diff --git a/checks/backups/flake-module.nix b/checks/backups/flake-module.nix index 78fabddf..62c4429e 100644 --- a/checks/backups/flake-module.nix +++ b/checks/backups/flake-module.nix @@ -145,14 +145,14 @@ machine.succeed("echo testing > /var/test-backups/somefile") # create - machine.succeed("clan --debug --flake ${self} backups create test-backup") + machine.succeed("clan backups create --debug --flake ${self} test-backup") machine.wait_until_succeeds("! systemctl is-active borgbackup-job-test-backup >&2") machine.succeed("test -f /run/mount-external-disk") machine.succeed("test -f /run/unmount-external-disk") # list backup_id = json.loads(machine.succeed("borg-job-test-backup list --json"))["archives"][0]["archive"] - out = machine.succeed("clan --debug --flake ${self} backups list test-backup").strip() + out = machine.succeed("clan backups list --debug --flake ${self} test-backup").strip() print(out) assert backup_id in out, f"backup {backup_id} not found in {out}" localbackup_id = "hdd::/mnt/external-disk/snapshot.0" @@ -160,14 +160,14 @@ ## borgbackup restore machine.succeed("rm -f /var/test-backups/somefile") - machine.succeed(f"clan --debug --flake ${self} backups restore test-backup borgbackup 'test-backup::borg@machine:.::{backup_id}' >&2") + machine.succeed(f"clan backups restore --debug --flake ${self} test-backup borgbackup 'test-backup::borg@machine:.::{backup_id}' >&2") assert machine.succeed("cat /var/test-backups/somefile").strip() == "testing", "restore failed" machine.succeed("test -f /var/test-service/pre-restore-command") machine.succeed("test -f /var/test-service/post-restore-command") ## localbackup restore machine.succeed("rm -f /var/test-backups/somefile /var/test-service/{pre,post}-restore-command") - machine.succeed(f"clan --debug --flake ${self} backups restore test-backup localbackup '{localbackup_id}' >&2") + machine.succeed(f"clan backups restore --debug --flake ${self} test-backup localbackup '{localbackup_id}' >&2") assert machine.succeed("cat /var/test-backups/somefile").strip() == "testing", "restore failed" machine.succeed("test -f /var/test-service/pre-restore-command") machine.succeed("test -f /var/test-service/post-restore-command") diff --git a/checks/flash/flake-module.nix b/checks/flash/flake-module.nix index c21d46e8..d0164224 100644 --- a/checks/flash/flake-module.nix +++ b/checks/flash/flake-module.nix @@ -1,33 +1,58 @@ -{ ... }: +{ self, ... }: { perSystem = - { ... }: { - # checks = pkgs.lib.mkIf (pkgs.stdenv.isLinux) { - # flash = (import ../lib/test-base.nix) { - # name = "flash"; - # nodes.target = { - # virtualisation.emptyDiskImages = [ 4096 ]; - # virtualisation.memorySize = 3000; - # environment.systemPackages = [ self.packages.${pkgs.system}.clan-cli ]; - # environment.etc."install-closure".source = "${closureInfo}/store-paths"; + nodes, + pkgs, + lib, + ... + }: + let + dependencies = [ + self + pkgs.stdenv.drvPath + pkgs.jq + pkgs.disko + pkgs.stdenvNoCC.drvPath + pkgs.openssl + pkgs.curl + self.clanInternals.machines.${pkgs.hostPlatform.system}.test_install_machine.config.system.build.toplevel + self.clanInternals.machines.${pkgs.hostPlatform.system}.test_install_machine.config.system.build.diskoScript + self.clanInternals.machines.${pkgs.hostPlatform.system}.test_install_machine.config.system.clan.deployment.file + self.clanInternals.machines.${pkgs.hostPlatform.system}.test_install_machine.pkgs.disko + ] ++ builtins.map (i: i.outPath) (builtins.attrValues self.inputs); + closureInfo = pkgs.closureInfo { rootPaths = dependencies; }; + in + { + # Currently disabled... + checks = pkgs.lib.mkIf (false && pkgs.stdenv.isLinux) { + flash = (import ../lib/test-base.nix) { + name = "flash"; + nodes.target = { + virtualisation.emptyDiskImages = [ 4096 ]; + virtualisation.memorySize = 3000; + environment.systemPackages = [ self.packages.${pkgs.system}.clan-cli ]; + environment.etc."install-closure".source = "${closureInfo}/store-paths"; - # nix.settings = { - # substituters = lib.mkForce [ ]; - # hashed-mirrors = null; - # connect-timeout = lib.mkForce 3; - # flake-registry = pkgs.writeText "flake-registry" ''{"flakes":[],"version":2}''; - # experimental-features = [ - # "nix-command" - # "flakes" - # ]; - # }; - # }; - # testScript = '' - # start_all() - # machine.succeed("clan --debug --flake ${../..} flash --yes --disk main /dev/vdb test_install_machine") - # ''; - # } { inherit pkgs self; }; - # }; + nix.settings = { + substituters = lib.mkForce [ ]; + hashed-mirrors = null; + connect-timeout = lib.mkForce 3; + flake-registry = pkgs.writeText "flake-registry" ''{"flakes":[],"version":2}''; + experimental-features = [ + "nix-command" + "flakes" + ]; + }; + }; + testScript = '' + start_all() + machine.succeed("nix-store --verify-path ${ + self.clanInternals.machines.${pkgs.hostPlatform.system}.test_install_machine.config.system.build.diskoScript + }") + machine.execute("timeout 30 clan flash --debug --flake ${../..} --yes --disk main /dev/vdb test_install_machine") + ''; + } { inherit pkgs self; }; + }; }; } diff --git a/checks/installation/flake-module.nix b/checks/installation/flake-module.nix index ff5a5d92..c81b9c06 100644 --- a/checks/installation/flake-module.nix +++ b/checks/installation/flake-module.nix @@ -2,8 +2,8 @@ { clan.machines.test_install_machine = { clan.networking.targetHost = "test_install_machine"; - fileSystems."/".device = lib.mkDefault "/dev/null"; - boot.loader.grub.device = lib.mkDefault "/dev/null"; + fileSystems."/".device = lib.mkDefault "/dev/vdb"; + boot.loader.grub.device = lib.mkDefault "/dev/vdb"; imports = [ self.nixosModules.test_install_machine ]; }; @@ -98,7 +98,7 @@ client.succeed("${pkgs.coreutils}/bin/install -Dm 600 ${../lib/ssh/privkey} /root/.ssh/id_ed25519") client.wait_until_succeeds("ssh -o StrictHostKeyChecking=accept-new -v root@target hostname") - client.succeed("clan --debug --flake ${../..} machines install --yes test_install_machine root@target >&2") + client.succeed("clan machines install --debug --flake ${../..} --yes test_install_machine root@target >&2") try: target.shutdown() except BrokenPipeError: diff --git a/docs/site/getting-started/installer.md b/docs/site/getting-started/installer.md index 6953b58a..30ffb1a6 100644 --- a/docs/site/getting-started/installer.md +++ b/docs/site/getting-started/installer.md @@ -46,7 +46,7 @@ sudo umount /dev/sdb1 It also includes the language and keymap currently used into the installer image. ```bash - clan --flake git+https://git.clan.lol/clan/clan-core flash flash-installer --disk main /dev/sd + clan flash --flake git+https://git.clan.lol/clan/clan-core flash-installer --disk main /dev/sd ``` !!! Danger "Specifying the wrong device can lead to unrecoverable data loss." diff --git a/pkgs/clan-cli/clan_cli/__init__.py b/pkgs/clan-cli/clan_cli/__init__.py index b985a84f..7ce56055 100644 --- a/pkgs/clan-cli/clan_cli/__init__.py +++ b/pkgs/clan-cli/clan_cli/__init__.py @@ -107,8 +107,6 @@ For more detailed information, visit: https://docs.clan.lol ), formatter_class=argparse.RawTextHelpFormatter, ) - add_common_flags(parser) - subparsers = parser.add_subparsers() parser_backups = subparsers.add_parser( diff --git a/pkgs/clan-cli/tests/test_backups.py b/pkgs/clan-cli/tests/test_backups.py index 8abbc572..16ec42ac 100644 --- a/pkgs/clan-cli/tests/test_backups.py +++ b/pkgs/clan-cli/tests/test_backups.py @@ -11,10 +11,10 @@ def test_backups( cli.run( [ - "--flake", - str(test_flake_with_core.path), "backups", "list", + "--flake", + str(test_flake_with_core.path), "vm1", ] ) diff --git a/pkgs/clan-cli/tests/test_config.py b/pkgs/clan-cli/tests/test_config.py index 7adfb8bf..b9957089 100644 --- a/pkgs/clan-cli/tests/test_config.py +++ b/pkgs/clan-cli/tests/test_config.py @@ -39,9 +39,9 @@ def test_set_some_option( cli = Cli() cli.run( [ + "config", "--flake", str(test_flake.path), - "config", "--quiet", "--options-file", example_options, @@ -64,9 +64,9 @@ def test_configure_machine( cli.run( [ + "config", "--flake", str(test_flake.path), - "config", "-m", "machine1", "clan.jitsi.enable", @@ -78,9 +78,9 @@ def test_configure_machine( # read a option value cli.run( [ + "config", "--flake", str(test_flake.path), - "config", "-m", "machine1", "clan.jitsi.enable", diff --git a/pkgs/clan-cli/tests/test_flakes_cli.py b/pkgs/clan-cli/tests/test_flakes_cli.py index e6138c05..34e4f343 100644 --- a/pkgs/clan-cli/tests/test_flakes_cli.py +++ b/pkgs/clan-cli/tests/test_flakes_cli.py @@ -15,10 +15,10 @@ def test_flakes_inspect( cli = Cli() cli.run( [ - "--flake", - str(test_flake_with_core.path), "flakes", "inspect", + "--flake", + str(test_flake_with_core.path), "--machine", "vm1", ] diff --git a/pkgs/clan-cli/tests/test_import_sops_cli.py b/pkgs/clan-cli/tests/test_import_sops_cli.py index 3f730346..17a9a5a6 100644 --- a/pkgs/clan-cli/tests/test_import_sops_cli.py +++ b/pkgs/clan-cli/tests/test_import_sops_cli.py @@ -21,55 +21,55 @@ def test_import_sops( monkeypatch.setenv("SOPS_AGE_KEY", age_keys[1].privkey) cli.run( [ - "--flake", - str(test_flake.path), "secrets", "machines", "add", + "--flake", + str(test_flake.path), "machine1", age_keys[0].pubkey, ] ) cli.run( [ - "--flake", - str(test_flake.path), "secrets", "users", "add", + "--flake", + str(test_flake.path), "user1", age_keys[1].pubkey, ] ) cli.run( [ - "--flake", - str(test_flake.path), "secrets", "users", "add", + "--flake", + str(test_flake.path), "user2", age_keys[2].pubkey, ] ) cli.run( [ - "--flake", - str(test_flake.path), "secrets", "groups", "add-user", + "--flake", + str(test_flake.path), "group1", "user1", ] ) cli.run( [ - "--flake", - str(test_flake.path), "secrets", "groups", "add-user", + "--flake", + str(test_flake.path), "group1", "user2", ] @@ -78,10 +78,10 @@ def test_import_sops( # To edit: # SOPS_AGE_KEY=AGE-SECRET-KEY-1U5ENXZQAY62NC78Y2WC0SEGRRMAEEKH79EYY5TH4GPFWJKEAY0USZ6X7YQ sops --age age14tva0txcrl0zes05x7gkx56qd6wd9q3nwecjac74xxzz4l47r44sv3fz62 ./data/secrets.yaml cmd = [ - "--flake", - str(test_flake.path), "secrets", "import-sops", + "--flake", + str(test_flake.path), "--group", "group1", "--machine", @@ -91,10 +91,10 @@ def test_import_sops( cli.run(cmd) capsys.readouterr() - cli.run(["--flake", str(test_flake.path), "secrets", "users", "list"]) + cli.run(["secrets", "users", "list", "--flake", str(test_flake.path)]) users = sorted(capsys.readouterr().out.rstrip().split()) assert users == ["user1", "user2"] capsys.readouterr() - cli.run(["--flake", str(test_flake.path), "secrets", "get", "secret-key"]) + cli.run(["secrets", "get", "--flake", str(test_flake.path), "secret-key"]) assert capsys.readouterr().out == "secret-value" diff --git a/pkgs/clan-cli/tests/test_machines_cli.py b/pkgs/clan-cli/tests/test_machines_cli.py index a06ce656..3a25e7ae 100644 --- a/pkgs/clan-cli/tests/test_machines_cli.py +++ b/pkgs/clan-cli/tests/test_machines_cli.py @@ -9,11 +9,11 @@ def test_machine_subcommands( ) -> None: cli = Cli() cli.run( - ["--flake", str(test_flake_with_core.path), "machines", "create", "machine1"] + ["machines", "create", "--flake", str(test_flake_with_core.path), "machine1"] ) capsys.readouterr() - cli.run(["--flake", str(test_flake_with_core.path), "machines", "list"]) + cli.run(["machines", "list", "--flake", str(test_flake_with_core.path)]) out = capsys.readouterr() @@ -22,11 +22,11 @@ def test_machine_subcommands( assert "vm2" in out.out cli.run( - ["--flake", str(test_flake_with_core.path), "machines", "delete", "machine1"] + ["machines", "delete", "--flake", str(test_flake_with_core.path), "machine1"] ) capsys.readouterr() - cli.run(["--flake", str(test_flake_with_core.path), "machines", "list"]) + cli.run(["machines", "list", "--flake", str(test_flake_with_core.path)]) out = capsys.readouterr() assert "machine1" not in out.out diff --git a/pkgs/clan-cli/tests/test_secrets_cli.py b/pkgs/clan-cli/tests/test_secrets_cli.py index aa049be2..05cf7a8c 100644 --- a/pkgs/clan-cli/tests/test_secrets_cli.py +++ b/pkgs/clan-cli/tests/test_secrets_cli.py @@ -27,11 +27,11 @@ def _test_identities( cli.run( [ - "--flake", - str(test_flake.path), "secrets", what, "add", + "--flake", + str(test_flake.path), "foo", age_keys[0].pubkey, ] @@ -41,11 +41,11 @@ def _test_identities( with pytest.raises(ClanError): # raises "foo already exists" cli.run( [ - "--flake", - str(test_flake.path), "secrets", what, "add", + "--flake", + str(test_flake.path), "foo", age_keys[0].pubkey, ] @@ -54,11 +54,11 @@ def _test_identities( # rotate the key cli.run( [ - "--flake", - str(test_flake.path), "secrets", what, "add", + "--flake", + str(test_flake.path), "-f", "foo", age_keys[1].privkey, @@ -68,11 +68,11 @@ def _test_identities( capsys.readouterr() # empty the buffer cli.run( [ - "--flake", - str(test_flake.path), "secrets", what, "get", + "--flake", + str(test_flake.path), "foo", ] ) @@ -80,18 +80,18 @@ def _test_identities( assert age_keys[1].pubkey in out.out capsys.readouterr() # empty the buffer - cli.run(["--flake", str(test_flake.path), "secrets", what, "list"]) + cli.run(["secrets", what, "list", "--flake", str(test_flake.path)]) out = capsys.readouterr() # empty the buffer assert "foo" in out.out - cli.run(["--flake", str(test_flake.path), "secrets", what, "remove", "foo"]) + cli.run(["secrets", what, "remove", "--flake", str(test_flake.path), "foo"]) assert not (sops_folder / what / "foo" / "key.json").exists() with pytest.raises(ClanError): # already removed - cli.run(["--flake", str(test_flake.path), "secrets", what, "remove", "foo"]) + cli.run(["secrets", what, "remove", "--flake", str(test_flake.path), "foo"]) capsys.readouterr() - cli.run(["--flake", str(test_flake.path), "secrets", what, "list"]) + cli.run(["secrets", what, "list", "--flake", str(test_flake.path)]) out = capsys.readouterr() assert "foo" not in out.out @@ -113,17 +113,17 @@ def test_groups( ) -> None: cli = Cli() capsys.readouterr() # empty the buffer - cli.run(["--flake", str(test_flake.path), "secrets", "groups", "list"]) + cli.run(["secrets", "groups", "list", "--flake", str(test_flake.path)]) assert capsys.readouterr().out == "" with pytest.raises(ClanError): # machine does not exist yet cli.run( [ - "--flake", - str(test_flake.path), "secrets", "groups", "add-machine", + "--flake", + str(test_flake.path), "group1", "machine1", ] @@ -131,33 +131,33 @@ def test_groups( with pytest.raises(ClanError): # user does not exist yet cli.run( [ - "--flake", - str(test_flake.path), "secrets", "groups", "add-user", + "--flake", + str(test_flake.path), "groupb1", "user1", ] ) cli.run( [ - "--flake", - str(test_flake.path), "secrets", "machines", "add", + "--flake", + str(test_flake.path), "machine1", age_keys[0].pubkey, ] ) cli.run( [ - "--flake", - str(test_flake.path), "secrets", "groups", "add-machine", + "--flake", + str(test_flake.path), "group1", "machine1", ] @@ -166,11 +166,11 @@ def test_groups( # Should this fail? cli.run( [ - "--flake", - str(test_flake.path), "secrets", "groups", "add-machine", + "--flake", + str(test_flake.path), "group1", "machine1", ] @@ -178,51 +178,51 @@ def test_groups( cli.run( [ - "--flake", - str(test_flake.path), "secrets", "users", "add", + "--flake", + str(test_flake.path), "user1", age_keys[0].pubkey, ] ) cli.run( [ - "--flake", - str(test_flake.path), "secrets", "groups", "add-user", + "--flake", + str(test_flake.path), "group1", "user1", ] ) capsys.readouterr() # empty the buffer - cli.run(["--flake", str(test_flake.path), "secrets", "groups", "list"]) + cli.run(["secrets", "groups", "list", "--flake", str(test_flake.path)]) out = capsys.readouterr().out assert "user1" in out assert "machine1" in out cli.run( [ - "--flake", - str(test_flake.path), "secrets", "groups", "remove-user", + "--flake", + str(test_flake.path), "group1", "user1", ] ) cli.run( [ - "--flake", - str(test_flake.path), "secrets", "groups", "remove-machine", + "--flake", + str(test_flake.path), "group1", "machine1", ] @@ -251,90 +251,90 @@ def test_secrets( ) -> None: cli = Cli() capsys.readouterr() # empty the buffer - cli.run(["--flake", str(test_flake.path), "secrets", "list"]) + cli.run(["secrets", "list", "--flake", str(test_flake.path)]) assert capsys.readouterr().out == "" monkeypatch.setenv("SOPS_NIX_SECRET", "foo") monkeypatch.setenv("SOPS_AGE_KEY_FILE", str(test_flake.path / ".." / "age.key")) - cli.run(["--flake", str(test_flake.path), "secrets", "key", "generate"]) + cli.run(["secrets", "key", "generate", "--flake", str(test_flake.path)]) capsys.readouterr() # empty the buffer - cli.run(["--flake", str(test_flake.path), "secrets", "key", "show"]) + cli.run(["secrets", "key", "show", "--flake", str(test_flake.path)]) key = capsys.readouterr().out assert key.startswith("age1") cli.run( - ["--flake", str(test_flake.path), "secrets", "users", "add", "testuser", key] + ["secrets", "users", "add", "--flake", str(test_flake.path), "testuser", key] ) with pytest.raises(ClanError): # does not exist yet - cli.run(["--flake", str(test_flake.path), "secrets", "get", "nonexisting"]) - cli.run(["--flake", str(test_flake.path), "secrets", "set", "initialkey"]) + cli.run(["secrets", "get", "--flake", str(test_flake.path), "nonexisting"]) + cli.run(["secrets", "set", "--flake", str(test_flake.path), "initialkey"]) capsys.readouterr() - cli.run(["--flake", str(test_flake.path), "secrets", "get", "initialkey"]) + cli.run(["secrets", "get", "--flake", str(test_flake.path), "initialkey"]) assert capsys.readouterr().out == "foo" capsys.readouterr() - cli.run(["--flake", str(test_flake.path), "secrets", "users", "list"]) + cli.run(["secrets", "users", "list", "--flake", str(test_flake.path)]) users = capsys.readouterr().out.rstrip().split("\n") assert len(users) == 1, f"users: {users}" owner = users[0] monkeypatch.setenv("EDITOR", "cat") - cli.run(["--flake", str(test_flake.path), "secrets", "set", "--edit", "initialkey"]) + cli.run(["secrets", "set", "--edit", "--flake", str(test_flake.path), "initialkey"]) monkeypatch.delenv("EDITOR") - cli.run(["--flake", str(test_flake.path), "secrets", "rename", "initialkey", "key"]) + cli.run(["secrets", "rename", "--flake", str(test_flake.path), "initialkey", "key"]) capsys.readouterr() # empty the buffer - cli.run(["--flake", str(test_flake.path), "secrets", "list"]) + cli.run(["secrets", "list", "--flake", str(test_flake.path)]) assert capsys.readouterr().out == "key\n" capsys.readouterr() # empty the buffer - cli.run(["--flake", str(test_flake.path), "secrets", "list", "nonexisting"]) + cli.run(["secrets", "list", "--flake", str(test_flake.path), "nonexisting"]) assert capsys.readouterr().out == "" capsys.readouterr() # empty the buffer - cli.run(["--flake", str(test_flake.path), "secrets", "list", "key"]) + cli.run(["secrets", "list", "--flake", str(test_flake.path), "key"]) assert capsys.readouterr().out == "key\n" cli.run( [ - "--flake", - str(test_flake.path), "secrets", "machines", "add", + "--flake", + str(test_flake.path), "machine1", age_keys[1].pubkey, ] ) cli.run( [ - "--flake", - str(test_flake.path), "secrets", "machines", "add-secret", + "--flake", + str(test_flake.path), "machine1", "key", ] ) capsys.readouterr() - cli.run(["--flake", str(test_flake.path), "secrets", "machines", "list"]) + cli.run(["secrets", "machines", "list", "--flake", str(test_flake.path)]) assert capsys.readouterr().out == "machine1\n" with use_key(age_keys[1].privkey, monkeypatch): capsys.readouterr() - cli.run(["--flake", str(test_flake.path), "secrets", "get", "key"]) + cli.run(["secrets", "get", "--flake", str(test_flake.path), "key"]) assert capsys.readouterr().out == "foo" # rotate machines key cli.run( [ - "--flake", - str(test_flake.path), "secrets", "machines", "add", + "--flake", + str(test_flake.path), "-f", "machine1", age_keys[0].privkey, @@ -344,17 +344,17 @@ def test_secrets( # should also rotate the encrypted secret with use_key(age_keys[0].privkey, monkeypatch): capsys.readouterr() - cli.run(["--flake", str(test_flake.path), "secrets", "get", "key"]) + cli.run(["secrets", "get", "--flake", str(test_flake.path), "key"]) assert capsys.readouterr().out == "foo" cli.run( [ - "--flake", - str(test_flake.path), "secrets", "machines", "remove-secret", + "--flake", + str(test_flake.path), "machine1", "key", ] @@ -362,37 +362,37 @@ def test_secrets( cli.run( [ - "--flake", - str(test_flake.path), "secrets", "users", "add", + "--flake", + str(test_flake.path), "user1", age_keys[1].pubkey, ] ) cli.run( [ - "--flake", - str(test_flake.path), "secrets", "users", "add-secret", + "--flake", + str(test_flake.path), "user1", "key", ] ) capsys.readouterr() with use_key(age_keys[1].privkey, monkeypatch): - cli.run(["--flake", str(test_flake.path), "secrets", "get", "key"]) + cli.run(["secrets", "get", "--flake", str(test_flake.path), "key"]) assert capsys.readouterr().out == "foo" cli.run( [ - "--flake", - str(test_flake.path), "secrets", "users", "remove-secret", + "--flake", + str(test_flake.path), "user1", "key", ] @@ -401,44 +401,44 @@ def test_secrets( with pytest.raises(ClanError): # does not exist yet cli.run( [ - "--flake", - str(test_flake.path), "secrets", "groups", "add-secret", + "--flake", + str(test_flake.path), "admin-group", "key", ] ) cli.run( [ - "--flake", - str(test_flake.path), "secrets", "groups", "add-user", + "--flake", + str(test_flake.path), "admin-group", "user1", ] ) cli.run( [ - "--flake", - str(test_flake.path), "secrets", "groups", "add-user", + "--flake", + str(test_flake.path), "admin-group", owner, ] ) cli.run( [ - "--flake", - str(test_flake.path), "secrets", "groups", "add-secret", + "--flake", + str(test_flake.path), "admin-group", "key", ] @@ -447,10 +447,10 @@ def test_secrets( capsys.readouterr() # empty the buffer cli.run( [ - "--flake", - str(test_flake.path), "secrets", "set", + "--flake", + str(test_flake.path), "--group", "admin-group", "key2", @@ -459,28 +459,28 @@ def test_secrets( with use_key(age_keys[1].privkey, monkeypatch): capsys.readouterr() - cli.run(["--flake", str(test_flake.path), "secrets", "get", "key"]) + cli.run(["secrets", "get", "--flake", str(test_flake.path), "key"]) assert capsys.readouterr().out == "foo" # extend group will update secrets cli.run( [ - "--flake", - str(test_flake.path), "secrets", "users", "add", + "--flake", + str(test_flake.path), "user2", age_keys[2].pubkey, ] ) cli.run( [ - "--flake", - str(test_flake.path), "secrets", "groups", "add-user", + "--flake", + str(test_flake.path), "admin-group", "user2", ] @@ -488,16 +488,16 @@ def test_secrets( with use_key(age_keys[2].privkey, monkeypatch): # user2 capsys.readouterr() - cli.run(["--flake", str(test_flake.path), "secrets", "get", "key"]) + cli.run(["secrets", "get", "--flake", str(test_flake.path), "key"]) assert capsys.readouterr().out == "foo" cli.run( [ - "--flake", - str(test_flake.path), "secrets", "groups", "remove-user", + "--flake", + str(test_flake.path), "admin-group", "user2", ] @@ -505,24 +505,24 @@ def test_secrets( with pytest.raises(ClanError), use_key(age_keys[2].privkey, monkeypatch): # user2 is not in the group anymore capsys.readouterr() - cli.run(["--flake", str(test_flake.path), "secrets", "get", "key"]) + cli.run(["secrets", "get", "--flake", str(test_flake.path), "key"]) print(capsys.readouterr().out) cli.run( [ - "--flake", - str(test_flake.path), "secrets", "groups", "remove-secret", + "--flake", + str(test_flake.path), "admin-group", "key", ] ) - cli.run(["--flake", str(test_flake.path), "secrets", "remove", "key"]) - cli.run(["--flake", str(test_flake.path), "secrets", "remove", "key2"]) + cli.run(["secrets", "remove", "--flake", str(test_flake.path), "key"]) + cli.run(["secrets", "remove", "--flake", str(test_flake.path), "key2"]) capsys.readouterr() # empty the buffer - cli.run(["--flake", str(test_flake.path), "secrets", "list"]) + cli.run(["secrets", "list", "--flake", str(test_flake.path)]) assert capsys.readouterr().out == "" diff --git a/pkgs/clan-cli/tests/test_secrets_generate.py b/pkgs/clan-cli/tests/test_secrets_generate.py index d7b4d56a..bab660dc 100644 --- a/pkgs/clan-cli/tests/test_secrets_generate.py +++ b/pkgs/clan-cli/tests/test_secrets_generate.py @@ -24,27 +24,27 @@ def test_generate_secret( cli = Cli() cli.run( [ - "--flake", - str(test_flake_with_core.path), "secrets", "users", "add", + "--flake", + str(test_flake_with_core.path), "user1", age_keys[0].pubkey, ] ) cli.run( [ - "--flake", - str(test_flake_with_core.path), "secrets", "groups", "add-user", + "--flake", + str(test_flake_with_core.path), "admins", "user1", ] ) - cmd = ["--flake", str(test_flake_with_core.path), "facts", "generate", "vm1"] + cmd = ["facts", "generate", "--flake", str(test_flake_with_core.path), "vm1"] cli.run(cmd) has_secret(test_flake_with_core.path, "vm1-age.key") has_secret(test_flake_with_core.path, "vm1-zerotier-identity-secret") @@ -60,7 +60,7 @@ def test_generate_secret( secret1_mtime = identity_secret.lstat().st_mtime_ns # test idempotency for vm1 and also generate for vm2 - cli.run(["facts", "generate"]) + cli.run(["facts", "generate", "--flake", str(test_flake_with_core.path)]) assert age_key.lstat().st_mtime_ns == age_key_mtime assert identity_secret.lstat().st_mtime_ns == secret1_mtime diff --git a/pkgs/clan-cli/tests/test_secrets_upload.py b/pkgs/clan-cli/tests/test_secrets_upload.py index 157340f2..fa829324 100644 --- a/pkgs/clan-cli/tests/test_secrets_upload.py +++ b/pkgs/clan-cli/tests/test_secrets_upload.py @@ -23,11 +23,11 @@ def test_secrets_upload( cli = Cli() cli.run( [ - "--flake", - str(test_flake_with_core.path), "secrets", "users", "add", + "--flake", + str(test_flake_with_core.path), "user1", age_keys[0].pubkey, ] @@ -35,18 +35,18 @@ def test_secrets_upload( cli.run( [ - "--flake", - str(test_flake_with_core.path), "secrets", "machines", "add", + "--flake", + str(test_flake_with_core.path), "vm1", age_keys[1].pubkey, ] ) monkeypatch.setenv("SOPS_NIX_SECRET", age_keys[0].privkey) cli.run( - ["--flake", str(test_flake_with_core.path), "secrets", "set", "vm1-age.key"] + ["secrets", "set", "--flake", str(test_flake_with_core.path), "vm1-age.key"] ) flake = test_flake_with_core.path.joinpath("flake.nix") @@ -55,7 +55,7 @@ def test_secrets_upload( new_text = flake.read_text().replace("__CLAN_TARGET_ADDRESS__", addr) flake.write_text(new_text) - cli.run(["--flake", str(test_flake_with_core.path), "facts", "upload", "vm1"]) + cli.run(["facts", "upload", "--flake", str(test_flake_with_core.path), "vm1"]) # the flake defines this path as the location where the sops key should be installed sops_key = test_flake_with_core.path.joinpath("key.txt") diff --git a/pkgs/clan-cli/tests/test_vms_cli.py b/pkgs/clan-cli/tests/test_vms_cli.py index 47dce1c4..2a8f367f 100644 --- a/pkgs/clan-cli/tests/test_vms_cli.py +++ b/pkgs/clan-cli/tests/test_vms_cli.py @@ -86,7 +86,7 @@ def test_inspect( test_flake_with_core: FlakeForTest, capsys: pytest.CaptureFixture ) -> None: cli = Cli() - cli.run(["--flake", str(test_flake_with_core.path), "vms", "inspect", "vm1"]) + cli.run(["vms", "inspect", "--flake", str(test_flake_with_core.path), "vm1"]) out = capsys.readouterr() # empty the buffer assert "Cores" in out.out