Merge pull request #45 from numtide/feat/command-timeout

feat: add optional command timeout
main
Jörg Thalheim 1 year ago committed by GitHub
commit 5b2962d7cc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -94,6 +94,7 @@
machine.wait_for_unit("vault.service")
machine.wait_for_open_port(8200)
machine.wait_for_unit("setup-vault-agent-approle.service")
machine.wait_for_unit("vault-agent-default.service")
out = machine.wait_until_succeeds("grep -q bar /tmp/service1")

@ -29,33 +29,36 @@ let
services = config.systemd.services;
getSecretTemplate = serviceName: vaultConfig:
{
contents = vaultConfig.template;
destination = "/run/systemd-vaultd/secrets/${serviceName}.service.json";
perms = "0400";
}
// lib.optionalAttrs (vaultConfig.changeAction != null && vaultConfig.changeAction != "none") {
templateExec = serviceName: vaultConfig: { } //
lib.optionalAttrs (vaultConfig.changeAction != null && vaultConfig.changeAction != "none") {
exec = [
({
command = "systemctl ${
if vaultConfig.changeAction == "restart"
then "try-restart"
else "try-reload-or-restart"
} ${lib.escapeShellArg "${serviceName}.service"}";
} // lib.optionalAttrs
(vaultConfig.command_timeout != null)
{ timeout = vaultConfig.command_timeout; })
];
};
getSecretTemplate = serviceName: vaultConfig:
{
contents = vaultConfig.template;
destination = "/run/systemd-vaultd/secrets/${serviceName}.service.json";
perms = "0400";
}
// templateExec serviceName vaultConfig;
getEnvironmentTemplate = serviceName: vaultConfig:
{
contents = vaultConfig.environmentTemplate;
destination = "/run/systemd-vaultd/secrets/${serviceName}.service.EnvironmentFile";
perms = "0400";
}
// lib.optionalAttrs (vaultConfig.changeAction != null) {
command = "systemctl ${
if vaultConfig.changeAction == "restart"
then "try-restart"
else "try-reload-or-restart"
} ${lib.escapeShellArg "${serviceName}.service"}";
};
// templateExec serviceName vaultConfig;
vaultTemplates = config:
(lib.mapAttrsToList
@ -119,6 +122,15 @@ in
some-secret.template = ''{{ with secret "secret/some-secret" }}{{ .Data.data.some-key }}{{ end }}'';
};
};
command_timeout = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = ''
Maximum amount of time to wait for the optional command to return.
'';
};
};
config =
let

Loading…
Cancel
Save