vars: use correct paths for value accesses
Use correct paths for value accesses of vars under: - `per-machine` - `shared`
This commit is contained in:
a-kenji
12
clanModules/state-version/default.nix
Normal file
12
clanModules/state-version/default.nix
Normal file
@@ -0,0 +1,12 @@
|
|||||||
|
{ config, lib, ... }:
|
||||||
|
{
|
||||||
|
system.stateVersion = config.clan.core.vars.generators.state-version.files.version.value;
|
||||||
|
|
||||||
|
clan.core.vars.generators.state-version = {
|
||||||
|
files.version.secret = false;
|
||||||
|
runtimeInputs = [ ];
|
||||||
|
script = ''
|
||||||
|
echo ${lib.versions.majorMinor lib.version} > $out/version
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}
|
||||||
@@ -74,6 +74,17 @@ in
|
|||||||
readOnly = true;
|
readOnly = true;
|
||||||
default = generator.config._module.args.name;
|
default = generator.config._module.args.name;
|
||||||
};
|
};
|
||||||
|
share = {
|
||||||
|
type = lib.types.bool;
|
||||||
|
description = ''
|
||||||
|
Whether the generated vars should be shared between machines.
|
||||||
|
Shared vars are only generated once, when the first machine using it is deployed.
|
||||||
|
Subsequent machines will re-use the already generated values.
|
||||||
|
'';
|
||||||
|
readOnly = true;
|
||||||
|
internal = true;
|
||||||
|
default = generator.config.share;
|
||||||
|
};
|
||||||
deploy = {
|
deploy = {
|
||||||
description = ''
|
description = ''
|
||||||
Whether the file should be deployed to the target machine.
|
Whether the file should be deployed to the target machine.
|
||||||
@@ -97,15 +108,18 @@ in
|
|||||||
'';
|
'';
|
||||||
type = str;
|
type = str;
|
||||||
};
|
};
|
||||||
value = {
|
value =
|
||||||
description = ''
|
{
|
||||||
The content of the generated value.
|
description = ''
|
||||||
Only available if the file is not secret.
|
The content of the generated value.
|
||||||
'';
|
Only available if the file is not secret.
|
||||||
type = str;
|
'';
|
||||||
default = throw "Cannot access value of secret file";
|
type = str;
|
||||||
defaultText = "Throws error because the value of a secret file is not accessible";
|
defaultText = "Throws error because the value of a secret file is not accessible";
|
||||||
};
|
}
|
||||||
|
// lib.optionalAttrs file.config.secret {
|
||||||
|
default = throw "Cannot access value of secret file";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
);
|
);
|
||||||
|
|||||||
@@ -6,8 +6,15 @@
|
|||||||
publicModule = "clan_cli.vars.public_modules.in_repo";
|
publicModule = "clan_cli.vars.public_modules.in_repo";
|
||||||
fileModule = file: {
|
fileModule = file: {
|
||||||
path = lib.mkIf (file.config.secret == false) (
|
path = lib.mkIf (file.config.secret == false) (
|
||||||
config.clan.core.clanDir + "/machines/${config.clan.core.machineName}/vars/${file.config.name}"
|
if file.config.share then
|
||||||
|
(config.clan.core.clanDir + "/vars/shared/${file.config.generatorName}/${file.config.name}/value")
|
||||||
|
else
|
||||||
|
(
|
||||||
|
config.clan.core.clanDir
|
||||||
|
+ "/vars/per-machine/${config.clan.core.machineName}/${file.config.generatorName}/${file.config.name}/value"
|
||||||
|
)
|
||||||
);
|
);
|
||||||
|
value = lib.mkIf (file.config.secret == false) (lib.readFile file.config.path);
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,3 +1,4 @@
|
|||||||
|
import json
|
||||||
import subprocess
|
import subprocess
|
||||||
from dataclasses import dataclass
|
from dataclasses import dataclass
|
||||||
from io import StringIO
|
from io import StringIO
|
||||||
@@ -8,7 +9,7 @@ import pytest
|
|||||||
from age_keys import SopsSetup
|
from age_keys import SopsSetup
|
||||||
from clan_cli.clan_uri import FlakeId
|
from clan_cli.clan_uri import FlakeId
|
||||||
from clan_cli.machines.machines import Machine
|
from clan_cli.machines.machines import Machine
|
||||||
from clan_cli.nix import nix_shell
|
from clan_cli.nix import nix_eval, nix_shell, run
|
||||||
from clan_cli.vars.check import check_vars
|
from clan_cli.vars.check import check_vars
|
||||||
from clan_cli.vars.list import stringify_all_vars
|
from clan_cli.vars.list import stringify_all_vars
|
||||||
from clan_cli.vars.public_modules import in_repo
|
from clan_cli.vars.public_modules import in_repo
|
||||||
@@ -102,6 +103,14 @@ def test_generate_public_var(
|
|||||||
assert store.get("my_generator", "my_value").decode() == "hello\n"
|
assert store.get("my_generator", "my_value").decode() == "hello\n"
|
||||||
vars_text = stringify_all_vars(machine)
|
vars_text = stringify_all_vars(machine)
|
||||||
assert "my_generator/my_value: hello" in vars_text
|
assert "my_generator/my_value: hello" in vars_text
|
||||||
|
vars_eval = run(
|
||||||
|
nix_eval(
|
||||||
|
[
|
||||||
|
f"{flake.path}#nixosConfigurations.my_machine.config.clan.core.vars.generators.my_generator.files.my_value.value",
|
||||||
|
]
|
||||||
|
)
|
||||||
|
).stdout.strip()
|
||||||
|
assert json.loads(vars_eval) == "hello\n"
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.impure
|
@pytest.mark.impure
|
||||||
@@ -411,6 +420,14 @@ def test_share_flag(
|
|||||||
assert not in_repo_store.exists("shared_generator", "my_value", shared=False)
|
assert not in_repo_store.exists("shared_generator", "my_value", shared=False)
|
||||||
assert in_repo_store.exists("unshared_generator", "my_value", shared=False)
|
assert in_repo_store.exists("unshared_generator", "my_value", shared=False)
|
||||||
assert not in_repo_store.exists("unshared_generator", "my_value", shared=True)
|
assert not in_repo_store.exists("unshared_generator", "my_value", shared=True)
|
||||||
|
vars_eval = run(
|
||||||
|
nix_eval(
|
||||||
|
[
|
||||||
|
f"{flake.path}#nixosConfigurations.my_machine.config.clan.core.vars.generators.shared_generator.files.my_value.value",
|
||||||
|
]
|
||||||
|
)
|
||||||
|
).stdout.strip()
|
||||||
|
assert json.loads(vars_eval) == "hello\n"
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.impure
|
@pytest.mark.impure
|
||||||
|
|||||||
Reference in New Issue
Block a user