diff --git a/pkgs/clan-cli/clan_cli/cmd.py b/pkgs/clan-cli/clan_cli/cmd.py index d209981d..a7bc567b 100644 --- a/pkgs/clan-cli/clan_cli/cmd.py +++ b/pkgs/clan-cli/clan_cli/cmd.py @@ -101,13 +101,19 @@ TIME_TABLE = TimeTable() def run( cmd: list[str], *, + input: bytes | None = None, # noqa: A002 env: dict[str, str] | None = None, cwd: Path = Path.cwd(), log: Log = Log.STDERR, check: bool = True, error_msg: str | None = None, ) -> CmdOut: - glog.debug(f"$: {shlex.join(cmd)} \nCaller: {get_caller()}") + if input: + glog.debug( + f"""$: echo "{input.decode('utf-8')}" | {shlex.join(cmd)} \nCaller: {get_caller()}""" + ) + else: + glog.debug(f"$: {shlex.join(cmd)} \nCaller: {get_caller()}") tstart = datetime.now() # Start the subprocess @@ -120,7 +126,10 @@ def run( ) stdout_buf, stderr_buf = handle_output(process, log) - rc = process.wait() + if input: + process.communicate(input) + else: + process.wait() tend = datetime.now() global TIME_TABLE @@ -136,7 +145,7 @@ def run( msg=error_msg, ) - if check and rc != 0: + if check and process.returncode != 0: raise ClanCmdError(cmd_out) return cmd_out diff --git a/pkgs/clan-cli/clan_cli/facts/generate.py b/pkgs/clan-cli/clan_cli/facts/generate.py index 16b8c131..75abc6cd 100644 --- a/pkgs/clan-cli/clan_cli/facts/generate.py +++ b/pkgs/clan-cli/clan_cli/facts/generate.py @@ -32,6 +32,7 @@ def read_multiline_input(prompt: str = "Finish with Ctrl-D") -> str: """ print(prompt, flush=True) proc = subprocess.run(["cat"], stdout=subprocess.PIPE, text=True) + log.info("Input received. Processing...") return proc.stdout diff --git a/pkgs/clan-cli/clan_cli/facts/secret_modules/password_store.py b/pkgs/clan-cli/clan_cli/facts/secret_modules/password_store.py index c804456f..6eba9040 100644 --- a/pkgs/clan-cli/clan_cli/facts/secret_modules/password_store.py +++ b/pkgs/clan-cli/clan_cli/facts/secret_modules/password_store.py @@ -2,6 +2,7 @@ import os import subprocess from pathlib import Path +from clan_cli.cmd import Log, run from clan_cli.machines.machines import Machine from clan_cli.nix import nix_shell @@ -15,25 +16,25 @@ class SecretStore(SecretStoreBase): def set( self, service: str, name: str, value: bytes, groups: list[str] ) -> Path | None: - subprocess.run( + run( nix_shell( ["nixpkgs#pass"], ["pass", "insert", "-m", f"machines/{self.machine.name}/{name}"], ), input=value, - check=True, + log=Log.BOTH, + error_msg=f"Failed to insert secret {name}", ) return None # we manage the files outside of the git repo def get(self, service: str, name: str) -> bytes: - return subprocess.run( + return run( nix_shell( ["nixpkgs#pass"], ["pass", "show", f"machines/{self.machine.name}/{name}"], ), - check=True, - stdout=subprocess.PIPE, - ).stdout + error_msg=f"Failed to get secret {name}", + ).stdout.encode("utf-8") def exists(self, service: str, name: str) -> bool: password_store = os.environ.get( @@ -48,7 +49,7 @@ class SecretStore(SecretStoreBase): ) hashes = [] hashes.append( - subprocess.run( + run( nix_shell( ["nixpkgs#git"], [ @@ -61,13 +62,15 @@ class SecretStore(SecretStoreBase): f"machines/{self.machine.name}", ], ), - stdout=subprocess.PIPE, - ).stdout.strip() + check=False, + ) + .stdout.encode("utf-8") + .strip() ) for symlink in Path(password_store).glob(f"machines/{self.machine.name}/**/*"): if symlink.is_symlink(): hashes.append( - subprocess.run( + run( nix_shell( ["nixpkgs#git"], [ @@ -80,8 +83,10 @@ class SecretStore(SecretStoreBase): str(symlink), ], ), - stdout=subprocess.PIPE, - ).stdout.strip() + check=False, + ) + .stdout.encode("utf-8") + .strip() ) # we sort the hashes to make sure that the order is always the same diff --git a/pkgs/tea-create-pr/script.sh b/pkgs/tea-create-pr/script.sh index 04d059f6..e489a285 100755 --- a/pkgs/tea-create-pr/script.sh +++ b/pkgs/tea-create-pr/script.sh @@ -30,7 +30,7 @@ if ! check_remote "$remoteUpstream"; then exit 1 fi -treefmt -C "$root_dir" +treefmt --fail-on-change -C "$root_dir" upstream_url=$(git remote get-url "$remoteUpstream") set -x @@ -61,4 +61,4 @@ tea pr create \ --head "$user:$tempRemoteBranch" \ --title "$firstLine" \ --description "$rest" \ - "$@" \ No newline at end of file + "$@"