feat: Early/sensitive configurations can now be globs

Fixes #61
VorpalBlade · Jul 31, 2024 · f0960d4 · f0960d4
1 parent b1dd225
commit f0960d4
Show file tree

Hide file tree

Showing 5 changed files with 29 additions and 16 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -32,6 +32,7 @@ flate2 = { version = "1.0.30", default-features = false, features = [
 ] }
 flume = { version = "0.11.0", default-features = false }
 glob = "0.3.1"
+globset = "0.4.14"
 ignore = "0.4.22"
 indoc = "2.0.5"
 itertools = "0.13.0"

diff --git a/crates/konfigkoll/src/main.rs b/crates/konfigkoll/src/main.rs
@@ -2,7 +2,6 @@ use std::io::BufWriter;
 use std::io::Write;
 use std::sync::Arc;
 
-use ahash::AHashSet;
 use anyhow::Context;
 use camino::Utf8Path;
 use camino::Utf8PathBuf;
@@ -360,16 +359,12 @@ fn cmd_save_changes(
     let prefix = script_engine.state().settings().save_prefix();
     konfigkoll_core::save::save_packages(&prefix, &mut output, pkg_additions.into_iter())?;
     let files_path = config_path.join("files");
-    let sensitive_configs: AHashSet<Utf8PathBuf> = script_engine
-        .state()
-        .settings()
-        .sensitive_configs()
-        .collect();
+    let sensitive_configs = script_engine.state().settings().sensitive_configs()?;
     konfigkoll_core::save::save_fs_changes(
         &prefix,
         &mut output,
         |path, contents| {
-            if sensitive_configs.contains(path) {
+            if sensitive_configs.is_match(path.as_str()) {
                 tracing::warn!(
                     "{} has changes, but it is marked sensitive, won't auto-save",
                     path
@@ -437,12 +432,11 @@ fn cmd_apply_changes(
     );
 
     // Split into early / late file changes based on settings
-    let early_configs: AHashSet<Utf8PathBuf> =
-        script_engine.state().settings().early_configs().collect();
+    let early_configs = script_engine.state().settings().early_configs()?;
     let mut early_fs_changes = vec![];
     let mut late_fs_changes = vec![];
     for change in fs_changes {
-        if early_configs.contains(&change.path) {
+        if early_configs.is_match(change.path.as_str()) {
             early_fs_changes.push(change);
         } else {
             late_fs_changes.push(change);

diff --git a/crates/konfigkoll_script/Cargo.toml b/crates/konfigkoll_script/Cargo.toml
@@ -23,6 +23,7 @@ anyhow.workspace = true
 camino.workspace = true
 compact_str.workspace = true
 glob.workspace = true
+globset.workspace = true
 itertools.workspace = true
 konfigkoll_hwinfo = { version = "0.1.1", path = "../konfigkoll_hwinfo", features = [
     "rune",

diff --git a/crates/konfigkoll_script/src/plugins/settings.rs b/crates/konfigkoll_script/src/plugins/settings.rs
@@ -5,6 +5,8 @@ use std::str::FromStr;
 use ahash::AHashSet;
 use anyhow::Context;
 use camino::Utf8PathBuf;
+use globset::Glob;
+use globset::GlobSet;
 use parking_lot::Mutex;
 use rune::ContextError;
 use rune::Module;
@@ -77,16 +79,26 @@ impl Settings {
         v.into_iter()
     }
 
-    pub fn early_configs(&self) -> impl Iterator<Item = Utf8PathBuf> {
+    pub fn early_configs(&self) -> anyhow::Result<GlobSet> {
         let guard = self.early_configs.lock();
-        let v: Vec<_> = guard.iter().cloned().collect();
-        v.into_iter()
+        let mut builder = GlobSet::builder();
+        for p in guard.iter() {
+            builder.add(Glob::new(p.as_str()).context(
+                "Failed to parse one or more early configuration path as a regular expressions",
+            )?);
+        }
+        Ok(builder.build()?)
     }
 
-    pub fn sensitive_configs(&self) -> impl Iterator<Item = Utf8PathBuf> {
+    pub fn sensitive_configs(&self) -> anyhow::Result<GlobSet> {
         let guard = self.sensitive_configs.lock();
-        let v: Vec<_> = guard.iter().cloned().collect();
-        v.into_iter()
+        let mut builder = GlobSet::builder();
+        for p in guard.iter() {
+            builder.add(Glob::new(p.as_str()).context(
+                "Failed to parse one or more sensitive configuration path as a regular expressions",
+            )?);
+        }
+        Ok(builder.build()?)
     }
 
     /// Get diff tool to use
@@ -171,6 +183,8 @@ impl Settings {
     ///
     /// By default, `/etc/passwd`, `/etc/group`, `/etc/shadow`, and
     /// `/etc/gshadow` are already added.
+    ///
+    /// The parameter is interpeted as a glob.
     #[rune::function]
     pub fn early_config(&self, path: &str) {
         let before = self.early_configs.lock().insert(path.into());
@@ -186,6 +200,8 @@ impl Settings {
     /// (those are sensitive by default) to prevent accidental leaks.
     ///
     /// You can add more such files with this function.
+    ///
+    /// The parameter is interpeted as a glob.
     #[rune::function]
     pub fn sensitive_config(&self, path: &str) {
         let before = self.sensitive_configs.lock().insert(path.into());