mirrors/sops-nix
mirrors/sops-nix
1
0
Fork 0
mirror of https://github.com/Mic92/sops-nix.git synced 2025-03-05 16:17:47 +00:00
Code Activity

Merge pull request #185 from Mic92/ci

Browse source 
also build ci for 22.05
This commit is contained in:
Jörg Thalheim 2022-05-25 08:08:37 +01:00 committed by GitHub
commit 4b0a82bc7e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 38 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
flake.lock generated
View file

@ -32,10 +32,27 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-22_05": {
"locked": {
"lastModified": 1653460991,
"narHash": "sha256-8MgFe84UUKw5k5MybirNH0S+oSluN2cRQGt+ZkW+dxQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "0c3bf3a5c3ab6be29138b88900c417660a284fbd",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-22.05",
"repo": "nixpkgs",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nixpkgs-21_11": "nixpkgs-21_11" "nixpkgs-21_11": "nixpkgs-21_11",
"nixpkgs-22_05": "nixpkgs-22_05"
} }
} }
}, },

18
flake.nix
View file

@ -2,12 +2,14 @@
description = "Integrates sops into nixos"; description = "Integrates sops into nixos";
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
inputs.nixpkgs-21_11.url = "github:NixOS/nixpkgs/release-21.11"; inputs.nixpkgs-21_11.url = "github:NixOS/nixpkgs/release-21.11";
inputs.nixpkgs-22_05.url = "github:NixOS/nixpkgs/release-22.05";
nixConfig.extra-substituters = ["https://cache.garnix.io"]; nixConfig.extra-substituters = ["https://cache.garnix.io"];
nixConfig.extra-trusted-public-keys = ["cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="]; nixConfig.extra-trusted-public-keys = ["cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="];
outputs = { outputs = {
self, self,
nixpkgs, nixpkgs,
nixpkgs-21_11 nixpkgs-21_11,
nixpkgs-22_05
}: let }: let
systems = [ systems = [
"x86_64-linux" "x86_64-linux"
@ -19,7 +21,9 @@
"armv7l-linux" "armv7l-linux"
]; ];
forAllSystems = f: nixpkgs.lib.genAttrs systems (system: f system); forAllSystems = f: nixpkgs.lib.genAttrs systems (system: f system);
suffix-21_11 = attrs: nixpkgs.lib.mapAttrs' (name: value: nixpkgs.lib.nameValuePair (name + "-21_11") value) attrs; suffix-version = version: attrs: nixpkgs.lib.mapAttrs' (name: value: nixpkgs.lib.nameValuePair (name + version) value) attrs;
suffix-22_05 = suffix-version "-22_05";
suffix-21_11 = suffix-version "-21_11";
in { in {
overlay = final: prev: let overlay = final: prev: let
localPkgs = import ./default.nix {pkgs = final;}; localPkgs = import ./default.nix {pkgs = final;};
@ -40,8 +44,16 @@
packages-21_11 = import ./default.nix { packages-21_11 = import ./default.nix {
pkgs = import nixpkgs-21_11 {inherit system;}; pkgs = import nixpkgs-21_11 {inherit system;};
}; };
packages-22_05 = import ./default.nix {
pkgs = import nixpkgs-22_05 {inherit system;};
};
tests-21_11 = packages-21_11.sops-install-secrets.tests; tests-21_11 = packages-21_11.sops-install-secrets.tests;
in tests // (suffix-21_11 tests-21_11) // (suffix-21_11 packages-21_11)); tests-22_05 = packages-22_05.sops-install-secrets.tests;
in tests //
(suffix-21_11 tests-21_11) //
(suffix-21_11 packages-21_11) //
(suffix-22_05 tests-22_05) //
(suffix-22_05 packages-22_05));
defaultPackage = forAllSystems (system: self.packages.${system}.sops-init-gpg-key); defaultPackage = forAllSystems (system: self.packages.${system}.sops-init-gpg-key);
devShell = forAllSystems ( devShell = forAllSystems (

10
pkgs/sops-install-secrets/nixos-test.nix
View file

@ -25,7 +25,7 @@
user-passwords = makeTest { user-passwords = makeTest {
name = "sops-user-passwords"; name = "sops-user-passwords";
machine = { config, ... }: { nodes.machine = { config, ... }: {
imports = [ ../../modules/sops ]; imports = [ ../../modules/sops ];
sops = { sops = {
age.keyFile = ./test-assets/age-keys.txt; age.keyFile = ./test-assets/age-keys.txt;
@ -58,7 +58,7 @@
pruning = makeTest { pruning = makeTest {
name = "sops-pruning"; name = "sops-pruning";
machine = { lib, ... }: { nodes.machine = { lib, ... }: {
imports = [ ../../modules/sops ]; imports = [ ../../modules/sops ];
sops = { sops = {
age.keyFile = ./test-assets/age-keys.txt; age.keyFile = ./test-assets/age-keys.txt;
@ -99,7 +99,7 @@
age-keys = makeTest { age-keys = makeTest {
name = "sops-age-keys"; name = "sops-age-keys";
machine = { nodes.machine = {
imports = [ ../../modules/sops ]; imports = [ ../../modules/sops ];
sops = { sops = {
age.keyFile = ./test-assets/age-keys.txt; age.keyFile = ./test-assets/age-keys.txt;
@ -119,7 +119,7 @@
age-ssh-keys = makeTest { age-ssh-keys = makeTest {
name = "sops-age-ssh-keys"; name = "sops-age-ssh-keys";
machine = { nodes.machine = {
imports = [ ../../modules/sops ]; imports = [ ../../modules/sops ];
services.openssh.enable = true; services.openssh.enable = true;
services.openssh.hostKeys = [{ services.openssh.hostKeys = [{
@ -207,7 +207,7 @@
} // pkgs.lib.optionalAttrs (pkgs.lib.versionAtLeast (pkgs.lib.versions.majorMinor pkgs.lib.version) "22.05") { } // pkgs.lib.optionalAttrs (pkgs.lib.versionAtLeast (pkgs.lib.versions.majorMinor pkgs.lib.version) "22.05") {
restart-and-reload = makeTest { restart-and-reload = makeTest {
name = "sops-restart-and-reload"; name = "sops-restart-and-reload";
machine = { pkgs, lib, config, ... }: { nodes.machine = { pkgs, lib, config, ... }: {
imports = [ imports = [
../../modules/sops ../../modules/sops
]; ];