apply treefmt

2 years ago · 16ab6ae069
parent cc78160e6e
commit 16ab6ae069
21 changed files with 359 additions and 341 deletions
--- a/README.md
+++ b/README.md
@ -1,6 +1,7 @@
 # systemd-vaultd - load vault credentials with systemd units
 > Mostly written in a train
 - Jörg Thalheim
 systemd-vaultd is a proxy between systemd and [vault agent](https://vaultproject.io).
--- a/flake.nix
+++ b/flake.nix
@ -15,13 +15,10 @@
      imports = [
        ./nix/checks/flake-module.nix
      ];
-      perSystem = {
+      perSystem =
-        config,
+        { config
-        self',
+        , pkgs
-        inputs',
+        , ...
        pkgs,
        system,
        ...
        }: {
          packages.default = pkgs.callPackage ./default.nix { };
          devShells.default = pkgs.mkShellNoCC {
--- a/nix/checks/dev-vault-server.nix
+++ b/nix/checks/dev-vault-server.nix
@ -1,8 +1,6 @@
-{
+{ config
-  config,
+, pkgs
-  lib,
+, ...
  pkgs,
  ...
 }: {
  environment.systemPackages = [ pkgs.vault ];
  services.vault = {
--- a/nix/checks/flake-module.nix
+++ b/nix/checks/flake-module.nix
@ -2,12 +2,9 @@
  imports = [
    inputs.treefmt-nix.flakeModule
  ];
-  perSystem = {
+  perSystem =
-    self',
+    { pkgs
-    inputs',
+    , ...
    pkgs,
    system,
    ...
    }: {
      treefmt = {
        # Used to find the project root
@ -45,6 +42,7 @@
            includes = [ "*.py" ];
          };
        };
      };
      checks =
        let
@ -56,13 +54,4 @@
          inherit (nixosTests) unittests vault-agent systemd-vaultd;
        };
    };
    checks = let
      nixosTests = pkgs.callPackages ./nix/checks/nixos-test.nix {
        makeTest = import (pkgs.path + "/nixos/tests/make-test-python.nix");
      };
    in {
      inherit (nixosTests) unittests vault-agent systemd-vaultd;
    };
  };
 }
--- a/nix/checks/nixos-test.nix
+++ b/nix/checks/nixos-test.nix
@ -1,13 +1,15 @@
-{
+{ makeTest ? import <nixpkgs/nixos/tests/make-test-python.nix>
-  makeTest ? import <nixpkgs/nixos/tests/make-test-python.nix>,
+, pkgs ? (import <nixpkgs> { })
-  pkgs ? (import <nixpkgs> {}),
+,
-}: let
+}:
 let
  makeTest' = args:
    makeTest args {
      inherit pkgs;
      inherit (pkgs) system;
    };
-in {
+in
 {
  vault-agent = makeTest' (import ./vault-agent-test.nix);
  systemd-vaultd = makeTest' (import ./systemd-vaultd-test.nix);
  unittests = makeTest' {
--- a/nix/checks/systemd-vaultd-test.nix
+++ b/nix/checks/systemd-vaultd-test.nix
@ -1,9 +1,9 @@
 {
  name = "systemd-vaultd";
-  nodes.server = {
+  nodes.server =
-    config,
+    { config
-    pkgs,
+    , pkgs
-    ...
+    , ...
    }: {
      imports = [
        ../modules/vault-agent.nix
--- a/nix/checks/unittests.nix
+++ b/nix/checks/unittests.nix
@ -1,10 +1,11 @@
-{
+{ writeShellScript
-  writeShellScript,
+, python3
-  python3,
+, pkgs
-  pkgs,
+, lib
-  lib,
+, coreutils
-  coreutils,
+,
-}: let
+}:
 let
  systemd-vaultd = pkgs.callPackage ../../default.nix { };
  systemd = pkgs.callPackage ../pkgs/systemd.nix { };
 in
--- a/nix/checks/vault-agent-test.nix
+++ b/nix/checks/vault-agent-test.nix
@ -1,9 +1,8 @@
 {
  name = "vault-agent";
-  nodes.server = {
+  nodes.server =
-    config,
+    { config
-    pkgs,
+    , ...
    ...
    }: {
      imports = [
        ./dev-vault-server.nix
--- a/nix/modules/systemd-vaultd.nix
+++ b/nix/modules/systemd-vaultd.nix
@ -1,11 +1,10 @@
-{
+{ pkgs
-  config,
+, ...
-  lib,
+}:
-  pkgs,
+let
  ...
 }: let
  systemd-vaultd = pkgs.callPackage ../../default.nix { };
-in {
+in
 {
  imports = [
    ./vault-secrets.nix
  ];
--- a/nix/modules/vault-agent.nix
+++ b/nix/modules/vault-agent.nix
@ -1,9 +1,9 @@
-{
+{ config
-  config,
+, lib
-  lib,
+, pkgs
-  pkgs,
+, ...
-  ...
+}:
-}: let
+let
  cfg = config.services.vault;
  settingsFormat = pkgs.formats.json { };
@ -58,7 +58,8 @@
      };
    };
  };
-in {
+in
 {
  options.services.vault.agents = lib.mkOption {
    default = { };
    description = "Instances of vault agent";
@ -72,7 +73,8 @@ in {
    });
  };
  config = {
-    systemd.services = lib.mapAttrs' (name: instanceCfg:
+    systemd.services = lib.mapAttrs'
      (name: instanceCfg:
        lib.nameValuePair "vault-agent-${name}" {
          after = [ "network.target" ];
          wantedBy = [ "multi-user.target" ];
--- a/nix/modules/vault-secrets.nix
+++ b/nix/modules/vault-secrets.nix
@ -1,9 +1,9 @@
-{
+{ lib
-  lib,
+, config
-  config,
+, pkgs
-  pkgs,
+, ...
-  ...
+}:
-}: let
+let
  secretType = serviceName:
    lib.types.submodule ({ config, ... }: {
      options = {
@ -59,19 +59,22 @@
  vaultTemplates = config:
    (lib.mapAttrsToList
-      (serviceName: service:
+      (serviceName: _service:
        getSecretTemplate serviceName services.${serviceName}.vault)
-      (lib.filterAttrs (n: v: v.vault.secrets != {} && v.vault.agent == config._module.args.name) services))
+      (lib.filterAttrs (_n: v: v.vault.secrets != { } && v.vault.agent == config._module.args.name) services))
    ++ (lib.mapAttrsToList
-      (serviceName: service:
+      (serviceName: _service:
        getEnvironmentTemplate serviceName services.${serviceName}.vault)
-      (lib.filterAttrs (n: v: v.vault.environmentTemplate != null && v.vault.agent == config._module.args.name) services));
+      (lib.filterAttrs (_n: v: v.vault.environmentTemplate != null && v.vault.agent == config._module.args.name) services));
-in {
+in
 {
  options = {
    systemd.services = lib.mkOption {
-      type = lib.types.attrsOf (lib.types.submodule ({config, ...}: let
+      type = lib.types.attrsOf (lib.types.submodule ({ config, ... }:
        let
          serviceName = config._module.args.name;
-      in {
+        in
        {
          options.vault = {
            changeAction = lib.mkOption {
              description = ''
@ -117,9 +120,11 @@ in {
              };
            };
          };
-        config = let
+          config =
            let
              mkIfHasEnv = lib.mkIf (config.vault.environmentTemplate != null);
-        in {
+            in
            {
              after = mkIfHasEnv [ "${serviceName}-envfile.service" ];
              bindsTo = mkIfHasEnv [ "${serviceName}-envfile.service" ];
@ -140,14 +145,17 @@ in {
  config = {
    # we cannot use `systemd.services` here since this would create infinite recursion
-    systemd.packages = let
+    systemd.packages =
-      servicesWithEnv = builtins.attrNames (lib.filterAttrs (n: v: v.vault.environmentTemplate != null) services);
+      let
-    in [
+        servicesWithEnv = builtins.attrNames (lib.filterAttrs (_n: v: v.vault.environmentTemplate != null) services);
      in
      [
        (pkgs.runCommand "env-services" { }
          (''
            mkdir -p $out/lib/systemd/system
          ''
-          + (lib.concatMapStringsSep "\n" (service: ''
+          + (lib.concatMapStringsSep "\n"
            (service: ''
              cat > $out/lib/systemd/system/${service}-envfile.service <<EOF
              [Unit]
              Before=${service}.service
--- a/nix/pkgs/systemd.nix
+++ b/nix/pkgs/systemd.nix
@ -1,6 +1,6 @@
-{
+{ systemd
-  systemd,
+, fetchpatch
-  fetchpatch,
+,
 }:
 systemd.overrideAttrs (old: {
  patches =
--- a/pyproject.toml
+++ b/pyproject.toml
@ -0,0 +1,20 @@
 [tool.ruff]
 line-length = 88
 select = ["E", "F", "I"]
 ignore = [ "E501" ]
 [tool.mypy]
 python_version = "3.10"
 warn_redundant_casts = true
 disallow_untyped_calls = true
 disallow_untyped_defs = true
 no_implicit_optional = true
 [[tool.mypy.overrides]]
 module = "setuptools.*"
 ignore_missing_imports = true
 [[tool.mypy.overrides]]
 module = "pytest.*"
 ignore_missing_imports = true
--- a/tests/command.py
+++ b/tests/command.py
@ -3,8 +3,8 @@
 import os
 import signal
 import subprocess
 from typing import IO, Any, Dict, Iterator, List, Union
 from pathlib import Path
 from typing import IO, Any, Dict, Iterator, List, Union
 import pytest
--- a/tests/random_service.py
+++ b/tests/random_service.py
@ -1,8 +1,8 @@
 #!/usr/bin/env python3
 import json
 import random
 import string
 import json
 from dataclasses import dataclass
 from pathlib import Path
--- a/tests/systemd_vaultd.py
+++ b/tests/systemd_vaultd.py
@ -1,9 +1,10 @@
 #!/usr/bin/env python3
 import os
 import pytest
 from pathlib import Path
 from typing import Optional
 import pytest
 from command import run
 BIN: Optional[Path] = None
--- a/tests/tempdir.py
+++ b/tests/tempdir.py
@ -1,10 +1,11 @@
 #!/usr/bin/env python3
 import pytest
 from tempfile import TemporaryDirectory
 from pathlib import Path
 from tempfile import TemporaryDirectory
 from typing import Iterator
 import pytest
@pytest.fixture
 def tempdir() -> Iterator[Path]:
--- a/tests/test_blocking_secret.py
+++ b/tests/test_blocking_secret.py
@ -1,6 +1,6 @@
 import subprocess
 from pathlib import Path
 import time
 from pathlib import Path
 from command import Command
 from random_service import random_service
--- a/tests/test_socket_activation.py
+++ b/tests/test_socket_activation.py
@ -1,7 +1,7 @@
 #!/usr/bin/env python3
 import time
 import subprocess
 import time
 from pathlib import Path
 from command import Command, run