clan-cli: Reference HostKeyCheck literal instead of duplicating the list everywhere

pkgs/clan-cli/clan_cli/machines/hardware.py

@@ -1,6 +1,7 @@
 import argparse
 import logging
 from pathlib import Path
+from typing import get_args
 
 from clan_lib.flake import require_flake
 from clan_lib.machines.hardware import (
@@ -10,6 +11,7 @@ from clan_lib.machines.hardware import (
 )
 from clan_lib.machines.machines import Machine
 from clan_lib.machines.suggestions import validate_machine_names
+from clan_lib.ssh.host_key import HostKeyCheck
 from clan_lib.ssh.remote import Remote
 
 from clan_cli.completions import add_dynamic_completer, complete_machines
@@ -59,7 +61,7 @@ def register_update_hardware_config(parser: argparse.ArgumentParser) -> None:
     )
     parser.add_argument(
         "--host-key-check",
-        choices=["strict", "ask", "tofu", "none"],
+        choices=list(get_args(HostKeyCheck)),
         default="ask",
         help="Host key (.ssh/known_hosts) check mode.",
     )

pkgs/clan-cli/clan_cli/machines/install.py

@@ -8,6 +8,7 @@ from clan_lib.errors import ClanError
 from clan_lib.flake import require_flake
 from clan_lib.machines.install import BuildOn, InstallOptions, run_machine_install
 from clan_lib.machines.machines import Machine
+from clan_lib.ssh.host_key import HostKeyCheck
 from clan_lib.ssh.remote import Remote
 
 from clan_cli.completions import (
@@ -106,7 +107,7 @@ def register_install_parser(parser: argparse.ArgumentParser) -> None:
     )
     parser.add_argument(
         "--host-key-check",
-        choices=["strict", "ask", "tofu", "none"],
+        choices=list(get_args(HostKeyCheck)),
         default="ask",
         help="Host key (.ssh/known_hosts) check mode.",
     )

pkgs/clan-cli/clan_cli/machines/update.py

@@ -1,6 +1,7 @@
 import argparse
 import logging
 import sys
+from typing import get_args
 
 from clan_lib.async_run import AsyncContext, AsyncOpts, AsyncRuntime
 from clan_lib.errors import ClanError
@@ -12,6 +13,7 @@ from clan_lib.machines.machines import Machine
 from clan_lib.machines.suggestions import validate_machine_names
 from clan_lib.machines.update import run_machine_update
 from clan_lib.nix import nix_config
+from clan_lib.ssh.host_key import HostKeyCheck
 from clan_lib.ssh.remote import Remote
 
 from clan_cli.completions import (
@@ -174,7 +176,7 @@ def register_update_parser(parser: argparse.ArgumentParser) -> None:
 
     parser.add_argument(
         "--host-key-check",
-        choices=["strict", "ask", "tofu", "none"],
+        choices=list(get_args(HostKeyCheck)),
         default="ask",
         help="Host key (.ssh/known_hosts) check mode.",
     )

pkgs/clan-cli/clan_cli/ssh/deploy_info.py

@@ -4,7 +4,7 @@ import logging
 import textwrap
 from dataclasses import dataclass
 from pathlib import Path
-from typing import Any
+from typing import Any, get_args
 
 from clan_lib.cmd import run
 from clan_lib.errors import ClanError
@@ -220,7 +220,7 @@ def register_parser(parser: argparse.ArgumentParser) -> None:
 
     parser.add_argument(
         "--host-key-check",
-        choices=["strict", "ask", "tofu", "none"],
+        choices=list(get_args(HostKeyCheck)),
         default="tofu",
         help="Host key (.ssh/known_hosts) check mode.",
     )

pkgs/clan-cli/clan_lib/ssh/host_key.py

@@ -7,7 +7,7 @@ from clan_lib.errors import ClanError
 HostKeyCheck = Literal[
     "strict",  # Strictly check ssh host keys, prompt for unknown ones
     "ask",  # Ask for confirmation on first use
-    "tofu",  # Trust on ssh keys on first use
+    "accept-new",  # Trust on ssh keys on first use
     "none",  # Do not check ssh host keys
 ]
 
@@ -21,7 +21,7 @@ def hostkey_to_ssh_opts(host_key_check: HostKeyCheck) -> list[str]:
             return ["-o", "StrictHostKeyChecking=yes"]
         case "ask":
             return []
-        case "tofu":
+        case "accept-new" | "tofu":
             return ["-o", "StrictHostKeyChecking=accept-new"]
         case "none":
             return [