fixes, cleanup, pyproject.toml

mtik_cert_pusher/__main__.py

@@ -29,24 +29,24 @@ def make_arg_parser():
         description="push TLS privkey & certificate to MikroTik RouterOS router",
     )
 
-    subparsers = parser.add_subparsers(dest="subcommand")
+    subparsers = parser.add_subparsers(dest="subcommand", required=True)
 
-    install_parser = subparsers.add_parser(
-        "install", help="push TLS privkey & certificate to MikroTik RouterOS router"
+    deploy_parser = subparsers.add_parser(
+        "deploy", help="deploy TLS privkey & certificate to MikroTik RouterOS router"
     )
-    install_parser.add_argument(
-        "-k", "--privkey", type=Path, required=True, help="private key file"
+    deploy_parser.add_argument("--ssh-config", type=Path, help="ssh config file")
+    deploy_parser.add_argument("--ssh-user", help="target ssh user")
+    deploy_parser.add_argument("--ssh-port", type=int, help="target ssh port")
+    deploy_parser.add_argument("--ssh-host", required=True, help="target ssh host")
+    deploy_parser.add_argument(
+        "-k", "--private-key", type=Path, required=True, help="PEM private key file"
     )
-    install_parser.add_argument(
-        "--cert", type=Path, required=True, help="certificate file"
+    deploy_parser.add_argument(
+        "--cert", type=Path, required=True, help="PEM certificate file"
     )
-    install_parser.add_argument(
+    deploy_parser.add_argument(
         "--chain", type=Path, help="separate certificate chain file (optional)"
     )
-    install_parser.add_argument("--ssh-config", type=Path, help="ssh config file")
-    install_parser.add_argument("--ssh-host", required=True, help="target ssh host")
-    install_parser.add_argument("--ssh-user", help="target ssh user")
-    install_parser.add_argument("--ssh-port", type=int, help="target ssh port")
 
     fingerprint_parser = subparsers.add_parser(
         "fingerprint", aliases=["fpr"], help="calculate fingerprint of certificate(s)"
@@ -54,22 +54,21 @@ def make_arg_parser():
     fingerprint_parser.add_argument(
         dest="files",
         metavar="cert.pem",
-        nargs='+',
+        nargs="+",
         type=Path,
         help="PEM certificate file to read",
     )
 
     skid_parser = subparsers.add_parser(
-        #"skid", help="calculate SubjectKeyIdentifier of certificate(s) or key(s)"
         "skid", help="show the SubjectKeyIdentifier of certificate(s)"
     )
     skid_parser.add_argument(
         dest="files",
-        #metavar="file.pem",
+        # metavar="file.pem",
         metavar="cert.pem",
-        nargs='+',
+        nargs="+",
         type=Path,
-        #help="PEM file to read",
+        # help="PEM file to read",
         help="PEM certificate file to read",
     )
 
@@ -85,7 +84,7 @@ def parse_args():
 def main():
     args, parser = parse_args()
 
-    if args.subcommand == "install":
+    if args.subcommand == "deploy":
         assert ":" not in args.ssh_host
 
         privkey_data = args.privkey.read_text()
@@ -106,7 +105,6 @@ def main():
 
         ros_remote.use_certificate(fingerprint)
 
-
     elif args.subcommand in ("fingerprint", "fpr"):
         for path in args.files:
             try:
@@ -116,7 +114,7 @@ def main():
                 exc.add_note(f"path={path}")
                 raise
 
-    elif args.subcommand in ("skid"):
+    elif args.subcommand == "skid":
         for path in args.files:
             try:
                 for cert_obj in x509.load_pem_x509_certificates(path.read_bytes()):

mtik_cert_pusher/connector.py

@@ -98,7 +98,7 @@ class SSHConnector(Connector):
         self, cmdline: str, text: bool = False, capture: bool = False
     ) -> str:
         cmd = self._ssh_args([self.ssh_host, cmdline])
-        #print("running: ", shlex.join(cmd))
+        # print("running: ", shlex.join(cmd))
         if capture:
             return subprocess.check_output(cmd, text=text)
         subprocess.run(cmd, check=True)
@@ -106,7 +106,9 @@ class SSHConnector(Connector):
     def create_remote_files(self, content_by_name: dict, remote_directory: str):
         if not content_by_name:
             raise ValueError("require at least one file to copy")
-        with tempfile.TemporaryDirectory(dir=self.temporary_directory, prefix="mtik-connector-tmp") as td:
+        with tempfile.TemporaryDirectory(
+            dir=self.temporary_directory, prefix="mtik-connector-tmp"
+        ) as td:
             tempfile_paths = []
 
             # Write the files to a temporary directory
@@ -127,5 +129,5 @@ class SSHConnector(Connector):
                     f"{self.ssh_host}:{remote_directory}",
                 ]
             )
-            #print("running: ", shlex.join(cmd))
+            # print("running: ", shlex.join(cmd))
             subprocess.run(cmd, check=True)

mtik_cert_pusher/routeros.py

@@ -250,7 +250,7 @@ class RouterOS:
             raise ValueError(f"illegal fingerprint {fingerprint!r}")
         cmds = [
             f'/ip/service set api-ssl,www-ssl certificate=[/certificate find where fingerprint="{fingerprint}"]',
-            f':put [:serialize to=json value={{[/certificate get [/ip/service get api-ssl certificate] fingerprint],[/certificate get [/ip/service get www-ssl certificate] fingerprint]}}]'
+            ":put [:serialize to=json value={[/certificate get [/ip/service get api-ssl certificate] fingerprint],[/certificate get [/ip/service get www-ssl certificate] fingerprint]}]",
         ]
         remote_cmdline = "\n".join(cmds)
         raw_result = self.connector.invoke_remote_command(