Merge pull request 'Also commit files when adding machines/users or removing secrets' (#876) from Mic92-main into main
This commit is contained in:
commit
36771f3ecd
@ -28,12 +28,10 @@ def commit_files(
|
|||||||
repo_dir: Path,
|
repo_dir: Path,
|
||||||
commit_message: str | None = None,
|
commit_message: str | None = None,
|
||||||
) -> None:
|
) -> None:
|
||||||
# check that the file is in the git repository and exists
|
# check that the file is in the git repository
|
||||||
for file_path in file_paths:
|
for file_path in file_paths:
|
||||||
if not Path(file_path).resolve().is_relative_to(repo_dir.resolve()):
|
if not Path(file_path).resolve().is_relative_to(repo_dir.resolve()):
|
||||||
raise ClanError(f"File {file_path} is not in the git repository {repo_dir}")
|
raise ClanError(f"File {file_path} is not in the git repository {repo_dir}")
|
||||||
if not file_path.exists():
|
|
||||||
raise ClanError(f"File {file_path} does not exist")
|
|
||||||
# generate commit message if not provided
|
# generate commit message if not provided
|
||||||
if commit_message is None:
|
if commit_message is None:
|
||||||
commit_message = ""
|
commit_message = ""
|
||||||
|
@ -2,6 +2,7 @@ import argparse
|
|||||||
from pathlib import Path
|
from pathlib import Path
|
||||||
|
|
||||||
from ..errors import ClanError
|
from ..errors import ClanError
|
||||||
|
from ..git import commit_files
|
||||||
from ..machines.types import machine_name_type, validate_hostname
|
from ..machines.types import machine_name_type, validate_hostname
|
||||||
from . import secrets
|
from . import secrets
|
||||||
from .folders import list_objects, remove_object, sops_machines_folder
|
from .folders import list_objects, remove_object, sops_machines_folder
|
||||||
@ -10,7 +11,13 @@ from .types import public_or_private_age_key_type, secret_name_type
|
|||||||
|
|
||||||
|
|
||||||
def add_machine(flake_dir: Path, name: str, key: str, force: bool) -> None:
|
def add_machine(flake_dir: Path, name: str, key: str, force: bool) -> None:
|
||||||
write_key(sops_machines_folder(flake_dir) / name, key, force)
|
path = sops_machines_folder(flake_dir) / name
|
||||||
|
write_key(path, key, force)
|
||||||
|
commit_files(
|
||||||
|
[path],
|
||||||
|
flake_dir,
|
||||||
|
f"Add machine {name} to secrets",
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
def remove_machine(flake_dir: Path, name: str) -> None:
|
def remove_machine(flake_dir: Path, name: str) -> None:
|
||||||
@ -35,11 +42,16 @@ def list_machines(flake_dir: Path) -> list[str]:
|
|||||||
|
|
||||||
|
|
||||||
def add_secret(flake_dir: Path, machine: str, secret: str) -> None:
|
def add_secret(flake_dir: Path, machine: str, secret: str) -> None:
|
||||||
secrets.allow_member(
|
path = secrets.allow_member(
|
||||||
secrets.machines_folder(flake_dir, secret),
|
secrets.machines_folder(flake_dir, secret),
|
||||||
sops_machines_folder(flake_dir),
|
sops_machines_folder(flake_dir),
|
||||||
machine,
|
machine,
|
||||||
)
|
)
|
||||||
|
commit_files(
|
||||||
|
[path],
|
||||||
|
flake_dir,
|
||||||
|
f"Add {machine} to secret",
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
def remove_secret(flake_dir: Path, machine: str, secret: str) -> None:
|
def remove_secret(flake_dir: Path, machine: str, secret: str) -> None:
|
||||||
|
@ -124,6 +124,11 @@ def remove_secret(flake_dir: Path, secret: str) -> None:
|
|||||||
if not path.exists():
|
if not path.exists():
|
||||||
raise ClanError(f"Secret '{secret}' does not exist")
|
raise ClanError(f"Secret '{secret}' does not exist")
|
||||||
shutil.rmtree(path)
|
shutil.rmtree(path)
|
||||||
|
commit_files(
|
||||||
|
[path],
|
||||||
|
flake_dir,
|
||||||
|
f"Remove secret {secret}",
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
def remove_command(args: argparse.Namespace) -> None:
|
def remove_command(args: argparse.Namespace) -> None:
|
||||||
@ -272,13 +277,19 @@ def set_command(args: argparse.Namespace) -> None:
|
|||||||
|
|
||||||
|
|
||||||
def rename_command(args: argparse.Namespace) -> None:
|
def rename_command(args: argparse.Namespace) -> None:
|
||||||
old_path = sops_secrets_folder(Path(args.flake)) / args.secret
|
flake_dir = Path(args.flake)
|
||||||
new_path = sops_secrets_folder(Path(args.flake)) / args.new_name
|
old_path = sops_secrets_folder(flake_dir) / args.secret
|
||||||
|
new_path = sops_secrets_folder(flake_dir) / args.new_name
|
||||||
if not old_path.exists():
|
if not old_path.exists():
|
||||||
raise ClanError(f"Secret '{args.secret}' does not exist")
|
raise ClanError(f"Secret '{args.secret}' does not exist")
|
||||||
if new_path.exists():
|
if new_path.exists():
|
||||||
raise ClanError(f"Secret '{args.new_name}' already exists")
|
raise ClanError(f"Secret '{args.new_name}' already exists")
|
||||||
os.rename(old_path, new_path)
|
os.rename(old_path, new_path)
|
||||||
|
commit_files(
|
||||||
|
[old_path, new_path],
|
||||||
|
flake_dir,
|
||||||
|
f"Rename secret {args.secret} to {args.new_name}",
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
def register_secrets_parser(subparser: argparse._SubParsersAction) -> None:
|
def register_secrets_parser(subparser: argparse._SubParsersAction) -> None:
|
||||||
|
@ -2,6 +2,7 @@ import argparse
|
|||||||
from pathlib import Path
|
from pathlib import Path
|
||||||
|
|
||||||
from ..errors import ClanError
|
from ..errors import ClanError
|
||||||
|
from ..git import commit_files
|
||||||
from . import secrets
|
from . import secrets
|
||||||
from .folders import list_objects, remove_object, sops_users_folder
|
from .folders import list_objects, remove_object, sops_users_folder
|
||||||
from .sops import read_key, write_key
|
from .sops import read_key, write_key
|
||||||
@ -14,7 +15,13 @@ from .types import (
|
|||||||
|
|
||||||
|
|
||||||
def add_user(flake_dir: Path, name: str, key: str, force: bool) -> None:
|
def add_user(flake_dir: Path, name: str, key: str, force: bool) -> None:
|
||||||
write_key(sops_users_folder(flake_dir) / name, key, force)
|
path = sops_users_folder(flake_dir) / name
|
||||||
|
write_key(path, key, force)
|
||||||
|
commit_files(
|
||||||
|
[path],
|
||||||
|
flake_dir,
|
||||||
|
f"Add user {name} to secrets",
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
def remove_user(flake_dir: Path, name: str) -> None:
|
def remove_user(flake_dir: Path, name: str) -> None:
|
||||||
|
Loading…
Reference in New Issue
Block a user