feat: add new parameter yaml.file_with_secrets

locale/fr/LC_MESSAGES/user_data_yaml.po

@@ -5,8 +5,8 @@
 msgid ""
 msgstr ""
 "Project-Id-Version: \n"
-"POT-Creation-Date: 2024-12-11 21:26+0100\n"
-"PO-Revision-Date: 2024-12-11 21:27+0100\n"
+"POT-Creation-Date: 2025-02-10 09:21+0100\n"
+"PO-Revision-Date: 2025-02-10 09:22+0100\n"
 "Last-Translator: \n"
 "Language-Team: \n"
 "Language: fr\n"
@@ -20,16 +20,28 @@ msgstr ""
 msgid "yaml is not set in step.user_data"
 msgstr "\"yaml\" n'est pas défini dans step.user_data"
 
-#: src/rougail/user_data_yaml/__init__.py:61
+#: src/rougail/user_data_yaml/__init__.py:62
 msgid "cannot load \"{0}\", the root value is not a dict but \"{1}\""
 msgstr ""
 "ne peut charger \"{0}\", la valeur racine n'est pas une dictionnaire mais "
 "\"{1}\""
 
-#: src/rougail/user_data_yaml/__init__.py:74
+#: src/rougail/user_data_yaml/__init__.py:85
 msgid "yaml ({0})"
 msgstr "fichier yaml ({0})"
 
-#: src/rougail/user_data_yaml/__init__.py:103
+#: src/rougail/user_data_yaml/__init__.py:116
 msgid "\"{0}\" in {1} has an unknown value"
 msgstr "\"{0}\" dans {1}  a une valeur inconnue"
+
+#: src/rougail/user_data_yaml/config.py:29
+msgid "Configuration rougail-user-data-yaml"
+msgstr "Configuration de rougail-user-data-yaml"
+
+#: src/rougail/user_data_yaml/config.py:38
+msgid "Filename"
+msgstr "Nom du fichier"
+
+#: src/rougail/user_data_yaml/config.py:49
+msgid "File that may contain secrets"
+msgstr "Le fichier peut contenir des secrets"

locale/rougail_user_data_yaml.pot

@@ -5,7 +5,7 @@
 msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
-"POT-Creation-Date: 2024-12-11 21:27+0100\n"
+"POT-Creation-Date: 2025-02-10 09:22+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -19,15 +19,27 @@ msgstr ""
 msgid "yaml is not set in step.user_data"
 msgstr ""
 
-#: src/rougail/user_data_yaml/__init__.py:61
+#: src/rougail/user_data_yaml/__init__.py:62
 msgid "cannot load \"{0}\", the root value is not a dict but \"{1}\""
 msgstr ""
 
-#: src/rougail/user_data_yaml/__init__.py:74
+#: src/rougail/user_data_yaml/__init__.py:85
 msgid "yaml ({0})"
 msgstr ""
 
-#: src/rougail/user_data_yaml/__init__.py:103
+#: src/rougail/user_data_yaml/__init__.py:116
 msgid "\"{0}\" in {1} has an unknown value"
 msgstr ""
 
+#: src/rougail/user_data_yaml/config.py:29
+msgid "Configuration rougail-user-data-yaml"
+msgstr ""
+
+#: src/rougail/user_data_yaml/config.py:38
+msgid "Filename"
+msgstr ""
+
+#: src/rougail/user_data_yaml/config.py:49
+msgid "File that may contain secrets"
+msgstr ""
+

src/rougail/user_data_yaml/__init__.py

@@ -1,6 +1,6 @@
 """
 Silique (https://www.silique.fr)
-Copyright (C) 2024
+Copyright (C) 2024-2025
 
 This program is free software: you can redistribute it and/or modify it
 under the terms of the GNU Lesser General Public License as published by the
@@ -17,7 +17,6 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 """
 from ruamel.yaml import YAML
 
-from rougail import RougailConfig
 from rougail.error import ExtentionError
 from tiramisu.error import ValueOptionError, PropertiesOptionError, LeadershipError
 
@@ -32,6 +31,7 @@ class RougailUserDataYaml:
         rougailconfig=None,
     ) -> None:
         if rougailconfig is None:
+            from rougail import RougailConfig
             rougailconfig = RougailConfig
             user_data = rougailconfig["step.user_data"]
             if "yaml" not in user_data:
@@ -42,6 +42,7 @@ class RougailUserDataYaml:
             raise ExtentionError(_("yaml is not set in step.user_data"))
         self.rougailconfig = rougailconfig
         self.filenames = self.rougailconfig["yaml.filename"]
+        self.file_with_secrets = self.rougailconfig["yaml.file_with_secrets"]
         self.config = config
         self.errors = []
         self.warnings = []
@@ -51,7 +52,7 @@ class RougailUserDataYaml:
     ) -> None:
         self.yaml = YAML()
         user_datas = []
-        for filename in self.filenames:
+        for idx, filename in enumerate(self.filenames):
             file_values = self.open(filename)
             if not file_values:
                 continue
@@ -69,12 +70,24 @@ class RougailUserDataYaml:
                     file_values,
                     filename,
                 )
+            if self.file_with_secrets == 'none':
+                allow_secrets_variables = False
+            elif self.file_with_secrets == 'first':
+                allow_secrets_variables = idx == 0
+            elif self.file_with_secrets == 'last':
+                if not idx:
+                    last_filenames = len(self.filenames) - 1
+                allow_secrets_variables = idx == last_filenames
+            else:
+                allow_secrets_variables = True
             user_datas.append(
                 {
                     "source": _("yaml ({0})").format(filename),
                     "errors": self.errors,
                     "warnings": self.warnings,
                     "values": values,
+                    'options': {'allow_secrets_variables': allow_secrets_variables,
+                                },
                 }
             )
         return user_datas

src/rougail/user_data_yaml/config.py

@@ -2,7 +2,7 @@
 Config yaml for Rougail-user-data
 
 Silique (https://www.silique.fr)
-Copyright (C) 2024
+Copyright (C) 2024-2025
 
 This program is free software: you can redistribute it and/or modify it
 under the terms of the GNU Lesser General Public License as published by the
@@ -17,23 +17,25 @@ details.
 You should have received a copy of the GNU Lesser General Public License
 along with this program.  If not, see <http://www.gnu.org/licenses/>.
 """
+from .i18n import _
 
 
 def get_rougail_config(
     *,
     backward_compatibility=True,
 ) -> dict:
-    options = """
+    options = f"""
 yaml:
-  description: Configuration rougail-user-data-yaml
+  description: {_("Configuration rougail-user-data-yaml")}
   disabled:
     type: jinja
     jinja: |
-      {% if 'yaml' not in step.user_data %}
+      {{% if 'yaml' not in step.user_data %}}
       disabled
-      {% endif %}
+      {{% endif %}}
+
   filename:
-    description: Filename
+    description: {_("Filename")}
     alternative_name: ff
     type: unix_filename
     multi: true
@@ -42,6 +44,15 @@ yaml:
        test_existence: True
        types:
          - file
+
+  file_with_secrets:
+    description: {_("File that may contain secrets")}
+    default: all
+    choices:
+      - all
+      - first
+      - last
+      - none
 """
     return {
         "name": "yaml",

src/rougail/user_data_yaml/i18n.py

@@ -1,6 +1,6 @@
 """Internationalisation utilities
 Silique (https://www.silique.fr)
-Copyright (C) 2024
+Copyright (C) 2024-2025
 
 This program is free software: you can redistribute it and/or modify it
 under the terms of the GNU Lesser General Public License as published by the

tests/results/00_6secret/errors/all.json

@@ -0,0 +1,4 @@
+{
+    "errors": [],
+    "warnings": []
+}

tests/results/00_6secret/errors/mandatories.json

@@ -0,0 +1,4 @@
+{
+    "errors": [],
+    "warnings": []
+}

tests/results/00_6secret/file/all.yml

@@ -0,0 +1,6 @@
+{
+    "rougail": {
+        "secret1": "string1",
+        "secret2": "string1"
+    }
+}

tests/results/00_6secret/file/all_exclude.yml

@@ -0,0 +1,6 @@
+{
+    "rougail": {
+        "secret1": "string1",
+        "secret2": "string1"
+    }
+}

tests/results/00_6secret/file/mandatories.yml

@@ -0,0 +1,5 @@
+{
+    "rougail": {
+        "secret1": "string1"
+    }
+}

tests/results/00_6secret/makedict/all.json

@@ -0,0 +1,4 @@
+{
+    "rougail.secret1": "string1",
+    "rougail.secret2": "string1"
+}

tests/results/00_6secret/makedict/mandatories.json

@@ -0,0 +1,4 @@
+{
+    "rougail.secret1": "string1",
+    "rougail.secret2": "value"
+}