add home-manager and sops-nix to ci

2024-12-14 11:57:52 +00:00 · 2024-11-17 13:51:11 +01:00 · 2024-11-17 13:51:11 +01:00 · fe6a1bb922
commit fe6a1bb922
parent dfcebb55c8
6 changed files with 114 additions and 4 deletions
--- a/checks/darwin.nix
+++ b/checks/darwin.nix
@ -0,0 +1,11 @@
 {
  imports = [
    ../modules/nix-darwin/default.nix
  ];
  documentation.enable = false;
  sops.secrets.test_key = { };
  sops.defaultSopsFile = ../pkgs/sops-install-secrets/test-assets/secrets.yaml;
  sops.age.generateKey = true;
  system.stateVersion = 5;
 }
--- a/checks/home-manager.nix
+++ b/checks/home-manager.nix
@ -0,0 +1,15 @@
 { config, ... }: {
  imports = [
    ../modules/home-manager/sops.nix
  ];
  home.stateVersion = "25.05";
  home.username = "sops-user";
  home.homeDirectory = "/home/sops-user";
  home.enableNixpkgsReleaseCheck = false;
  sops.age.generateKey = true;
  sops.age.keyFile = "${config.home.homeDirectory}/.age-key.txt";
  sops.secrets.test_key = { };
  sops.defaultSopsFile = ../pkgs/sops-install-secrets/test-assets/secrets.yaml;
 }
--- a/dev/private.narHash
+++ b/dev/private.narHash
@ -1 +1 @@
-sha256-qF9EiqHqJARLtA+ZABXa2mstgbza762DwoGEIGkyqVY=
+sha256-rXlTQPa9c8Ou52KO5S36sOyKUzurr5fuZcXnHr7g6YY=
--- a/dev/private/flake.lock
+++ b/dev/private/flake.lock
@ -1,5 +1,45 @@
 {
  "nodes": {
    "home-manager": {
      "inputs": {
        "nixpkgs": [
          "nixpkgs-stable"
        ]
      },
      "locked": {
        "lastModified": 1731832479,
        "narHash": "sha256-icDDuYwJ0avTMZTxe1qyU/Baht5JOqw4pb5mWpR+hT0=",
        "owner": "nix-community",
        "repo": "home-manager",
        "rev": "5056a1cf0ce7c2a08ab50713b6c4af77975f6111",
        "type": "github"
      },
      "original": {
        "owner": "nix-community",
        "repo": "home-manager",
        "type": "github"
      }
    },
    "nix-darwin": {
      "inputs": {
        "nixpkgs": [
          "nixpkgs-stable"
        ]
      },
      "locked": {
        "lastModified": 1731809072,
        "narHash": "sha256-pOsDJQR0imnFLfpvTmRpHcP0tflyxtP/QIzokrKSP8U=",
        "owner": "LnL7",
        "repo": "nix-darwin",
        "rev": "34588d57cfc41c6953c54c93b6b685cab3b548ee",
        "type": "github"
      },
      "original": {
        "owner": "LnL7",
        "repo": "nix-darwin",
        "type": "github"
      }
    },
    "nixpkgs-stable": {
      "locked": {
        "lastModified": 1731842749,
@ -18,6 +58,8 @@
    },
    "root": {
      "inputs": {
        "home-manager": "home-manager",
        "nix-darwin": "nix-darwin",
        "nixpkgs-stable": "nixpkgs-stable",
        "treefmt-nix": "treefmt-nix"
      }
--- a/dev/private/flake.nix
+++ b/dev/private/flake.nix
@ -5,5 +5,11 @@
  inputs.treefmt-nix.url = "github:numtide/treefmt-nix";
  inputs.treefmt-nix.inputs.nixpkgs.follows = "nixpkgs-stable";
  inputs.nix-darwin.url = "github:LnL7/nix-darwin";
  inputs.nix-darwin.inputs.nixpkgs.follows = "nixpkgs-stable";
  inputs.home-manager.url = "github:nix-community/home-manager";
  inputs.home-manager.inputs.nixpkgs.follows = "nixpkgs-stable";
  outputs = _: { };
 }
--- a/flake.nix
+++ b/flake.nix
@ -78,7 +78,7 @@
      # dev outputs
      {
        checks = eachSystem (
-          { system, ... }:
+          { pkgs, system, ... }:
          let
            tests = self.packages.${system}.sops-install-secrets.tests;
            packages-stable = import ./default.nix {
@ -90,7 +90,43 @@
              nixpkgs.lib.mapAttrs' (name: value: nixpkgs.lib.nameValuePair (name + version) value) attrs;
            suffix-stable = suffix-version "-24_05";
          in
-          tests // (suffix-stable tests-stable) // (suffix-stable packages-stable)
+          tests
          // (suffix-stable tests-stable)
          // (suffix-stable packages-stable)
          // {
            home-manager = self.legacyPackages.${system}.homeConfigurations.sops.activation-script;
          }
          // nixpkgs.lib.optionalAttrs pkgs.stdenv.isDarwin {
            darwin-sops =
              self.darwinConfigurations."sops-${pkgs.hostPlatform.darwinArch}".config.system.build.toplevel;
          }
        );
        darwinConfigurations.sops-arm64 = privateInputs.nix-darwin.lib.darwinSystem {
          modules = [
            ./checks/darwin.nix
            #{ nixpkgs.pkgs = nixpkgs.legacyPackages.aarch64-darwin; }
            { nixpkgs.hostPlatform = "aarch64-darwin"; }
          ];
        };
        darwinConfigurations.sops-x86_64 = privateInputs.nix-darwin.lib.darwinSystem {
          modules = [
            ./checks/darwin.nix
            { nixpkgs.hostPlatform = "x86_64-darwin"; }
          ];
        };
        legacyPackages = eachSystem (
          { pkgs, ... }:
          {
            homeConfigurations.sops = privateInputs.home-manager.lib.homeManagerConfiguration {
              modules = [
                ./checks/home-manager.nix
              ];
              inherit pkgs;
            };
          }
        );
        apps = eachSystem (
@ -110,7 +146,7 @@
          { pkgs, ... }:
          {
            unit-tests = pkgs.callPackage ./pkgs/unit-tests.nix { };
-            default = pkgs.callPackage ./shell.nix {};
+            default = pkgs.callPackage ./shell.nix { };
          }
        );
      };
		`@ -1 +1 @@`
			`sha256-qF9EiqHqJARLtA+ZABXa2mstgbza762DwoGEIGkyqVY=`				`sha256-rXlTQPa9c8Ou52KO5S36sOyKUzurr5fuZcXnHr7g6YY=`