vars: improve check command and add tests
This commit is contained in:
DavHau
@@ -8,7 +8,7 @@ from ..machines.machines import Machine
|
||||
log = logging.getLogger(__name__)
|
||||
|
||||
|
||||
def check_secrets(machine: Machine, generator_name: None | str = None) -> bool:
|
||||
def check_vars(machine: Machine, generator_name: None | str = None) -> bool:
|
||||
secret_vars_module = importlib.import_module(machine.secret_vars_module)
|
||||
secret_vars_store = secret_vars_module.SecretStore(machine=machine)
|
||||
public_vars_module = importlib.import_module(machine.public_vars_module)
|
||||
@@ -47,7 +47,9 @@ def check_command(args: argparse.Namespace) -> None:
|
||||
name=args.machine,
|
||||
flake=args.flake,
|
||||
)
|
||||
check_secrets(machine, generator_name=args.service)
|
||||
ok = check_vars(machine, generator_name=args.service)
|
||||
if not ok:
|
||||
raise SystemExit(1)
|
||||
|
||||
|
||||
def register_check_parser(parser: argparse.ArgumentParser) -> None:
|
||||
|
||||
@@ -21,7 +21,7 @@ from ..git import commit_files
|
||||
from ..machines.inventory import get_all_machines, get_selected_machines
|
||||
from ..machines.machines import Machine
|
||||
from ..nix import nix_shell
|
||||
from .check import check_secrets
|
||||
from .check import check_vars
|
||||
from .public_modules import FactStoreBase
|
||||
from .secret_modules import SecretStoreBase
|
||||
|
||||
@@ -101,7 +101,7 @@ def execute_generator(
|
||||
public_vars_store: FactStoreBase,
|
||||
) -> bool:
|
||||
# check if all secrets exist and generate them if at least one is missing
|
||||
needs_regeneration = not check_secrets(machine, generator_name=generator_name)
|
||||
needs_regeneration = not check_vars(machine, generator_name=generator_name)
|
||||
log.debug(f"{generator_name} needs_regeneration: {needs_regeneration}")
|
||||
if not (needs_regeneration or regenerate):
|
||||
return False
|
||||
|
||||
@@ -13,6 +13,7 @@ from root import CLAN_CORE
|
||||
from clan_cli.clan_uri import FlakeId
|
||||
from clan_cli.machines.machines import Machine
|
||||
from clan_cli.nix import nix_shell
|
||||
from clan_cli.vars.check import check_vars
|
||||
from clan_cli.vars.list import stringify_all_vars
|
||||
from clan_cli.vars.public_modules import in_repo
|
||||
from clan_cli.vars.secret_modules import password_store, sops
|
||||
@@ -78,13 +79,15 @@ def test_generate_public_var(
|
||||
machine_configs=dict(my_machine=config),
|
||||
)
|
||||
monkeypatch.chdir(flake.path)
|
||||
machine = Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
||||
assert not check_vars(machine)
|
||||
cli.run(["vars", "generate", "--flake", str(flake.path), "my_machine"])
|
||||
assert check_vars(machine)
|
||||
store = in_repo.FactStore(
|
||||
Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
||||
)
|
||||
assert store.exists("my_generator", "my_value")
|
||||
assert store.get("my_generator", "my_value").decode() == "hello\n"
|
||||
machine = Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
||||
vars_text = stringify_all_vars(machine)
|
||||
assert "my_generator/my_value: hello" in vars_text
|
||||
|
||||
@@ -106,7 +109,10 @@ def test_generate_secret_var_sops(
|
||||
)
|
||||
monkeypatch.chdir(flake.path)
|
||||
sops_setup.init()
|
||||
machine = Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
||||
assert not check_vars(machine)
|
||||
cli.run(["vars", "generate", "--flake", str(flake.path), "my_machine"])
|
||||
assert check_vars(machine)
|
||||
in_repo_store = in_repo.FactStore(
|
||||
Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
||||
)
|
||||
@@ -116,7 +122,6 @@ def test_generate_secret_var_sops(
|
||||
)
|
||||
assert sops_store.exists("my_generator", "my_secret")
|
||||
assert sops_store.get("my_generator", "my_secret").decode() == "hello\n"
|
||||
machine = Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
||||
vars_text = stringify_all_vars(machine)
|
||||
assert "my_generator/my_secret" in vars_text
|
||||
|
||||
@@ -194,13 +199,15 @@ def test_generate_secret_var_password_store(
|
||||
subprocess.run(
|
||||
nix_shell(["nixpkgs#pass"], ["pass", "init", "test@local"]), check=True
|
||||
)
|
||||
machine = Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
||||
assert not check_vars(machine)
|
||||
cli.run(["vars", "generate", "--flake", str(flake.path), "my_machine"])
|
||||
assert check_vars(machine)
|
||||
store = password_store.SecretStore(
|
||||
Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
||||
)
|
||||
assert store.exists("my_generator", "my_secret")
|
||||
assert store.get("my_generator", "my_secret").decode() == "hello\n"
|
||||
machine = Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
||||
vars_text = stringify_all_vars(machine)
|
||||
assert "my_generator/my_secret" in vars_text
|
||||
|
||||
|
||||
Reference in New Issue
Block a user