feat(meta): Add more assertions
Some checks failed
Check meta / check_meta (push) Successful in 26s
Check meta / check_dns (push) Successful in 47s
build configuration / build_vault01 (push) Successful in 1m12s
build configuration / build_storage01 (push) Successful in 1m14s
build configuration / build_web02 (push) Successful in 53s
build configuration / build_compute01 (push) Successful in 1m19s
lint / check (push) Successful in 23s
build configuration / build_web01 (push) Successful in 1m36s
build configuration / build_rescue01 (push) Successful in 53s
build configuration / push_to_cache (push) Has been cancelled

This commit is contained in:
Tom Hubrecht 2024-05-14 23:47:20 +02:00
parent e49ab86364
commit a559d2e0c0

View file

@ -333,6 +333,8 @@ in
membersExists = nameExists members;
groupsExists = nameExists groups;
extract = name: builtins.mapAttrs (_: builtins.getAttr name);
in
{
assertions = builtins.concatLists [
@ -342,14 +344,35 @@ in
) org.groups)
# Check that all node admins exist
(membersExists (name: "A member of the ${name} admins was not found in the members list.") (
builtins.mapAttrs (_: builtins.getAttr "admins") config.nodes
(membersExists (name: "A member of the node ${name} admins was not found in the members list.") (
extract "admins" config.nodes
))
# Check that all node adminGroups exist
(groupsExists (name: "A member of the ${name} adminGroups was not found in the groups list.") (
builtins.mapAttrs (_: builtins.getAttr "adminGroups") config.nodes
(groupsExists (name: "A member of the node ${name} adminGroups was not found in the groups list.") (
extract "adminGroups" config.nodes
))
# Check that all services admins exist
(membersExists (name: "A member of the service ${name} admins was not found in the members list.") (
extract "admins" org.services
))
# Check that all services adminGroups exist
(groupsExists (
name: "A member of the service ${name} adminGroups was not found in the groups list."
) (extract "adminGroups" org.services))
# Check that all external services admins exist
(membersExists (
name: "A member of the external service ${name} admins was not found in the members list."
) org.external)
# Check that all members have a keyFile
(builtins.map (name: {
assertion = builtins.pathExists "${builtins.toString ../keys}/${name}.keys";
message = "No ssh keys file found for ${name}.";
}) members)
];
};
}