diff --git a/pkgs/clan-cli/clan_cli/secrets/folders.py b/pkgs/clan-cli/clan_cli/secrets/folders.py index b0f487bb..f9e8d31e 100644 --- a/pkgs/clan-cli/clan_cli/secrets/folders.py +++ b/pkgs/clan-cli/clan_cli/secrets/folders.py @@ -24,12 +24,14 @@ sops_machines_folder = gen_sops_subfolder("machines") sops_groups_folder = gen_sops_subfolder("groups") -def list_objects(path: Path, is_valid: Callable[[str], bool]) -> None: +def list_objects(path: Path, is_valid: Callable[[str], bool]) -> list[str]: + objs: list[str] = [] if not path.exists(): - return + return objs for f in os.listdir(path): if is_valid(f): - print(f) + objs.append(f) + return objs def remove_object(path: Path, name: str) -> None: diff --git a/pkgs/clan-cli/clan_cli/secrets/machines.py b/pkgs/clan-cli/clan_cli/secrets/machines.py index d7a2ffb0..ebb9fb8a 100644 --- a/pkgs/clan-cli/clan_cli/secrets/machines.py +++ b/pkgs/clan-cli/clan_cli/secrets/machines.py @@ -11,26 +11,48 @@ from .types import ( ) -def list_command(args: argparse.Namespace) -> None: - list_objects(sops_machines_folder(), lambda x: validate_hostname(x)) +def add_machine(name: str, key: str, force: bool) -> None: + write_key(sops_machines_folder() / name, key, force) -def add_command(args: argparse.Namespace) -> None: - write_key(sops_machines_folder() / args.machine, args.key, args.force) +def remove_machine(name: str) -> None: + remove_object(sops_machines_folder(), name) -def remove_command(args: argparse.Namespace) -> None: - remove_object(sops_machines_folder(), args.machine) +def list_machines() -> list[str]: + return list_objects(sops_machines_folder(), lambda x: validate_hostname(x)) -def add_secret_command(args: argparse.Namespace) -> None: +def add_secret(machine: str, secret: str) -> None: secrets.allow_member( - secrets.machines_folder(args.secret), sops_machines_folder(), args.machine + secrets.machines_folder(secret), sops_machines_folder(), machine ) +def remove_secret(machine: str, secret: str) -> None: + secrets.disallow_member(secrets.machines_folder(secret), machine) + + +def list_command(args: argparse.Namespace) -> None: + lst = list_machines() + if len(lst) > 0: + print("\n".join(lst)) + + +def add_command(args: argparse.Namespace) -> None: + add_machine(args.machine, args.key, args.force) + + +def remove_command(args: argparse.Namespace) -> None: + remove_machine(args.machine) + + +def add_secret_command(args: argparse.Namespace) -> None: + add_secret(args.machine, args.secret) + + def remove_secret_command(args: argparse.Namespace) -> None: - secrets.disallow_member(secrets.machines_folder(args.secret), args.machine) + remove_secret(args.machine, args.secret) def register_machines_parser(parser: argparse.ArgumentParser) -> None: diff --git a/pkgs/clan-cli/clan_cli/secrets/secrets.py b/pkgs/clan-cli/clan_cli/secrets/secrets.py index 7282ebdc..ed59022a 100644 --- a/pkgs/clan-cli/clan_cli/secrets/secrets.py +++ b/pkgs/clan-cli/clan_cli/secrets/secrets.py @@ -84,14 +84,17 @@ def encrypt_secret( encrypt_file(secret / "secret", value, list(sorted(keys))) -def remove_command(args: argparse.Namespace) -> None: - secret: str = args.secret +def remove_secret(secret: str) -> None: path = sops_secrets_folder() / secret if not path.exists(): raise ClanError(f"Secret '{secret}' does not exist") shutil.rmtree(path) +def remove_command(args: argparse.Namespace) -> None: + remove_secret(args.secret) + + def add_secret_argument(parser: argparse.ArgumentParser) -> None: parser.add_argument("secret", help="the name of the secret", type=secret_name_type) @@ -168,12 +171,18 @@ def disallow_member(group_folder: Path, name: str) -> None: ) -def list_command(args: argparse.Namespace) -> None: - list_objects( +def list_secrets() -> list[str]: + return list_objects( sops_secrets_folder(), lambda n: VALID_SECRET_NAME.match(n) is not None ) +def list_command(args: argparse.Namespace) -> None: + lst = list_secrets() + if len(lst) > 0: + print("\n".join(lst)) + + def get_command(args: argparse.Namespace) -> None: secret: str = args.secret ensure_sops_key() diff --git a/pkgs/clan-cli/clan_cli/secrets/users.py b/pkgs/clan-cli/clan_cli/secrets/users.py index b39d0030..25cf28ae 100644 --- a/pkgs/clan-cli/clan_cli/secrets/users.py +++ b/pkgs/clan-cli/clan_cli/secrets/users.py @@ -19,12 +19,24 @@ def remove_user(name: str) -> None: remove_object(sops_users_folder(), name) -def list_users() -> None: - list_objects(sops_users_folder(), lambda n: VALID_SECRET_NAME.match(n) is not None) +def list_users() -> list[str]: + return list_objects( + sops_users_folder(), lambda n: VALID_SECRET_NAME.match(n) is not None + ) + + +def add_secret(user: str, secret: str) -> None: + secrets.allow_member(secrets.users_folder(secret), sops_users_folder(), user) + + +def remove_secret(user: str, secret: str) -> None: + secrets.disallow_member(secrets.users_folder(secret), user) def list_command(args: argparse.Namespace) -> None: - list_users() + lst = list_users() + if len(lst) > 0: + print("\n".join(lst)) def add_command(args: argparse.Namespace) -> None: @@ -36,13 +48,11 @@ def remove_command(args: argparse.Namespace) -> None: def add_secret_command(args: argparse.Namespace) -> None: - secrets.allow_member( - secrets.users_folder(args.secret), sops_users_folder(), args.user - ) + add_secret(args.user, args.secret) def remove_secret_command(args: argparse.Namespace) -> None: - secrets.disallow_member(secrets.users_folder(args.secret), args.user) + remove_secret(args.user, args.secret) def register_users_parser(parser: argparse.ArgumentParser) -> None: