This should make it simpler to improve the implementation of granting a new machine access to a shared secret.
The current approach using the health_check is pretty hacky
When generators are shared between machines, their definition has to be the same across all machines. If not, it might lead to unexpected problems, as the architecture assumes that all definitions are the same.
fixes https://git.clan.lol/clan/clan-core/issues/5253
This improves the performance of deployment, by aggregating uncached select calls for vars generate into two batches.
batch 1: Get all generators of all machines
batch 2: get all final scripts for generators which need to run
This is preparational work to reduce the surface are of the different mappings
We want to reduce the following:
/guides/secrets.md -> Guides/getting started/How to use flakes with sops -> with '# Secrets Management'
- Title
- URI
- Filepath
should follow a stricter pattern to make it easy to maintain
optimize the `clan vars generate` procedure by pre-caching more selectors.
To achieve this, helper functions are added to several classes.
Also a debugging feature is added to the Flake class in order to track stack traces of cache misses
fixes https://git.clan.lol/clan/clan-core/issues/3791
This fixes multiple issues we had when re-generating shared vars.
Problem 1: shared vars are re-generated for each individual machine instead of just once (see #3791)
Problem 2: When a shared var was re-generated for one machine, dependent vars on other machines did not get re-generated, leading to broken state
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/5001
- full_closure is obsolete since it is the same as calling requested_closure with the full list of generators.
- minimal_closure is obsolete as well. Since the recent addition of dependents to the closure via 3d2127ce1e it is essentially the same as the all_missing_closure
Even for the minimal closure case (when a specific generator was picked), we should still force regeneration of all dependents, as otherwise we risk keeping outdated dependents from previous generations
