difftreelog
fix secret generation
in: trunk
3 files changed
crates/fleet-base/src/host.rsdiffbeforeafterboth--- a/crates/fleet-base/src/host.rs
+++ b/crates/fleet-base/src/host.rs
@@ -61,6 +61,7 @@
pub host_config: Option<Value>,
pub nixos_config: OnceCell<Value>,
+ pub pkgs_override: Option<Value>,
// TODO: Move command helpers away with connectivity refactor
pub local: bool,
@@ -297,6 +298,9 @@
/// Packages for this host, resolved with nixpkgs overlays
pub async fn pkgs(&self) -> Result<Value> {
+ if let Some(value) = &self.pkgs_override {
+ return Ok(value.clone());
+ }
let Some(host_config) = &self.host_config else {
bail!("local host has no host_config");
};
@@ -310,8 +314,6 @@
ConfigHost {
config: self.clone(),
name: "<virtual localhost>".to_owned(),
- local: true,
- session: OnceLock::new(),
host_config: None,
nixos_config: OnceCell::new(),
groups: {
@@ -319,6 +321,10 @@
let _ = cell.set(vec![]);
cell
},
+ pkgs_override: Some(self.default_pkgs.clone()),
+
+ local: true,
+ session: OnceLock::new(),
}
}
@@ -332,7 +338,8 @@
host_config: Some(host_config),
nixos_config: OnceCell::new(),
groups: OnceCell::new(),
-
+ pkgs_override: None,
+
// TODO: Remove with connectivit refactor
local: self.localhost == name,
session: OnceLock::new(),
crates/fleet-base/src/opts.rsdiffbeforeafterboth1use std::{2 collections::BTreeMap,3 env::current_dir,4 ffi::OsString,5 str::FromStr,6 sync::{Arc, Mutex},7};89use anyhow::Result;10use clap::Parser;11use nix_eval::{nix_go, nix_go_json, util::assert_warn, NixSessionPool, Value};12use nom::{13 bytes::complete::take_while1,14 character::complete::char,15 combinator::{map, opt},16 multi::separated_list1,17 sequence::{preceded, separated_pair},18};1920use crate::{21 fleetdata::FleetData,22 host::{Config, ConfigHost, FleetConfigInternals},23};2425#[derive(Clone)]26pub enum HostItem {27 Host {28 name: String,29 attrs: BTreeMap<String, String>,30 },31 Tag {32 name: String,33 attrs: BTreeMap<String, String>,34 },35}36fn host_item_parser(input: &str) -> Result<HostItem, String> {37 fn err_to_string(err: nom::Err<nom::error::Error<&str>>) -> String {38 err.to_string()39 }4041 let (input, is_tag) = map(opt(char('@')), |c| c.is_some())(input).map_err(err_to_string)?;42 let (input, name) = map(43 take_while1(|v| v != ',' && v != '?' && v != '@'),44 str::to_owned,45 )(input)46 .map_err(err_to_string)?;4748 let kw_item = separated_pair(49 map(take_while1(|v| v != '&' && v != '='), str::to_owned),50 char('='),51 map(take_while1(|v| v != '&'), str::to_owned),52 );53 let kw = map(separated_list1(char('&'), kw_item), |vec| {54 vec.into_iter().collect::<BTreeMap<_, _>>()55 });56 let mut opt_kw = map(opt(preceded(char('?'), kw)), Option::unwrap_or_default);5758 let (input, attrs) = opt_kw(input).map_err(err_to_string)?;5960 if !input.is_empty() {61 return Err(format!("unexpected trailing input: {input:?}"));62 }63 Ok(if is_tag {64 HostItem::Tag { name, attrs }65 } else {66 HostItem::Host { name, attrs }67 })68}6970// TODO: Rename to HostSelector71#[derive(Parser, Clone)]72pub struct FleetOpts {73 /// All hosts except those would be skipped74 #[clap(long, number_of_values = 1, value_parser = host_item_parser)]75 pub only: Vec<HostItem>,7677 /// Hosts to skip78 #[clap(long, number_of_values = 1)]79 pub skip: Vec<String>,8081 /// Host, which should be threaten as current machine82 // TODO: Replace with connectivity refactor83 #[clap(long, default_value_t = hostname::get().expect("unknown hostname").to_str().expect("hostname is not utf-8").to_owned())]84 pub localhost: String,8586 /// Override detected system for host, to perform builds via87 /// binfmt-declared qemu instead of trying to crosscompile88 // TODO: Remove, as it is not used anymore.89 #[clap(long, default_value = "detect")]90 pub local_system: String,91}9293impl FleetOpts {94 pub async fn should_skip(&self, host: &ConfigHost) -> Result<bool> {95 if self.skip.iter().any(|h| h as &str == host.name) {96 return Ok(true);97 }98 if self.only.is_empty() {99 return Ok(false);100 }101 let mut have_group_matches = false;102 for item in self.only.iter() {103 match item {104 HostItem::Host { name, .. } if *name == host.name => {105 return Ok(false);106 }107 HostItem::Tag { .. } => {108 have_group_matches = true;109 }110 _ => {}111 }112 }113 if have_group_matches {114 let host_tags = host.tags().await?;115 for item in self.only.iter() {116 match item {117 HostItem::Tag { name, .. } if host_tags.contains(name) => {118 return Ok(false);119 }120 _ => {}121 }122 }123 }124 Ok(true)125 }126 pub async fn action_attr<T: FromStr>(&self, host: &ConfigHost, attr: &str) -> Result<Option<T>>127 where128 T::Err: Sync,129 anyhow::Error: From<T::Err>,130 {131 let str = self.action_attr_str(host, attr).await?;132 Ok(str.map(|v| T::from_str(&v)).transpose()?)133 }134 pub async fn action_attr_str(&self, host: &ConfigHost, attr: &str) -> Result<Option<String>> {135 if self.only.is_empty() {136 return Ok(None);137 }138 let mut have_group_matches = false;139 for item in self.only.iter() {140 match item {141 HostItem::Host { name, attrs }142 if *name == host.name && attrs.contains_key(attr) =>143 {144 return Ok(attrs.get(attr).cloned());145 }146 HostItem::Tag { attrs, .. } if attrs.contains_key(attr) => {147 have_group_matches = true;148 }149 _ => {}150 }151 }152 if have_group_matches {153 let host_tags = host.tags().await?;154 for item in self.only.iter() {155 match item {156 HostItem::Tag { name, attrs }157 if host_tags.contains(name) && attrs.contains_key(attr) =>158 {159 return Ok(attrs.get(attr).cloned());160 }161 _ => {}162 }163 }164 }165 Ok(None)166 }167 pub fn is_local(&self, host: &str) -> bool {168 self.localhost == host169 }170171 // TODO: Config should be detached from opts.172 pub async fn build(&self, nix_args: Vec<OsString>) -> Result<Config> {173 let directory = current_dir()?;174175 let pool = NixSessionPool::new(directory.as_os_str().to_owned(), nix_args.clone()).await?;176 let root_field = pool.get().await?;177178 let builtins_field = Value::binding(root_field.clone(), "builtins").await?;179 let local_system = if self.local_system == "detect" {180 nix_go_json!(builtins_field.currentSystem)181 } else {182 self.local_system.clone()183 };184185 let mut fleet_data_path = directory.clone();186 fleet_data_path.push("fleet.nix");187 let bytes = std::fs::read_to_string(fleet_data_path)?;188 let data: Mutex<FleetData> = nixlike::parse_str(&bytes)?;189190 let fleet_root = Value::binding(root_field, "fleetConfigurations").await?;191 let fleet_field = nix_go!(fleet_root.default({ data }));192193 let config_field = nix_go!(fleet_field.config);194195 assert_warn("fleet config evaluation", &config_field).await?;196197 let import = nix_go!(builtins_field.import);198 let overlays = nix_go!(config_field.nixpkgs.overlays);199 let nixpkgs = nix_go!(fleet_field.nixpkgs.buildUsing | import);200201 let default_pkgs = nix_go!(nixpkgs(Obj {202 overlays,203 system: { self.local_system.clone() },204 }));205206 Ok(Config(Arc::new(FleetConfigInternals {207 directory,208 data,209 local_system,210 nix_args,211 config_field,212 default_pkgs,213 localhost: self.localhost.to_owned(),214 })))215 }216}1use std::{2 collections::BTreeMap,3 env::current_dir,4 ffi::OsString,5 str::FromStr,6 sync::{Arc, Mutex},7};89use anyhow::Result;10use clap::Parser;11use nix_eval::{nix_go, nix_go_json, util::assert_warn, NixSessionPool, Value};12use nom::{13 bytes::complete::take_while1,14 character::complete::char,15 combinator::{map, opt},16 multi::separated_list1,17 sequence::{preceded, separated_pair},18};1920use crate::{21 fleetdata::FleetData,22 host::{Config, ConfigHost, FleetConfigInternals},23};2425#[derive(Clone)]26pub enum HostItem {27 Host {28 name: String,29 attrs: BTreeMap<String, String>,30 },31 Tag {32 name: String,33 attrs: BTreeMap<String, String>,34 },35}36fn host_item_parser(input: &str) -> Result<HostItem, String> {37 fn err_to_string(err: nom::Err<nom::error::Error<&str>>) -> String {38 err.to_string()39 }4041 let (input, is_tag) = map(opt(char('@')), |c| c.is_some())(input).map_err(err_to_string)?;42 let (input, name) = map(43 take_while1(|v| v != ',' && v != '?' && v != '@'),44 str::to_owned,45 )(input)46 .map_err(err_to_string)?;4748 let kw_item = separated_pair(49 map(take_while1(|v| v != '&' && v != '='), str::to_owned),50 char('='),51 map(take_while1(|v| v != '&'), str::to_owned),52 );53 let kw = map(separated_list1(char('&'), kw_item), |vec| {54 vec.into_iter().collect::<BTreeMap<_, _>>()55 });56 let mut opt_kw = map(opt(preceded(char('?'), kw)), Option::unwrap_or_default);5758 let (input, attrs) = opt_kw(input).map_err(err_to_string)?;5960 if !input.is_empty() {61 return Err(format!("unexpected trailing input: {input:?}"));62 }63 Ok(if is_tag {64 HostItem::Tag { name, attrs }65 } else {66 HostItem::Host { name, attrs }67 })68}6970// TODO: Rename to HostSelector71#[derive(Parser, Clone)]72pub struct FleetOpts {73 /// All hosts except those would be skipped74 #[clap(long, number_of_values = 1, value_parser = host_item_parser)]75 pub only: Vec<HostItem>,7677 /// Hosts to skip78 #[clap(long, number_of_values = 1)]79 pub skip: Vec<String>,8081 /// Host, which should be threaten as current machine82 // TODO: Replace with connectivity refactor83 #[clap(long, default_value_t = hostname::get().expect("unknown hostname").to_str().expect("hostname is not utf-8").to_owned())]84 pub localhost: String,8586 /// Override detected system for host, to perform builds via87 /// binfmt-declared qemu instead of trying to crosscompile88 // TODO: Remove, as it is not used anymore.89 #[clap(long, default_value = "detect")]90 pub local_system: String,91}9293impl FleetOpts {94 pub async fn should_skip(&self, host: &ConfigHost) -> Result<bool> {95 if self.skip.iter().any(|h| h as &str == host.name) {96 return Ok(true);97 }98 if self.only.is_empty() {99 return Ok(false);100 }101 let mut have_group_matches = false;102 for item in self.only.iter() {103 match item {104 HostItem::Host { name, .. } if *name == host.name => {105 return Ok(false);106 }107 HostItem::Tag { .. } => {108 have_group_matches = true;109 }110 _ => {}111 }112 }113 if have_group_matches {114 let host_tags = host.tags().await?;115 for item in self.only.iter() {116 match item {117 HostItem::Tag { name, .. } if host_tags.contains(name) => {118 return Ok(false);119 }120 _ => {}121 }122 }123 }124 Ok(true)125 }126 pub async fn action_attr<T: FromStr>(&self, host: &ConfigHost, attr: &str) -> Result<Option<T>>127 where128 T::Err: Sync,129 anyhow::Error: From<T::Err>,130 {131 let str = self.action_attr_str(host, attr).await?;132 Ok(str.map(|v| T::from_str(&v)).transpose()?)133 }134 pub async fn action_attr_str(&self, host: &ConfigHost, attr: &str) -> Result<Option<String>> {135 if self.only.is_empty() {136 return Ok(None);137 }138 let mut have_group_matches = false;139 for item in self.only.iter() {140 match item {141 HostItem::Host { name, attrs }142 if *name == host.name && attrs.contains_key(attr) =>143 {144 return Ok(attrs.get(attr).cloned());145 }146 HostItem::Tag { attrs, .. } if attrs.contains_key(attr) => {147 have_group_matches = true;148 }149 _ => {}150 }151 }152 if have_group_matches {153 let host_tags = host.tags().await?;154 for item in self.only.iter() {155 match item {156 HostItem::Tag { name, attrs }157 if host_tags.contains(name) && attrs.contains_key(attr) =>158 {159 return Ok(attrs.get(attr).cloned());160 }161 _ => {}162 }163 }164 }165 Ok(None)166 }167 pub fn is_local(&self, host: &str) -> bool {168 self.localhost == host169 }170171 // TODO: Config should be detached from opts.172 pub async fn build(&self, nix_args: Vec<OsString>) -> Result<Config> {173 let directory = current_dir()?;174175 let pool = NixSessionPool::new(directory.as_os_str().to_owned(), nix_args.clone()).await?;176 let root_field = pool.get().await?;177178 let builtins_field = Value::binding(root_field.clone(), "builtins").await?;179 let local_system = if self.local_system == "detect" {180 nix_go_json!(builtins_field.currentSystem)181 } else {182 self.local_system.clone()183 };184185 let mut fleet_data_path = directory.clone();186 fleet_data_path.push("fleet.nix");187 let bytes = std::fs::read_to_string(fleet_data_path)?;188 let data: Mutex<FleetData> = nixlike::parse_str(&bytes)?;189190 let fleet_root = Value::binding(root_field, "fleetConfigurations").await?;191 let fleet_field = nix_go!(fleet_root.default({ data }));192193 let config_field = nix_go!(fleet_field.config);194195 assert_warn("fleet config evaluation", &config_field).await?;196197 let import = nix_go!(builtins_field.import);198 let overlays = nix_go!(config_field.nixpkgs.overlays);199 let nixpkgs = nix_go!(config_field.nixpkgs.buildUsing | import);200201 let default_pkgs = nix_go!(nixpkgs(Obj {202 overlays,203 system: { local_system.clone() },204 }));205206 Ok(Config(Arc::new(FleetConfigInternals {207 directory,208 data,209 local_system,210 nix_args,211 config_field,212 default_pkgs,213 localhost: self.localhost.to_owned(),214 })))215 }216}lib/flakePart.nixdiffbeforeafterboth--- a/lib/flakePart.nix
+++ b/lib/flakePart.nix
@@ -9,7 +9,6 @@
inherit (lib.attrsets) mapAttrs;
inherit (lib.types) lazyAttrsOf deferredModule unspecified;
inherit (lib.strings) isPath;
- inherit (fleetLib.options) mkHostsOption;
in {
options.fleetModules = mkOption {
type = lazyAttrsOf unspecified;
@@ -42,20 +41,18 @@
++ [
module
{
- options.hosts = mkHostsOption {
- nixos.nixpkgs.overlays = [
+ config = {
+ data =
+ if isPath data
+ then import data
+ else data;
+ nixpkgs.overlays = [
(final: prev:
import ../pkgs {
inherit (prev) callPackage;
craneLib = crane.mkLib prev;
})
];
- };
- config = {
- data =
- if isPath data
- then import data
- else data;
};
}
];