yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
4,188 Commits 120 Branches 6 Tags
0324f4d4b87d932163f351e53b23b0b17f2b5e15
Commit Graph

49 Commits

Author SHA1 Message Date
DavHau
0324f4d4b8 vars/sops: improve shared secrets, switching backend 
When a second machine checks for a shared secret, now the exists() call returns negative and only when updating the secrets for that machine, the machine is added to the sops receivers.

Also throw proper errors when the user switches backends without cleaning the files first.
 2024-09-20 15:06:54 +02:00
DavHau
501ade7de7 vars: implement migration 
Migrating generated files from the facts subsystem to the vars subsystem is now possible.

HowTo:
1. declare `clan.core.vars.generators.<generator>.migrateFact = my_service` where `my_service` refers to a service from `clan.core.facts.services`
2. run `clan vers generate your_machine` or `clan machines update your_machine`

Vars will only be migrated for a generator if:
1. The facts service specified via `migrateFact` does exist
2. None of the vars to generate exist yet
3. All public var names exist in the public facts store
4. All secret var names exist in the secret fact store

If the migration is deemed possible, the generator script will not be executed. Instead the files from the public or secret facts store are read and stored into the corresponding vars store
 2024-09-19 17:57:03 +02:00
DavHau
89d39186ee vars/generate: improve output when vars are updated 
fixes #2076

- print old and new value if possible
- also inform the user if something hasn't changed
 2024-09-18 16:57:01 +02:00
DavHau
cf47c1d51a vars: generate proper commit messages 
fixes #2126
 2024-09-17 20:22:18 +02:00
DavHau
a1dd10f502 vars/sops/shared: add machines key on demand 2024-09-12 20:17:05 +02:00
DavHau
067d287398 vars/list: display '<not set>' also for secrets 2024-09-12 17:24:29 +02:00
DavHau
53592837a9 vars: get rid of meta.json 2024-09-12 16:52:44 +02:00
DavHau
3c27cc31e9 vars/sops: load sops info from nix instead of filesystem 2024-09-12 16:30:21 +02:00
DavHau
54cb6862b1 vars/password-store: implement upload and hashing 2024-09-09 22:13:16 +02:00
DavHau
6fafafa064 vars/password-store: use standard paths; fix share flag 2024-09-09 21:20:03 +02:00
DavHau
b3dd36bdb6 vars: improve generator pipeline 
Compute the whole closure of to-be-executed generators upfront before executing anything

Properly compute closures for the 4 different scenarios:

1. full_closure: run all generators for a selected machine in topological order
2. all_missing_closure: run just the missing generators including their dependents
3. requested_closure: run only a selected list of generators including their missing dependencies and their dependents
4. minimal_closure: Run just enough to ensure that the list of selected generators are in a consistent state. Don't execute anything if nothing is missing.
 2024-09-06 21:32:17 +02:00
DavHau
f5e65b5d0e vars: refactor - ask prompts before running any generators 2024-09-06 16:08:46 +02:00
DavHau
9d86c5474f clan-cli: fix cyclic import problem 2024-09-06 15:38:12 +02:00
DavHau
f161c7ca58 vars: improve generator execution pipeline 
- ensure all dependents are re-generated as well
- refactor: separate out computation of generator update closure
 2024-09-06 14:30:49 +02:00
DavHau
1254b80a52 vars: add api endpoint set_prompts 2024-09-04 18:06:11 +02:00
DavHau
112982a7fb vars: add get_prompts api endpoint 
vars: add test for api endpoint get_prompts
 2024-09-04 17:36:50 +02:00
clan-bot
87c5ded6a2 Merge pull request 'apply TRY lint' (#2035) from joerg-ci into main 2024-09-04 13:20:11 +00:00
DavHau
570aadf065 vars: set vars via cli; improve getting vars via cli; 2024-09-04 14:48:42 +02:00
DavHau
e3280e2b1d vars: add 'get' command to cli 2024-09-03 19:19:20 +02:00
Jörg Thalheim
403b9cf2cc apply TRY lint 2024-09-03 18:13:46 +02:00
DavHau
8efcd65bed vars: global metadata paths for all store backends 
This also changes the paths where sops stores teh secret -> all sops secrets will have to be re-generated
 2024-09-03 16:30:01 +02:00
DavHau
2621a961e7 vars: make simplify vars store abstraction 2024-09-02 18:44:00 +02:00
Jörg Thalheim
659e5b37dd use pathlib everywhere 2024-09-02 18:26:13 +02:00
Jörg Thalheim
357b619068 add SIM lint 2024-09-02 16:39:30 +02:00
Jörg Thalheim
ad3daa3ce4 add RET, Q, RSE lint 2024-09-02 15:58:49 +02:00
Jörg Thalheim
15ff74f7c2 enable ASYNC, DTZ, YTT and EM lints 2024-09-02 14:07:06 +02:00
Jörg Thalheim
e9a266001c enable comprehensions linting rules 2024-09-02 13:35:52 +02:00
Jörg Thalheim
af4b9cc2d5 make all same-module imports relative, the rest absolute 
This makes sorting more consitent.
 2024-09-02 13:00:19 +02:00
DavHau
2ec3abb24c vars: improve check command and add tests 2024-09-01 16:45:09 +02:00
DavHau
8ad90aa44f vars: fix listing vars + add test 2024-09-01 16:10:25 +02:00
DavHau
6f4827bde4 vars: implement listing all vars 2024-09-01 16:03:37 +02:00
DavHau
ec055f7606 vars: introduce deploy=true/false for generated files 2024-09-01 14:32:46 +02:00
DavHau
6b5a8ef10c vars: rename 'facts' _ 'vars' in docs 2024-08-23 18:00:38 +02:00
Jörg Thalheim
9f66ded76a Merge remote-tracking branch 'origin/main' into rework-installation 2024-08-21 13:38:04 +02:00
DavHau
75328beb06 vars: add test for deployment 2024-08-13 15:29:51 +02:00
DavHau
cc9c828598 vars: introduce share flag 2024-08-03 15:26:53 +07:00
Jörg Thalheim
4ed7e9b030 Merge remote-tracking branch 'origin/main' into rework-installation 2024-07-24 21:58:57 +02:00
DavHau
9996f5596c vars/sops: store secrets in /sops/vars 2024-07-24 18:42:50 +07:00
DavHau
5bd20fcf2c vars: add support for password-store 2024-07-23 14:54:18 +07:00
Jörg Thalheim
21346f84ac password-store: write secrets with read-only permission 
Otherwise we are installing secrets with the wrong permissions on the
first install
 2024-07-22 17:22:01 +02:00
DavHau
9ff076aec1 vars: implement prompts 2024-07-22 20:40:12 +07:00
Qubasa
8ad7c2b89a clan: Fix treefmt not applying mypy lints on clan_cli and clan_app 2024-07-17 21:50:52 +02:00
Jörg Thalheim
0d6e2539e3 Revert "clan-cli: deprecate nix_shell() in favor of run_cmd()" 
This reverts commit 37e6ca7a30.
 2024-07-17 14:04:49 +02:00
DavHau
117843021e vars: implement dependencies 2024-07-17 16:42:16 +07:00
DavHau
37e6ca7a30 clan-cli: deprecate nix_shell() in favor of run_cmd() 2024-07-16 14:03:17 +07:00
DavHau
9988fb744c vars: implement sops.defaultGroups 2024-07-11 18:39:29 +07:00
DavHau
d21926db47 vars: implement secret generation 2024-07-11 11:37:17 +07:00
DavHau
3447a98bee vars: implement generating public variables via in_repo 2024-07-09 14:26:56 +07:00
DavHau
9ff0045698 WIP: vars: copy python code from facts 2024-07-09 12:42:29 +07:00