Merge pull request 'test-vars-generate: override machines class yet' (#3369) from test-vars-generate into main
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3369
This commit is contained in:
Mic92
@@ -82,7 +82,7 @@ For instance, if you need to update `nixos-anywhere` in clan-cli, find its usage
|
|||||||
```python
|
```python
|
||||||
run(
|
run(
|
||||||
nix_shell(
|
nix_shell(
|
||||||
["nixpkgs#nixos-anywhere"],
|
["nixos-anywhere"],
|
||||||
cmd,
|
cmd,
|
||||||
),
|
),
|
||||||
RunOpts(log=Log.BOTH, prefix=machine.name, needs_user_terminal=True),
|
RunOpts(log=Log.BOTH, prefix=machine.name, needs_user_terminal=True),
|
||||||
|
|||||||
@@ -29,12 +29,12 @@ def pytest_sessionstart(session: pytest.Session) -> None:
|
|||||||
@pytest.fixture
|
@pytest.fixture
|
||||||
def git_repo(tmp_path: Path) -> Path:
|
def git_repo(tmp_path: Path) -> Path:
|
||||||
# initialize a git repository
|
# initialize a git repository
|
||||||
cmd = nix_shell(["nixpkgs#git"], ["git", "init"])
|
cmd = nix_shell(["git"], ["git", "init"])
|
||||||
subprocess.run(cmd, cwd=tmp_path, check=True)
|
subprocess.run(cmd, cwd=tmp_path, check=True)
|
||||||
# set user.name and user.email
|
# set user.name and user.email
|
||||||
cmd = nix_shell(["nixpkgs#git"], ["git", "config", "user.name", "test"])
|
cmd = nix_shell(["git"], ["git", "config", "user.name", "test"])
|
||||||
subprocess.run(cmd, cwd=tmp_path, check=True)
|
subprocess.run(cmd, cwd=tmp_path, check=True)
|
||||||
cmd = nix_shell(["nixpkgs#git"], ["git", "config", "user.email", "test@test.test"])
|
cmd = nix_shell(["git"], ["git", "config", "user.email", "test@test.test"])
|
||||||
subprocess.run(cmd, cwd=tmp_path, check=True)
|
subprocess.run(cmd, cwd=tmp_path, check=True)
|
||||||
# return the path to the git repository
|
# return the path to the git repository
|
||||||
return tmp_path
|
return tmp_path
|
||||||
|
|||||||
@@ -6,7 +6,7 @@ from typing import Any, Literal
|
|||||||
|
|
||||||
from clan_cli.cmd import RunOpts
|
from clan_cli.cmd import RunOpts
|
||||||
from clan_cli.errors import ClanError
|
from clan_cli.errors import ClanError
|
||||||
from clan_cli.nix import nix_shell_legacy, run_no_stdout
|
from clan_cli.nix import nix_shell, run_no_stdout
|
||||||
|
|
||||||
from . import API
|
from . import API
|
||||||
|
|
||||||
@@ -126,8 +126,8 @@ def show_block_devices() -> Blockdevices:
|
|||||||
It must return a list of block devices.
|
It must return a list of block devices.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
cmd = nix_shell_legacy(
|
cmd = nix_shell(
|
||||||
["nixpkgs#util-linux"],
|
["util-linux"],
|
||||||
[
|
[
|
||||||
"lsblk",
|
"lsblk",
|
||||||
"--json",
|
"--json",
|
||||||
|
|||||||
@@ -3,7 +3,7 @@ import re
|
|||||||
from dataclasses import dataclass
|
from dataclasses import dataclass
|
||||||
|
|
||||||
from clan_cli.cmd import run_no_stdout
|
from clan_cli.cmd import run_no_stdout
|
||||||
from clan_cli.nix import nix_shell_legacy
|
from clan_cli.nix import nix_shell
|
||||||
|
|
||||||
from . import API
|
from . import API
|
||||||
|
|
||||||
@@ -89,8 +89,8 @@ def parse_avahi_output(output: str) -> DNSInfo:
|
|||||||
|
|
||||||
@API.register
|
@API.register
|
||||||
def show_mdns() -> DNSInfo:
|
def show_mdns() -> DNSInfo:
|
||||||
cmd = nix_shell_legacy(
|
cmd = nix_shell(
|
||||||
["nixpkgs#avahi"],
|
["avahi"],
|
||||||
[
|
[
|
||||||
"avahi-browse",
|
"avahi-browse",
|
||||||
"--all",
|
"--all",
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
from clan_cli.cmd import run
|
from clan_cli.cmd import run
|
||||||
from clan_cli.nix import nix_shell_legacy
|
from clan_cli.nix import nix_shell
|
||||||
|
|
||||||
_works: bool | None = None
|
_works: bool | None = None
|
||||||
|
|
||||||
@@ -13,10 +13,10 @@ def bubblewrap_works() -> bool:
|
|||||||
|
|
||||||
def _bubblewrap_works() -> bool:
|
def _bubblewrap_works() -> bool:
|
||||||
# fmt: off
|
# fmt: off
|
||||||
cmd = nix_shell_legacy(
|
cmd = nix_shell(
|
||||||
[
|
[
|
||||||
"nixpkgs#bash",
|
"bash",
|
||||||
"nixpkgs#bubblewrap",
|
"bubblewrap",
|
||||||
],
|
],
|
||||||
[
|
[
|
||||||
"bwrap",
|
"bwrap",
|
||||||
|
|||||||
@@ -9,7 +9,7 @@ from clan_cli.cmd import CmdOut, RunOpts, run
|
|||||||
from clan_cli.errors import ClanError
|
from clan_cli.errors import ClanError
|
||||||
from clan_cli.flake import Flake
|
from clan_cli.flake import Flake
|
||||||
from clan_cli.inventory import Inventory, init_inventory
|
from clan_cli.inventory import Inventory, init_inventory
|
||||||
from clan_cli.nix import nix_command, nix_metadata, nix_shell_legacy
|
from clan_cli.nix import nix_command, nix_metadata, nix_shell
|
||||||
from clan_cli.templates import (
|
from clan_cli.templates import (
|
||||||
InputPrio,
|
InputPrio,
|
||||||
TemplateName,
|
TemplateName,
|
||||||
@@ -41,7 +41,7 @@ class CreateOptions:
|
|||||||
|
|
||||||
|
|
||||||
def git_command(directory: Path, *args: str) -> list[str]:
|
def git_command(directory: Path, *args: str) -> list[str]:
|
||||||
return nix_shell_legacy(["nixpkgs#git"], ["git", "-C", str(directory), *args])
|
return nix_shell(["git"], ["git", "-C", str(directory), *args])
|
||||||
|
|
||||||
|
|
||||||
@API.register
|
@API.register
|
||||||
|
|||||||
@@ -18,7 +18,7 @@ from clan_cli.errors import ClanError
|
|||||||
from clan_cli.git import commit_files
|
from clan_cli.git import commit_files
|
||||||
from clan_cli.machines.inventory import get_all_machines, get_selected_machines
|
from clan_cli.machines.inventory import get_all_machines, get_selected_machines
|
||||||
from clan_cli.machines.machines import Machine
|
from clan_cli.machines.machines import Machine
|
||||||
from clan_cli.nix import nix_shell_legacy
|
from clan_cli.nix import nix_shell
|
||||||
|
|
||||||
from .check import check_secrets
|
from .check import check_secrets
|
||||||
from .public_modules import FactStoreBase
|
from .public_modules import FactStoreBase
|
||||||
@@ -39,10 +39,10 @@ def read_multiline_input(prompt: str = "Finish with Ctrl-D") -> str:
|
|||||||
|
|
||||||
def bubblewrap_cmd(generator: str, facts_dir: Path, secrets_dir: Path) -> list[str]:
|
def bubblewrap_cmd(generator: str, facts_dir: Path, secrets_dir: Path) -> list[str]:
|
||||||
# fmt: off
|
# fmt: off
|
||||||
return nix_shell_legacy(
|
return nix_shell(
|
||||||
[
|
[
|
||||||
"nixpkgs#bash",
|
"bash",
|
||||||
"nixpkgs#bubblewrap",
|
"bubblewrap",
|
||||||
],
|
],
|
||||||
[
|
[
|
||||||
"bwrap",
|
"bwrap",
|
||||||
|
|||||||
@@ -5,7 +5,7 @@ from typing import override
|
|||||||
|
|
||||||
from clan_cli.cmd import Log, RunOpts
|
from clan_cli.cmd import Log, RunOpts
|
||||||
from clan_cli.machines.machines import Machine
|
from clan_cli.machines.machines import Machine
|
||||||
from clan_cli.nix import nix_shell_legacy
|
from clan_cli.nix import nix_shell
|
||||||
|
|
||||||
from . import SecretStoreBase
|
from . import SecretStoreBase
|
||||||
|
|
||||||
@@ -18,8 +18,8 @@ class SecretStore(SecretStoreBase):
|
|||||||
self, service: str, name: str, value: bytes, groups: list[str]
|
self, service: str, name: str, value: bytes, groups: list[str]
|
||||||
) -> Path | None:
|
) -> Path | None:
|
||||||
subprocess.run(
|
subprocess.run(
|
||||||
nix_shell_legacy(
|
nix_shell(
|
||||||
["nixpkgs#pass"],
|
["pass"],
|
||||||
["pass", "insert", "-m", f"machines/{self.machine.name}/{name}"],
|
["pass", "insert", "-m", f"machines/{self.machine.name}/{name}"],
|
||||||
),
|
),
|
||||||
input=value,
|
input=value,
|
||||||
@@ -29,8 +29,8 @@ class SecretStore(SecretStoreBase):
|
|||||||
|
|
||||||
def get(self, service: str, name: str) -> bytes:
|
def get(self, service: str, name: str) -> bytes:
|
||||||
return subprocess.run(
|
return subprocess.run(
|
||||||
nix_shell_legacy(
|
nix_shell(
|
||||||
["nixpkgs#pass"],
|
["pass"],
|
||||||
["pass", "show", f"machines/{self.machine.name}/{name}"],
|
["pass", "show", f"machines/{self.machine.name}/{name}"],
|
||||||
),
|
),
|
||||||
check=True,
|
check=True,
|
||||||
@@ -51,8 +51,8 @@ class SecretStore(SecretStoreBase):
|
|||||||
hashes = []
|
hashes = []
|
||||||
hashes.append(
|
hashes.append(
|
||||||
subprocess.run(
|
subprocess.run(
|
||||||
nix_shell_legacy(
|
nix_shell(
|
||||||
["nixpkgs#git"],
|
["git"],
|
||||||
[
|
[
|
||||||
"git",
|
"git",
|
||||||
"-C",
|
"-C",
|
||||||
@@ -71,8 +71,8 @@ class SecretStore(SecretStoreBase):
|
|||||||
if symlink.is_symlink():
|
if symlink.is_symlink():
|
||||||
hashes.append(
|
hashes.append(
|
||||||
subprocess.run(
|
subprocess.run(
|
||||||
nix_shell_legacy(
|
nix_shell(
|
||||||
["nixpkgs#git"],
|
["git"],
|
||||||
[
|
[
|
||||||
"git",
|
"git",
|
||||||
"-C",
|
"-C",
|
||||||
|
|||||||
@@ -13,7 +13,7 @@ from clan_cli.errors import ClanError
|
|||||||
from clan_cli.facts.generate import generate_facts
|
from clan_cli.facts.generate import generate_facts
|
||||||
from clan_cli.facts.secret_modules import SecretStoreBase
|
from clan_cli.facts.secret_modules import SecretStoreBase
|
||||||
from clan_cli.machines.machines import Machine
|
from clan_cli.machines.machines import Machine
|
||||||
from clan_cli.nix import nix_shell_legacy
|
from clan_cli.nix import nix_shell
|
||||||
from clan_cli.vars.generate import generate_vars
|
from clan_cli.vars.generate import generate_vars
|
||||||
|
|
||||||
from .automount import pause_automounting
|
from .automount import pause_automounting
|
||||||
@@ -147,8 +147,8 @@ def flash_machine(
|
|||||||
disko_install.extend(["--option", "dry-run", "true"])
|
disko_install.extend(["--option", "dry-run", "true"])
|
||||||
disko_install.extend(extra_args)
|
disko_install.extend(extra_args)
|
||||||
|
|
||||||
cmd = nix_shell_legacy(
|
cmd = nix_shell(
|
||||||
["nixpkgs#disko"],
|
["disko"],
|
||||||
disko_install,
|
disko_install,
|
||||||
)
|
)
|
||||||
run(
|
run(
|
||||||
|
|||||||
@@ -18,7 +18,7 @@ from clan_cli.errors import ClanError
|
|||||||
from clan_cli.facts.generate import generate_facts
|
from clan_cli.facts.generate import generate_facts
|
||||||
from clan_cli.machines.hardware import HardwareConfig
|
from clan_cli.machines.hardware import HardwareConfig
|
||||||
from clan_cli.machines.machines import Machine
|
from clan_cli.machines.machines import Machine
|
||||||
from clan_cli.nix import nix_shell_legacy
|
from clan_cli.nix import nix_shell
|
||||||
from clan_cli.ssh.deploy_info import DeployInfo, find_reachable_host, ssh_command_parse
|
from clan_cli.ssh.deploy_info import DeployInfo, find_reachable_host, ssh_command_parse
|
||||||
from clan_cli.ssh.host_key import HostKeyCheck
|
from clan_cli.ssh.host_key import HostKeyCheck
|
||||||
from clan_cli.vars.generate import generate_vars
|
from clan_cli.vars.generate import generate_vars
|
||||||
@@ -145,24 +145,19 @@ def install_machine(opts: InstallOptions) -> None:
|
|||||||
# nix copy does not support tor socks proxy
|
# nix copy does not support tor socks proxy
|
||||||
# cmd.append("--ssh-option")
|
# cmd.append("--ssh-option")
|
||||||
# cmd.append("ProxyCommand=nc -x 127.0.0.1:9050 -X 5 %h %p")
|
# cmd.append("ProxyCommand=nc -x 127.0.0.1:9050 -X 5 %h %p")
|
||||||
run(
|
cmd = nix_shell(
|
||||||
nix_shell_legacy(
|
[
|
||||||
[
|
"nixos-anywhere",
|
||||||
"nixpkgs#nixos-anywhere",
|
"tor",
|
||||||
"nixpkgs#tor",
|
],
|
||||||
],
|
["torify", *cmd],
|
||||||
["torify", *cmd],
|
|
||||||
),
|
|
||||||
RunOpts(log=Log.BOTH, prefix=machine.name, needs_user_terminal=True),
|
|
||||||
)
|
)
|
||||||
else:
|
else:
|
||||||
run(
|
cmd = nix_shell(
|
||||||
nix_shell_legacy(
|
["nixos-anywhere"],
|
||||||
["nixpkgs#nixos-anywhere"],
|
cmd,
|
||||||
cmd,
|
|
||||||
),
|
|
||||||
RunOpts(log=Log.BOTH, prefix=machine.name, needs_user_terminal=True),
|
|
||||||
)
|
)
|
||||||
|
run(cmd, RunOpts(log=Log.BOTH, prefix=machine.name, needs_user_terminal=True))
|
||||||
|
|
||||||
|
|
||||||
def install_command(args: argparse.Namespace) -> None:
|
def install_command(args: argparse.Namespace) -> None:
|
||||||
|
|||||||
@@ -20,7 +20,7 @@ from clan_cli.inventory import (
|
|||||||
patch_inventory_with,
|
patch_inventory_with,
|
||||||
)
|
)
|
||||||
from clan_cli.machines.hardware import HardwareConfig
|
from clan_cli.machines.hardware import HardwareConfig
|
||||||
from clan_cli.nix import nix_eval, nix_shell_legacy
|
from clan_cli.nix import nix_eval, nix_shell
|
||||||
from clan_cli.tags import list_nixos_machines_by_tags
|
from clan_cli.tags import list_nixos_machines_by_tags
|
||||||
|
|
||||||
log = logging.getLogger(__name__)
|
log = logging.getLogger(__name__)
|
||||||
@@ -126,8 +126,8 @@ def check_machine_online(
|
|||||||
|
|
||||||
timeout = opts.timeout if opts and opts.timeout else 20
|
timeout = opts.timeout if opts and opts.timeout else 20
|
||||||
|
|
||||||
cmd = nix_shell_legacy(
|
cmd = nix_shell(
|
||||||
["nixpkgs#util-linux", *(["nixpkgs#openssh"] if hostname else [])],
|
["util-linux", *(["openssh"] if hostname else [])],
|
||||||
[
|
[
|
||||||
"ssh",
|
"ssh",
|
||||||
*(["-i", f"{opts.keyfile}"] if opts and opts.keyfile else []),
|
*(["-i", f"{opts.keyfile}"] if opts and opts.keyfile else []),
|
||||||
|
|||||||
@@ -198,7 +198,6 @@ class Machine:
|
|||||||
|
|
||||||
def nix(
|
def nix(
|
||||||
self,
|
self,
|
||||||
method: Literal["eval", "build"],
|
|
||||||
attr: str,
|
attr: str,
|
||||||
nix_options: list[str] | None = None,
|
nix_options: list[str] | None = None,
|
||||||
) -> Any:
|
) -> Any:
|
||||||
@@ -235,7 +234,7 @@ class Machine:
|
|||||||
if nix_options is None:
|
if nix_options is None:
|
||||||
nix_options = []
|
nix_options = []
|
||||||
|
|
||||||
return self.nix("eval", attr, nix_options)
|
return self.nix(attr, nix_options)
|
||||||
|
|
||||||
def build_nix(
|
def build_nix(
|
||||||
self,
|
self,
|
||||||
@@ -254,7 +253,7 @@ class Machine:
|
|||||||
if nix_options is None:
|
if nix_options is None:
|
||||||
nix_options = []
|
nix_options = []
|
||||||
|
|
||||||
output = self.nix("build", attr, nix_options)
|
output = self.nix(attr, nix_options)
|
||||||
output = Path(output)
|
output = Path(output)
|
||||||
if tmp_store := nix_test_store():
|
if tmp_store := nix_test_store():
|
||||||
output = tmp_store.joinpath(*output.parts[1:])
|
output = tmp_store.joinpath(*output.parts[1:])
|
||||||
|
|||||||
@@ -105,24 +105,6 @@ def nix_metadata(flake_url: str | Path) -> dict[str, Any]:
|
|||||||
return data
|
return data
|
||||||
|
|
||||||
|
|
||||||
# Deprecated: use nix_shell() instead
|
|
||||||
def nix_shell_legacy(packages: list[str], cmd: list[str]) -> list[str]:
|
|
||||||
# we cannot use nix-shell inside the nix sandbox
|
|
||||||
# in our tests we just make sure we have all the packages
|
|
||||||
if (
|
|
||||||
os.environ.get("IN_NIX_SANDBOX")
|
|
||||||
or os.environ.get("CLAN_NO_DYNAMIC_DEPS")
|
|
||||||
or len(packages) == 0
|
|
||||||
):
|
|
||||||
return cmd
|
|
||||||
return [
|
|
||||||
*nix_command(["shell", "--inputs-from", f"{nixpkgs_flake()!s}"]),
|
|
||||||
*packages,
|
|
||||||
"-c",
|
|
||||||
*cmd,
|
|
||||||
]
|
|
||||||
|
|
||||||
|
|
||||||
# lazy loads list of allowed and static programs
|
# lazy loads list of allowed and static programs
|
||||||
class Packages:
|
class Packages:
|
||||||
allowed_packages: set[str] | None = None
|
allowed_packages: set[str] | None = None
|
||||||
@@ -152,7 +134,6 @@ class Packages:
|
|||||||
return program in cls.static_packages
|
return program in cls.static_packages
|
||||||
|
|
||||||
|
|
||||||
# Alternative implementation of nix_shell() to replace nix_shell_legacy() at some point
|
|
||||||
# Features:
|
# Features:
|
||||||
# - allow list for programs (need to be specified in allowed-packages.json)
|
# - allow list for programs (need to be specified in allowed-packages.json)
|
||||||
# - be abe to compute a closure of all deps for testing
|
# - be abe to compute a closure of all deps for testing
|
||||||
|
|||||||
@@ -3,12 +3,14 @@
|
|||||||
"avahi",
|
"avahi",
|
||||||
"bash",
|
"bash",
|
||||||
"bubblewrap",
|
"bubblewrap",
|
||||||
|
"disko",
|
||||||
"e2fsprogs",
|
"e2fsprogs",
|
||||||
"git",
|
"git",
|
||||||
"gnupg",
|
"gnupg",
|
||||||
"mypy",
|
"mypy",
|
||||||
"netcat",
|
"netcat",
|
||||||
"nix",
|
"nix",
|
||||||
|
"nixos-anywhere",
|
||||||
"openssh",
|
"openssh",
|
||||||
"pass",
|
"pass",
|
||||||
"qemu",
|
"qemu",
|
||||||
@@ -18,6 +20,8 @@
|
|||||||
"sshpass",
|
"sshpass",
|
||||||
"tor",
|
"tor",
|
||||||
"util-linux",
|
"util-linux",
|
||||||
|
"virt-viewer",
|
||||||
"virtiofsd",
|
"virtiofsd",
|
||||||
|
"waypipe",
|
||||||
"zbar"
|
"zbar"
|
||||||
]
|
]
|
||||||
|
|||||||
@@ -11,7 +11,7 @@ from clan_cli.completions import (
|
|||||||
complete_users,
|
complete_users,
|
||||||
)
|
)
|
||||||
from clan_cli.errors import ClanError
|
from clan_cli.errors import ClanError
|
||||||
from clan_cli.nix import nix_shell_legacy
|
from clan_cli.nix import nix_shell
|
||||||
|
|
||||||
from .secrets import encrypt_secret, sops_secrets_folder
|
from .secrets import encrypt_secret, sops_secrets_folder
|
||||||
|
|
||||||
@@ -30,7 +30,7 @@ def import_sops(args: argparse.Namespace) -> None:
|
|||||||
if args.input_type:
|
if args.input_type:
|
||||||
cmd += ["--input-type", args.input_type]
|
cmd += ["--input-type", args.input_type]
|
||||||
cmd += ["--output-type", "json", "--decrypt", args.sops_file]
|
cmd += ["--output-type", "json", "--decrypt", args.sops_file]
|
||||||
cmd = nix_shell_legacy(["nixpkgs#sops", "nixpkgs#gnupg"], cmd)
|
cmd = nix_shell(["sops", "gnupg"], cmd)
|
||||||
|
|
||||||
res = run(cmd, RunOpts(error_msg=f"Could not import sops file {file}"))
|
res = run(cmd, RunOpts(error_msg=f"Could not import sops file {file}"))
|
||||||
secrets = json.loads(res.stdout)
|
secrets = json.loads(res.stdout)
|
||||||
|
|||||||
@@ -16,7 +16,7 @@ from clan_cli.api import API
|
|||||||
from clan_cli.cmd import Log, RunOpts, run
|
from clan_cli.cmd import Log, RunOpts, run
|
||||||
from clan_cli.dirs import user_config_dir
|
from clan_cli.dirs import user_config_dir
|
||||||
from clan_cli.errors import ClanError
|
from clan_cli.errors import ClanError
|
||||||
from clan_cli.nix import nix_shell_legacy
|
from clan_cli.nix import nix_shell
|
||||||
|
|
||||||
from .folders import sops_machines_folder, sops_users_folder
|
from .folders import sops_machines_folder, sops_users_folder
|
||||||
|
|
||||||
@@ -233,7 +233,7 @@ def sops_run(
|
|||||||
raise ClanError(msg)
|
raise ClanError(msg)
|
||||||
sops_cmd.append(str(secret_path))
|
sops_cmd.append(str(secret_path))
|
||||||
|
|
||||||
cmd = nix_shell_legacy(["nixpkgs#sops", "nixpkgs#gnupg"], sops_cmd)
|
cmd = nix_shell(["sops", "gnupg"], sops_cmd)
|
||||||
opts = (
|
opts = (
|
||||||
dataclasses.replace(run_opts, env=environ)
|
dataclasses.replace(run_opts, env=environ)
|
||||||
if run_opts
|
if run_opts
|
||||||
@@ -249,7 +249,7 @@ def sops_run(
|
|||||||
|
|
||||||
|
|
||||||
def get_public_age_key(privkey: str) -> str:
|
def get_public_age_key(privkey: str) -> str:
|
||||||
cmd = nix_shell_legacy(["nixpkgs#age"], ["age-keygen", "-y"])
|
cmd = nix_shell(["age"], ["age-keygen", "-y"])
|
||||||
|
|
||||||
error_msg = "Failed to get public key for age private key. Is the key malformed?"
|
error_msg = "Failed to get public key for age private key. Is the key malformed?"
|
||||||
res = run(cmd, RunOpts(input=privkey.encode(), error_msg=error_msg))
|
res = run(cmd, RunOpts(input=privkey.encode(), error_msg=error_msg))
|
||||||
@@ -257,7 +257,7 @@ def get_public_age_key(privkey: str) -> str:
|
|||||||
|
|
||||||
|
|
||||||
def generate_private_key(out_file: Path | None = None) -> tuple[str, str]:
|
def generate_private_key(out_file: Path | None = None) -> tuple[str, str]:
|
||||||
cmd = nix_shell_legacy(["nixpkgs#age"], ["age-keygen"])
|
cmd = nix_shell(["age"], ["age-keygen"])
|
||||||
try:
|
try:
|
||||||
proc = run(cmd)
|
proc = run(cmd)
|
||||||
res = proc.stdout.strip()
|
res = proc.stdout.strip()
|
||||||
|
|||||||
@@ -14,7 +14,7 @@ from clan_cli.completions import (
|
|||||||
)
|
)
|
||||||
from clan_cli.errors import ClanError
|
from clan_cli.errors import ClanError
|
||||||
from clan_cli.machines.machines import Machine
|
from clan_cli.machines.machines import Machine
|
||||||
from clan_cli.nix import nix_shell_legacy
|
from clan_cli.nix import nix_shell
|
||||||
from clan_cli.ssh.host import Host, is_ssh_reachable
|
from clan_cli.ssh.host import Host, is_ssh_reachable
|
||||||
from clan_cli.ssh.host_key import HostKeyCheck
|
from clan_cli.ssh.host_key import HostKeyCheck
|
||||||
from clan_cli.ssh.parse import parse_deployment_address
|
from clan_cli.ssh.parse import parse_deployment_address
|
||||||
@@ -65,8 +65,8 @@ def find_reachable_host(
|
|||||||
|
|
||||||
|
|
||||||
def qrcode_scan(picture_file: Path) -> str:
|
def qrcode_scan(picture_file: Path) -> str:
|
||||||
cmd = nix_shell_legacy(
|
cmd = nix_shell(
|
||||||
["nixpkgs#zbar"],
|
["zbar"],
|
||||||
[
|
[
|
||||||
"zbarimg",
|
"zbarimg",
|
||||||
"--quiet",
|
"--quiet",
|
||||||
|
|||||||
@@ -10,7 +10,7 @@ from dataclasses import dataclass
|
|||||||
from clan_cli.async_run import AsyncRuntime
|
from clan_cli.async_run import AsyncRuntime
|
||||||
from clan_cli.cmd import Log, RunOpts, run
|
from clan_cli.cmd import Log, RunOpts, run
|
||||||
from clan_cli.errors import TorConnectionError, TorSocksError
|
from clan_cli.errors import TorConnectionError, TorSocksError
|
||||||
from clan_cli.nix import nix_shell_legacy
|
from clan_cli.nix import nix_shell
|
||||||
|
|
||||||
log = logging.getLogger(__name__)
|
log = logging.getLogger(__name__)
|
||||||
|
|
||||||
@@ -116,8 +116,8 @@ def spawn_tor(runtime: AsyncRuntime) -> None:
|
|||||||
def start_tor() -> None:
|
def start_tor() -> None:
|
||||||
"""Starts Tor process using nix-shell."""
|
"""Starts Tor process using nix-shell."""
|
||||||
cmd_args = ["tor", "--HardwareAccel", "1"]
|
cmd_args = ["tor", "--HardwareAccel", "1"]
|
||||||
packages = ["nixpkgs#tor"]
|
packages = ["tor"]
|
||||||
cmd = nix_shell_legacy(packages, cmd_args)
|
cmd = nix_shell(packages, cmd_args)
|
||||||
runtime.async_run(None, run, cmd, RunOpts(log=Log.BOTH))
|
runtime.async_run(None, run, cmd, RunOpts(log=Log.BOTH))
|
||||||
log.debug("Attempting to start Tor")
|
log.debug("Attempting to start Tor")
|
||||||
|
|
||||||
|
|||||||
@@ -2,21 +2,19 @@ import subprocess
|
|||||||
from pathlib import Path
|
from pathlib import Path
|
||||||
|
|
||||||
import pytest
|
import pytest
|
||||||
from clan_cli.nix import nix_shell_legacy
|
from clan_cli.nix import nix_shell
|
||||||
|
|
||||||
|
|
||||||
# fixture for git_repo
|
# fixture for git_repo
|
||||||
@pytest.fixture
|
@pytest.fixture
|
||||||
def git_repo(temp_dir: Path) -> Path:
|
def git_repo(temp_dir: Path) -> Path:
|
||||||
# initialize a git repository
|
# initialize a git repository
|
||||||
cmd = nix_shell_legacy(["nixpkgs#git"], ["git", "init"])
|
cmd = nix_shell(["git"], ["git", "init"])
|
||||||
subprocess.run(cmd, cwd=temp_dir, check=True)
|
subprocess.run(cmd, cwd=temp_dir, check=True)
|
||||||
# set user.name and user.email
|
# set user.name and user.email
|
||||||
cmd = nix_shell_legacy(["nixpkgs#git"], ["git", "config", "user.name", "test"])
|
cmd = nix_shell(["git"], ["git", "config", "user.name", "test"])
|
||||||
subprocess.run(cmd, cwd=temp_dir, check=True)
|
subprocess.run(cmd, cwd=temp_dir, check=True)
|
||||||
cmd = nix_shell_legacy(
|
cmd = nix_shell(["git"], ["git", "config", "user.email", "test@test.test"])
|
||||||
["nixpkgs#git"], ["git", "config", "user.email", "test@test.test"]
|
|
||||||
)
|
|
||||||
subprocess.run(cmd, cwd=temp_dir, check=True)
|
subprocess.run(cmd, cwd=temp_dir, check=True)
|
||||||
# return the path to the git repository
|
# return the path to the git repository
|
||||||
return temp_dir
|
return temp_dir
|
||||||
|
|||||||
@@ -6,7 +6,7 @@ from clan_cli.facts.secret_modules.password_store import SecretStore
|
|||||||
from clan_cli.flake import Flake
|
from clan_cli.flake import Flake
|
||||||
from clan_cli.machines.facts import machine_get_fact
|
from clan_cli.machines.facts import machine_get_fact
|
||||||
from clan_cli.machines.machines import Machine
|
from clan_cli.machines.machines import Machine
|
||||||
from clan_cli.nix import nix_shell_legacy
|
from clan_cli.nix import nix_shell
|
||||||
from clan_cli.ssh.host import Host
|
from clan_cli.ssh.host import Host
|
||||||
from clan_cli.tests.fixtures_flakes import ClanFlake
|
from clan_cli.tests.fixtures_flakes import ClanFlake
|
||||||
from clan_cli.tests.helpers import cli
|
from clan_cli.tests.helpers import cli
|
||||||
@@ -58,14 +58,10 @@ def test_upload_secret(
|
|||||||
"""
|
"""
|
||||||
)
|
)
|
||||||
subprocess.run(
|
subprocess.run(
|
||||||
nix_shell_legacy(
|
nix_shell(["gnupg"], ["gpg", "--batch", "--gen-key", str(gpg_key_spec)]),
|
||||||
["nixpkgs#gnupg"], ["gpg", "--batch", "--gen-key", str(gpg_key_spec)]
|
|
||||||
),
|
|
||||||
check=True,
|
check=True,
|
||||||
)
|
)
|
||||||
subprocess.run(
|
subprocess.run(nix_shell(["pass"], ["pass", "init", "test@local"]), check=True)
|
||||||
nix_shell_legacy(["nixpkgs#pass"], ["pass", "init", "test@local"]), check=True
|
|
||||||
)
|
|
||||||
cli.run(["facts", "generate", "vm1", "--flake", str(flake.path)])
|
cli.run(["facts", "generate", "vm1", "--flake", str(flake.path)])
|
||||||
|
|
||||||
store = SecretStore(Machine(name="vm1", flake=Flake(str(flake.path))))
|
store = SecretStore(Machine(name="vm1", flake=Flake(str(flake.path))))
|
||||||
|
|||||||
@@ -17,7 +17,7 @@ from clan_cli.completions import (
|
|||||||
from clan_cli.errors import ClanError
|
from clan_cli.errors import ClanError
|
||||||
from clan_cli.git import commit_files
|
from clan_cli.git import commit_files
|
||||||
from clan_cli.machines.inventory import get_all_machines, get_selected_machines
|
from clan_cli.machines.inventory import get_all_machines, get_selected_machines
|
||||||
from clan_cli.nix import nix_config, nix_shell_legacy, nix_test_store
|
from clan_cli.nix import nix_config, nix_shell, nix_test_store
|
||||||
from clan_cli.vars._types import StoreBase
|
from clan_cli.vars._types import StoreBase
|
||||||
|
|
||||||
from .check import check_vars
|
from .check import check_vars
|
||||||
@@ -84,10 +84,10 @@ def bubblewrap_cmd(generator: str, tmpdir: Path) -> list[str]:
|
|||||||
test_store = nix_test_store()
|
test_store = nix_test_store()
|
||||||
|
|
||||||
# fmt: off
|
# fmt: off
|
||||||
return nix_shell_legacy(
|
return nix_shell(
|
||||||
[
|
[
|
||||||
"nixpkgs#bash",
|
"bash",
|
||||||
"nixpkgs#bubblewrap",
|
"bubblewrap",
|
||||||
],
|
],
|
||||||
[
|
[
|
||||||
"bwrap",
|
"bwrap",
|
||||||
|
|||||||
@@ -9,7 +9,7 @@ from tempfile import TemporaryDirectory
|
|||||||
|
|
||||||
from clan_cli.cmd import CmdOut, Log, RunOpts, run
|
from clan_cli.cmd import CmdOut, Log, RunOpts, run
|
||||||
from clan_cli.machines.machines import Machine
|
from clan_cli.machines.machines import Machine
|
||||||
from clan_cli.nix import nix_shell_legacy
|
from clan_cli.nix import nix_shell
|
||||||
from clan_cli.ssh.upload import upload
|
from clan_cli.ssh.upload import upload
|
||||||
from clan_cli.vars._types import StoreBase
|
from clan_cli.vars._types import StoreBase
|
||||||
from clan_cli.vars.generate import Generator, Var
|
from clan_cli.vars.generate import Generator, Var
|
||||||
@@ -49,9 +49,7 @@ class SecretStore(StoreBase):
|
|||||||
return Path(self.entry_prefix) / self.rel_dir(generator, name)
|
return Path(self.entry_prefix) / self.rel_dir(generator, name)
|
||||||
|
|
||||||
def _run_pass(self, *args: str, options: RunOpts | None = None) -> CmdOut:
|
def _run_pass(self, *args: str, options: RunOpts | None = None) -> CmdOut:
|
||||||
cmd = nix_shell_legacy(
|
cmd = nix_shell(packages=["pass"], cmd=[self._store_backend, *args])
|
||||||
packages=["nixpkgs#pass"], cmd=[self._store_backend, *args]
|
|
||||||
)
|
|
||||||
return run(cmd, options)
|
return run(cmd, options)
|
||||||
|
|
||||||
def _set(
|
def _set(
|
||||||
@@ -92,8 +90,8 @@ class SecretStore(StoreBase):
|
|||||||
hashes = []
|
hashes = []
|
||||||
hashes.append(
|
hashes.append(
|
||||||
run(
|
run(
|
||||||
nix_shell_legacy(
|
nix_shell(
|
||||||
["nixpkgs#git"],
|
["git"],
|
||||||
[
|
[
|
||||||
"git",
|
"git",
|
||||||
"-C",
|
"-C",
|
||||||
@@ -120,8 +118,8 @@ class SecretStore(StoreBase):
|
|||||||
if symlink.is_symlink():
|
if symlink.is_symlink():
|
||||||
hashes.append(
|
hashes.append(
|
||||||
run(
|
run(
|
||||||
nix_shell_legacy(
|
nix_shell(
|
||||||
["nixpkgs#git"],
|
["git"],
|
||||||
[
|
[
|
||||||
"git",
|
"git",
|
||||||
"-C",
|
"-C",
|
||||||
|
|||||||
@@ -19,7 +19,7 @@ from clan_cli.dirs import module_root, user_cache_dir, vm_state_dir
|
|||||||
from clan_cli.errors import ClanCmdError, ClanError
|
from clan_cli.errors import ClanCmdError, ClanError
|
||||||
from clan_cli.facts.generate import generate_facts
|
from clan_cli.facts.generate import generate_facts
|
||||||
from clan_cli.machines.machines import Machine
|
from clan_cli.machines.machines import Machine
|
||||||
from clan_cli.nix import nix_shell_legacy
|
from clan_cli.nix import nix_shell
|
||||||
from clan_cli.qemu.qga import QgaSession
|
from clan_cli.qemu.qga import QgaSession
|
||||||
from clan_cli.qemu.qmp import QEMUMonitorProtocol
|
from clan_cli.qemu.qmp import QEMUMonitorProtocol
|
||||||
|
|
||||||
@@ -96,8 +96,8 @@ def prepare_disk(
|
|||||||
file_name: str = "disk.img",
|
file_name: str = "disk.img",
|
||||||
) -> Path:
|
) -> Path:
|
||||||
disk_img = directory / file_name
|
disk_img = directory / file_name
|
||||||
cmd = nix_shell_legacy(
|
cmd = nix_shell(
|
||||||
["nixpkgs#qemu"],
|
["qemu"],
|
||||||
[
|
[
|
||||||
"qemu-img",
|
"qemu-img",
|
||||||
"create",
|
"create",
|
||||||
@@ -127,7 +127,7 @@ def start_vm(
|
|||||||
) -> Iterator[subprocess.Popen]:
|
) -> Iterator[subprocess.Popen]:
|
||||||
env = os.environ.copy()
|
env = os.environ.copy()
|
||||||
env.update(extra_env)
|
env.update(extra_env)
|
||||||
cmd = nix_shell_legacy(packages, args)
|
cmd = nix_shell(packages, args)
|
||||||
machine.debug(f"Starting VM with command: {cmd}")
|
machine.debug(f"Starting VM with command: {cmd}")
|
||||||
|
|
||||||
with subprocess.Popen(
|
with subprocess.Popen(
|
||||||
@@ -280,11 +280,11 @@ def spawn_vm(
|
|||||||
interactive=stdin is None,
|
interactive=stdin is None,
|
||||||
)
|
)
|
||||||
|
|
||||||
packages = ["nixpkgs#qemu"]
|
packages = ["qemu"]
|
||||||
|
|
||||||
extra_env = {}
|
extra_env = {}
|
||||||
if vm.graphics and not vm.waypipe.enable:
|
if vm.graphics and not vm.waypipe.enable:
|
||||||
packages.append("nixpkgs#virt-viewer")
|
packages.append("virt-viewer")
|
||||||
remote_viewer_mimetypes = module_root() / "vms" / "mimetypes"
|
remote_viewer_mimetypes = module_root() / "vms" / "mimetypes"
|
||||||
extra_env["XDG_DATA_DIRS"] = (
|
extra_env["XDG_DATA_DIRS"] = (
|
||||||
f"{remote_viewer_mimetypes}:{os.environ.get('XDG_DATA_DIRS', '')}"
|
f"{remote_viewer_mimetypes}:{os.environ.get('XDG_DATA_DIRS', '')}"
|
||||||
|
|||||||
@@ -6,7 +6,7 @@ from collections.abc import Iterator
|
|||||||
from pathlib import Path
|
from pathlib import Path
|
||||||
|
|
||||||
from clan_cli.errors import ClanError
|
from clan_cli.errors import ClanError
|
||||||
from clan_cli.nix import nix_shell_legacy
|
from clan_cli.nix import nix_shell
|
||||||
|
|
||||||
|
|
||||||
@contextlib.contextmanager
|
@contextlib.contextmanager
|
||||||
@@ -14,8 +14,8 @@ def start_virtiofsd(socket_path: Path) -> Iterator[None]:
|
|||||||
sandbox = "namespace"
|
sandbox = "namespace"
|
||||||
if shutil.which("newuidmap") is None:
|
if shutil.which("newuidmap") is None:
|
||||||
sandbox = "none"
|
sandbox = "none"
|
||||||
virtiofsd = nix_shell_legacy(
|
virtiofsd = nix_shell(
|
||||||
["nixpkgs#virtiofsd"],
|
["virtiofsd"],
|
||||||
[
|
[
|
||||||
"virtiofsd",
|
"virtiofsd",
|
||||||
"--socket-path",
|
"--socket-path",
|
||||||
|
|||||||
@@ -6,7 +6,7 @@ import time
|
|||||||
from collections.abc import Iterator
|
from collections.abc import Iterator
|
||||||
|
|
||||||
from clan_cli.errors import ClanError
|
from clan_cli.errors import ClanError
|
||||||
from clan_cli.nix import nix_shell_legacy
|
from clan_cli.nix import nix_shell
|
||||||
|
|
||||||
VMADDR_CID_HYPERVISOR = 2
|
VMADDR_CID_HYPERVISOR = 2
|
||||||
|
|
||||||
@@ -29,8 +29,8 @@ def start_waypipe(cid: int | None, title_prefix: str) -> Iterator[None]:
|
|||||||
if cid is None:
|
if cid is None:
|
||||||
yield
|
yield
|
||||||
return
|
return
|
||||||
waypipe = nix_shell_legacy(
|
waypipe = nix_shell(
|
||||||
["nixpkgs#waypipe"],
|
["waypipe"],
|
||||||
[
|
[
|
||||||
"waypipe",
|
"waypipe",
|
||||||
"--vsock",
|
"--vsock",
|
||||||
|
|||||||
@@ -127,7 +127,7 @@
|
|||||||
in
|
in
|
||||||
{
|
{
|
||||||
devShells.clan-cli = pkgs.callPackage ./shell.nix {
|
devShells.clan-cli = pkgs.callPackage ./shell.nix {
|
||||||
inherit (self'.packages) clan-cli clan-cli-full;
|
inherit (self'.packages) clan-cli;
|
||||||
inherit self';
|
inherit self';
|
||||||
};
|
};
|
||||||
packages = {
|
packages = {
|
||||||
|
|||||||
@@ -2,7 +2,6 @@
|
|||||||
lib,
|
lib,
|
||||||
nix-unit,
|
nix-unit,
|
||||||
clan-cli,
|
clan-cli,
|
||||||
clan-cli-full,
|
|
||||||
mkShell,
|
mkShell,
|
||||||
ruff,
|
ruff,
|
||||||
self',
|
self',
|
||||||
@@ -26,7 +25,7 @@ mkShell {
|
|||||||
inputsFrom = [ self'.devShells.default ];
|
inputsFrom = [ self'.devShells.default ];
|
||||||
|
|
||||||
CLAN_PROVIDED_PACKAGES = lib.concatStringsSep ":" (
|
CLAN_PROVIDED_PACKAGES = lib.concatStringsSep ":" (
|
||||||
lib.attrNames clan-cli-full.passthru.runtimeDependenciesMap
|
lib.attrNames clan-cli.passthru.runtimeDependenciesMap
|
||||||
);
|
);
|
||||||
|
|
||||||
shellHook = ''
|
shellHook = ''
|
||||||
|
|||||||
@@ -9,7 +9,7 @@
|
|||||||
./webview-ui/flake-module.nix
|
./webview-ui/flake-module.nix
|
||||||
./distro-packages/flake-module.nix
|
./distro-packages/flake-module.nix
|
||||||
./icon-update/flake-module.nix
|
./icon-update/flake-module.nix
|
||||||
./vars-generate/flake-module.nix
|
./generate-test-vars/flake-module.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
flake.packages.x86_64-linux =
|
flake.packages.x86_64-linux =
|
||||||
|
|||||||
@@ -4,10 +4,10 @@
|
|||||||
clan-cli,
|
clan-cli,
|
||||||
}:
|
}:
|
||||||
buildPythonApplication {
|
buildPythonApplication {
|
||||||
name = "vars-generate";
|
name = "generate-test-vars";
|
||||||
src = ./.;
|
src = ./.;
|
||||||
format = "pyproject";
|
format = "pyproject";
|
||||||
buildInputs = [ (python.pkgs.toPythonModule clan-cli) ];
|
dependencies = [ (python.pkgs.toPythonModule clan-cli) ];
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
(python.withPackages (ps: [ ps.setuptools ]))
|
(python.withPackages (ps: [ ps.setuptools ]))
|
||||||
];
|
];
|
||||||
@@ -10,7 +10,7 @@
|
|||||||
# devShells.vars-generator = pkgs.callPackage ./shell.nix {
|
# devShells.vars-generator = pkgs.callPackage ./shell.nix {
|
||||||
|
|
||||||
# };
|
# };
|
||||||
packages.vars-generator = pkgs.python3.pkgs.callPackage ./default.nix {
|
packages.generate-test-vars = pkgs.python3.pkgs.callPackage ./default.nix {
|
||||||
inherit (config.packages) clan-cli;
|
inherit (config.packages) clan-cli;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
@@ -3,15 +3,17 @@
|
|||||||
import argparse
|
import argparse
|
||||||
import json
|
import json
|
||||||
import os
|
import os
|
||||||
|
import shutil
|
||||||
import subprocess
|
import subprocess
|
||||||
|
from dataclasses import dataclass
|
||||||
from pathlib import Path
|
from pathlib import Path
|
||||||
from tempfile import NamedTemporaryFile
|
from tempfile import NamedTemporaryFile
|
||||||
from typing import Any
|
from typing import Any, override
|
||||||
|
|
||||||
from clan_cli.dirs import find_git_repo_root
|
from clan_cli.dirs import find_git_repo_root
|
||||||
from clan_cli.flake import Flake
|
from clan_cli.flake import Flake
|
||||||
from clan_cli.machines.machines import Machine
|
from clan_cli.machines.machines import Machine
|
||||||
from clan_cli.nix import nix_build, nix_config, nix_eval
|
from clan_cli.nix import nix_config, nix_eval
|
||||||
from clan_cli.vars.generate import generate_vars
|
from clan_cli.vars.generate import generate_vars
|
||||||
|
|
||||||
sops_priv_key = (
|
sops_priv_key = (
|
||||||
@@ -26,7 +28,7 @@ def machine_names(repo_root: Path, check_attr: str) -> list[str]:
|
|||||||
"""
|
"""
|
||||||
cmd = nix_eval(
|
cmd = nix_eval(
|
||||||
[
|
[
|
||||||
f"{repo_root}#checks.{nix_config()['system']}.{check_attr}.nodes",
|
f"git+file://{repo_root}#checks.{nix_config()['system']}.{check_attr}.nodes",
|
||||||
"--apply",
|
"--apply",
|
||||||
"builtins.attrNames",
|
"builtins.attrNames",
|
||||||
]
|
]
|
||||||
@@ -42,79 +44,48 @@ class TestMachine(Machine):
|
|||||||
clan-core#checks.<system>.<test_name>.nodes.<machine_name>.<attr>
|
clan-core#checks.<system>.<test_name>.nodes.<machine_name>.<attr>
|
||||||
"""
|
"""
|
||||||
|
|
||||||
def __init__(self, name: str, flake: Flake, check_attr: str) -> None:
|
@override
|
||||||
|
def __init__(
|
||||||
|
self, name: str, flake: Flake, test_dir: Path, check_attr: str
|
||||||
|
) -> None:
|
||||||
super().__init__(name, flake)
|
super().__init__(name, flake)
|
||||||
self.check_attr = check_attr
|
self.check_attr = check_attr
|
||||||
|
self.test_dir = test_dir
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def deployment(self) -> dict:
|
def flake_dir(self) -> Path:
|
||||||
if getattr(self, "_deployment", None):
|
return self.test_dir
|
||||||
return self._deployment
|
|
||||||
cmd = nix_build(
|
|
||||||
[
|
|
||||||
f"{self.flake.path}#checks.{nix_config()['system']}.{self.check_attr}.nodes.{self.name}.system.clan.deployment.file"
|
|
||||||
]
|
|
||||||
)
|
|
||||||
out = subprocess.run(cmd, check=True, text=True, stdout=subprocess.PIPE)
|
|
||||||
self._deployment = json.loads(Path(out.stdout.strip()).read_text())
|
|
||||||
return self._deployment
|
|
||||||
|
|
||||||
def eval_nix(
|
@override
|
||||||
|
def nix(
|
||||||
self,
|
self,
|
||||||
attr: str,
|
attr: str,
|
||||||
refresh: bool = False,
|
|
||||||
extra_config: None | dict = None,
|
|
||||||
nix_options: list[str] | None = None,
|
nix_options: list[str] | None = None,
|
||||||
) -> Any:
|
) -> Any:
|
||||||
"""
|
"""
|
||||||
eval a nix attribute of the machine
|
Build the machine and return the path to the result
|
||||||
@attr: the attribute to get
|
accepts a secret store and a facts store # TODO
|
||||||
"""
|
"""
|
||||||
|
|
||||||
if nix_options is None:
|
if nix_options is None:
|
||||||
nix_options = []
|
nix_options = []
|
||||||
|
|
||||||
# return self.nix("eval", attr, nix_options)
|
config = nix_config()
|
||||||
cmd = nix_eval(
|
system = config["system"]
|
||||||
[
|
|
||||||
f"{self.flake.path}#checks.{nix_config()['system']}.{self.check_attr}.nodes.{self.name}.{attr}"
|
return self.flake.select(
|
||||||
]
|
f'checks."{system}".{self.check_attr}.nodes.{self.name}.{attr}',
|
||||||
|
nix_options=nix_options,
|
||||||
)
|
)
|
||||||
out = subprocess.run(cmd, check=True, text=True, stdout=subprocess.PIPE)
|
|
||||||
return json.loads(out.stdout.strip())
|
|
||||||
|
|
||||||
def build_nix(
|
|
||||||
self,
|
|
||||||
attr: str,
|
|
||||||
extra_config: None | dict = None,
|
|
||||||
nix_options: list[str] | None = None,
|
|
||||||
) -> Path:
|
|
||||||
"""
|
|
||||||
build a nix attribute of the machine
|
|
||||||
@attr: the attribute to get
|
|
||||||
"""
|
|
||||||
|
|
||||||
if nix_options is None:
|
|
||||||
nix_options = []
|
|
||||||
|
|
||||||
cmd = nix_build(
|
|
||||||
[
|
|
||||||
f"{self.flake.path}#checks.{nix_config()['system']}.{self.check_attr}.nodes.{self.name}.{attr}"
|
|
||||||
]
|
|
||||||
)
|
|
||||||
out = subprocess.run(cmd, check=True, text=True, stdout=subprocess.PIPE)
|
|
||||||
return Path(out.stdout.strip())
|
|
||||||
|
|
||||||
def flush_caches(self) -> None:
|
|
||||||
"""
|
|
||||||
Disable flush, because it calls prefetch() which resets the overridden Flake._path
|
|
||||||
"""
|
|
||||||
return
|
|
||||||
|
|
||||||
|
|
||||||
def parse_args() -> argparse.Namespace:
|
@dataclass
|
||||||
import argparse
|
class Options:
|
||||||
|
repo_root: Path
|
||||||
|
test_dir: Path
|
||||||
|
check_attr: str
|
||||||
|
|
||||||
|
|
||||||
|
def parse_args() -> Options:
|
||||||
parser = argparse.ArgumentParser(
|
parser = argparse.ArgumentParser(
|
||||||
description="""
|
description="""
|
||||||
Update the vars of a 'makeTestClan' integration test.
|
Update the vars of a 'makeTestClan' integration test.
|
||||||
@@ -145,26 +116,32 @@ def parse_args() -> argparse.Namespace:
|
|||||||
type=str,
|
type=str,
|
||||||
help="The attribute name of the flake#checks to update",
|
help="The attribute name of the flake#checks to update",
|
||||||
)
|
)
|
||||||
return parser.parse_args()
|
args = parser.parse_args()
|
||||||
|
return Options(
|
||||||
|
repo_root=args.repo_root,
|
||||||
|
test_dir=args.test_dir,
|
||||||
|
check_attr=args.check_attr,
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
def main() -> None:
|
def main() -> None:
|
||||||
os.environ["CLAN_NO_COMMIT"] = "1"
|
os.environ["CLAN_NO_COMMIT"] = "1"
|
||||||
args = parse_args()
|
opts = parse_args()
|
||||||
test_dir = args.repo_root / args.test_dir
|
test_dir = opts.repo_root / opts.test_dir
|
||||||
subprocess.run(["rm", "-rf", f"{test_dir}/vars", f"{test_dir}/sops"])
|
|
||||||
flake = Flake(str(test_dir))
|
shutil.rmtree(test_dir / "vars", ignore_errors=True)
|
||||||
flake._path = test_dir # noqa SLF001
|
shutil.rmtree(test_dir / "sops", ignore_errors=True)
|
||||||
flake._is_local = True # noqa SLF001
|
|
||||||
|
flake = Flake(str(opts.repo_root))
|
||||||
machines = [
|
machines = [
|
||||||
TestMachine(name, flake, args.check_attr)
|
TestMachine(name, flake, test_dir, opts.check_attr)
|
||||||
for name in machine_names(
|
for name in machine_names(
|
||||||
args.repo_root,
|
opts.repo_root,
|
||||||
args.check_attr,
|
opts.check_attr,
|
||||||
)
|
)
|
||||||
]
|
]
|
||||||
user = "admin"
|
user = "admin"
|
||||||
admin_key_path = Path(flake.path / "sops" / "users" / user / "key.json")
|
admin_key_path = Path(test_dir.resolve() / "sops" / "users" / user / "key.json")
|
||||||
admin_key_path.parent.mkdir(parents=True, exist_ok=True)
|
admin_key_path.parent.mkdir(parents=True, exist_ok=True)
|
||||||
admin_key_path.write_text(
|
admin_key_path.write_text(
|
||||||
json.dumps(
|
json.dumps(
|
||||||
@@ -4,10 +4,10 @@ build-backend = "setuptools.build_meta"
|
|||||||
|
|
||||||
|
|
||||||
[project]
|
[project]
|
||||||
name = "vars-generate"
|
name = "generate-test-vars"
|
||||||
description = "vars generate"
|
description = "vars generate"
|
||||||
dynamic = ["version"]
|
dynamic = ["version"]
|
||||||
scripts = { vars-generate = "cli:main.main" }
|
scripts = { generate-test-vars = "generate_test_vars:cli.main" }
|
||||||
|
|
||||||
[project.urls]
|
[project.urls]
|
||||||
Homepage = "https://clan.lol/"
|
Homepage = "https://clan.lol/"
|
||||||
Reference in New Issue
Block a user