From 52fcc914792fb73efb159794877fe619681edbee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 22 Feb 2024 16:06:39 +0100 Subject: [PATCH] Also commit files when adding machines/users or removing secrets --- pkgs/clan-cli/clan_cli/git.py | 4 +--- pkgs/clan-cli/clan_cli/secrets/machines.py | 16 ++++++++++++++-- pkgs/clan-cli/clan_cli/secrets/secrets.py | 5 +++++ pkgs/clan-cli/clan_cli/secrets/users.py | 9 ++++++++- 4 files changed, 28 insertions(+), 6 deletions(-) diff --git a/pkgs/clan-cli/clan_cli/git.py b/pkgs/clan-cli/clan_cli/git.py index 231ad54a..06cf5be2 100644 --- a/pkgs/clan-cli/clan_cli/git.py +++ b/pkgs/clan-cli/clan_cli/git.py @@ -28,12 +28,10 @@ def commit_files( repo_dir: Path, commit_message: str | None = None, ) -> None: - # check that the file is in the git repository and exists + # check that the file is in the git repository for file_path in file_paths: if not Path(file_path).resolve().is_relative_to(repo_dir.resolve()): raise ClanError(f"File {file_path} is not in the git repository {repo_dir}") - if not file_path.exists(): - raise ClanError(f"File {file_path} does not exist") # generate commit message if not provided if commit_message is None: commit_message = "" diff --git a/pkgs/clan-cli/clan_cli/secrets/machines.py b/pkgs/clan-cli/clan_cli/secrets/machines.py index 2c378a43..87d28583 100644 --- a/pkgs/clan-cli/clan_cli/secrets/machines.py +++ b/pkgs/clan-cli/clan_cli/secrets/machines.py @@ -2,6 +2,7 @@ import argparse from pathlib import Path from ..errors import ClanError +from ..git import commit_files from ..machines.types import machine_name_type, validate_hostname from . import secrets from .folders import list_objects, remove_object, sops_machines_folder @@ -10,7 +11,13 @@ from .types import public_or_private_age_key_type, secret_name_type def add_machine(flake_dir: Path, name: str, key: str, force: bool) -> None: - write_key(sops_machines_folder(flake_dir) / name, key, force) + path = sops_machines_folder(flake_dir) / name + write_key(path, key, force) + commit_files( + [path], + flake_dir, + f"Add machine {name} to secrets", + ) def remove_machine(flake_dir: Path, name: str) -> None: @@ -35,11 +42,16 @@ def list_machines(flake_dir: Path) -> list[str]: def add_secret(flake_dir: Path, machine: str, secret: str) -> None: - secrets.allow_member( + path = secrets.allow_member( secrets.machines_folder(flake_dir, secret), sops_machines_folder(flake_dir), machine, ) + commit_files( + [path], + flake_dir, + f"Add {machine} to secret", + ) def remove_secret(flake_dir: Path, machine: str, secret: str) -> None: diff --git a/pkgs/clan-cli/clan_cli/secrets/secrets.py b/pkgs/clan-cli/clan_cli/secrets/secrets.py index ca6594dd..a95a0644 100644 --- a/pkgs/clan-cli/clan_cli/secrets/secrets.py +++ b/pkgs/clan-cli/clan_cli/secrets/secrets.py @@ -124,6 +124,11 @@ def remove_secret(flake_dir: Path, secret: str) -> None: if not path.exists(): raise ClanError(f"Secret '{secret}' does not exist") shutil.rmtree(path) + commit_files( + [path], + flake_dir, + f"Remove secret {secret}", + ) def remove_command(args: argparse.Namespace) -> None: diff --git a/pkgs/clan-cli/clan_cli/secrets/users.py b/pkgs/clan-cli/clan_cli/secrets/users.py index a97d48d3..8c317638 100644 --- a/pkgs/clan-cli/clan_cli/secrets/users.py +++ b/pkgs/clan-cli/clan_cli/secrets/users.py @@ -2,6 +2,7 @@ import argparse from pathlib import Path from ..errors import ClanError +from ..git import commit_files from . import secrets from .folders import list_objects, remove_object, sops_users_folder from .sops import read_key, write_key @@ -14,7 +15,13 @@ from .types import ( def add_user(flake_dir: Path, name: str, key: str, force: bool) -> None: - write_key(sops_users_folder(flake_dir) / name, key, force) + path = sops_users_folder(flake_dir) / name + write_key(path, key, force) + commit_files( + [path], + flake_dir, + f"Add user {name} to secrets", + ) def remove_user(flake_dir: Path, name: str) -> None: