yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request 'vars,facts: add sops.defaultGroups to new machines' (#2241) from DavHau/clan-core:DavHau-dave into main

Browse Source
This commit is contained in:
clan-bot
2024-10-10 12:36:42 +00:00
parent f821ff74d7 d9597dab05
commit 8e3ca40e0c
3 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
pkgs/clan-cli/clan_cli/facts/secret_modules/sops.py
View File

@@ -28,6 +28,7 @@ class SecretStore(SecretStoreBase):
sops_secrets_folder(self.machine.flake_dir) sops_secrets_folder(self.machine.flake_dir)
/ f"{self.machine.name}-age.key", / f"{self.machine.name}-age.key",
priv_key, priv_key,
add_groups=self.machine.deployment["sops"]["defaultGroups"],
) )
add_machine(self.machine.flake_dir, self.machine.name, pub_key, False) add_machine(self.machine.flake_dir, self.machine.name, pub_key, False)

1
pkgs/clan-cli/clan_cli/vars/secret_modules/sops.py
View File

@@ -48,6 +48,7 @@ class SecretStore(SecretStoreBase):
sops_secrets_folder(self.machine.flake_dir) sops_secrets_folder(self.machine.flake_dir)
/ f"{self.machine.name}-age.key", / f"{self.machine.name}-age.key",
priv_key, priv_key,
add_groups=self.machine.deployment["sops"]["defaultGroups"],
) )
add_machine(self.machine.flake_dir, self.machine.name, pub_key, False) add_machine(self.machine.flake_dir, self.machine.name, pub_key, False)

1
pkgs/clan-cli/tests/test_vars.py
View File

@@ -159,6 +159,7 @@ def test_generate_secret_var_sops(
) )
# TODO: it doesn't actually test if the group has access
@pytest.mark.impure @pytest.mark.impure
def test_generate_secret_var_sops_with_default_group( def test_generate_secret_var_sops_with_default_group(
monkeypatch: pytest.MonkeyPatch, monkeypatch: pytest.MonkeyPatch,