Make Podman interface more pythonesque

pc_backup/container.py

@@ -119,52 +119,26 @@ class BorgmaticContainer:
             "borgmatic_state:/root/.local/state/borgmatic",
             "borgmatic_log:/root/.local/share/borgmatic",
         ]
-        if config.ssh_auth_sock:
-            volumes += [f"{config.ssh_auth_sock}:{config.ssh_auth_sock}:Z"]
 
         volumes += [
             f"{vol}:{self.to_source_path(vol)}:ro" for vol in config.data_sources
         ]
 
-        volume_args = [a for vol in volumes for a in ["-v", vol]]
-
-        secrets_args = [
-            a
-            for s in config.secret_sources
-            for a in ["--secret", f"{s.name},mode=0{s.mode:o}"]
-        ]
-
-        args = (
-            [
-                "-h",
-                self.hostname,
-                "--detach",
-                "--name",
-                container_name,
-                "-e",
-                "SSH_AUTH_SOCK",
-                "-e",
-                "TZ=Europe/Paris",
-                "-e",
-                "SSH_KEY_NAME",
-                "-e",
-                f"HOST_LOGIN={self.login}",
-                "--security-opt=label=disable",
-            ]
-            + volume_args
-            + secrets_args
-            + [self.image]
+        Podman.run(
+            self.image,
+            container_name,
+            hostname=self.hostname,
+            env=["TZ=Europe/Paris", f"HOST_LOGIN={self.login}"],
+            ssh_auth_sock=config.ssh_auth_sock,
+            volumes=volumes,
+            secrets=config.secret_sources,
         )
-        Podman.run(args)
 
     def rm(self):
-        Podman.rm(["-f", self.name])
+        Podman.rm(self.name)
 
-    def exec(self, cmd: list[str], env_vars: list[str] = []):
-        args = ["-ti"]
-        args += [a for var in env_vars for a in ["-e", var]]
-        subprocess.run(args + [self.name] + cmd)
-        Podman.exec(args + [self.name] + cmd)
+    def exec(self, cmd: list[str]):
+        Podman.exec(self.name, *cmd)
 
     @staticmethod
     def to_source_path(path: Path):

pc_backup/podman.py

@@ -1,22 +1,86 @@
 import subprocess
+from pathlib import Path
 
 
 class Podman:
     @classmethod
-    def run(cls, args: list):
-        cls._call(["run"] + args)
+    def run(
+        cls,
+        image: str,
+        name: str,
+        *,
+        hostname: str,
+        env: list,
+        volumes: list[str],
+        # TODO: Actually a list of Secret but creates a circular dependency
+        secrets: list,
+        ssh_auth_sock: Path | None = None,
+        detach=True,
+    ):
+        args = ["run"]
+
+        args += ["-h", hostname]
+        args += ["--name", name]
+
+        for e in env:
+            args += ["-e", e]
+
+        if ssh_auth_sock:
+            args += ["-e", "SSH_AUTH_SOCK"]
+            volumes += [f"{ssh_auth_sock}:{ssh_auth_sock}:Z"]
+
+        args += ["--security-opt=label=disable"]
+
+        if detach:
+            args += ["--detach"]
+
+        args += [a for vol in volumes for a in ["-v", vol]]
+        args += [a for s in secrets for a in ["--secret", f"{s.name},mode=0{s.mode:o}"]]
+
+        args += [image]
+
+        cls._call(args)
 
     @classmethod
-    def rm(cls, args: list):
-        cls._call(["rm"] + args)
+    def rm(cls, name, *, force=True):
+        args = ["rm"]
+        if force:
+            args += ["-f"]
+        args += [name]
+        cls._call(args)
 
     @classmethod
-    def exec(cls, args: list):
-        cls._call(["exec"] + args)
+    def exec(cls, name, *cmd):
+        args = ["exec", "-ti", name] + list(cmd)
+        cls._call(args)
 
     @classmethod
-    def secret_create(cls, args: list, **kwargs):
-        cls._call(["secret", "create"] + args, **kwargs)
+    def secret_create(
+        cls,
+        name: str,
+        *,
+        replace=True,
+        value: bytes | None = None,
+        host_path: Path | None = None,
+    ):
+        if value and host_path:
+            raise ValueError("both value and host_path can not be set")
+
+        args = ["secret", "create"]
+        kwargs = {}
+
+        if replace:
+            args += ["--replace"]
+
+        args += [name]
+
+        if value is not None:
+            args += ["-"]
+            kwargs["input"] = value
+        elif host_path is not None:
+            args += [host_path]
+
+        cls._call(args, **kwargs)
 
     @classmethod
     def _call(cls, args: list, **kwargs):

pc_backup/secret.py

@@ -42,8 +42,7 @@ class SecretKeepassAttachment(Secret):
 
     def create(self, keepass: KeePass):
         value = keepass.read_entry_attachment(self.key, self.attachment)
-        args = ["--replace", self.name, "-"]
-        Podman.secret_create(args, input=value.encode())
+        Podman.secret_create(self.name, value=value.encode())
 
     @classmethod
     def from_line(cls, name: str, key: str, attachment: str):
@@ -57,8 +56,7 @@ class SecretKeepassAttribute(Secret):
 
     def create(self, keepass: KeePass):
         value = keepass.read_entry_attribute(self.key, self.attribute)
-        args = ["--replace", self.name, "-"]
-        Podman.secret_create(args, input=value.encode())
+        Podman.secret_create(self.name, value=value.encode())
 
     @classmethod
     def from_line(cls, name: str, key: str, attribute: str):
@@ -71,7 +69,7 @@ class SecretFile(Secret):
 
     def create(self, keepass: KeePass):
         args = ["--replace", self.name, self.host_path]
-        Podman.secret_create(args)
+        Podman.secret_create(self.name, host_path=self.host_path)
 
     @classmethod
     def from_line(cls, name: str, path: str):