forked from clan/clan-core
secret cli: add get command that returns the key of users/machines
This commit is contained in:
parent
54d855a6cd
commit
af38408a3e
@ -3,11 +3,8 @@ import argparse
|
||||
from ..machines.types import machine_name_type, validate_hostname
|
||||
from . import secrets
|
||||
from .folders import list_objects, remove_object, sops_machines_folder
|
||||
from .sops import write_key
|
||||
from .types import (
|
||||
public_or_private_age_key_type,
|
||||
secret_name_type,
|
||||
)
|
||||
from .sops import read_key, write_key
|
||||
from .types import public_or_private_age_key_type, secret_name_type
|
||||
|
||||
|
||||
def add_machine(name: str, key: str, force: bool) -> None:
|
||||
@ -18,6 +15,10 @@ def remove_machine(name: str) -> None:
|
||||
remove_object(sops_machines_folder(), name)
|
||||
|
||||
|
||||
def get_machine(name: str) -> str:
|
||||
return read_key(sops_machines_folder() / name)
|
||||
|
||||
|
||||
def list_machines() -> list[str]:
|
||||
return list_objects(sops_machines_folder(), lambda x: validate_hostname(x))
|
||||
|
||||
@ -42,6 +43,10 @@ def add_command(args: argparse.Namespace) -> None:
|
||||
add_machine(args.machine, args.key, args.force)
|
||||
|
||||
|
||||
def get_command(args: argparse.Namespace) -> None:
|
||||
print(get_machine(args.machine))
|
||||
|
||||
|
||||
def remove_command(args: argparse.Namespace) -> None:
|
||||
remove_machine(args.machine)
|
||||
|
||||
@ -82,6 +87,12 @@ def register_machines_parser(parser: argparse.ArgumentParser) -> None:
|
||||
)
|
||||
add_parser.set_defaults(func=add_command)
|
||||
|
||||
get_parser = subparser.add_parser("get", help="get a machine public key")
|
||||
get_parser.add_argument(
|
||||
"machine", help="the name of the machine", type=machine_name_type
|
||||
)
|
||||
get_parser.set_defaults(func=get_command)
|
||||
|
||||
remove_parser = subparser.add_parser("remove", help="remove a machine")
|
||||
remove_parser.add_argument(
|
||||
"machine", help="the name of the machine", type=machine_name_type
|
||||
|
@ -2,7 +2,7 @@ import argparse
|
||||
|
||||
from . import secrets
|
||||
from .folders import list_objects, remove_object, sops_users_folder
|
||||
from .sops import write_key
|
||||
from .sops import read_key, write_key
|
||||
from .types import (
|
||||
VALID_SECRET_NAME,
|
||||
public_or_private_age_key_type,
|
||||
@ -19,6 +19,10 @@ def remove_user(name: str) -> None:
|
||||
remove_object(sops_users_folder(), name)
|
||||
|
||||
|
||||
def get_user(name: str) -> str:
|
||||
return read_key(sops_users_folder() / name)
|
||||
|
||||
|
||||
def list_users() -> list[str]:
|
||||
return list_objects(
|
||||
sops_users_folder(), lambda n: VALID_SECRET_NAME.match(n) is not None
|
||||
@ -43,6 +47,10 @@ def add_command(args: argparse.Namespace) -> None:
|
||||
add_user(args.user, args.key, args.force)
|
||||
|
||||
|
||||
def get_command(args: argparse.Namespace) -> None:
|
||||
print(get_user(args.user))
|
||||
|
||||
|
||||
def remove_command(args: argparse.Namespace) -> None:
|
||||
remove_user(args.user)
|
||||
|
||||
@ -77,6 +85,10 @@ def register_users_parser(parser: argparse.ArgumentParser) -> None:
|
||||
)
|
||||
add_parser.set_defaults(func=add_command)
|
||||
|
||||
get_parser = subparser.add_parser("get", help="get a user public key")
|
||||
get_parser.add_argument("user", help="the name of the user", type=user_name_type)
|
||||
get_parser.set_defaults(func=get_command)
|
||||
|
||||
remove_parser = subparser.add_parser("remove", help="remove a user")
|
||||
remove_parser.add_argument("user", help="the name of the user", type=user_name_type)
|
||||
remove_parser.set_defaults(func=remove_command)
|
||||
|
@ -36,8 +36,13 @@ def _test_identities(
|
||||
age_keys[0].privkey,
|
||||
]
|
||||
)
|
||||
capsys.readouterr() # empty the buffer
|
||||
|
||||
capsys.readouterr() # empty the buffer
|
||||
cli.run(["secrets", what, "get", "foo"])
|
||||
out = capsys.readouterr() # empty the buffer
|
||||
assert age_keys[0].pubkey in out.out
|
||||
|
||||
capsys.readouterr() # empty the buffer
|
||||
cli.run(["secrets", what, "list"])
|
||||
out = capsys.readouterr() # empty the buffer
|
||||
assert "foo" in out.out
|
||||
|
Loading…
Reference in New Issue
Block a user