only list valid secrets/users/machines

Git often leaves empty directories behind

pkgs/clan-cli/clan_cli/secrets/machines.py

@@ -20,7 +20,12 @@ def get_machine(name: str) -> str:
 
 
 def list_machines() -> list[str]:
-    return list_objects(sops_machines_folder(), lambda x: validate_hostname(x))
+    path = sops_machines_folder()
+
+    def validate(name: str) -> bool:
+        return validate_hostname(name) and (path / name / "key.json").exists()
+
+    return list_objects(path, validate)
 
 
 def add_secret(machine: str, secret: str) -> None:

pkgs/clan-cli/clan_cli/secrets/secrets.py

@@ -172,9 +172,15 @@ def disallow_member(group_folder: Path, name: str) -> None:
 
 
 def list_secrets() -> list[str]:
-    return list_objects(
-        sops_secrets_folder(), lambda n: VALID_SECRET_NAME.match(n) is not None
-    )
+    path = sops_secrets_folder()
+
+    def validate(name: str) -> bool:
+        return (
+            VALID_SECRET_NAME.match(name) is not None
+            and (path / name / "secret").exists()
+        )
+
+    return list_objects(path, validate)
 
 
 def list_command(args: argparse.Namespace) -> None:

pkgs/clan-cli/clan_cli/secrets/users.py

@@ -4,7 +4,7 @@ from . import secrets
 from .folders import list_objects, remove_object, sops_users_folder
 from .sops import read_key, write_key
 from .types import (
-    VALID_SECRET_NAME,
+    VALID_USER_NAME,
     public_or_private_age_key_type,
     secret_name_type,
     user_name_type,
@@ -24,9 +24,15 @@ def get_user(name: str) -> str:
 
 
 def list_users() -> list[str]:
-    return list_objects(
-        sops_users_folder(), lambda n: VALID_SECRET_NAME.match(n) is not None
-    )
+    path = sops_users_folder()
+
+    def validate(name: str) -> bool:
+        return (
+            VALID_USER_NAME.match(name) is not None
+            and (path / name / "key.json").exists()
+        )
+
+    return list_objects(path, validate)
 
 
 def add_secret(user: str, secret: str) -> None:

pkgs/clan-cli/tests/test_secrets_cli.py

@@ -153,6 +153,9 @@ def test_secrets(
 
     cli.run(["secrets", "machines", "add", "machine1", age_keys[0].pubkey])
     cli.run(["secrets", "machines", "add-secret", "machine1", "key"])
+    capsys.readouterr()
+    cli.run(["secrets", "machines", "list"])
+    assert capsys.readouterr().out == "machine1\n"
 
     with use_key(age_keys[0].privkey, monkeypatch):
         capsys.readouterr()