From 99e09637436aa42f1b3a8360f12dc0ee5d918be3 Mon Sep 17 00:00:00 2001
From: Ryan Mulligan <ryan@ryantm.com>
Date: Sun, 29 Jan 2023 08:27:20 -0800
Subject: [PATCH] contrib: use Alejandra as formatter

---
 .github/workflows/ci.yaml | 12 +++++++-----
 README.md                 | 14 ++++++++++++++
 default.nix               |  5 ++---
 example/secrets.nix       |  9 ++++-----
 flake.nix                 | 17 +++++++++++------
 5 files changed, 38 insertions(+), 19 deletions(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index df49e4b..d00e84e 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -4,20 +4,22 @@ on:
   push:
 jobs:
   tests-linux:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2.3.4
-    - uses: cachix/install-nix-action@v15
+    - uses: actions/checkout@v3
+    - uses: cachix/install-nix-action@v18
       with:
         extra_nix_config: "system-features = nixos-test benchmark big-parallel kvm"
     - run: nix build
+    - run: nix fmt . -- --check
     - run: nix flake check
   tests-darwin:
     runs-on: macos-11
     steps:
-    - uses: actions/checkout@v2.3.4
-    - uses: cachix/install-nix-action@v15
+    - uses: actions/checkout@v3
+    - uses: cachix/install-nix-action@v18
       with:
         extra_nix_config: "system-features = nixos-test benchmark big-parallel kvm"
     - run: nix build
+    - run: nix fmt . -- --check
     - run: nix flake check
diff --git a/README.md b/README.md
index eaa3076..fb362f2 100644
--- a/README.md
+++ b/README.md
@@ -25,6 +25,7 @@
   * [agenix CLI reference](#agenix-cli-reference)
 * [Community and Support](#community-and-support)
 * [Threat model/Warnings](#threat-modelwarnings)
+* [Contributing](#contributing)
 * [Acknowledgements](#acknowledgements)
 
 ## Problem and solution
@@ -536,6 +537,19 @@ authentication code (MAC) like other implementations like GPG or
 [sops](https://github.com/Mic92/sops-nix) have, however this was left
 out for simplicity in `age`.
 
+## Contributing
+
+* The main branch is protected against direct pushes
+* All changes must go through GitHub PR review and get at least one approval
+* PR titles and commit messages should be prefixed with at least one of these categories:
+  * contrib - things that make the project development better
+  * doc - documentation
+  * feature - new features
+  * fix - bug fixes
+* Please update or make integration tests for new features
+* Use `nix fmt` to format nix code
+
+
 ## Acknowledgements
 
 This project is based off of [sops-nix](https://github.com/Mic92/sops-nix) created Mic92. Thank you to Mic92 for inspiration and advice.
diff --git a/default.nix b/default.nix
index 877ed64..555358c 100644
--- a/default.nix
+++ b/default.nix
@@ -1,4 +1,3 @@
-{ pkgs ? import <nixpkgs> {} }:
-{
-  agenix = pkgs.callPackage ./pkgs/agenix.nix  {};
+{pkgs ? import <nixpkgs> {}}: {
+  agenix = pkgs.callPackage ./pkgs/agenix.nix {};
 }
diff --git a/example/secrets.nix b/example/secrets.nix
index 3bdac11..2910329 100644
--- a/example/secrets.nix
+++ b/example/secrets.nix
@@ -1,9 +1,8 @@
 let
   user1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL0idNvgGiucWgup/mP78zyC23uFjYq0evcWdjGQUaBH";
   system1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPJDyIr/FSz1cJdcoW69R+NrWzwGK/+3gJpqD1t8L2zE";
-in
-{
-  "secret1.age".publicKeys = [ user1 system1 ];
-  "secret2.age".publicKeys = [ user1 ];
-  "passwordfile-user1.age".publicKeys = [ user1 system1 ];
+in {
+  "secret1.age".publicKeys = [user1 system1];
+  "secret2.age".publicKeys = [user1];
+  "passwordfile-user1.age".publicKeys = [user1 system1];
 }
diff --git a/flake.nix b/flake.nix
index 58f05cd..b2e2c2b 100644
--- a/flake.nix
+++ b/flake.nix
@@ -14,18 +14,23 @@
 
     overlays.default = import ./overlay.nix;
 
-    packages.aarch64-linux.agenix = agenix "aarch64-linux";
-    packages.aarch64-linux.default = self.packages.aarch64-linux.agenix;
-
-    packages.i686-linux.agenix = agenix "i686-linux";
-    packages.i686-linux.default = self.packages.i686-linux.agenix;
-
+    formatter.x86_64-darwin = nixpkgs.legacyPackages.x86_64-darwin.alejandra;
     packages.x86_64-darwin.agenix = agenix "x86_64-darwin";
     packages.x86_64-darwin.default = self.packages.x86_64-darwin.agenix;
 
+    formatter.aarch64-darwin = nixpkgs.legacyPackages.aarch64-darwin.alejandra;
     packages.aarch64-darwin.agenix = agenix "aarch64-darwin";
     packages.aarch64-darwin.default = self.packages.aarch64-darwin.agenix;
 
+    formatter.aarch64-linux = nixpkgs.legacyPackages.aarch64-linux.alejandra;
+    packages.aarch64-linux.agenix = agenix "aarch64-linux";
+    packages.aarch64-linux.default = self.packages.aarch64-linux.agenix;
+
+    formatter.i686-linux = nixpkgs.legacyPackages.i686-linux.alejandra;
+    packages.i686-linux.agenix = agenix "i686-linux";
+    packages.i686-linux.default = self.packages.i686-linux.agenix;
+
+    formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.alejandra;
     packages.x86_64-linux.agenix = agenix "x86_64-linux";
     packages.x86_64-linux.default = self.packages.x86_64-linux.agenix;
     checks.x86_64-linux.integration = import ./test/integration.nix {