certwrangler.state_managers.local module#
- certwrangler.state_managers.local._is_encrypted(data: str) bool[source]#
Simple check to see if the state is encrypted based on the presence of the encryption header and footer.
- certwrangler.state_managers.local._parse_encrypted_state(data: str) Dict[str, Any][source]#
Parses the encrypted state and returns a dict with the encrypted data and any discovered metadata tags.
- Raises:
ValueError – Raised if state file cannot be parsed.
- certwrangler.state_managers.local._decrypt(data: str, encryptor: Encryptor) str[source]#
Decrypt the encrypted state. Returns the decrypted contents of the data payload.
- certwrangler.state_managers.local._encrypt(encryptor: Encryptor, data: str, metadata: Dict[str, str] | None = None) str[source]#
Encrypts the contents of data using the provided encryptor. Can optionally embed a dict of additional metadata to the encrypted envelope.
Note that the metadata is not encrypted and stored in plain text.
- certwrangler.state_managers.local._list_entities(state_path_dir: Path, known_entities: List[str]) Dict[str, Dict[str, Any]][source]#
Loops through the contents of the provided state_path_dir and compares the discovered entities to the provided known_entities list. Returns an inventory of discovered entities, including whether they’re encrypted, the encryption metadata, if they’re orphaned (not in known_entities), and their path.
- pydantic model certwrangler.state_managers.local.LocalStateManager[source]#
Bases:
StateManagerLocal storage state manager driver.
Show Entity Relationship Diagram
Show JSON schema
{ "title": "LocalStateManager", "description": "Local storage state manager driver.", "type": "object", "properties": { "driver": { "const": "local", "title": "Driver", "type": "string" }, "encryption_keys": { "description": "An optional list of encryption keys to use to encrypt the state. Only the top-most key will be used for encryption operations, the additional keys are only used to decrypt the state in the case that a new key was added. New keys can be generated using the ``certwrangler state generate-key`` command.", "items": { "type": "string" }, "title": "Encryption Keys", "type": "array" }, "path": { "default": "/github/home/.local/share/certwrangler", "description": "The base path for the state storage. Two subdirectories will be created under this path, 'accounts' and 'certs'. Defaults to '${XDG_DATA_HOME}/certwrangler' or '~/.local/share/certwrangler' if '${XDG_DATA_HOME}' is not set", "format": "path", "title": "Path", "type": "string" } }, "required": [ "driver" ] }
- field driver: Literal['local'] [Required]#
- field base_path: Path = PosixPath('/github/home/.local/share/certwrangler') (alias 'path')#
The base path for the state storage. Two subdirectories will be created under this path, ‘accounts’ and ‘certs’. Defaults to ‘${XDG_DATA_HOME}/certwrangler’ or ‘~/.local/share/certwrangler’ if ‘${XDG_DATA_HOME}’ is not set
- initialize() None[source]#
Create the configured state storage directories based on the base_path.
- Raises:
StateManagerError – Raised on errors creating the state directories.
- list() Dict[str, Dict[str, Any]][source]#
List all the state entities under management. Returns a dict of all the names of accounts and certs it discovers.
- Raises:
StateManagerError – Raised on errors reading the state.
- save(entity: Account | Cert, encrypt: bool = True) None[source]#
Save the provided entity’s (Account or Cert object) state and by default will encrypt the contents if an encryptor is configured.
- Raises:
StateManagerError – Raised on errors writing the state.