vars/password-store: use standard paths; fix share flag
This commit is contained in:
DavHau
@@ -103,16 +103,19 @@ class StoreBase(ABC):
|
||||
def is_secret_store(self) -> bool:
|
||||
pass
|
||||
|
||||
def rel_dir(self, generator_name: str, var_name: str, shared: bool = False) -> Path:
|
||||
if shared:
|
||||
return Path(f"shared/{generator_name}/{var_name}")
|
||||
return Path(f"per-machine/{self.machine.name}/{generator_name}/{var_name}")
|
||||
|
||||
def directory(
|
||||
self, generator_name: str, var_name: str, shared: bool = False
|
||||
) -> Path:
|
||||
if shared:
|
||||
base_path = self.machine.flake_dir / "vars" / "shared"
|
||||
else:
|
||||
base_path = (
|
||||
self.machine.flake_dir / "vars" / "per-machine" / self.machine.name
|
||||
)
|
||||
return base_path / generator_name / var_name
|
||||
return (
|
||||
Path(self.machine.flake_dir)
|
||||
/ "vars"
|
||||
/ self.rel_dir(generator_name, var_name, shared)
|
||||
)
|
||||
|
||||
def exists(self, generator_name: str, name: str, shared: bool = False) -> bool:
|
||||
directory = self.directory(generator_name, name, shared)
|
||||
|
||||
@@ -21,14 +21,17 @@ def check_vars(machine: Machine, generator_name: None | str = None) -> bool:
|
||||
else:
|
||||
generators = list(machine.vars_generators.keys())
|
||||
for generator_name in generators:
|
||||
shared = machine.vars_generators[generator_name]["share"]
|
||||
for name, file in machine.vars_generators[generator_name]["files"].items():
|
||||
if file["secret"] and not secret_vars_store.exists(generator_name, name):
|
||||
if file["secret"] and not secret_vars_store.exists(
|
||||
generator_name, name, shared=shared
|
||||
):
|
||||
log.info(
|
||||
f"Secret fact '{name}' for service '{generator_name}' in machine {machine.name} is missing."
|
||||
)
|
||||
missing_secret_vars.append((generator_name, name))
|
||||
if not file["secret"] and not public_vars_store.exists(
|
||||
generator_name, name
|
||||
generator_name, name, shared=shared
|
||||
):
|
||||
log.info(
|
||||
f"Public fact '{name}' for service '{generator_name}' in machine {machine.name} is missing."
|
||||
|
||||
@@ -23,11 +23,6 @@ class SecretStore(SecretStoreBase):
|
||||
"PASSWORD_STORE_DIR", f"{os.environ['HOME']}/.password-store"
|
||||
)
|
||||
|
||||
def _var_path(self, generator_name: str, name: str, shared: bool) -> Path:
|
||||
if shared:
|
||||
return Path(f"shared/{generator_name}/{name}")
|
||||
return Path(f"machines/{self.machine.name}/{generator_name}/{name}")
|
||||
|
||||
def _set(
|
||||
self,
|
||||
generator_name: str,
|
||||
@@ -43,7 +38,7 @@ class SecretStore(SecretStoreBase):
|
||||
"pass",
|
||||
"insert",
|
||||
"-m",
|
||||
str(self._var_path(generator_name, name, shared)),
|
||||
str(self.rel_dir(generator_name, name, shared)),
|
||||
],
|
||||
),
|
||||
input=value,
|
||||
@@ -58,7 +53,7 @@ class SecretStore(SecretStoreBase):
|
||||
[
|
||||
"pass",
|
||||
"show",
|
||||
str(self._var_path(generator_name, name, shared)),
|
||||
str(self.rel_dir(generator_name, name, shared)),
|
||||
],
|
||||
),
|
||||
check=True,
|
||||
@@ -70,7 +65,7 @@ class SecretStore(SecretStoreBase):
|
||||
return False
|
||||
return (
|
||||
Path(self._password_store_dir)
|
||||
/ f"{self._var_path(generator_name, name, shared)}.gpg"
|
||||
/ f"{self.rel_dir(generator_name, name, shared)}.gpg"
|
||||
).exists()
|
||||
|
||||
def generate_hash(self) -> bytes:
|
||||
|
||||
Reference in New Issue
Block a user