Merge pull request 'vars: improve check command and add tests' (#2002) from DavHau/clan-core:DavHau-dave into main
This commit is contained in:
clan-bot
@@ -8,7 +8,7 @@ from ..machines.machines import Machine
|
|||||||
log = logging.getLogger(__name__)
|
log = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
def check_secrets(machine: Machine, generator_name: None | str = None) -> bool:
|
def check_vars(machine: Machine, generator_name: None | str = None) -> bool:
|
||||||
secret_vars_module = importlib.import_module(machine.secret_vars_module)
|
secret_vars_module = importlib.import_module(machine.secret_vars_module)
|
||||||
secret_vars_store = secret_vars_module.SecretStore(machine=machine)
|
secret_vars_store = secret_vars_module.SecretStore(machine=machine)
|
||||||
public_vars_module = importlib.import_module(machine.public_vars_module)
|
public_vars_module = importlib.import_module(machine.public_vars_module)
|
||||||
@@ -47,7 +47,9 @@ def check_command(args: argparse.Namespace) -> None:
|
|||||||
name=args.machine,
|
name=args.machine,
|
||||||
flake=args.flake,
|
flake=args.flake,
|
||||||
)
|
)
|
||||||
check_secrets(machine, generator_name=args.service)
|
ok = check_vars(machine, generator_name=args.service)
|
||||||
|
if not ok:
|
||||||
|
raise SystemExit(1)
|
||||||
|
|
||||||
|
|
||||||
def register_check_parser(parser: argparse.ArgumentParser) -> None:
|
def register_check_parser(parser: argparse.ArgumentParser) -> None:
|
||||||
|
|||||||
@@ -21,7 +21,7 @@ from ..git import commit_files
|
|||||||
from ..machines.inventory import get_all_machines, get_selected_machines
|
from ..machines.inventory import get_all_machines, get_selected_machines
|
||||||
from ..machines.machines import Machine
|
from ..machines.machines import Machine
|
||||||
from ..nix import nix_shell
|
from ..nix import nix_shell
|
||||||
from .check import check_secrets
|
from .check import check_vars
|
||||||
from .public_modules import FactStoreBase
|
from .public_modules import FactStoreBase
|
||||||
from .secret_modules import SecretStoreBase
|
from .secret_modules import SecretStoreBase
|
||||||
|
|
||||||
@@ -101,7 +101,7 @@ def execute_generator(
|
|||||||
public_vars_store: FactStoreBase,
|
public_vars_store: FactStoreBase,
|
||||||
) -> bool:
|
) -> bool:
|
||||||
# check if all secrets exist and generate them if at least one is missing
|
# check if all secrets exist and generate them if at least one is missing
|
||||||
needs_regeneration = not check_secrets(machine, generator_name=generator_name)
|
needs_regeneration = not check_vars(machine, generator_name=generator_name)
|
||||||
log.debug(f"{generator_name} needs_regeneration: {needs_regeneration}")
|
log.debug(f"{generator_name} needs_regeneration: {needs_regeneration}")
|
||||||
if not (needs_regeneration or regenerate):
|
if not (needs_regeneration or regenerate):
|
||||||
return False
|
return False
|
||||||
|
|||||||
@@ -13,6 +13,7 @@ from root import CLAN_CORE
|
|||||||
from clan_cli.clan_uri import FlakeId
|
from clan_cli.clan_uri import FlakeId
|
||||||
from clan_cli.machines.machines import Machine
|
from clan_cli.machines.machines import Machine
|
||||||
from clan_cli.nix import nix_shell
|
from clan_cli.nix import nix_shell
|
||||||
|
from clan_cli.vars.check import check_vars
|
||||||
from clan_cli.vars.list import stringify_all_vars
|
from clan_cli.vars.list import stringify_all_vars
|
||||||
from clan_cli.vars.public_modules import in_repo
|
from clan_cli.vars.public_modules import in_repo
|
||||||
from clan_cli.vars.secret_modules import password_store, sops
|
from clan_cli.vars.secret_modules import password_store, sops
|
||||||
@@ -78,13 +79,15 @@ def test_generate_public_var(
|
|||||||
machine_configs=dict(my_machine=config),
|
machine_configs=dict(my_machine=config),
|
||||||
)
|
)
|
||||||
monkeypatch.chdir(flake.path)
|
monkeypatch.chdir(flake.path)
|
||||||
|
machine = Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
||||||
|
assert not check_vars(machine)
|
||||||
cli.run(["vars", "generate", "--flake", str(flake.path), "my_machine"])
|
cli.run(["vars", "generate", "--flake", str(flake.path), "my_machine"])
|
||||||
|
assert check_vars(machine)
|
||||||
store = in_repo.FactStore(
|
store = in_repo.FactStore(
|
||||||
Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
||||||
)
|
)
|
||||||
assert store.exists("my_generator", "my_value")
|
assert store.exists("my_generator", "my_value")
|
||||||
assert store.get("my_generator", "my_value").decode() == "hello\n"
|
assert store.get("my_generator", "my_value").decode() == "hello\n"
|
||||||
machine = Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
|
||||||
vars_text = stringify_all_vars(machine)
|
vars_text = stringify_all_vars(machine)
|
||||||
assert "my_generator/my_value: hello" in vars_text
|
assert "my_generator/my_value: hello" in vars_text
|
||||||
|
|
||||||
@@ -106,7 +109,10 @@ def test_generate_secret_var_sops(
|
|||||||
)
|
)
|
||||||
monkeypatch.chdir(flake.path)
|
monkeypatch.chdir(flake.path)
|
||||||
sops_setup.init()
|
sops_setup.init()
|
||||||
|
machine = Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
||||||
|
assert not check_vars(machine)
|
||||||
cli.run(["vars", "generate", "--flake", str(flake.path), "my_machine"])
|
cli.run(["vars", "generate", "--flake", str(flake.path), "my_machine"])
|
||||||
|
assert check_vars(machine)
|
||||||
in_repo_store = in_repo.FactStore(
|
in_repo_store = in_repo.FactStore(
|
||||||
Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
||||||
)
|
)
|
||||||
@@ -116,7 +122,6 @@ def test_generate_secret_var_sops(
|
|||||||
)
|
)
|
||||||
assert sops_store.exists("my_generator", "my_secret")
|
assert sops_store.exists("my_generator", "my_secret")
|
||||||
assert sops_store.get("my_generator", "my_secret").decode() == "hello\n"
|
assert sops_store.get("my_generator", "my_secret").decode() == "hello\n"
|
||||||
machine = Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
|
||||||
vars_text = stringify_all_vars(machine)
|
vars_text = stringify_all_vars(machine)
|
||||||
assert "my_generator/my_secret" in vars_text
|
assert "my_generator/my_secret" in vars_text
|
||||||
|
|
||||||
@@ -194,13 +199,15 @@ def test_generate_secret_var_password_store(
|
|||||||
subprocess.run(
|
subprocess.run(
|
||||||
nix_shell(["nixpkgs#pass"], ["pass", "init", "test@local"]), check=True
|
nix_shell(["nixpkgs#pass"], ["pass", "init", "test@local"]), check=True
|
||||||
)
|
)
|
||||||
|
machine = Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
||||||
|
assert not check_vars(machine)
|
||||||
cli.run(["vars", "generate", "--flake", str(flake.path), "my_machine"])
|
cli.run(["vars", "generate", "--flake", str(flake.path), "my_machine"])
|
||||||
|
assert check_vars(machine)
|
||||||
store = password_store.SecretStore(
|
store = password_store.SecretStore(
|
||||||
Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
||||||
)
|
)
|
||||||
assert store.exists("my_generator", "my_secret")
|
assert store.exists("my_generator", "my_secret")
|
||||||
assert store.get("my_generator", "my_secret").decode() == "hello\n"
|
assert store.get("my_generator", "my_secret").decode() == "hello\n"
|
||||||
machine = Machine(name="my_machine", flake=FlakeId(str(flake.path)))
|
|
||||||
vars_text = stringify_all_vars(machine)
|
vars_text = stringify_all_vars(machine)
|
||||||
assert "my_generator/my_secret" in vars_text
|
assert "my_generator/my_secret" in vars_text
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user