From 9ad4e4d041b90aca06b966eabdf4322a4f53d2fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 11 Dec 2024 15:54:46 +0100 Subject: [PATCH] fix clan vars for public vars --- pkgs/clan-cli/clan_cli/vars/secret_modules/sops.py | 6 +++++- pkgs/clan-cli/tests/test_vars.py | 5 ++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/pkgs/clan-cli/clan_cli/vars/secret_modules/sops.py b/pkgs/clan-cli/clan_cli/vars/secret_modules/sops.py index 251f23e0d..5b1b8182f 100644 --- a/pkgs/clan-cli/clan_cli/vars/secret_modules/sops.py +++ b/pkgs/clan-cli/clan_cli/vars/secret_modules/sops.py @@ -85,7 +85,9 @@ class SecretStore(StoreBase): self, key_dir: Path, generator: Generator, secret_name: str ) -> bool: secret_path = self.secret_path(generator, secret_name) - return sops.SopsKey.load_dir(key_dir) in sops.get_recipients(secret_path) + recipient = sops.SopsKey.load_dir(key_dir) + recipients = sops.get_recipients(secret_path) + return recipient in recipients def secret_path(self, generator: Generator, secret_name: str) -> Path: return self.directory(generator, secret_name) @@ -247,6 +249,8 @@ class SecretStore(StoreBase): file_found = True else: continue + if not file.secret: + continue secret_path = self.secret_path(generator, file.name) update_keys( diff --git a/pkgs/clan-cli/tests/test_vars.py b/pkgs/clan-cli/tests/test_vars.py index 24ef8b4e4..25cde260a 100644 --- a/pkgs/clan-cli/tests/test_vars.py +++ b/pkgs/clan-cli/tests/test_vars.py @@ -177,7 +177,10 @@ def test_generate_secret_var_sops_with_default_group( config["clan"]["core"]["sops"]["defaultGroups"] = ["my_group"] my_generator = config["clan"]["core"]["vars"]["generators"]["my_generator"] my_generator["files"]["my_secret"]["secret"] = True - my_generator["script"] = "echo hello > $out/my_secret" + my_generator["files"]["my_public"]["secret"] = False + my_generator["script"] = ( + "echo hello > $out/my_secret && echo hello > $out/my_public" + ) flake.refresh() monkeypatch.chdir(flake.path) sops_setup.init()