chore: Split main logic into functions

gabe565 · Dec 18, 2023 · ef2c955 · ef2c955
1 parent 2dcf6f1
commit ef2c955
Show file tree

Hide file tree

Showing 2 changed files with 47 additions and 33 deletions.
diff --git a/check_decrypted_secret/__main__.py b/check_decrypted_secret/__main__.py
@@ -5,29 +5,38 @@
 from os.path import abspath
 from lib.paths import *
 
+env_mac_key = re.compile("^sops_mac=")
+
+
+def check_env(path):
+    with open(path) as file:
+        for line in file:
+            if env_mac_key.search(line):
+                return True
+    print(f"Env file decrypted: {abspath(path)}")
+    return False
+
+
+def check_secret(path):
+    with open(path) as file:
+        for doc in yaml.safe_load_all(file):
+            if "kind" not in doc or doc["kind"] != "Secret":
+                continue
+            if "stringData" not in doc and "data" not in doc:
+                continue
+            if "sops" not in doc:
+                print(f"Secret file decrypted: {abspath(path)}")
+                return False
+    return True
+
 
 def main():
-    failed = False
-    env_mac_key = re.compile("^sops_mac=")
+    success = True
     for path in argv_or_glob(glob_env):
-        with open(path) as file:
-            for line in file:
-                if env_mac_key.search(line):
-                    break
-            else:
-                print(f"Env file decrypted: {abspath(path)}")
-                failed = True
+        success = check_env(path) and success
     for path in argv_or_glob(glob_yaml):
-        with open(path) as file:
-            for doc in yaml.safe_load_all(file):
-                if "kind" not in doc or doc["kind"] != "Secret":
-                    continue
-                if "stringData" not in doc and "data" not in doc:
-                    continue
-                if "sops" not in doc:
-                    print(f"Secret file decrypted: {abspath(path)}")
-                    failed = True
-    if failed:
+        success = check_secret(path) and success
+    if not success:
         exit(1)
 
 

diff --git a/check_unpinned_chart_version/__main__.py b/check_unpinned_chart_version/__main__.py
@@ -5,22 +5,27 @@
 from lib.paths import *
 
 
+def check_helm_release(path):
+    with open(path) as file:
+        try:
+            for doc in yaml.safe_load_all(file):
+                if "kind" not in doc or doc["kind"] != "HelmRelease":
+                    continue
+                if "version" not in doc["spec"]["chart"]["spec"]:
+                    print(f"HelmRelease missing version: {abspath(path)}")
+                    return False
+        except Exception as err:
+            print(f"HelmRelease malformed: {abspath(path)}")
+            print(err)
+            return False
+    return True
+
+
 def main():
-    failed = False
+    success = True
     for path in argv_or_glob(glob_yaml):
-        with open(path) as file:
-            try:
-                for doc in yaml.safe_load_all(file):
-                    if "kind" not in doc or doc["kind"] != "HelmRelease":
-                        continue
-                    if "version" not in doc["spec"]["chart"]["spec"]:
-                        print(f"HelmRelease missing version: {abspath(path)}")
-                        failed = True
-            except Exception as err:
-                print(f"HelmRelease malformed: {abspath(path)}")
-                print(err)
-                failed = True
-    if failed:
+        success = check_helm_release(path) and success
+    if not success:
         exit(1)