2024-02-12 12:31:12 +00:00
|
|
|
import argparse
|
|
|
|
import importlib
|
|
|
|
import logging
|
|
|
|
|
2024-05-30 17:51:53 +00:00
|
|
|
from ..completions import add_dynamic_completer, complete_machines
|
2024-02-12 12:31:12 +00:00
|
|
|
from ..machines.machines import Machine
|
|
|
|
|
|
|
|
log = logging.getLogger(__name__)
|
|
|
|
|
|
|
|
|
2024-03-23 04:05:31 +00:00
|
|
|
def check_secrets(machine: Machine, service: None | str = None) -> bool:
|
|
|
|
secret_facts_module = importlib.import_module(machine.secret_facts_module)
|
|
|
|
secret_facts_store = secret_facts_module.SecretStore(machine=machine)
|
|
|
|
public_facts_module = importlib.import_module(machine.public_facts_module)
|
|
|
|
public_facts_store = public_facts_module.FactStore(machine=machine)
|
|
|
|
|
|
|
|
missing_secret_facts = []
|
|
|
|
missing_public_facts = []
|
|
|
|
if service:
|
|
|
|
services = [service]
|
|
|
|
else:
|
2024-03-25 14:55:25 +00:00
|
|
|
services = list(machine.facts_data.keys())
|
2024-03-23 04:05:31 +00:00
|
|
|
for service in services:
|
2024-03-25 14:55:25 +00:00
|
|
|
for secret_fact in machine.facts_data[service]["secret"]:
|
2024-03-23 04:05:31 +00:00
|
|
|
if isinstance(secret_fact, str):
|
|
|
|
secret_name = secret_fact
|
|
|
|
else:
|
|
|
|
secret_name = secret_fact["name"]
|
|
|
|
if not secret_facts_store.exists(service, secret_name):
|
2024-03-25 14:27:20 +00:00
|
|
|
log.info(
|
2024-04-15 20:17:53 +00:00
|
|
|
f"Secret fact '{secret_fact}' for service '{service}' in machine {machine.name} is missing."
|
2024-03-25 14:27:20 +00:00
|
|
|
)
|
2024-03-23 04:05:31 +00:00
|
|
|
missing_secret_facts.append((service, secret_name))
|
|
|
|
|
2024-03-25 14:55:25 +00:00
|
|
|
for public_fact in machine.facts_data[service]["public"]:
|
2024-03-23 04:05:31 +00:00
|
|
|
if not public_facts_store.exists(service, public_fact):
|
2024-03-25 14:27:20 +00:00
|
|
|
log.info(
|
2024-04-15 20:17:53 +00:00
|
|
|
f"Public fact '{public_fact}' for service '{service}' in machine {machine.name} is missing."
|
2024-03-25 14:27:20 +00:00
|
|
|
)
|
2024-03-23 04:05:31 +00:00
|
|
|
missing_public_facts.append((service, public_fact))
|
|
|
|
|
|
|
|
log.debug(f"missing_secret_facts: {missing_secret_facts}")
|
|
|
|
log.debug(f"missing_public_facts: {missing_public_facts}")
|
|
|
|
if missing_secret_facts or missing_public_facts:
|
2024-02-12 12:31:12 +00:00
|
|
|
return False
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
|
def check_command(args: argparse.Namespace) -> None:
|
2024-03-23 04:05:31 +00:00
|
|
|
machine = Machine(
|
|
|
|
name=args.machine,
|
|
|
|
flake=args.flake,
|
|
|
|
)
|
|
|
|
check_secrets(machine, service=args.service)
|
2024-02-12 12:31:12 +00:00
|
|
|
|
|
|
|
|
|
|
|
def register_check_parser(parser: argparse.ArgumentParser) -> None:
|
2024-05-30 17:51:53 +00:00
|
|
|
machines_parser = parser.add_argument(
|
2024-02-12 12:31:12 +00:00
|
|
|
"machine",
|
2024-03-23 04:05:31 +00:00
|
|
|
help="The machine to check secrets for",
|
|
|
|
)
|
2024-05-30 17:51:53 +00:00
|
|
|
add_dynamic_completer(machines_parser, complete_machines)
|
|
|
|
|
2024-03-23 04:05:31 +00:00
|
|
|
parser.add_argument(
|
|
|
|
"--service",
|
|
|
|
help="the service to check",
|
2024-02-12 12:31:12 +00:00
|
|
|
)
|
|
|
|
parser.set_defaults(func=check_command)
|