yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

vars: always generate dependents

Browse Source 
Even for the minimal closure case (when a specific generator was picked), we should still force regeneration of all dependents, as otherwise we risk keeping outdated dependents from previous generations
This commit is contained in:
DavHau
2025-08-27 11:17:52 +07:00
parent 6e4c3a638d
commit 3d2127ce1e
2 changed files with 41 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
pkgs/clan-cli/clan_cli/tests/test_vars.py
View File

@@ -156,6 +156,12 @@ def test_generate_public_and_secret_vars(
vars_text = stringify_all_vars(machine)
flake_obj = Flake(str(flake.path))
my_generator = Generator("my_generator", machine="my_machine", _flake=flake_obj)
shared_generator = Generator(
"my_shared_generator",
share=True,
machine="my_machine",
_flake=flake_obj,
)
dependent_generator = Generator(
"dependent_generator",
machine="my_machine",
@@ -262,6 +268,36 @@ def test_generate_public_and_secret_vars(
"my_generator value should NOT change after regenerating only my_shared_generator"
)
# test that a dependent is generated on a clean slate even when no --regenerate is given
# remove all generated vars
in_repo_store.delete_store("my_machine")
sops_store.delete(shared_generator, "my_shared_value")
sops_store.delete_store("my_machine")
cli.run(
[
"vars",
"generate",
"--flake",
str(flake.path),
"my_machine",
"--generator",
"my_shared_generator",
]
)
# check that both my_shared_generator and dependent_generator are generated
shared_value_clean = get_machine_var(
machine,
"my_shared_generator/my_shared_value",
).printable_value
assert shared_value_clean.startswith("shared"), "Shared value should be generated"
assert sops_store.exists(dependent_generator, "my_secret"), (
"Dependent generator's secret should be generated"
)
secret_value_clean = sops_store.get(dependent_generator, "my_secret").decode()
assert secret_value_clean == shared_value_clean, (
"Dependent generator's secret should match the shared value"
)
# TODO: it doesn't actually test if the group has access
@pytest.mark.with_core

5
pkgs/clan-cli/clan_cli/vars/graph.py
View File

@@ -123,6 +123,9 @@ def requested_closure(
# just enough to ensure that the list of selected generators are in a consistent state.
# empty if nothing is missing.
# Theoretically we could have a more minimal closure that does not include dependents of
# the requested generators, but this would introduce the potential for previously
# generated dependents being out of sync.
def minimal_closure(
requested_generators: list[GeneratorKey],
generators: dict[GeneratorKey, Generator],
@@ -133,4 +136,6 @@ def minimal_closure(
for gen_key in closure:
if not generators[gen_key].exists:
final_closure.add(gen_key)
# add dependents of final_closure
final_closure = add_dependents(final_closure, generators)
return toposort_closure(final_closure, generators)