add flake and fix tests

2 years ago · 4851891755
parent f41b20f763
commit 4851891755
7 changed files with 112 additions and 20 deletions
--- a/default.nix
+++ b/default.nix
@ -1,13 +1,13 @@
-{ pkgs ? import <nixpkgs> {} }:
+{pkgs ? import <nixpkgs> {}}:
 pkgs.buildGoModule {
-    name = "systemd-vaultd";
-    src = ./.;
-    vendorSha256 = null;
-    meta = with pkgs.lib; {
-      description = "A proxy for secrets between systemd services and vault";
-      homepage = "https://github.com/numtide/systemd-vaultd";
-      license = licenses.mit;
-      maintainers = with maintainers; [mic92];
-      platforms = platforms.unix;
-    };
-  }
+  name = "systemd-vaultd";
+  src = ./.;
+  vendorSha256 = null;
+  meta = with pkgs.lib; {
+    description = "A proxy for secrets between systemd services and vault";
+    homepage = "https://github.com/numtide/systemd-vaultd";
+    license = licenses.mit;
+    maintainers = with maintainers; [mic92];
+    platforms = platforms.unix;
+  };
+}
--- a/flake.lock
+++ b/flake.lock
@ -0,0 +1,48 @@
+{
+  "nodes": {
+    "flake-parts": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1655570068,
+        "narHash": "sha256-KUSd2a6KgYTHd2l3Goee/P+DrAC6n1Tau+7V68czSZU=",
+        "owner": "hercules-ci",
+        "repo": "flake-parts",
+        "rev": "6dbc77b9c0477f8a9a6a9081077bb38c6a3dbb3a",
+        "type": "github"
+      },
+      "original": {
+        "owner": "hercules-ci",
+        "repo": "flake-parts",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1655567057,
+        "narHash": "sha256-Cc5hQSMsTzOHmZnYm8OSJ5RNUp22bd5NADWLHorULWQ=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "e0a42267f73ea52adc061a64650fddc59906fc99",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "flake-parts": "flake-parts",
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
--- a/flake.nix
+++ b/flake.nix
@ -0,0 +1,43 @@
+{
+  description = "Description for the project";
+
+  inputs = {
+    flake-parts.url = "github:hercules-ci/flake-parts";
+    flake-parts.inputs.nixpkgs.follows = "nixpkgs";
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+  };
+
+  outputs = {
+    self,
+    flake-parts,
+    ...
+  }:
+    flake-parts.lib.mkFlake {inherit self;} {
+      systems = ["x86_64-linux" "aarch64-linux"];
+      perSystem = {
+        config,
+        self',
+        inputs',
+        pkgs,
+        system,
+        ...
+      }: {
+        packages.default = pkgs.callPackage ./default.nix {};
+        devShells.default = pkgs.callPackage ./shell.nix {};
+        checks = {
+          treefmt = pkgs.callPackage ./nix/checks/treefmt.nix {};
+          inherit
+            (pkgs.callPackages ./nix/checks/nixos-test.nix {
+              makeTest = import (pkgs.path + "/nixos/tests/make-test-python.nix");
+            })
+            unittests
+            ;
+        };
+      };
+      flake = {
+        # The usual flake attributes can be defined here, including system-
+        # agnostic ones like nixosModule and system-enumerating ones, although
+        # those are more easily expressed in perSystem.
+      };
+    };
+}
--- a/nix/checks/nixos-test.nix
+++ b/nix/checks/nixos-test.nix
@ -8,7 +8,7 @@
      inherit (pkgs) system;
    };
 in {
-  ssh-keys = makeTest' {
+  unittests = makeTest' {
    name = "unitests";
    nodes.server = {pkgs, ...}: {
      # Important to get the systemd service running for root
--- a/nix/checks/unittests.nix
+++ b/nix/checks/unittests.nix
@ -4,13 +4,13 @@
  pkgs,
  lib,
  coreutils,
-  systemd
+  systemd,
 }: let
  systemd-vaultd = pkgs.callPackage ../../default.nix {};
 in
  writeShellScript "unittests" ''
    set -eu -o pipefail
-    export PATH=${lib.makeBinPath [ python3.pkgs.pytest coreutils systemd ]}
+    export PATH=${lib.makeBinPath [python3.pkgs.pytest coreutils systemd]}
    export SYSTEMD_VAULTD_BIN=${systemd-vaultd}/bin/systemd-vaultd
    export TMPDIR=$(mktemp -d)
    trap 'rm -rf $TMPDIR' EXIT
--- a/tests/test_blocking_secret.py
+++ b/tests/test_blocking_secret.py
@ -2,13 +2,11 @@ import subprocess
 from pathlib import Path
 import time

-from command import Command, run
+from command import Command
 from random_service import random_service


-def test_blocking_secret(
-    systemd_vaultd: Path, command: Command, tempdir: Path
-) -> None:
+def test_blocking_secret(systemd_vaultd: Path, command: Command, tempdir: Path) -> None:
    secrets_dir = tempdir / "secrets"
    sock = tempdir / "sock"
    command.run([str(systemd_vaultd), "-secrets", str(secrets_dir), "-sock", str(sock)])
--- a/tests/test_socket_activation.py
+++ b/tests/test_socket_activation.py
@ -7,8 +7,11 @@ from pathlib import Path
 from command import Command, run
 from random_service import random_service

+
 def test_socket_activation(
-        systemd_vaultd: Path, command: Command, tempdir: Path,
+    systemd_vaultd: Path,
+    command: Command,
+    tempdir: Path,
 ) -> None:
    secrets_dir = tempdir / "secrets"
    secrets_dir.mkdir()