Initial commit of pkictl

.circleci/config.yml

@@ -0,0 +1,67 @@
+---
+version: 2
+jobs:
+  test:
+    working_directory: ~/repo
+    docker:
+      - image: circleci/python:3.6.6
+
+    steps:
+      - checkout
+
+      - restore_cache:
+          keys:
+          - v0.1.0-deps-{{ .Branch }}-{{ checksum "Pipfile" }}
+
+      - run:
+          name: Install dependencies with Pipenv
+          command: |
+            make dev
+
+      - save_cache:
+          key: v0.1.0-deps-{{ .Branch }}-{{ checksum "Pipfile" }}
+          paths:
+            - "/home/circleci/.local/share/virtualenvs/"
+
+      - run:
+          name: Lint the codebase
+          command: |
+            pipenv run make lint
+
+      - run:
+          name: Run unit tests
+          command: |
+            pipenv run make test
+            pipenv run coveralls
+
+      - run:
+          name: Run end-to-end tests
+          command: |
+            sudo .circleci/setup-e2e.sh
+            pipenv run make e2e-test
+
+  build:
+    working_directory: ~/repo
+    docker:
+      - image: docker:17.05.0-ce-git
+
+    steps:
+      - checkout
+      - setup_remote_docker:
+          version: 17.05.0-ce
+
+      - run:
+          name: Build pkictl container image
+          command: |
+            apk update
+            apk add --no-cache make
+            make build-container
+
+workflows:
+  version: 2
+  test_and_build:
+    jobs:
+      - test
+      - build:
+          requires:
+            - test

.circleci/setup-e2e.sh

@@ -0,0 +1,22 @@
+#!/bin/sh
+
+set -ex
+
+VAULT_VERSION="0.11.4"
+
+apt-get update -qq
+apt-get install -y --no-install-recommends unzip wget openssl ca-certificates
+
+wget -q "https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_linux_amd64.zip"
+
+unzip "vault_${VAULT_VERSION}_linux_amd64.zip"
+
+cp vault /usr/local/bin/vault
+
+mkdir -p /etc/vault/ssl /var/lib/vault
+
+openssl req -x509 -newkey rsa:2048 -nodes -keyout /etc/vault/ssl/server.key -out /etc/vault/ssl/server.crt -days 365 -subj '/CN=Vault Server/'
+
+cp pkictl/tests/e2e/config.hcl /etc/vault/config.hcl
+
+/usr/local/bin/vault server -config /etc/vault/config.hcl &

.coveragerc

@@ -0,0 +1,2 @@
+[run]
+omit = pkictl/tests/*,setup.py

.gitignore

@@ -0,0 +1,11 @@
+.env
+.vault-token
+*.log
+*.txt
+.mypy_cache/
+.coverage
+htmlcov/
+dist/
+build/
+*.egg
+*.egg-info

.travis.yml

@@ -0,0 +1,50 @@
+---
+language: python
+python: "3.6"
+sudo: required
+cache:
+  directories:
+    - $HOME/.cache/pip
+    - $HOME/.local/share/virtualenvs
+notifications:
+  email: false
+services:
+  - docker
+
+stages:
+  - lint
+  - scan
+  - test
+  - build
+
+before_install:
+  - sudo apt-get update -qq && apt-get -y --no-install-recommends install make
+  - sudo pip install pipenv --no-cache-dir --disable-pip-version-check
+
+install:
+  - make dev
+
+jobs:
+  include:
+    - stage: lint
+      script:
+        - pipenv shell
+        - make lint
+
+    - stage: scan
+      script:
+        - pipenv shell
+        - make scan
+
+    - stage: test
+      script:
+        - pipenv shell
+        - make test
+
+    - stage: build
+      script:
+        - pipenv shell
+        - make build
+
+after_success:
+  coveralls

Dockerfile

@@ -0,0 +1,31 @@
+# requires Docker 17.05+
+
+FROM python:3.6-slim
+
+COPY Pipfile* /
+
+RUN set -ex && pip install pipenv --no-cache-dir --disable-pip-version-check \
+    && pipenv --python 3.6 lock -r > requirements.txt
+
+# -----------------------------------------------------------------------------------------
+
+FROM python:3.6-slim
+
+LABEL APP="pkictl"
+LABEL MAINTAINER="@bincyber"
+LABEL URL="http://github.com/bincyber/pkictl"
+
+COPY --from=0 /requirements.txt /tmp/requirements.txt
+
+RUN set -e \
+    && pip install -r /tmp/requirements.txt --no-cache-dir --disable-pip-version-check \
+    && rm -rf /usr/src/python /root/.cache /root/.local /tmp/requirements.txt \
+    && find /usr/local -depth -type f -a -name '*.pyc' -exec rm -rf '{}' \;
+
+COPY pkictl /app/pkictl
+
+WORKDIR /app
+
+USER 10001:10001
+
+ENTRYPOINT [ "/usr/local/bin/python", "-m", "pkictl" ]