Add config for yadm to create read-only template output

[soraxas]

What does this PR do?

Allow user to tell yadm to create read-only template output

What issues does this PR fix or reference?

I always forget that the file I'm editing is an output from yadm template :( and loss my editing. (despite already adding a header notice on the top of the file)

Config via:

$ yadm config yadm.template-read-only true

Previous Behavior

yadm copies perms

New Behavior

yadm copies perms, and optionally, remove write perms

Have [tests][1] been written for this change?

No

Have these commits been [signed with GnuPG][2]?

Yes

---

P.S.
This is a global control.

An alternative solution, that allows per-file controls, is to allow template file to have some extra parameters, e.g., my_config.toml##<condition>,template.esh,template.ro=true

but the original semantic of those values were conditions, so I'm not sure if that'd be a good approach

[soraxas]

A slight bump on this PR:

are there any more blockers for merging this PR?

[TheLocehiliosan]

I adjusted this PR to target the develop branch. Can tests and updates to the manpage be added?

[soraxas]

Hi @TheLocehiliosan ! Man and tests had been added!

[TheLocehiliosan]

@soraxas - I updated the pull request to target the develop branch, but there are conflicts.

Can you rebase your branch to be on top of the develop branch?

[soraxas]

@TheLocehiliosan A slight bump on this PR again

[erijo]

@soraxas: Sorry for the long delay! I'm slowly working my way through the open PRs and I'd like to get this merged. Are you still interested in working on it?

I'm wondering if making them read-only shouldn't be the default (and only?) behavior?

[soraxas]

Hi @erijo that's all good. I've been using my fork these whole time so I don't have a strong desire to work on this, but happy to contribute if it's not too much effort.

Making them read-only is not the only option (you can set it to false). Do you mean something else (e.g., other chmod bits like executable?)

I reckon making them read-only is a sane default, as why would you want to change something that a template generates? (happy to discuss this). Even the official guide in the website https://yadm.io/docs/templates#built-in-directives suggest the following block of text, which discourage user of editing it:

# WARNING: Do not edit this file.
# It was generated by processing {{ yadm.source }}

[erijo]

I was thinking if we should simply always set template output to read-only? I.e. without adding any option for controlling it. As all options comes with extra cost in documentation, testing etc. and unless we can see a real use-case for having template output be read-writable I would like to keep it simple and always set it to read-only.

[soraxas]

I see your point, but since the documentation and test cases were already written, I'm not sure how that supports the argument. (and I think even if it's just read-only you would still want tests, just perhaps not for the read-write case)

There are scenarios where read-write might make sense—for example, when some software expects its config file to be read-write and errors if it's read-only. (e.g. perhaps GUI software config)
That said, this might suggest that the read-only option should be a per-file configuration. However, introducing that now could lead to scope creep, which we should avoid. A system-wide setting seems like a good compromise until the need for more granularity arises.