https://coveralls.io/r/seandst/yaycl-crypt?branch=master)[![Build Status](https://travis-ci.org/seandst/yaycl-crypt.svg?branch=master)](https://travis-ci.org/seandst/yaycl-crypt)
For personal and professional use. You cannot resell or redistribute these repositories in their original state.
There are no reviews.