git.delta.rocks / jrsonnet / refs/commits / 75ab1d080b42

difftreelog

feat explicit managed marker

kyyyxoxpYaroslav Bolyukin2025-11-11parent: #4eb6f73.patch.diff
in: trunk

2 files changed

modifiedmodules/nixos/secrets.nixdiffbeforeafterboth
139      };139      };
140      config.parts = mkMerge [140      config.parts = mkMerge [
141        (mkIf (config.generator != null && config.generator ? parts) config.generator.parts)141        (mkIf (config.generator != null && config.generator ? parts) config.generator.parts)
142        (mapAttrs (_: _: {}) (removeAttrs sysConfig.data.secrets.${secretName} ["shared"]))142        (mapAttrs (_: _: {}) (removeAttrs sysConfig.data.secrets.${secretName} ["shared" "managed"]))
143      ];143      ];
144    }144    }
145  );145  );
modifiedmodules/secrets-data.nixdiffbeforeafterboth
--- a/modules/secrets-data.nix
+++ b/modules/secrets-data.nix
@@ -38,6 +38,12 @@
   sharedSecretData = {
     freeformType = attrsOf (submodule secretDataValue);
     options = {
+      managed = mkOption {
+        type = nullOr bool;
+        description = "Is current fleet data value is generated by generator";
+        default = null;
+      };
+
       createdAt = mkOption {
         type = str;
         description = "Timestamp of secret generation/last rotation.";