clan-cli: do not skip secrets.update_secrets when a group is removed

We need to remove all keys that were in the group from affected secrets. With this change we now take `group_name` as an argument in `{add,remove}_member`, which is a little bit more readable than `group_folder.parent.name`, and helps DRY the code a bit.
2025-02-02 20:31:59 +00:00
parent ef442ef316
commit 48268f7960
3 changed files with 43 additions and 13 deletions
--- a/pkgs/clan-cli/tests/test_secrets_cli.py
+++ b/pkgs/clan-cli/tests/test_secrets_cli.py
@@ -409,7 +409,7 @@ def test_groups(
    groups = os.listdir(test_flake.path / "sops" / "groups")
    assert len(groups) == 0

-    # Check if the symlink to the group was removed our foo test secret:
+    # Check if the symlink to the group was removed from our foo test secret:
    group_symlink = test_flake.path / "sops/secrets/foo/groups/group1"
    err_msg = (
        "Symlink to group1's key in foo secret "