Merge pull request #208 from dramforever/fix-cross-validation

Add validationPackage option for cross-compilation
2025-04-09 18:34:12 +00:00 · 2022-07-13 09:02:36 +02:00 · 2022-07-13 09:02:36 +02:00 · 912514e60a
commit 912514e60a
parent 2c898a6d76 fc2b603a9b
1 changed files with 16 additions and 1 deletions
--- a/modules/sops/default.nix
+++ b/modules/sops/default.nix
@ -6,6 +6,7 @@ let
  cfg = config.sops;
  users = config.users.users;
  sops-install-secrets = cfg.package;
+  sops-install-secrets-check = cfg.validationPackage;
  regularSecrets = lib.filterAttrs (_: v: !v.neededForUsers) cfg.secrets;
  secretsForUsers = lib.filterAttrs (_: v: v.neededForUsers) cfg.secrets;
  secretType = types.submodule ({ config, ... }: {
@ -131,7 +132,7 @@ let
      };
    } // extraJson);
    checkPhase = ''
-      ${sops-install-secrets}/bin/sops-install-secrets -check-mode=${if cfg.validateSopsFiles then "sopsfile" else "manifest"} "$out"
+      ${sops-install-secrets-check}/bin/sops-install-secrets -check-mode=${if cfg.validateSopsFiles then "sopsfile" else "manifest"} "$out"
    '';
  };

@ -225,6 +226,20 @@ in {
      '';
    };

+    validationPackage = mkOption {
+      type = types.package;
+      default =
+        if pkgs.stdenv.buildPlatform == pkgs.stdenv.hostPlatform
+          then sops-install-secrets
+          else (pkgs.pkgsBuildHost.callPackage ../.. {}).sops-install-secrets;
+
+      description = ''
+        sops-install-secrets package to use when validating configuration.
+
+        Defaults to sops.package if building natively, and a native version of sops-install-secrets if cross compiling.
+      '';
+    };
+
    age = {
      keyFile = mkOption {
        type = types.nullOr types.path;