Merge pull request #231 from ryantm/revert-163-rtm-2-21-recursive-nix

Revert "contrib: add direct tests for agenix "
This commit is contained in:
Ryan Mulligan 2023-12-22 07:48:36 -08:00 committed by GitHub
commit d0d4ad5be6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 25 additions and 49 deletions

View file

@ -9,9 +9,7 @@ jobs:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- uses: cachix/install-nix-action@v22 - uses: cachix/install-nix-action@v22
with: with:
extra_nix_config: | extra_nix_config: "system-features = nixos-test benchmark big-parallel kvm"
system-features = nixos-test recursive-nix benchmark big-parallel kvm
extra-experimental-features = recursive-nix nix-command flakes
- run: nix build - run: nix build
- run: nix build .#doc - run: nix build .#doc
- run: nix fmt . -- --check - run: nix fmt . -- --check
@ -22,9 +20,7 @@ jobs:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- uses: cachix/install-nix-action@v22 - uses: cachix/install-nix-action@v22
with: with:
extra_nix_config: | extra_nix_config: "system-features = nixos-test benchmark big-parallel kvm"
system-features = nixos-test recursive-nix benchmark big-parallel kvm
extra-experimental-features = recursive-nix nix-command flakes
- run: nix build - run: nix build
- run: nix build .#doc - run: nix build .#doc
- run: nix fmt . -- --check - run: nix fmt . -- --check

View file

@ -9,49 +9,29 @@
substituteAll, substituteAll,
ageBin ? "${rage}/bin/rage", ageBin ? "${rage}/bin/rage",
shellcheck, shellcheck,
}: let }:
bin = "${placeholder "out"}/bin/agenix"; stdenv.mkDerivation rec {
in pname = "agenix";
stdenv.mkDerivation rec { version = "0.15.0";
pname = "agenix"; src = substituteAll {
version = "0.15.0"; inherit ageBin version;
src = substituteAll { jqBin = "${jq}/bin/jq";
inherit ageBin version; nixInstantiate = "${nix}/bin/nix-instantiate";
jqBin = "${jq}/bin/jq"; mktempBin = "${mktemp}/bin/mktemp";
nixInstantiate = "${nix}/bin/nix-instantiate"; diffBin = "${diffutils}/bin/diff";
mktempBin = "${mktemp}/bin/mktemp"; src = ./agenix.sh;
diffBin = "${diffutils}/bin/diff"; };
src = ./agenix.sh; dontUnpack = true;
};
dontUnpack = true;
doInstallCheck = true;
installCheckInputs = [shellcheck];
postInstallCheck = ''
shellcheck ${bin}
${bin} -h | grep ${version}
mkdir -p /tmp/home/.ssh doCheck = true;
cp -r "${../example}" /tmp/home/secrets checkInputs = [shellcheck];
chmod -R u+rw /tmp/home/secrets postCheck = ''
export HOME=/tmp/home shellcheck $src
( '';
umask u=rw,g=r,o=r
cp ${../example_keys/user1.pub} $HOME/.ssh/id_ed25519.pub
chown $UID $HOME/.ssh/id_ed25519.pub
)
(
umask u=rw,g=,o=
cp ${../example_keys/user1} $HOME/.ssh/id_ed25519
chown $UID $HOME/.ssh/id_ed25519
)
cd /tmp/home/secrets installPhase = ''
test $(${bin} -d secret1.age) = "hello" install -D $src ${placeholder "out"}/bin/agenix
''; '';
installPhase = '' meta.description = "age-encrypted secrets for NixOS";
install -D $src ${bin} }
'';
meta.description = "age-encrypted secrets for NixOS";
}