always resolve symlinks for TemporaryDirectory

On macOS mktemp returns a temporary directory in a symlink. Nix has a bug where it won't accept path:// located in a symlink. This avoid this issue by always resolving symlinks as returned by TemporaryDirectory.
2025-03-19 16:31:36 +01:00
parent 490e54b278
commit 43035b85a5
12 changed files with 55 additions and 55 deletions
--- a/pkgs/clan-cli/clan_cli/facts/generate.py
+++ b/pkgs/clan-cli/clan_cli/facts/generate.py
@@ -202,8 +202,8 @@ def generate_facts(
    prompt: Callable[[str, str], str] = prompt_func,
 ) -> bool:
    was_regenerated = False
-    with TemporaryDirectory(prefix="facts-generate-") as tmp:
-        tmpdir = Path(tmp)
+    with TemporaryDirectory(prefix="facts-generate-") as _tmpdir:
+        tmpdir = Path(_tmpdir).resolve()

        for machine in machines:
            errors = 0
--- a/pkgs/clan-cli/clan_cli/facts/upload.py
+++ b/pkgs/clan-cli/clan_cli/facts/upload.py
@@ -19,8 +19,8 @@ def upload_secrets(machine: Machine) -> None:
        machine.info("Secrets already uploaded")
        return

-    with TemporaryDirectory(prefix="facts-upload-") as tempdir:
-        local_secret_dir = Path(tempdir)
+    with TemporaryDirectory(prefix="facts-upload-") as _tempdir:
+        local_secret_dir = Path(_tempdir).resolve()
        secret_facts_store.upload(local_secret_dir)
        remote_secret_dir = Path(machine.secrets_upload_directory)

--- a/pkgs/clan-cli/clan_cli/flash/flash.py
+++ b/pkgs/clan-cli/clan_cli/flash/flash.py
@@ -100,8 +100,8 @@ def flash_machine(
        secret_facts_store: SecretStoreBase = secret_facts_module.SecretStore(
            machine=machine
        )
-        with TemporaryDirectory(prefix="disko-install-") as tmpdir_:
-            tmpdir = Path(tmpdir_)
+        with TemporaryDirectory(prefix="disko-install-") as _tmpdir:
+            tmpdir = Path(_tmpdir)
            upload_dir = machine.secrets_upload_directory

            if upload_dir.startswith("/"):
--- a/pkgs/clan-cli/clan_cli/machines/install.py
+++ b/pkgs/clan-cli/clan_cli/machines/install.py
@@ -61,8 +61,9 @@ def install_machine(opts: InstallOptions) -> None:
    generate_facts([machine])
    generate_vars([machine])

-    with TemporaryDirectory(prefix="nixos-install-") as base_directory:
-        activation_secrets = Path(base_directory) / "activation_secrets"
+    with TemporaryDirectory(prefix="nixos-install-") as _base_directory:
+        base_directory = Path(_base_directory).resolve()
+        activation_secrets = base_directory / "activation_secrets"
        upload_dir = activation_secrets / machine.secrets_upload_directory.lstrip("/")
        upload_dir.mkdir(parents=True)
        machine.secret_facts_store.upload(upload_dir)
@@ -70,7 +71,7 @@ def install_machine(opts: InstallOptions) -> None:
            upload_dir, phases=["activation", "users", "services"]
        )

-        partitioning_secrets = Path(base_directory) / "partitioning_secrets"
+        partitioning_secrets = base_directory / "partitioning_secrets"
        partitioning_secrets.mkdir(parents=True)
        machine.secret_vars_store.populate_dir(
            partitioning_secrets, phases=["partitioning"]
--- a/pkgs/clan-cli/clan_cli/machines/morph.py
+++ b/pkgs/clan-cli/clan_cli/machines/morph.py
@@ -56,8 +56,8 @@ def morph_machine(
    ).stdout.rstrip()
    archive_path = json.loads(archive_json)["path"]

-    with TemporaryDirectory(prefix="morph-") as temp_dir:
-        flakedir = Path(temp_dir) / "flake"
+    with TemporaryDirectory(prefix="morph-") as _temp_dir:
+        flakedir = Path(_temp_dir).resolve() / "flake"

        flakedir.mkdir(parents=True, exist_ok=True)
        run(["cp", "-r", archive_path + "/.", str(flakedir)])
--- a/pkgs/clan-cli/clan_cli/vars/generate.py
+++ b/pkgs/clan-cli/clan_cli/vars/generate.py
@@ -181,8 +181,8 @@ def execute_generator(
            raise ClanError(msg) from e

    env = os.environ.copy()
-    with TemporaryDirectory(prefix="vars-") as tmp:
-        tmpdir = Path(tmp)
+    with TemporaryDirectory(prefix="vars-") as _tmpdir:
+        tmpdir = Path(_tmpdir).resolve()
        tmpdir_in = tmpdir / "in"
        tmpdir_prompts = tmpdir / "prompts"
        tmpdir_out = tmpdir / "out"
--- a/pkgs/clan-cli/clan_cli/vars/secret_modules/password_store.py
+++ b/pkgs/clan-cli/clan_cli/vars/secret_modules/password_store.py
@@ -231,8 +231,8 @@ class SecretStore(StoreBase):
        if not self.needs_upload():
            log.info("Secrets already uploaded")
            return
-        with TemporaryDirectory(prefix="vars-upload-") as tempdir:
-            pass_dir = Path(tempdir)
+        with TemporaryDirectory(prefix="vars-upload-") as _tempdir:
+            pass_dir = Path(_tempdir).resolve()
            self.populate_dir(pass_dir, phases)
            upload_dir = Path(
                self.machine.deployment["password-store"]["secretLocation"]
--- a/pkgs/clan-cli/clan_cli/vars/secret_modules/sops.py
+++ b/pkgs/clan-cli/clan_cli/vars/secret_modules/sops.py
@@ -224,8 +224,8 @@ class SecretStore(StoreBase):
        if "partitioning" in phases:
            msg = "Cannot upload partitioning secrets"
            raise NotImplementedError(msg)
-        with TemporaryDirectory(prefix="sops-upload-") as tempdir:
-            sops_upload_dir = Path(tempdir)
+        with TemporaryDirectory(prefix="sops-upload-") as _tempdir:
+            sops_upload_dir = Path(_tempdir).resolve()
            self.populate_dir(sops_upload_dir, phases)
            upload(self.machine.target_host, sops_upload_dir, Path("/var/lib/sops-nix"))