yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
6,769 Commits 120 Branches 6 Tags
2bd9141d2d53992362148b4ba66de58c4048e813
Commit Graph

45 Commits

Author SHA1 Message Date
Michael Hoang
35684090e3 cli: allow age-plugin-1p 2025-05-12 16:36:24 +10:00
Qubasa
9867b6a894 clan-cli: Fix clan not finding vendored packages when running from git repo 2025-05-08 12:31:21 +02:00
Brian McGee
a438fe77a7 feat: configure age plugins for SOPS in buildClan 2025-04-29 16:02:32 +10:00
Jörg Thalheim
80e739bd1b Reapply "remove nix_shell_legacy" 
This reverts commit 1232fb5af2.
 2025-04-21 13:23:50 +02:00
Johannes Kirschbauer
1232fb5af2 Revert "remove nix_shell_legacy" 
This reverts commit 8cde32c76f.
 2025-04-18 14:49:54 +02:00
Jörg Thalheim
8cde32c76f remove nix_shell_legacy 2025-04-16 21:03:58 +02:00
Jörg Thalheim
10cd98e158 rename CLAN_STATIC_PROGRAMS -> CLAN_PROVIDED_PACKAGES 2025-04-16 18:27:01 +00:00
Jörg Thalheim
2240a3a533 rename nix_shell_legacy to nix_shell and run_cmd to nix_shell 
Than it's more obvious that we need to migrate.
 2025-04-16 18:27:01 +00:00
Jörg Thalheim
56a0b0a994 run_cmd: print what commands are allowed in if the current command is not in the allow list 2025-04-16 19:50:27 +02:00
Jörg Thalheim
80a252cf1a sort allowed-programs.json 2025-04-16 19:32:40 +02:00
Jörg Thalheim
00d25d7fb8 Host: migrate from nix_shell to run_cmd 2025-04-16 19:32:40 +02:00
Mic92
9276b166f0 Merge pull request 'cache nix_config' (#3306) from nix-config into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3306
 2025-04-14 11:23:33 +00:00
Jörg Thalheim
7dc070b36f cache nix_config 
We often call this several times during execution.
At the moment we only use system at the moment, which is unlikely to
change.
 2025-04-14 13:13:49 +02:00
Qubasa
b3dcf7f641 clan-cli: Change shellcheck to shellcheck-minimal 2025-04-10 01:54:00 +02:00
Qubasa
f1855f80fc clan-cli: Add shellcheck as a runtimeDependencie 2025-04-09 19:44:00 +02:00
lassulus
60b22fdf0e clan-cli: another try to fix the CI bug 2025-02-27 08:24:28 +01:00
Pablo Ovelleiro Corral
b0e7de3c8b Create directory 2025-02-16 17:08:54 +00:00
Pablo Ovelleiro Corral
cb89fb0847 Fix locking 2025-02-16 17:08:54 +00:00
lassulus
0c7173afd0 cli: nix_add_to_gcroots: don't run in sandboxed tests 2025-02-15 09:59:41 +00:00
Qubasa
4a144e77a4 clan-cli: Add ruff to devShell again. Add missing type annotations 2025-01-29 19:16:34 +07:00
Qubasa
0536127044 clan-app: Add gpg to allowed-programs.json 2025-01-11 10:52:22 +07:00
lassulus
a364a5b800 cli nix_build: don't create output symlink if no gcroot is given 2024-12-14 13:38:51 +01:00
Qubasa
e490207d12 clan-cli: Rework 'clan ssh' command, improve Tor support. 2024-12-13 00:11:18 +01:00
Qubasa
3cc7511764 clan-cli: Replace HostGroup and MachineGroup with generic AsyncRuntime class. Propagate cmd prefix over thread local. Close threads on CTRL+C 2024-12-09 18:07:23 +01:00
Jörg Thalheim
ea9e44ef77 remove incorrect usage of tempdir for sandbox directories 
The flags out-live the temporary directory
 2024-12-05 11:38:58 +01:00
Jörg Thalheim
419e17a999 extract nix_test_store helper for sandbox builds 2024-12-05 11:38:58 +01:00
Jörg Thalheim
6135b52c32 only enable show-trace if we run in debug mode 2024-12-04 14:54:47 +01:00
Michael Hoang
fd3e741eba Add --print-build-logs to some Nix commands 2024-12-04 10:04:07 +11:00
Jörg Thalheim
51526aedbb rename run_no_output to run_no_stdout 
we want stderr for some nix commands.
 2024-12-03 17:15:28 +01:00
Qubasa
d2719f3179 clan-cli: cmd.run now has its options extracted to a dataclass 2024-11-28 15:26:37 +01:00
DavHau
61576649ff vars: make all python tests work in nix sandbox 
- generate a flake.lock file for each template by copying the clan-core flake.lock and modifying it

- call nix build with --store for tests inside the sandbox
 2024-11-27 14:32:02 +07:00
DavHau
21796c1dbb clan-cli: remove --no-write-lock-file from nix invocations 2024-11-14 14:11:06 +07:00
Jörg Thalheim
237327ead3 start to name temporary directories in more places 2024-10-01 18:57:59 +02:00
Jörg Thalheim
f18771364c get rid of ValueError 2024-09-03 18:14:31 +02:00
Jörg Thalheim
403b9cf2cc apply TRY lint 2024-09-03 18:13:46 +02:00
Jörg Thalheim
659e5b37dd use pathlib everywhere 2024-09-02 18:26:13 +02:00
Jörg Thalheim
ad3daa3ce4 add RET, Q, RSE lint 2024-09-02 15:58:49 +02:00
Jörg Thalheim
15ff74f7c2 enable ASYNC, DTZ, YTT and EM lints 2024-09-02 14:07:06 +02:00
Jörg Thalheim
af4b9cc2d5 make all same-module imports relative, the rest absolute 
This makes sorting more consitent.
 2024-09-02 13:00:19 +02:00
Qubasa
7f0604f86e clan-cli: Add --show-trace to nix build and nixos-rebuild commands 2024-08-12 22:27:54 +02:00
Jörg Thalheim
0d6e2539e3 Revert "clan-cli: deprecate nix_shell() in favor of run_cmd()" 
This reverts commit 37e6ca7a30.
 2024-07-17 14:04:49 +02:00
Johannes Kirschbauer
54dcbfae01 cli: add programms to allowed list 2024-07-16 13:49:16 +02:00
DavHau
37e6ca7a30 clan-cli: deprecate nix_shell() in favor of run_cmd() 2024-07-16 14:03:17 +07:00
DavHau
0e335f7ecc impure-checks: improve performance by disabling dynamic deps 2024-07-16 12:42:45 +07:00
DavHau
75b969b1ad clan-cli: improve runtime dependency management 
Many dependencies of clan-cli  are currently dynamically loaded via nix-shell on each execution.
This is nice, as it reduces the initial closure size of clan, but the overhead introduced by nix-shell piles up quickly, as some commands shell out many times during their lifetime. For example, when adding a secret git is called 10+ times.

This reduces the time of a test which adds a secret from around 50 seconds to 15 seconds.

- add run_cmd() as an alternative to nix_shell()
- introduce the concept of static dependencies which do not need to go through nix-shell
- static dependencies are defined at build time and included into the wrapper for clan-cli
- add package: clan-cli-full which statically ships all required dependencies

TODO: deprecate nix_shell() in favor of run_cmd()
 2024-07-11 15:34:41 +07:00