split of generate_secrets method into smaller functions

2024-02-16 14:48:46 +01:00 · 2024-02-16 14:48:46 +01:00 · 87f301122e
commit 87f301122e
parent 53d658a3c0
1 changed files with 82 additions and 71 deletions
--- a/pkgs/clan-cli/clan_cli/secrets/generate.py
+++ b/pkgs/clan-cli/clan_cli/secrets/generate.py
@ -8,24 +8,24 @@ from tempfile import TemporaryDirectory
 from clan_cli.cmd import run

 from ..errors import ClanError
+from ..facts.modules import FactStoreBase
 from ..git import commit_files
 from ..machines.machines import Machine
 from ..nix import nix_shell
 from .check import check_secrets
+from .modules import SecretStoreBase

 log = logging.getLogger(__name__)


-def generate_secrets(machine: Machine) -> None:
-    secrets_module = importlib.import_module(machine.secrets_module)
-    secret_store = secrets_module.SecretStore(machine=machine)
-
-    facts_module = importlib.import_module(machine.facts_module)
-    fact_store = facts_module.FactStore(machine=machine)
-
-    with TemporaryDirectory() as d:
-        for service in machine.secrets_data:
-            tmpdir = Path(d) / service
+def generate_service_secrets(
+    machine: Machine,
+    service: str,
+    secret_store: SecretStoreBase,
+    fact_store: FactStoreBase,
+    tmpdir: Path,
+) -> None:
+    service_dir = tmpdir / service
    # check if all secrets exist and generate them if at least one is missing
    needs_regeneration = not check_secrets(machine)
    log.debug(f"{service} needs_regeneration: {needs_regeneration}")
@ -35,10 +35,10 @@ def generate_secrets(machine: Machine) -> None:
            msg += "fact/secret generation is only supported for local flakes"

        env = os.environ.copy()
-                facts_dir = tmpdir / "facts"
+        facts_dir = service_dir / "facts"
        facts_dir.mkdir(parents=True)
        env["facts"] = str(facts_dir)
-                secrets_dir = tmpdir / "secrets"
+        secrets_dir = service_dir / "secrets"
        secrets_dir.mkdir(parents=True)
        env["secrets"] = str(secrets_dir)
        # fmt: off
@ -74,9 +74,7 @@ def generate_secrets(machine: Machine) -> None:
                msg = f"did not generate a file for '{secret}' when running the following command:\n"
                msg += machine.secrets_data[service]["generator"]
                raise ClanError(msg)
-                    secret_path = secret_store.set(
-                        service, secret, secret_file.read_bytes()
-                    )
+            secret_path = secret_store.set(service, secret, secret_file.read_bytes())
            if secret_path:
                files_to_commit.append(secret_path)

@ -96,6 +94,19 @@ def generate_secrets(machine: Machine) -> None:
            f"Update facts/secrets for service {service} in machine {machine.name}",
        )

+
+def generate_secrets(machine: Machine) -> None:
+    secrets_module = importlib.import_module(machine.secrets_module)
+    secret_store = secrets_module.SecretStore(machine=machine)
+
+    facts_module = importlib.import_module(machine.facts_module)
+    fact_store = facts_module.FactStore(machine=machine)
+
+    with TemporaryDirectory() as tmp:
+        tmpdir = Path(tmp)
+        for service in machine.secrets_data:
+            generate_service_secrets(machine, service, secret_store, fact_store, tmpdir)
+
    print("successfully generated secrets")