yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

vars: introduce ensure_machine_has_access method for sops

Browse Source 
this should help avoiding overriding existing shared secrets by not
triggering vars regeneration if a machine has no access.

wip
This commit is contained in:
Jörg Thalheim
2024-11-14 13:17:50 +01:00
committed by kenji
parent 609dc90775
commit 2b270a8951
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pkgs/clan-cli/clan_cli/vars/generate.py
View File

@@ -297,6 +297,10 @@ def _check_can_migrate(
if machine.secret_vars_store.exists( if machine.secret_vars_store.exists(
generator_name, fname, vars_generator["share"] generator_name, fname, vars_generator["share"]
): ):
if vars_generator["deploy"]:
machine.secret_vars_store.ensure_machine_has_access(
generator_name, fname, vars_generator["share"]
)
return False return False
else: else:
if machine.public_vars_store.exists( if machine.public_vars_store.exists(