clan-cli: secrets machines remove: update secrets after removing the key

Quick follow up to PR #2781, this commit does the same kind of logic but for machines instead of users and groups. Note that this only affects the `clan secrets machines remove` sub-command, and that `clan machines delete` still leaves unusable secrets & vars behind. This can be addressed in a different change.
2025-02-07 11:12:34 +00:00
parent 8b80fc18e4
commit 0c1244ecb6
5 changed files with 56 additions and 36 deletions
--- a/pkgs/clan-cli/clan_cli/secrets/groups.py
+++ b/pkgs/clan-cli/clan_cli/secrets/groups.py
@@ -246,18 +246,18 @@ def add_secret(flake_dir: Path, group: str, name: str) -> None:
    )


-def get_groups(
-    flake_dir: Path,
-    type_name: str,
-    name: str,
-) -> list[Path]:
+def get_groups(flake_dir: Path, what: str, name: str) -> list[str]:
+    """Returns the list of group names the given user or machine is part of."""
+    assert what == "users" or what == "machines"
+
    groups_dir = sops_groups_folder(flake_dir)
+    if not groups_dir.exists():
+        return []

    groups = []
-    if groups_dir.exists():
-        for group in groups_dir.iterdir():
-            if group.is_dir() and (group / type_name / name).exists():
-                groups.append(group)
+    for group in groups_dir.iterdir():
+        if group.is_dir() and (group / what / name).is_symlink():
+            groups.append(group.name)
    return groups