git.delta.rocks / jrsonnet / refs/commits / 8fa5c73b5fe4

difftreelog

feat use fleet-tf

usksyzorYaroslav Bolyukin2025-10-01parent: #1b17cca.patch.diff
in: trunk

10 files changed

modifiedcmds/fleet/Cargo.tomldiffbeforeafterboth
--- a/cmds/fleet/Cargo.toml
+++ b/cmds/fleet/Cargo.toml
@@ -45,10 +45,10 @@
 human-repr = { version = "1.1", optional = true }
 indicatif = { version = "0.18", optional = true }
 nom = "8.0.0"
+opentelemetry = "0.30.0"
+opentelemetry_sdk = "0.30.0"
 tracing-indicatif = { version = "0.3", optional = true }
 tracing-opentelemetry = "0.31.0"
-opentelemetry = "0.30.0"
-opentelemetry_sdk = "0.30.0"
 
 [features]
 default = []
modifiedcmds/fleet/src/cmds/tf.rsdiffbeforeafterboth
--- a/cmds/fleet/src/cmds/tf.rs
+++ b/cmds/fleet/src/cmds/tf.rs
@@ -38,7 +38,7 @@
 		{
 			debug!("generating terraform configs");
 			let system = &config.local_system;
-			let config = &config.config_field;
+			let config = &config.flake_outputs;
 			let data = nix_go!(config.tf({ system }));
 			let data: PathBuf = spawn_blocking(move || data.build("out"))
 				.await
modifiedcrates/fleet-base/src/host.rsdiffbeforeafterboth
--- a/crates/fleet-base/src/host.rs
+++ b/crates/fleet-base/src/host.rs
@@ -34,6 +34,8 @@
 	pub nix_args: Vec<OsString>,
 	/// fleet_config.config
 	pub config_field: Value,
+	/// flake.output
+	pub flake_outputs: Value,
 	// TODO: Remove with connectivity refactor
 	pub localhost: String,
modifiedcrates/fleet-base/src/opts.rsdiffbeforeafterboth
--- a/crates/fleet-base/src/opts.rs
+++ b/crates/fleet-base/src/opts.rs
@@ -267,6 +267,7 @@
 		Ok(Config(Arc::new(FleetConfigInternals {
 			directory,
 			data,
+			flake_outputs: flake,
 			local_system: self.local_system.clone(),
 			nix_args,
 			config_field,
modifiedcrates/fleet-shared/src/encoding.rsdiffbeforeafterboth
--- a/crates/fleet-shared/src/encoding.rs
+++ b/crates/fleet-shared/src/encoding.rs
@@ -1,5 +1,7 @@
 use std::{
-	collections::BTreeMap, fmt::{self, Display}, str::FromStr
+	collections::BTreeMap,
+	fmt::{self, Display},
+	str::FromStr,
 };
 
 use base64::engine::{Engine, general_purpose::STANDARD_NO_PAD};
modifiedcrates/nix-eval/src/logging.ccdiffbeforeafterboth
--- a/crates/nix-eval/src/logging.cc
+++ b/crates/nix-eval/src/logging.cc
@@ -9,12 +9,14 @@
 
   bool isVerbose() override { return true; }
   void log(Verbosity lvl, std::string_view s) override {
-    rust::Slice<const unsigned char> str(reinterpret_cast<const unsigned char*>(s.data()), s.size());
+    rust::Slice<const unsigned char> str(
+        reinterpret_cast<const unsigned char *>(s.data()), s.size());
     emit_log(lvl, str);
   }
   void logEI(const ErrorInfo &ei) override {
     auto s = ei.msg.str();
-    rust::Slice<const unsigned char> str(reinterpret_cast<const unsigned char*>(s.data()), s.size());
+    rust::Slice<const unsigned char> str(
+        reinterpret_cast<const unsigned char *>(s.data()), s.size());
     emit_log(ei.level, str);
   }
 
@@ -27,7 +29,8 @@
         b->add_int_field(f.i);
       } else if (f.type == Logger::Field::tString) {
         auto s = &f.s;
-        rust::Slice<const unsigned char> str(reinterpret_cast<const unsigned char*>(s->data()), s->size());
+        rust::Slice<const unsigned char> str(
+            reinterpret_cast<const unsigned char *>(s->data()), s->size());
         b->add_string_field(str);
       } else {
         unreachable();
@@ -45,7 +48,8 @@
         b->add_int_field(f.i);
       } else if (f.type == Logger::Field::tString) {
         auto s = &f.s;
-        rust::Slice<const unsigned char> str(reinterpret_cast<const unsigned char*>(s->data()), s->size());
+        rust::Slice<const unsigned char> str(
+            reinterpret_cast<const unsigned char *>(s->data()), s->size());
         b->add_string_field(str);
       } else {
         unreachable();
modifiedflake.lockdiffbeforeafterboth
--- a/flake.lock
+++ b/flake.lock
@@ -71,6 +71,31 @@
         "url": "https://flakehub.com/f/hercules-ci/flake-parts/0.1"
       }
     },
+    "fleet-tf": {
+      "inputs": {
+        "flake-parts": [
+          "flake-parts"
+        ],
+        "nixpkgs": [
+          "nixpkgs"
+        ],
+        "shelly": [
+          "shelly"
+        ]
+      },
+      "locked": {
+        "lastModified": 1759080490,
+        "owner": "CertainLach",
+        "repo": "fleet-tf",
+        "rev": "878bd8c23933d628bf750378bbe527b841901c3d",
+        "type": "github"
+      },
+      "original": {
+        "owner": "CertainLach",
+        "repo": "fleet-tf",
+        "type": "github"
+      }
+    },
     "git-hooks-nix": {
       "inputs": {
         "flake-compat": "flake-compat",
@@ -183,6 +208,7 @@
       "inputs": {
         "crane": "crane",
         "flake-parts": "flake-parts",
+        "fleet-tf": "fleet-tf",
         "nix": "nix",
         "nixpkgs": "nixpkgs_2",
         "rust-overlay": "rust-overlay",
modifiedflake.nixdiffbeforeafterboth
after · flake.nix
1{2  description = "NixOS cluster configuration management";34  inputs = {5    nixpkgs.url = "github:nixos/nixpkgs/release-25.05";6    rust-overlay = {7      url = "github:oxalica/rust-overlay";8      inputs.nixpkgs.follows = "nixpkgs";9    };10    flake-parts = {11      url = "github:hercules-ci/flake-parts";12      inputs.nixpkgs-lib.follows = "nixpkgs";13    };14    crane.url = "github:ipetkov/crane";15    shelly.url = "github:CertainLach/shelly";16    fleet-tf = {17      url = "github:CertainLach/fleet-tf";18      inputs.nixpkgs.follows = "nixpkgs";19      inputs.shelly.follows = "shelly";20      inputs.flake-parts.follows = "flake-parts";21    };22    treefmt-nix = {23      url = "github:numtide/treefmt-nix";24      inputs.nixpkgs.follows = "nixpkgs";25    };26    # DeterminateSystem's nix fork is controversial, but I don't mind it,27    # and it has lazy-trees support which is useful for fleet.28    nix.url = "github:deltarocks/nix/fleet";29  };30  outputs =31    inputs:32    inputs.flake-parts.lib.mkFlake33      {34        inherit inputs;35      }36      {37        imports = [ inputs.shelly.flakeModule ];38        flake = rec {39          lib =40            (import ./lib {41              inherit (inputs.nixpkgs) lib;42            })43            // {44              fleetConfiguration = throw "function-based interface is deprecated, use flake-parts syntax instead";45            };46          flakeModules.default = import ./lib/flakePart.nix {47            inherit (inputs) crane;48          };49          flakeModule = flakeModules.default;5051          flakeModules.fleet-tf = ./modules/extras/tf.nix;5253          # Used to test nix-eval bindings54          testData = {55            testObj = {56              v = "Hello";57            };58            testString = "hello";59          };6061          # To be used with https://github.com/NixOS/nix/pull/889262          schemas =63            let64              inherit (inputs.nixpkgs.lib) mapAttrs;65            in66            {67              fleetConfigurations = {68                version = 1;69                doc = ''70                  The `fleetConfigurations` flake output defines fleet cluster configurations.71                '';72                inventory = output: {73                  children = mapAttrs (configName: cluster: {74                    what = "fleet cluster configuration";7576                    children = mapAttrs (hostName: host: {77                      what = "host [${host.system}]";78                    }) cluster.config.hosts;79                    # It is possible to implement this inventory right now, but I want to80                    # get rid of `fleet.nix` file in the future.81                    # children.secrets = { };82                  }) output;83                };84              };85            };86        };87        # Supported and tested list of deployment targets.88        systems = [89          "x86_64-linux"90          "aarch64-linux"91          "armv7l-linux"92          "armv6l-linux"93        ];94        perSystem =95          {96            config,97            system,98            pkgs,99            self,100            inputs',101            ...102          }:103          let104            inherit (lib.attrsets) mapAttrs';105            inherit (lib.lists) elem;106            # Can also be built for darwin, through it is not usual to deploy nixos systems from macos machines.107            # I have no hardware for such testing, thus only adding machines I actually have and use.108            #109            # It is not possible to deploy any host from armv6/armv7 hardware, and I don't think it even makes sense.110            deployerSystems = [111              "aarch64-linux"112              "x86_64-linux"113            ];114            deployerSystem = elem system deployerSystems;115            lib = pkgs.lib;116            rust = pkgs.rust-bin.fromRustupToolchainFile ./rust-toolchain.toml;117            craneLib = (inputs.crane.mkLib pkgs).overrideToolchain rust;118            treefmt = (inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix).config.build;119          in120          {121            _module.args.pkgs = import inputs.nixpkgs {122              inherit system;123              overlays = [124                (inputs.rust-overlay.overlays.default)125                (final: prev: {126                  boehmgc = prev.boehmgc.overrideAttrs (prevAttrs: {127                    configureFlags = prevAttrs.configureFlags ++ [128                      "--enable-gc-assertions"129                    ];130                  });131                })132              ];133            };134            # Reference fleet package should be built with nightly rust, specified in rust-toolchain.toml.135            packages = lib.mkIf deployerSystem (136              let137                packages = pkgs.callPackages ./pkgs {138                  inherit craneLib inputs';139                };140              in141              packages // { default = packages.fleet; }142            );143            # fleet-install-secrets will not be built normally, because they are not ran directly by user most of the time.144            # checks there build packages for default nixpkgs rustPlatform packages.145            checks =146              let147                nixpkgsCraneLib = inputs.crane.mkLib pkgs;148                packages = pkgs.callPackages ./pkgs {149                  craneLib = nixpkgsCraneLib;150                  inherit inputs;151                };152                prefixAttrs =153                  prefix: attrs:154                  mapAttrs' (name: value: {155                    name = "${prefix}${name}";156                    value = value.overrideAttrs (prev: {157                      pname = "${prefix}${prev.pname}";158                    });159                  }) attrs;160              in161              # fleet-install-secrets is installed to remote systems, thus needs to work162              # with rust in nixpkgs.163              (prefixAttrs "nixpkgs-" {164                inherit (packages) fleet-install-secrets;165              })166              // {167                formatting = treefmt.check self;168              };169            # TODO: It should be possible to move lib.mkIf to default attribute, instead of disabling the whole170            # devShells block, yet nix flake check fails here, due to no default shell found. It is nix or flake-parts bug?171            shelly.shells.default = lib.mkIf deployerSystem {172              factory = craneLib.devShell;173              packages = with pkgs; [174                rust175                cargo-edit176                cargo-udeps177                cargo-fuzz178                cargo-watch179                cargo-outdated180181                pkg-config182                openssl183                rustPlatform.bindgenHook184                inputs'.nix.packages.nix-expr-c185                inputs'.nix.packages.nix-flake-c186                inputs'.nix.packages.nix-fetchers-c187              ];188              environment.PROTOC = "${pkgs.protobuf}/bin/protoc";189            };190            formatter = treefmt.wrapper;191          };192      };193}
addedmodules/extras/tf-bootstrap.nixdiffbeforeafterboth
--- /dev/null
+++ b/modules/extras/tf-bootstrap.nix
@@ -0,0 +1,37 @@
+{
+  lib,
+  inputs',
+  pkgs,
+  config,
+  ...
+}:
+let
+  inherit (lib.options) mkOption mkPackageOption;
+  inherit (lib.types) listOf package functionTo;
+in
+{
+  options = {
+    tf.package = mkPackageOption pkgs "terraform" {
+      extraDescription = "Terraform package to use";
+    };
+    tf.providers = mkOption {
+      description = "List of used terraform providers";
+      type = functionTo (listOf package);
+      default = _: [ ];
+    };
+    tf.finalPackage = mkOption {
+      description = "Terraform package with all providers";
+      type = package;
+    };
+  };
+  config = {
+    tf.finalPackage = inputs'.fleet-tf.packages.terraform-locked.override {
+      inherit (config.tf) providers;
+      terraform = config.tf.package;
+    };
+    shelly.shells.default = {
+      packages = [ config.tf.finalPackage ];
+    };
+    packages.terraform = config.tf.finalPackage;
+  };
+}
modifiedmodules/extras/tf.nixdiffbeforeafterboth
--- a/modules/extras/tf.nix
+++ b/modules/extras/tf.nix
@@ -11,6 +11,7 @@
   inherit (fleetLib.options) mkDataOption;
 in
 {
+
   options = {
     tf = mkOption {
       type = deferredModule;
@@ -18,7 +19,7 @@
         module: system:
         inputs.terranix.lib.terranixConfiguration {
           inherit system;
-          pkgs = config.nixpkgs.buildUsing.legacyPackages.${system};
+          pkgs = inputs.nixpkgs.legacyPackages.${system};
           modules = [
             module
           ];
@@ -35,6 +36,8 @@
   };
 
   config = {
+    flake.tf = config.tf;
+
     tf.output.fleet = {
       value = {
         managed = true;
@@ -43,6 +46,8 @@
       # will be somehow processed by fleet tf.
       sensitive = true;
     };
-    hosts = config.data.extra.terraformHosts;
+    fleetConfigurations.default.hosts = config.data.extra.terraformHosts;
+
+    perSystem.imports = [ ./tf-bootstrap.nix ];
   };
 }