clan/clan-core
11
2
Fork 13
Code Issues 91 Pull Requests 5 Actions Packages Projects 1 Releases Wiki Activity

drop global argparse flags
All checks were successful
buildbot/nix-build .#checks.x86_64-linux.clan-dep-nix Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.borgbackup Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.devShell-docs Build done.
Details
buildbot/nix-build .#checks.aarch64-darwin.nixos-iso-installer Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.clan-dep-sshpass Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.clan-dep-sops Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.clan-dep-tor Build done.
Details
buildbot/nix-build .#checks.aarch64-linux.nixos-test-backup Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.clan-vm-manager-no-breakpoints Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.clan-dep-git Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.clan-dep-bash Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.clan-dep-fakeroot Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.clan-dep-e2fsprogs Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.clan-dep-age Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.check-for-breakpoints Build done.
Details
buildbot/nix-build .#checks.aarch64-darwin.nixos-test_install_machine Build done.
Details
buildbot/nix-build .#checks.aarch64-darwin.nixos-test-backup Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-module-docs Build done.
Details
buildbot/nix-build .#checks.aarch64-darwin.nixos-flash-installer Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.renderClanOptions Build done.
Details
buildbot/nix-build .#checks.aarch64-linux.nixos-test_install_machine Build done.
Details
buildbot/nix-build .#checks.aarch64-linux.nixos-flash-installer Build done.
Details
buildbot/nix-build .#checks.x86_64-linux."clan-dep-python3.11-qemu" Build done.
Details
buildbot/nix-build .#checks.x86_64-linux."clan-dep-python3.11-mypy" Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.clan-dep-zbar Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.clan-vm-manager-pytest Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.nixos-test-backup Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.devShell-default Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.devShell-webview-ui Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.treefmt Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-default Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.module-schema Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.container Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.clan-dep-openssh Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.devShell-clan-cli Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.clan-dep-rsync Build done.
Details
buildbot/nix-build .#checks.aarch64-linux.nixos-iso-installer Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.lib-jsonschema-example-valid Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.devShell-clan-vm-manager Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.clan-pytest-without-core Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.deltachat Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.matrix-synapse Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-clan-cli Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-clan-cli-docs Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-clan-ts-api Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-clan-vm-manager Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-docs Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.nixos-test_install_machine Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-gui-installer-apk Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-gui-installer-archlinux Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-gui-installer-deb Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-gui-installer-rpm Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-impure-checks Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.lib-jsonschema-nix-unit-tests Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-merge-after-ci Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-wayland-proxy-virtwl Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-webview-ui Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-zerotier-members Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.clan-pytest-with-core Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-zerotierone Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-moonlight-sunshine-accept Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-pending-reviews Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-tea-create-pr Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.nixos-flash-installer Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.nixos-iso-installer Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-iso-installer Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.wayland-proxy-virtwl Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.syncthing Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-editor Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-deploy-docs Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-function-schema Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-zt-tcp-relay Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.secrets Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.package-module-schema Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.zt-tcp-relay Build done.
Details
buildbot/nix-build .#checks.x86_64-linux.test-backups Build done.
Details
checks / checks-impure (pull_request) Successful in 2m23s
Details
buildbot/nix-build .#checks.x86_64-linux.test-installation Build done.
Details
buildbot/nix-eval Build done.
Details

Browse Source 
They get shadowed by subargparser options.
This commit is contained in:
Jörg Thalheim 2024-05-29 10:10:10 +02:00
parent 5dcac604d1
commit f0f97baa65
14 changed files with 185 additions and 162 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
checks/backups/flake-module.nix
View File

@ -145,14 +145,14 @@
machine.succeed("echo testing > /var/test-backups/somefile") machine.succeed("echo testing > /var/test-backups/somefile")
# create # create
machine.succeed("clan --debug --flake ${self} backups create test-backup") machine.succeed("clan backups create --debug --flake ${self} test-backup")
machine.wait_until_succeeds("! systemctl is-active borgbackup-job-test-backup >&2") machine.wait_until_succeeds("! systemctl is-active borgbackup-job-test-backup >&2")
machine.succeed("test -f /run/mount-external-disk") machine.succeed("test -f /run/mount-external-disk")
machine.succeed("test -f /run/unmount-external-disk") machine.succeed("test -f /run/unmount-external-disk")
# list # list
backup_id = json.loads(machine.succeed("borg-job-test-backup list --json"))["archives"][0]["archive"] backup_id = json.loads(machine.succeed("borg-job-test-backup list --json"))["archives"][0]["archive"]
out = machine.succeed("clan --debug --flake ${self} backups list test-backup").strip() out = machine.succeed("clan backups list --debug --flake ${self} test-backup").strip()
print(out) print(out)
assert backup_id in out, f"backup {backup_id} not found in {out}" assert backup_id in out, f"backup {backup_id} not found in {out}"
localbackup_id = "hdd::/mnt/external-disk/snapshot.0" localbackup_id = "hdd::/mnt/external-disk/snapshot.0"
@ -160,14 +160,14 @@
## borgbackup restore ## borgbackup restore
machine.succeed("rm -f /var/test-backups/somefile") machine.succeed("rm -f /var/test-backups/somefile")
machine.succeed(f"clan --debug --flake ${self} backups restore test-backup borgbackup 'test-backup::borg@machine:.::{backup_id}' >&2") machine.succeed(f"clan backups restore --debug --flake ${self} test-backup borgbackup 'test-backup::borg@machine:.::{backup_id}' >&2")
assert machine.succeed("cat /var/test-backups/somefile").strip() == "testing", "restore failed" assert machine.succeed("cat /var/test-backups/somefile").strip() == "testing", "restore failed"
machine.succeed("test -f /var/test-service/pre-restore-command") machine.succeed("test -f /var/test-service/pre-restore-command")
machine.succeed("test -f /var/test-service/post-restore-command") machine.succeed("test -f /var/test-service/post-restore-command")
## localbackup restore ## localbackup restore
machine.succeed("rm -f /var/test-backups/somefile /var/test-service/{pre,post}-restore-command") machine.succeed("rm -f /var/test-backups/somefile /var/test-service/{pre,post}-restore-command")
machine.succeed(f"clan --debug --flake ${self} backups restore test-backup localbackup '{localbackup_id}' >&2") machine.succeed(f"clan backups restore --debug --flake ${self} test-backup localbackup '{localbackup_id}' >&2")
assert machine.succeed("cat /var/test-backups/somefile").strip() == "testing", "restore failed" assert machine.succeed("cat /var/test-backups/somefile").strip() == "testing", "restore failed"
machine.succeed("test -f /var/test-service/pre-restore-command") machine.succeed("test -f /var/test-service/pre-restore-command")
machine.succeed("test -f /var/test-service/post-restore-command") machine.succeed("test -f /var/test-service/post-restore-command")

79
checks/flash/flake-module.nix
View File

@ -1,33 +1,58 @@
{ ... }: { self, ... }:
{ {
perSystem = perSystem =
{ ... }:
{ {
# checks = pkgs.lib.mkIf (pkgs.stdenv.isLinux) { nodes,
# flash = (import ../lib/test-base.nix) { pkgs,
# name = "flash"; lib,
# nodes.target = { ...
# virtualisation.emptyDiskImages = [ 4096 ]; }:
# virtualisation.memorySize = 3000; let
# environment.systemPackages = [ self.packages.${pkgs.system}.clan-cli ]; dependencies = [
# environment.etc."install-closure".source = "${closureInfo}/store-paths"; self
pkgs.stdenv.drvPath
pkgs.jq
pkgs.disko
pkgs.stdenvNoCC.drvPath
pkgs.openssl
pkgs.curl
self.clanInternals.machines.${pkgs.hostPlatform.system}.test_install_machine.config.system.build.toplevel
self.clanInternals.machines.${pkgs.hostPlatform.system}.test_install_machine.config.system.build.diskoScript
self.clanInternals.machines.${pkgs.hostPlatform.system}.test_install_machine.config.system.clan.deployment.file
self.clanInternals.machines.${pkgs.hostPlatform.system}.test_install_machine.pkgs.disko
] ++ builtins.map (i: i.outPath) (builtins.attrValues self.inputs);
closureInfo = pkgs.closureInfo { rootPaths = dependencies; };
in
{
# Currently disabled...
checks = pkgs.lib.mkIf (false && pkgs.stdenv.isLinux) {
flash = (import ../lib/test-base.nix) {
name = "flash";
nodes.target = {
virtualisation.emptyDiskImages = [ 4096 ];
virtualisation.memorySize = 3000;
environment.systemPackages = [ self.packages.${pkgs.system}.clan-cli ];
environment.etc."install-closure".source = "${closureInfo}/store-paths";
# nix.settings = { nix.settings = {
# substituters = lib.mkForce [ ]; substituters = lib.mkForce [ ];
# hashed-mirrors = null; hashed-mirrors = null;
# connect-timeout = lib.mkForce 3; connect-timeout = lib.mkForce 3;
# flake-registry = pkgs.writeText "flake-registry" ''{"flakes":[],"version":2}''; flake-registry = pkgs.writeText "flake-registry" ''{"flakes":[],"version":2}'';
# experimental-features = [ experimental-features = [
# "nix-command" "nix-command"
# "flakes" "flakes"
# ]; ];
# }; };
# }; };
# testScript = '' testScript = ''
# start_all() start_all()
# machine.succeed("clan --debug --flake ${../..} flash --yes --disk main /dev/vdb test_install_machine") machine.succeed("nix-store --verify-path ${
# ''; self.clanInternals.machines.${pkgs.hostPlatform.system}.test_install_machine.config.system.build.diskoScript
# } { inherit pkgs self; }; }")
# }; machine.execute("timeout 30 clan flash --debug --flake ${../..} --yes --disk main /dev/vdb test_install_machine")
'';
} { inherit pkgs self; };
};
}; };
} }

6
checks/installation/flake-module.nix
View File

@ -2,8 +2,8 @@
{ {
clan.machines.test_install_machine = { clan.machines.test_install_machine = {
clan.networking.targetHost = "test_install_machine"; clan.networking.targetHost = "test_install_machine";
fileSystems."/".device = lib.mkDefault "/dev/null"; fileSystems."/".device = lib.mkDefault "/dev/vdb";
boot.loader.grub.device = lib.mkDefault "/dev/null"; boot.loader.grub.device = lib.mkDefault "/dev/vdb";
imports = [ self.nixosModules.test_install_machine ]; imports = [ self.nixosModules.test_install_machine ];
}; };
@ -98,7 +98,7 @@
client.succeed("${pkgs.coreutils}/bin/install -Dm 600 ${../lib/ssh/privkey} /root/.ssh/id_ed25519") client.succeed("${pkgs.coreutils}/bin/install -Dm 600 ${../lib/ssh/privkey} /root/.ssh/id_ed25519")
client.wait_until_succeeds("ssh -o StrictHostKeyChecking=accept-new -v root@target hostname") client.wait_until_succeeds("ssh -o StrictHostKeyChecking=accept-new -v root@target hostname")
client.succeed("clan --debug --flake ${../..} machines install --yes test_install_machine root@target >&2") client.succeed("clan machines install --debug --flake ${../..} --yes test_install_machine root@target >&2")
try: try:
target.shutdown() target.shutdown()
except BrokenPipeError: except BrokenPipeError:

2
docs/site/getting-started/installer.md
View File

@ -46,7 +46,7 @@ sudo umount /dev/sdb1
It also includes the language and keymap currently used into the installer image. It also includes the language and keymap currently used into the installer image.
```bash ```bash
clan --flake git+https://git.clan.lol/clan/clan-core flash flash-installer --disk main /dev/sd<X> clan flash --flake git+https://git.clan.lol/clan/clan-core flash-installer --disk main /dev/sd<X>
``` ```
!!! Danger "Specifying the wrong device can lead to unrecoverable data loss." !!! Danger "Specifying the wrong device can lead to unrecoverable data loss."

2
pkgs/clan-cli/clan_cli/__init__.py
View File

@ -107,8 +107,6 @@ For more detailed information, visit: https://docs.clan.lol
), ),
formatter_class=argparse.RawTextHelpFormatter, formatter_class=argparse.RawTextHelpFormatter,
) )
add_common_flags(parser)
subparsers = parser.add_subparsers() subparsers = parser.add_subparsers()
parser_backups = subparsers.add_parser( parser_backups = subparsers.add_parser(

4
pkgs/clan-cli/tests/test_backups.py
View File

@ -11,10 +11,10 @@ def test_backups(
cli.run( cli.run(
[ [
"--flake",
str(test_flake_with_core.path),
"backups", "backups",
"list", "list",
"--flake",
str(test_flake_with_core.path),
"vm1", "vm1",
] ]
) )

6
pkgs/clan-cli/tests/test_config.py
View File

@ -39,9 +39,9 @@ def test_set_some_option(
cli = Cli() cli = Cli()
cli.run( cli.run(
[ [
"config",
"--flake", "--flake",
str(test_flake.path), str(test_flake.path),
"config",
"--quiet", "--quiet",
"--options-file", "--options-file",
example_options, example_options,
@ -64,9 +64,9 @@ def test_configure_machine(
cli.run( cli.run(
[ [
"config",
"--flake", "--flake",
str(test_flake.path), str(test_flake.path),
"config",
"-m", "-m",
"machine1", "machine1",
"clan.jitsi.enable", "clan.jitsi.enable",
@ -78,9 +78,9 @@ def test_configure_machine(
# read a option value # read a option value
cli.run( cli.run(
[ [
"config",
"--flake", "--flake",
str(test_flake.path), str(test_flake.path),
"config",
"-m", "-m",
"machine1", "machine1",
"clan.jitsi.enable", "clan.jitsi.enable",

4
pkgs/clan-cli/tests/test_flakes_cli.py
View File

@ -15,10 +15,10 @@ def test_flakes_inspect(
cli = Cli() cli = Cli()
cli.run( cli.run(
[ [
"--flake",
str(test_flake_with_core.path),
"flakes", "flakes",
"inspect", "inspect",
"--flake",
str(test_flake_with_core.path),
"--machine", "--machine",
"vm1", "vm1",
] ]

28
pkgs/clan-cli/tests/test_import_sops_cli.py
View File

@ -21,55 +21,55 @@ def test_import_sops(
monkeypatch.setenv("SOPS_AGE_KEY", age_keys[1].privkey) monkeypatch.setenv("SOPS_AGE_KEY", age_keys[1].privkey)
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"machines", "machines",
"add", "add",
"--flake",
str(test_flake.path),
"machine1", "machine1",
age_keys[0].pubkey, age_keys[0].pubkey,
] ]
) )
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"users", "users",
"add", "add",
"--flake",
str(test_flake.path),
"user1", "user1",
age_keys[1].pubkey, age_keys[1].pubkey,
] ]
) )
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"users", "users",
"add", "add",
"--flake",
str(test_flake.path),
"user2", "user2",
age_keys[2].pubkey, age_keys[2].pubkey,
] ]
) )
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"groups", "groups",
"add-user", "add-user",
"--flake",
str(test_flake.path),
"group1", "group1",
"user1", "user1",
] ]
) )
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"groups", "groups",
"add-user", "add-user",
"--flake",
str(test_flake.path),
"group1", "group1",
"user2", "user2",
] ]
@ -78,10 +78,10 @@ def test_import_sops(
# To edit: # To edit:
# SOPS_AGE_KEY=AGE-SECRET-KEY-1U5ENXZQAY62NC78Y2WC0SEGRRMAEEKH79EYY5TH4GPFWJKEAY0USZ6X7YQ sops --age age14tva0txcrl0zes05x7gkx56qd6wd9q3nwecjac74xxzz4l47r44sv3fz62 ./data/secrets.yaml # SOPS_AGE_KEY=AGE-SECRET-KEY-1U5ENXZQAY62NC78Y2WC0SEGRRMAEEKH79EYY5TH4GPFWJKEAY0USZ6X7YQ sops --age age14tva0txcrl0zes05x7gkx56qd6wd9q3nwecjac74xxzz4l47r44sv3fz62 ./data/secrets.yaml
cmd = [ cmd = [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"import-sops", "import-sops",
"--flake",
str(test_flake.path),
"--group", "--group",
"group1", "group1",
"--machine", "--machine",
@ -91,10 +91,10 @@ def test_import_sops(
cli.run(cmd) cli.run(cmd)
capsys.readouterr() capsys.readouterr()
cli.run(["--flake", str(test_flake.path), "secrets", "users", "list"]) cli.run(["secrets", "users", "list", "--flake", str(test_flake.path)])
users = sorted(capsys.readouterr().out.rstrip().split()) users = sorted(capsys.readouterr().out.rstrip().split())
assert users == ["user1", "user2"] assert users == ["user1", "user2"]
capsys.readouterr() capsys.readouterr()
cli.run(["--flake", str(test_flake.path), "secrets", "get", "secret-key"]) cli.run(["secrets", "get", "--flake", str(test_flake.path), "secret-key"])
assert capsys.readouterr().out == "secret-value" assert capsys.readouterr().out == "secret-value"

8
pkgs/clan-cli/tests/test_machines_cli.py
View File

@ -9,11 +9,11 @@ def test_machine_subcommands(
) -> None: ) -> None:
cli = Cli() cli = Cli()
cli.run( cli.run(
["--flake", str(test_flake_with_core.path), "machines", "create", "machine1"] ["machines", "create", "--flake", str(test_flake_with_core.path), "machine1"]
) )
capsys.readouterr() capsys.readouterr()
cli.run(["--flake", str(test_flake_with_core.path), "machines", "list"]) cli.run(["machines", "list", "--flake", str(test_flake_with_core.path)])
out = capsys.readouterr() out = capsys.readouterr()
@ -22,11 +22,11 @@ def test_machine_subcommands(
assert "vm2" in out.out assert "vm2" in out.out
cli.run( cli.run(
["--flake", str(test_flake_with_core.path), "machines", "delete", "machine1"] ["machines", "delete", "--flake", str(test_flake_with_core.path), "machine1"]
) )
capsys.readouterr() capsys.readouterr()
cli.run(["--flake", str(test_flake_with_core.path), "machines", "list"]) cli.run(["machines", "list", "--flake", str(test_flake_with_core.path)])
out = capsys.readouterr() out = capsys.readouterr()
assert "machine1" not in out.out assert "machine1" not in out.out

174
pkgs/clan-cli/tests/test_secrets_cli.py
View File

@ -27,11 +27,11 @@ def _test_identities(
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
what, what,
"add", "add",
"--flake",
str(test_flake.path),
"foo", "foo",
age_keys[0].pubkey, age_keys[0].pubkey,
] ]
@ -41,11 +41,11 @@ def _test_identities(
with pytest.raises(ClanError): # raises "foo already exists" with pytest.raises(ClanError): # raises "foo already exists"
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
what, what,
"add", "add",
"--flake",
str(test_flake.path),
"foo", "foo",
age_keys[0].pubkey, age_keys[0].pubkey,
] ]
@ -54,11 +54,11 @@ def _test_identities(
# rotate the key # rotate the key
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
what, what,
"add", "add",
"--flake",
str(test_flake.path),
"-f", "-f",
"foo", "foo",
age_keys[1].privkey, age_keys[1].privkey,
@ -68,11 +68,11 @@ def _test_identities(
capsys.readouterr() # empty the buffer capsys.readouterr() # empty the buffer
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
what, what,
"get", "get",
"--flake",
str(test_flake.path),
"foo", "foo",
] ]
) )
@ -80,18 +80,18 @@ def _test_identities(
assert age_keys[1].pubkey in out.out assert age_keys[1].pubkey in out.out
capsys.readouterr() # empty the buffer capsys.readouterr() # empty the buffer
cli.run(["--flake", str(test_flake.path), "secrets", what, "list"]) cli.run(["secrets", what, "list", "--flake", str(test_flake.path)])
out = capsys.readouterr() # empty the buffer out = capsys.readouterr() # empty the buffer
assert "foo" in out.out assert "foo" in out.out
cli.run(["--flake", str(test_flake.path), "secrets", what, "remove", "foo"]) cli.run(["secrets", what, "remove", "--flake", str(test_flake.path), "foo"])
assert not (sops_folder / what / "foo" / "key.json").exists() assert not (sops_folder / what / "foo" / "key.json").exists()
with pytest.raises(ClanError): # already removed with pytest.raises(ClanError): # already removed
cli.run(["--flake", str(test_flake.path), "secrets", what, "remove", "foo"]) cli.run(["secrets", what, "remove", "--flake", str(test_flake.path), "foo"])
capsys.readouterr() capsys.readouterr()
cli.run(["--flake", str(test_flake.path), "secrets", what, "list"]) cli.run(["secrets", what, "list", "--flake", str(test_flake.path)])
out = capsys.readouterr() out = capsys.readouterr()
assert "foo" not in out.out assert "foo" not in out.out
@ -113,17 +113,17 @@ def test_groups(
) -> None: ) -> None:
cli = Cli() cli = Cli()
capsys.readouterr() # empty the buffer capsys.readouterr() # empty the buffer
cli.run(["--flake", str(test_flake.path), "secrets", "groups", "list"]) cli.run(["secrets", "groups", "list", "--flake", str(test_flake.path)])
assert capsys.readouterr().out == "" assert capsys.readouterr().out == ""
with pytest.raises(ClanError): # machine does not exist yet with pytest.raises(ClanError): # machine does not exist yet
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"groups", "groups",
"add-machine", "add-machine",
"--flake",
str(test_flake.path),
"group1", "group1",
"machine1", "machine1",
] ]
@ -131,33 +131,33 @@ def test_groups(
with pytest.raises(ClanError): # user does not exist yet with pytest.raises(ClanError): # user does not exist yet
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"groups", "groups",
"add-user", "add-user",
"--flake",
str(test_flake.path),
"groupb1", "groupb1",
"user1", "user1",
] ]
) )
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"machines", "machines",
"add", "add",
"--flake",
str(test_flake.path),
"machine1", "machine1",
age_keys[0].pubkey, age_keys[0].pubkey,
] ]
) )
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"groups", "groups",
"add-machine", "add-machine",
"--flake",
str(test_flake.path),
"group1", "group1",
"machine1", "machine1",
] ]
@ -166,11 +166,11 @@ def test_groups(
# Should this fail? # Should this fail?
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"groups", "groups",
"add-machine", "add-machine",
"--flake",
str(test_flake.path),
"group1", "group1",
"machine1", "machine1",
] ]
@ -178,51 +178,51 @@ def test_groups(
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"users", "users",
"add", "add",
"--flake",
str(test_flake.path),
"user1", "user1",
age_keys[0].pubkey, age_keys[0].pubkey,
] ]
) )
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"groups", "groups",
"add-user", "add-user",
"--flake",
str(test_flake.path),
"group1", "group1",
"user1", "user1",
] ]
) )
capsys.readouterr() # empty the buffer capsys.readouterr() # empty the buffer
cli.run(["--flake", str(test_flake.path), "secrets", "groups", "list"]) cli.run(["secrets", "groups", "list", "--flake", str(test_flake.path)])
out = capsys.readouterr().out out = capsys.readouterr().out
assert "user1" in out assert "user1" in out
assert "machine1" in out assert "machine1" in out
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"groups", "groups",
"remove-user", "remove-user",
"--flake",
str(test_flake.path),
"group1", "group1",
"user1", "user1",
] ]
) )
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"groups", "groups",
"remove-machine", "remove-machine",
"--flake",
str(test_flake.path),
"group1", "group1",
"machine1", "machine1",
] ]
@ -251,90 +251,90 @@ def test_secrets(
) -> None: ) -> None:
cli = Cli() cli = Cli()
capsys.readouterr() # empty the buffer capsys.readouterr() # empty the buffer
cli.run(["--flake", str(test_flake.path), "secrets", "list"]) cli.run(["secrets", "list", "--flake", str(test_flake.path)])
assert capsys.readouterr().out == "" assert capsys.readouterr().out == ""
monkeypatch.setenv("SOPS_NIX_SECRET", "foo") monkeypatch.setenv("SOPS_NIX_SECRET", "foo")
monkeypatch.setenv("SOPS_AGE_KEY_FILE", str(test_flake.path / ".." / "age.key")) monkeypatch.setenv("SOPS_AGE_KEY_FILE", str(test_flake.path / ".." / "age.key"))
cli.run(["--flake", str(test_flake.path), "secrets", "key", "generate"]) cli.run(["secrets", "key", "generate", "--flake", str(test_flake.path)])
capsys.readouterr() # empty the buffer capsys.readouterr() # empty the buffer
cli.run(["--flake", str(test_flake.path), "secrets", "key", "show"]) cli.run(["secrets", "key", "show", "--flake", str(test_flake.path)])
key = capsys.readouterr().out key = capsys.readouterr().out
assert key.startswith("age1") assert key.startswith("age1")
cli.run( cli.run(
["--flake", str(test_flake.path), "secrets", "users", "add", "testuser", key] ["secrets", "users", "add", "--flake", str(test_flake.path), "testuser", key]
) )
with pytest.raises(ClanError): # does not exist yet with pytest.raises(ClanError): # does not exist yet
cli.run(["--flake", str(test_flake.path), "secrets", "get", "nonexisting"]) cli.run(["secrets", "get", "--flake", str(test_flake.path), "nonexisting"])
cli.run(["--flake", str(test_flake.path), "secrets", "set", "initialkey"]) cli.run(["secrets", "set", "--flake", str(test_flake.path), "initialkey"])
capsys.readouterr() capsys.readouterr()
cli.run(["--flake", str(test_flake.path), "secrets", "get", "initialkey"]) cli.run(["secrets", "get", "--flake", str(test_flake.path), "initialkey"])
assert capsys.readouterr().out == "foo" assert capsys.readouterr().out == "foo"
capsys.readouterr() capsys.readouterr()
cli.run(["--flake", str(test_flake.path), "secrets", "users", "list"]) cli.run(["secrets", "users", "list", "--flake", str(test_flake.path)])
users = capsys.readouterr().out.rstrip().split("\n") users = capsys.readouterr().out.rstrip().split("\n")
assert len(users) == 1, f"users: {users}" assert len(users) == 1, f"users: {users}"
owner = users[0] owner = users[0]
monkeypatch.setenv("EDITOR", "cat") monkeypatch.setenv("EDITOR", "cat")
cli.run(["--flake", str(test_flake.path), "secrets", "set", "--edit", "initialkey"]) cli.run(["secrets", "set", "--edit", "--flake", str(test_flake.path), "initialkey"])
monkeypatch.delenv("EDITOR") monkeypatch.delenv("EDITOR")
cli.run(["--flake", str(test_flake.path), "secrets", "rename", "initialkey", "key"]) cli.run(["secrets", "rename", "--flake", str(test_flake.path), "initialkey", "key"])
capsys.readouterr() # empty the buffer capsys.readouterr() # empty the buffer
cli.run(["--flake", str(test_flake.path), "secrets", "list"]) cli.run(["secrets", "list", "--flake", str(test_flake.path)])
assert capsys.readouterr().out == "key\n" assert capsys.readouterr().out == "key\n"
capsys.readouterr() # empty the buffer capsys.readouterr() # empty the buffer
cli.run(["--flake", str(test_flake.path), "secrets", "list", "nonexisting"]) cli.run(["secrets", "list", "--flake", str(test_flake.path), "nonexisting"])
assert capsys.readouterr().out == "" assert capsys.readouterr().out == ""
capsys.readouterr() # empty the buffer capsys.readouterr() # empty the buffer
cli.run(["--flake", str(test_flake.path), "secrets", "list", "key"]) cli.run(["secrets", "list", "--flake", str(test_flake.path), "key"])
assert capsys.readouterr().out == "key\n" assert capsys.readouterr().out == "key\n"
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"machines", "machines",
"add", "add",
"--flake",
str(test_flake.path),
"machine1", "machine1",
age_keys[1].pubkey, age_keys[1].pubkey,
] ]
) )
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"machines", "machines",
"add-secret", "add-secret",
"--flake",
str(test_flake.path),
"machine1", "machine1",
"key", "key",
] ]
) )
capsys.readouterr() capsys.readouterr()
cli.run(["--flake", str(test_flake.path), "secrets", "machines", "list"]) cli.run(["secrets", "machines", "list", "--flake", str(test_flake.path)])
assert capsys.readouterr().out == "machine1\n" assert capsys.readouterr().out == "machine1\n"
with use_key(age_keys[1].privkey, monkeypatch): with use_key(age_keys[1].privkey, monkeypatch):
capsys.readouterr() capsys.readouterr()
cli.run(["--flake", str(test_flake.path), "secrets", "get", "key"]) cli.run(["secrets", "get", "--flake", str(test_flake.path), "key"])
assert capsys.readouterr().out == "foo" assert capsys.readouterr().out == "foo"
# rotate machines key # rotate machines key
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"machines", "machines",
"add", "add",
"--flake",
str(test_flake.path),
"-f", "-f",
"machine1", "machine1",
age_keys[0].privkey, age_keys[0].privkey,
@ -344,17 +344,17 @@ def test_secrets(
# should also rotate the encrypted secret # should also rotate the encrypted secret
with use_key(age_keys[0].privkey, monkeypatch): with use_key(age_keys[0].privkey, monkeypatch):
capsys.readouterr() capsys.readouterr()
cli.run(["--flake", str(test_flake.path), "secrets", "get", "key"]) cli.run(["secrets", "get", "--flake", str(test_flake.path), "key"])
assert capsys.readouterr().out == "foo" assert capsys.readouterr().out == "foo"
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"machines", "machines",
"remove-secret", "remove-secret",
"--flake",
str(test_flake.path),
"machine1", "machine1",
"key", "key",
] ]
@ -362,37 +362,37 @@ def test_secrets(
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"users", "users",
"add", "add",
"--flake",
str(test_flake.path),
"user1", "user1",
age_keys[1].pubkey, age_keys[1].pubkey,
] ]
) )
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"users", "users",
"add-secret", "add-secret",
"--flake",
str(test_flake.path),
"user1", "user1",
"key", "key",
] ]
) )
capsys.readouterr() capsys.readouterr()
with use_key(age_keys[1].privkey, monkeypatch): with use_key(age_keys[1].privkey, monkeypatch):
cli.run(["--flake", str(test_flake.path), "secrets", "get", "key"]) cli.run(["secrets", "get", "--flake", str(test_flake.path), "key"])
assert capsys.readouterr().out == "foo" assert capsys.readouterr().out == "foo"
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"users", "users",
"remove-secret", "remove-secret",
"--flake",
str(test_flake.path),
"user1", "user1",
"key", "key",
] ]
@ -401,44 +401,44 @@ def test_secrets(
with pytest.raises(ClanError): # does not exist yet with pytest.raises(ClanError): # does not exist yet
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"groups", "groups",
"add-secret", "add-secret",
"--flake",
str(test_flake.path),
"admin-group", "admin-group",
"key", "key",
] ]
) )
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"groups", "groups",
"add-user", "add-user",
"--flake",
str(test_flake.path),
"admin-group", "admin-group",
"user1", "user1",
] ]
) )
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"groups", "groups",
"add-user", "add-user",
"--flake",
str(test_flake.path),
"admin-group", "admin-group",
owner, owner,
] ]
) )
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"groups", "groups",
"add-secret", "add-secret",
"--flake",
str(test_flake.path),
"admin-group", "admin-group",
"key", "key",
] ]
@ -447,10 +447,10 @@ def test_secrets(
capsys.readouterr() # empty the buffer capsys.readouterr() # empty the buffer
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"set", "set",
"--flake",
str(test_flake.path),
"--group", "--group",
"admin-group", "admin-group",
"key2", "key2",
@ -459,28 +459,28 @@ def test_secrets(
with use_key(age_keys[1].privkey, monkeypatch): with use_key(age_keys[1].privkey, monkeypatch):
capsys.readouterr() capsys.readouterr()
cli.run(["--flake", str(test_flake.path), "secrets", "get", "key"]) cli.run(["secrets", "get", "--flake", str(test_flake.path), "key"])
assert capsys.readouterr().out == "foo" assert capsys.readouterr().out == "foo"
# extend group will update secrets # extend group will update secrets
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"users", "users",
"add", "add",
"--flake",
str(test_flake.path),
"user2", "user2",
age_keys[2].pubkey, age_keys[2].pubkey,
] ]
) )
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"groups", "groups",
"add-user", "add-user",
"--flake",
str(test_flake.path),
"admin-group", "admin-group",
"user2", "user2",
] ]
@ -488,16 +488,16 @@ def test_secrets(
with use_key(age_keys[2].privkey, monkeypatch): # user2 with use_key(age_keys[2].privkey, monkeypatch): # user2
capsys.readouterr() capsys.readouterr()
cli.run(["--flake", str(test_flake.path), "secrets", "get", "key"]) cli.run(["secrets", "get", "--flake", str(test_flake.path), "key"])
assert capsys.readouterr().out == "foo" assert capsys.readouterr().out == "foo"
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"groups", "groups",
"remove-user", "remove-user",
"--flake",
str(test_flake.path),
"admin-group", "admin-group",
"user2", "user2",
] ]
@ -505,24 +505,24 @@ def test_secrets(
with pytest.raises(ClanError), use_key(age_keys[2].privkey, monkeypatch): with pytest.raises(ClanError), use_key(age_keys[2].privkey, monkeypatch):
# user2 is not in the group anymore # user2 is not in the group anymore
capsys.readouterr() capsys.readouterr()
cli.run(["--flake", str(test_flake.path), "secrets", "get", "key"]) cli.run(["secrets", "get", "--flake", str(test_flake.path), "key"])
print(capsys.readouterr().out) print(capsys.readouterr().out)
cli.run( cli.run(
[ [
"--flake",
str(test_flake.path),
"secrets", "secrets",
"groups", "groups",
"remove-secret", "remove-secret",
"--flake",
str(test_flake.path),
"admin-group", "admin-group",
"key", "key",
] ]
) )
cli.run(["--flake", str(test_flake.path), "secrets", "remove", "key"]) cli.run(["secrets", "remove", "--flake", str(test_flake.path), "key"])
cli.run(["--flake", str(test_flake.path), "secrets", "remove", "key2"]) cli.run(["secrets", "remove", "--flake", str(test_flake.path), "key2"])
capsys.readouterr() # empty the buffer capsys.readouterr() # empty the buffer
cli.run(["--flake", str(test_flake.path), "secrets", "list"]) cli.run(["secrets", "list", "--flake", str(test_flake.path)])
assert capsys.readouterr().out == "" assert capsys.readouterr().out == ""

12
pkgs/clan-cli/tests/test_secrets_generate.py
View File

@ -24,27 +24,27 @@ def test_generate_secret(
cli = Cli() cli = Cli()
cli.run( cli.run(
[ [
"--flake",
str(test_flake_with_core.path),
"secrets", "secrets",
"users", "users",
"add", "add",
"--flake",
str(test_flake_with_core.path),
"user1", "user1",
age_keys[0].pubkey, age_keys[0].pubkey,
] ]
) )
cli.run( cli.run(
[ [
"--flake",
str(test_flake_with_core.path),
"secrets", "secrets",
"groups", "groups",
"add-user", "add-user",
"--flake",
str(test_flake_with_core.path),
"admins", "admins",
"user1", "user1",
] ]
) )
cmd = ["--flake", str(test_flake_with_core.path), "facts", "generate", "vm1"] cmd = ["facts", "generate", "--flake", str(test_flake_with_core.path), "vm1"]
cli.run(cmd) cli.run(cmd)
has_secret(test_flake_with_core.path, "vm1-age.key") has_secret(test_flake_with_core.path, "vm1-age.key")
has_secret(test_flake_with_core.path, "vm1-zerotier-identity-secret") has_secret(test_flake_with_core.path, "vm1-zerotier-identity-secret")
@ -60,7 +60,7 @@ def test_generate_secret(
secret1_mtime = identity_secret.lstat().st_mtime_ns secret1_mtime = identity_secret.lstat().st_mtime_ns
# test idempotency for vm1 and also generate for vm2 # test idempotency for vm1 and also generate for vm2
cli.run(["facts", "generate"]) cli.run(["facts", "generate", "--flake", str(test_flake_with_core.path)])
assert age_key.lstat().st_mtime_ns == age_key_mtime assert age_key.lstat().st_mtime_ns == age_key_mtime
assert identity_secret.lstat().st_mtime_ns == secret1_mtime assert identity_secret.lstat().st_mtime_ns == secret1_mtime

12
pkgs/clan-cli/tests/test_secrets_upload.py
View File

@ -23,11 +23,11 @@ def test_secrets_upload(
cli = Cli() cli = Cli()
cli.run( cli.run(
[ [
"--flake",
str(test_flake_with_core.path),
"secrets", "secrets",
"users", "users",
"add", "add",
"--flake",
str(test_flake_with_core.path),
"user1", "user1",
age_keys[0].pubkey, age_keys[0].pubkey,
] ]
@ -35,18 +35,18 @@ def test_secrets_upload(
cli.run( cli.run(
[ [
"--flake",
str(test_flake_with_core.path),
"secrets", "secrets",
"machines", "machines",
"add", "add",
"--flake",
str(test_flake_with_core.path),
"vm1", "vm1",
age_keys[1].pubkey, age_keys[1].pubkey,
] ]
) )
monkeypatch.setenv("SOPS_NIX_SECRET", age_keys[0].privkey) monkeypatch.setenv("SOPS_NIX_SECRET", age_keys[0].privkey)
cli.run( cli.run(
["--flake", str(test_flake_with_core.path), "secrets", "set", "vm1-age.key"] ["secrets", "set", "--flake", str(test_flake_with_core.path), "vm1-age.key"]
) )
flake = test_flake_with_core.path.joinpath("flake.nix") flake = test_flake_with_core.path.joinpath("flake.nix")
@ -55,7 +55,7 @@ def test_secrets_upload(
new_text = flake.read_text().replace("__CLAN_TARGET_ADDRESS__", addr) new_text = flake.read_text().replace("__CLAN_TARGET_ADDRESS__", addr)
flake.write_text(new_text) flake.write_text(new_text)
cli.run(["--flake", str(test_flake_with_core.path), "facts", "upload", "vm1"]) cli.run(["facts", "upload", "--flake", str(test_flake_with_core.path), "vm1"])
# the flake defines this path as the location where the sops key should be installed # the flake defines this path as the location where the sops key should be installed
sops_key = test_flake_with_core.path.joinpath("key.txt") sops_key = test_flake_with_core.path.joinpath("key.txt")

2
pkgs/clan-cli/tests/test_vms_cli.py
View File

@ -86,7 +86,7 @@ def test_inspect(
test_flake_with_core: FlakeForTest, capsys: pytest.CaptureFixture test_flake_with_core: FlakeForTest, capsys: pytest.CaptureFixture
) -> None: ) -> None:
cli = Cli() cli = Cli()
cli.run(["--flake", str(test_flake_with_core.path), "vms", "inspect", "vm1"]) cli.run(["vms", "inspect", "--flake", str(test_flake_with_core.path), "vm1"])
out = capsys.readouterr() # empty the buffer out = capsys.readouterr() # empty the buffer
assert "Cores" in out.out assert "Cores" in out.out