apply treefmt

2 years ago · 16ab6ae069
parent cc78160e6e
commit 16ab6ae069
21 changed files with 359 additions and 341 deletions
--- a/README.md
+++ b/README.md
@ -1,6 +1,7 @@
 # systemd-vaultd - load vault credentials with systemd units

 > Mostly written in a train
+
 - Jörg Thalheim

 systemd-vaultd is a proxy between systemd and [vault agent](https://vaultproject.io).
--- a/flake.nix
+++ b/flake.nix
@ -15,13 +15,10 @@
      imports = [
        ./nix/checks/flake-module.nix
      ];
-      perSystem = {
-        config,
-        self',
-        inputs',
-        pkgs,
-        system,
-        ...
+      perSystem =
+        { config
+        , pkgs
+        , ...
        }: {
          packages.default = pkgs.callPackage ./default.nix { };
          devShells.default = pkgs.mkShellNoCC {
--- a/nix/checks/dev-vault-server.nix
+++ b/nix/checks/dev-vault-server.nix
@ -1,8 +1,6 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
+{ config
+, pkgs
+, ...
 }: {
  environment.systemPackages = [ pkgs.vault ];
  services.vault = {
--- a/nix/checks/flake-module.nix
+++ b/nix/checks/flake-module.nix
@ -2,12 +2,9 @@
  imports = [
    inputs.treefmt-nix.flakeModule
  ];
-  perSystem = {
-    self',
-    inputs',
-    pkgs,
-    system,
-    ...
+  perSystem =
+    { pkgs
+    , ...
    }: {
      treefmt = {
        # Used to find the project root
@ -45,6 +42,7 @@
            includes = [ "*.py" ];
          };
        };
+      };

      checks =
        let
@ -56,13 +54,4 @@
          inherit (nixosTests) unittests vault-agent systemd-vaultd;
        };
    };
-
-    checks = let
-      nixosTests = pkgs.callPackages ./nix/checks/nixos-test.nix {
-        makeTest = import (pkgs.path + "/nixos/tests/make-test-python.nix");
-      };
-    in {
-      inherit (nixosTests) unittests vault-agent systemd-vaultd;
-    };
-  };
 }
--- a/nix/checks/nixos-test.nix
+++ b/nix/checks/nixos-test.nix
@ -1,13 +1,15 @@
-{
-  makeTest ? import <nixpkgs/nixos/tests/make-test-python.nix>,
-  pkgs ? (import <nixpkgs> {}),
-}: let
+{ makeTest ? import <nixpkgs/nixos/tests/make-test-python.nix>
+, pkgs ? (import <nixpkgs> { })
+,
+}:
+let
  makeTest' = args:
    makeTest args {
      inherit pkgs;
      inherit (pkgs) system;
    };
-in {
+in
+{
  vault-agent = makeTest' (import ./vault-agent-test.nix);
  systemd-vaultd = makeTest' (import ./systemd-vaultd-test.nix);
  unittests = makeTest' {
--- a/nix/checks/systemd-vaultd-test.nix
+++ b/nix/checks/systemd-vaultd-test.nix
@ -1,9 +1,9 @@
 {
  name = "systemd-vaultd";
-  nodes.server = {
-    config,
-    pkgs,
-    ...
+  nodes.server =
+    { config
+    , pkgs
+    , ...
    }: {
      imports = [
        ../modules/vault-agent.nix
--- a/nix/checks/unittests.nix
+++ b/nix/checks/unittests.nix
@ -1,10 +1,11 @@
-{
-  writeShellScript,
-  python3,
-  pkgs,
-  lib,
-  coreutils,
-}: let
+{ writeShellScript
+, python3
+, pkgs
+, lib
+, coreutils
+,
+}:
+let
  systemd-vaultd = pkgs.callPackage ../../default.nix { };
  systemd = pkgs.callPackage ../pkgs/systemd.nix { };
 in
--- a/nix/checks/vault-agent-test.nix
+++ b/nix/checks/vault-agent-test.nix
@ -1,9 +1,8 @@
 {
  name = "vault-agent";
-  nodes.server = {
-    config,
-    pkgs,
-    ...
+  nodes.server =
+    { config
+    , ...
    }: {
      imports = [
        ./dev-vault-server.nix
--- a/nix/modules/systemd-vaultd.nix
+++ b/nix/modules/systemd-vaultd.nix
@ -1,11 +1,10 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}: let
+{ pkgs
+, ...
+}:
+let
  systemd-vaultd = pkgs.callPackage ../../default.nix { };
-in {
+in
+{
  imports = [
    ./vault-secrets.nix
  ];
--- a/nix/modules/vault-agent.nix
+++ b/nix/modules/vault-agent.nix
@ -1,9 +1,9 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}: let
+{ config
+, lib
+, pkgs
+, ...
+}:
+let
  cfg = config.services.vault;
  settingsFormat = pkgs.formats.json { };

@ -58,7 +58,8 @@
      };
    };
  };
-in {
+in
+{
  options.services.vault.agents = lib.mkOption {
    default = { };
    description = "Instances of vault agent";
@ -72,7 +73,8 @@ in {
    });
  };
  config = {
-    systemd.services = lib.mapAttrs' (name: instanceCfg:
+    systemd.services = lib.mapAttrs'
+      (name: instanceCfg:
        lib.nameValuePair "vault-agent-${name}" {
          after = [ "network.target" ];
          wantedBy = [ "multi-user.target" ];
--- a/nix/modules/vault-secrets.nix
+++ b/nix/modules/vault-secrets.nix
@ -1,9 +1,9 @@
-{
-  lib,
-  config,
-  pkgs,
-  ...
-}: let
+{ lib
+, config
+, pkgs
+, ...
+}:
+let
  secretType = serviceName:
    lib.types.submodule ({ config, ... }: {
      options = {
@ -59,19 +59,22 @@

  vaultTemplates = config:
    (lib.mapAttrsToList
-      (serviceName: service:
+      (serviceName: _service:
        getSecretTemplate serviceName services.${serviceName}.vault)
-      (lib.filterAttrs (n: v: v.vault.secrets != {} && v.vault.agent == config._module.args.name) services))
+      (lib.filterAttrs (_n: v: v.vault.secrets != { } && v.vault.agent == config._module.args.name) services))
    ++ (lib.mapAttrsToList
-      (serviceName: service:
+      (serviceName: _service:
        getEnvironmentTemplate serviceName services.${serviceName}.vault)
-      (lib.filterAttrs (n: v: v.vault.environmentTemplate != null && v.vault.agent == config._module.args.name) services));
-in {
+      (lib.filterAttrs (_n: v: v.vault.environmentTemplate != null && v.vault.agent == config._module.args.name) services));
+in
+{
  options = {
    systemd.services = lib.mkOption {
-      type = lib.types.attrsOf (lib.types.submodule ({config, ...}: let
+      type = lib.types.attrsOf (lib.types.submodule ({ config, ... }:
+        let
          serviceName = config._module.args.name;
-      in {
+        in
+        {
          options.vault = {
            changeAction = lib.mkOption {
              description = ''
@ -117,9 +120,11 @@ in {
              };
            };
          };
-        config = let
+          config =
+            let
              mkIfHasEnv = lib.mkIf (config.vault.environmentTemplate != null);
-        in {
+            in
+            {
              after = mkIfHasEnv [ "${serviceName}-envfile.service" ];
              bindsTo = mkIfHasEnv [ "${serviceName}-envfile.service" ];

@ -140,14 +145,17 @@ in {

  config = {
    # we cannot use `systemd.services` here since this would create infinite recursion
-    systemd.packages = let
-      servicesWithEnv = builtins.attrNames (lib.filterAttrs (n: v: v.vault.environmentTemplate != null) services);
-    in [
+    systemd.packages =
+      let
+        servicesWithEnv = builtins.attrNames (lib.filterAttrs (_n: v: v.vault.environmentTemplate != null) services);
+      in
+      [
        (pkgs.runCommand "env-services" { }
          (''
            mkdir -p $out/lib/systemd/system
          ''
-          + (lib.concatMapStringsSep "\n" (service: ''
+          + (lib.concatMapStringsSep "\n"
+            (service: ''
              cat > $out/lib/systemd/system/${service}-envfile.service <<EOF
              [Unit]
              Before=${service}.service
--- a/nix/pkgs/systemd.nix
+++ b/nix/pkgs/systemd.nix
@ -1,6 +1,6 @@
-{
-  systemd,
-  fetchpatch,
+{ systemd
+, fetchpatch
+,
 }:
 systemd.overrideAttrs (old: {
  patches =
--- a/pyproject.toml
+++ b/pyproject.toml
@ -0,0 +1,20 @@
+[tool.ruff]
+line-length = 88
+
+select = ["E", "F", "I"]
+ignore = [ "E501" ]
+
+[tool.mypy]
+python_version = "3.10"
+warn_redundant_casts = true
+disallow_untyped_calls = true
+disallow_untyped_defs = true
+no_implicit_optional = true
+
+[[tool.mypy.overrides]]
+module = "setuptools.*"
+ignore_missing_imports = true
+
+[[tool.mypy.overrides]]
+module = "pytest.*"
+ignore_missing_imports = true
--- a/tests/command.py
+++ b/tests/command.py
@ -3,8 +3,8 @@
 import os
 import signal
 import subprocess
-from typing import IO, Any, Dict, Iterator, List, Union
 from pathlib import Path
+from typing import IO, Any, Dict, Iterator, List, Union

 import pytest

--- a/tests/random_service.py
+++ b/tests/random_service.py
@ -1,8 +1,8 @@
 #!/usr/bin/env python3

+import json
 import random
 import string
-import json
 from dataclasses import dataclass
 from pathlib import Path

--- a/tests/systemd_vaultd.py
+++ b/tests/systemd_vaultd.py
@ -1,9 +1,10 @@
 #!/usr/bin/env python3

 import os
-import pytest
 from pathlib import Path
 from typing import Optional
+
+import pytest
 from command import run

 BIN: Optional[Path] = None
--- a/tests/tempdir.py
+++ b/tests/tempdir.py
@ -1,10 +1,11 @@
 #!/usr/bin/env python3

-import pytest
-from tempfile import TemporaryDirectory
 from pathlib import Path
+from tempfile import TemporaryDirectory
 from typing import Iterator

+import pytest
+

@pytest.fixture
 def tempdir() -> Iterator[Path]:
--- a/tests/test_blocking_secret.py
+++ b/tests/test_blocking_secret.py
@ -1,6 +1,6 @@
 import subprocess
-from pathlib import Path
 import time
+from pathlib import Path

 from command import Command
 from random_service import random_service
--- a/tests/test_socket_activation.py
+++ b/tests/test_socket_activation.py
@ -1,7 +1,7 @@
 #!/usr/bin/env python3

-import time
 import subprocess
+import time
 from pathlib import Path

 from command import Command, run