difftreelog
feat use fleet-tf
in: trunk
10 files changed
cmds/fleet/Cargo.tomldiffbeforeafterboth--- a/cmds/fleet/Cargo.toml
+++ b/cmds/fleet/Cargo.toml
@@ -45,10 +45,10 @@
human-repr = { version = "1.1", optional = true }
indicatif = { version = "0.18", optional = true }
nom = "8.0.0"
+opentelemetry = "0.30.0"
+opentelemetry_sdk = "0.30.0"
tracing-indicatif = { version = "0.3", optional = true }
tracing-opentelemetry = "0.31.0"
-opentelemetry = "0.30.0"
-opentelemetry_sdk = "0.30.0"
[features]
default = []
cmds/fleet/src/cmds/tf.rsdiffbeforeafterboth--- a/cmds/fleet/src/cmds/tf.rs
+++ b/cmds/fleet/src/cmds/tf.rs
@@ -38,7 +38,7 @@
{
debug!("generating terraform configs");
let system = &config.local_system;
- let config = &config.config_field;
+ let config = &config.flake_outputs;
let data = nix_go!(config.tf({ system }));
let data: PathBuf = spawn_blocking(move || data.build("out"))
.await
crates/fleet-base/src/host.rsdiffbeforeafterboth--- a/crates/fleet-base/src/host.rs
+++ b/crates/fleet-base/src/host.rs
@@ -34,6 +34,8 @@
pub nix_args: Vec<OsString>,
/// fleet_config.config
pub config_field: Value,
+ /// flake.output
+ pub flake_outputs: Value,
// TODO: Remove with connectivity refactor
pub localhost: String,
crates/fleet-base/src/opts.rsdiffbeforeafterboth--- a/crates/fleet-base/src/opts.rs
+++ b/crates/fleet-base/src/opts.rs
@@ -267,6 +267,7 @@
Ok(Config(Arc::new(FleetConfigInternals {
directory,
data,
+ flake_outputs: flake,
local_system: self.local_system.clone(),
nix_args,
config_field,
crates/fleet-shared/src/encoding.rsdiffbeforeafterboth--- a/crates/fleet-shared/src/encoding.rs
+++ b/crates/fleet-shared/src/encoding.rs
@@ -1,5 +1,7 @@
use std::{
- collections::BTreeMap, fmt::{self, Display}, str::FromStr
+ collections::BTreeMap,
+ fmt::{self, Display},
+ str::FromStr,
};
use base64::engine::{Engine, general_purpose::STANDARD_NO_PAD};
crates/nix-eval/src/logging.ccdiffbeforeafterboth--- a/crates/nix-eval/src/logging.cc
+++ b/crates/nix-eval/src/logging.cc
@@ -9,12 +9,14 @@
bool isVerbose() override { return true; }
void log(Verbosity lvl, std::string_view s) override {
- rust::Slice<const unsigned char> str(reinterpret_cast<const unsigned char*>(s.data()), s.size());
+ rust::Slice<const unsigned char> str(
+ reinterpret_cast<const unsigned char *>(s.data()), s.size());
emit_log(lvl, str);
}
void logEI(const ErrorInfo &ei) override {
auto s = ei.msg.str();
- rust::Slice<const unsigned char> str(reinterpret_cast<const unsigned char*>(s.data()), s.size());
+ rust::Slice<const unsigned char> str(
+ reinterpret_cast<const unsigned char *>(s.data()), s.size());
emit_log(ei.level, str);
}
@@ -27,7 +29,8 @@
b->add_int_field(f.i);
} else if (f.type == Logger::Field::tString) {
auto s = &f.s;
- rust::Slice<const unsigned char> str(reinterpret_cast<const unsigned char*>(s->data()), s->size());
+ rust::Slice<const unsigned char> str(
+ reinterpret_cast<const unsigned char *>(s->data()), s->size());
b->add_string_field(str);
} else {
unreachable();
@@ -45,7 +48,8 @@
b->add_int_field(f.i);
} else if (f.type == Logger::Field::tString) {
auto s = &f.s;
- rust::Slice<const unsigned char> str(reinterpret_cast<const unsigned char*>(s->data()), s->size());
+ rust::Slice<const unsigned char> str(
+ reinterpret_cast<const unsigned char *>(s->data()), s->size());
b->add_string_field(str);
} else {
unreachable();
flake.lockdiffbeforeafterboth--- a/flake.lock
+++ b/flake.lock
@@ -71,6 +71,31 @@
"url": "https://flakehub.com/f/hercules-ci/flake-parts/0.1"
}
},
+ "fleet-tf": {
+ "inputs": {
+ "flake-parts": [
+ "flake-parts"
+ ],
+ "nixpkgs": [
+ "nixpkgs"
+ ],
+ "shelly": [
+ "shelly"
+ ]
+ },
+ "locked": {
+ "lastModified": 1759080490,
+ "owner": "CertainLach",
+ "repo": "fleet-tf",
+ "rev": "878bd8c23933d628bf750378bbe527b841901c3d",
+ "type": "github"
+ },
+ "original": {
+ "owner": "CertainLach",
+ "repo": "fleet-tf",
+ "type": "github"
+ }
+ },
"git-hooks-nix": {
"inputs": {
"flake-compat": "flake-compat",
@@ -183,6 +208,7 @@
"inputs": {
"crane": "crane",
"flake-parts": "flake-parts",
+ "fleet-tf": "fleet-tf",
"nix": "nix",
"nixpkgs": "nixpkgs_2",
"rust-overlay": "rust-overlay",
flake.nixdiffbeforeafterboth1{2 description = "NixOS cluster configuration management";34 inputs = {5 nixpkgs.url = "github:nixos/nixpkgs/release-25.05";6 rust-overlay = {7 url = "github:oxalica/rust-overlay";8 inputs.nixpkgs.follows = "nixpkgs";9 };10 flake-parts = {11 url = "github:hercules-ci/flake-parts";12 inputs.nixpkgs-lib.follows = "nixpkgs";13 };14 crane.url = "github:ipetkov/crane";15 shelly.url = "github:CertainLach/shelly";16 treefmt-nix = {17 url = "github:numtide/treefmt-nix";18 inputs.nixpkgs.follows = "nixpkgs";19 };20 # DeterminateSystem's nix fork is controversial, but I don't mind it,21 # and it has lazy-trees support which is useful for fleet.22 nix.url = "github:deltarocks/nix/fleet";23 };24 outputs =25 inputs:26 inputs.flake-parts.lib.mkFlake27 {28 inherit inputs;29 }30 {31 imports = [ inputs.shelly.flakeModule ];32 flake = rec {33 lib =34 (import ./lib {35 inherit (inputs.nixpkgs) lib;36 })37 // {38 fleetConfiguration = throw "function-based interface is deprecated, use flake-parts syntax instead";39 };40 flakeModules.default = import ./lib/flakePart.nix {41 inherit (inputs) crane;42 };43 flakeModule = flakeModules.default;4445 fleetModules.tf = ./modules/extras/tf.nix;4647 # Used to test nix-eval bindings48 testData = {49 testObj = {50 v = "Hello";51 };52 testString = "hello";53 };5455 # To be used with https://github.com/NixOS/nix/pull/889256 schemas =57 let58 inherit (inputs.nixpkgs.lib) mapAttrs;59 in60 {61 fleetConfigurations = {62 version = 1;63 doc = ''64 The `fleetConfigurations` flake output defines fleet cluster configurations.65 '';66 inventory = output: {67 children = mapAttrs (configName: cluster: {68 what = "fleet cluster configuration";6970 children = mapAttrs (hostName: host: {71 what = "host [${host.system}]";72 }) cluster.config.hosts;73 # It is possible to implement this inventory right now, but I want to74 # get rid of `fleet.nix` file in the future.75 # children.secrets = { };76 }) output;77 };78 };79 };80 };81 # Supported and tested list of deployment targets.82 systems = [83 "x86_64-linux"84 "aarch64-linux"85 "armv7l-linux"86 "armv6l-linux"87 ];88 perSystem =89 {90 config,91 system,92 pkgs,93 self,94 inputs',95 ...96 }:97 let98 inherit (lib.attrsets) mapAttrs';99 inherit (lib.lists) elem;100 # Can also be built for darwin, through it is not usual to deploy nixos systems from macos machines.101 # I have no hardware for such testing, thus only adding machines I actually have and use.102 #103 # It is not possible to deploy any host from armv6/armv7 hardware, and I don't think it even makes sense.104 deployerSystems = [105 "aarch64-linux"106 "x86_64-linux"107 ];108 deployerSystem = elem system deployerSystems;109 lib = pkgs.lib;110 rust = pkgs.rust-bin.fromRustupToolchainFile ./rust-toolchain.toml;111 craneLib = (inputs.crane.mkLib pkgs).overrideToolchain rust;112 treefmt = (inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix).config.build;113 in114 {115 _module.args.pkgs = import inputs.nixpkgs {116 inherit system;117 overlays = [ (inputs.rust-overlay.overlays.default) (final: prev: {118 boehmgc = prev.boehmgc.overrideAttrs (prevAttrs: {119 configureFlags = prevAttrs.configureFlags ++ [120 "--enable-gc-assertions"121 ];122 });123 }) ];124 };125 # Reference fleet package should be built with nightly rust, specified in rust-toolchain.toml.126 packages = lib.mkIf deployerSystem (127 let128 packages = pkgs.callPackages ./pkgs {129 inherit craneLib inputs';130 };131 in132 packages // { default = packages.fleet; }133 );134 # fleet-install-secrets will not be built normally, because they are not ran directly by user most of the time.135 # checks there build packages for default nixpkgs rustPlatform packages.136 checks =137 let138 nixpkgsCraneLib = inputs.crane.mkLib pkgs;139 packages = pkgs.callPackages ./pkgs {140 craneLib = nixpkgsCraneLib;141 inherit inputs;142 };143 prefixAttrs =144 prefix: attrs:145 mapAttrs' (name: value: {146 name = "${prefix}${name}";147 value = value.overrideAttrs (prev: {148 pname = "${prefix}${prev.pname}";149 });150 }) attrs;151 in152 # fleet-install-secrets is installed to remote systems, thus needs to work153 # with rust in nixpkgs.154 (prefixAttrs "nixpkgs-" {155 inherit (packages) fleet-install-secrets;156 })157 // {158 formatting = treefmt.check self;159 };160 # TODO: It should be possible to move lib.mkIf to default attribute, instead of disabling the whole161 # devShells block, yet nix flake check fails here, due to no default shell found. It is nix or flake-parts bug?162 shelly.shells.default = lib.mkIf deployerSystem {163 factory = craneLib.devShell;164 packages = with pkgs; [165 rust166 cargo-edit167 cargo-udeps168 cargo-fuzz169 cargo-watch170 cargo-outdated171172 pkg-config173 openssl174 rustPlatform.bindgenHook175 inputs'.nix.packages.nix-expr-c176 inputs'.nix.packages.nix-flake-c177 inputs'.nix.packages.nix-fetchers-c178 ];179 environment.PROTOC = "${pkgs.protobuf}/bin/protoc";180 };181 formatter = treefmt.wrapper;182 };183 };184}1{2 description = "NixOS cluster configuration management";34 inputs = {5 nixpkgs.url = "github:nixos/nixpkgs/release-25.05";6 rust-overlay = {7 url = "github:oxalica/rust-overlay";8 inputs.nixpkgs.follows = "nixpkgs";9 };10 flake-parts = {11 url = "github:hercules-ci/flake-parts";12 inputs.nixpkgs-lib.follows = "nixpkgs";13 };14 crane.url = "github:ipetkov/crane";15 shelly.url = "github:CertainLach/shelly";16 fleet-tf = {17 url = "github:CertainLach/fleet-tf";18 inputs.nixpkgs.follows = "nixpkgs";19 inputs.shelly.follows = "shelly";20 inputs.flake-parts.follows = "flake-parts";21 };22 treefmt-nix = {23 url = "github:numtide/treefmt-nix";24 inputs.nixpkgs.follows = "nixpkgs";25 };26 # DeterminateSystem's nix fork is controversial, but I don't mind it,27 # and it has lazy-trees support which is useful for fleet.28 nix.url = "github:deltarocks/nix/fleet";29 };30 outputs =31 inputs:32 inputs.flake-parts.lib.mkFlake33 {34 inherit inputs;35 }36 {37 imports = [ inputs.shelly.flakeModule ];38 flake = rec {39 lib =40 (import ./lib {41 inherit (inputs.nixpkgs) lib;42 })43 // {44 fleetConfiguration = throw "function-based interface is deprecated, use flake-parts syntax instead";45 };46 flakeModules.default = import ./lib/flakePart.nix {47 inherit (inputs) crane;48 };49 flakeModule = flakeModules.default;5051 flakeModules.fleet-tf = ./modules/extras/tf.nix;5253 # Used to test nix-eval bindings54 testData = {55 testObj = {56 v = "Hello";57 };58 testString = "hello";59 };6061 # To be used with https://github.com/NixOS/nix/pull/889262 schemas =63 let64 inherit (inputs.nixpkgs.lib) mapAttrs;65 in66 {67 fleetConfigurations = {68 version = 1;69 doc = ''70 The `fleetConfigurations` flake output defines fleet cluster configurations.71 '';72 inventory = output: {73 children = mapAttrs (configName: cluster: {74 what = "fleet cluster configuration";7576 children = mapAttrs (hostName: host: {77 what = "host [${host.system}]";78 }) cluster.config.hosts;79 # It is possible to implement this inventory right now, but I want to80 # get rid of `fleet.nix` file in the future.81 # children.secrets = { };82 }) output;83 };84 };85 };86 };87 # Supported and tested list of deployment targets.88 systems = [89 "x86_64-linux"90 "aarch64-linux"91 "armv7l-linux"92 "armv6l-linux"93 ];94 perSystem =95 {96 config,97 system,98 pkgs,99 self,100 inputs',101 ...102 }:103 let104 inherit (lib.attrsets) mapAttrs';105 inherit (lib.lists) elem;106 # Can also be built for darwin, through it is not usual to deploy nixos systems from macos machines.107 # I have no hardware for such testing, thus only adding machines I actually have and use.108 #109 # It is not possible to deploy any host from armv6/armv7 hardware, and I don't think it even makes sense.110 deployerSystems = [111 "aarch64-linux"112 "x86_64-linux"113 ];114 deployerSystem = elem system deployerSystems;115 lib = pkgs.lib;116 rust = pkgs.rust-bin.fromRustupToolchainFile ./rust-toolchain.toml;117 craneLib = (inputs.crane.mkLib pkgs).overrideToolchain rust;118 treefmt = (inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix).config.build;119 in120 {121 _module.args.pkgs = import inputs.nixpkgs {122 inherit system;123 overlays = [124 (inputs.rust-overlay.overlays.default)125 (final: prev: {126 boehmgc = prev.boehmgc.overrideAttrs (prevAttrs: {127 configureFlags = prevAttrs.configureFlags ++ [128 "--enable-gc-assertions"129 ];130 });131 })132 ];133 };134 # Reference fleet package should be built with nightly rust, specified in rust-toolchain.toml.135 packages = lib.mkIf deployerSystem (136 let137 packages = pkgs.callPackages ./pkgs {138 inherit craneLib inputs';139 };140 in141 packages // { default = packages.fleet; }142 );143 # fleet-install-secrets will not be built normally, because they are not ran directly by user most of the time.144 # checks there build packages for default nixpkgs rustPlatform packages.145 checks =146 let147 nixpkgsCraneLib = inputs.crane.mkLib pkgs;148 packages = pkgs.callPackages ./pkgs {149 craneLib = nixpkgsCraneLib;150 inherit inputs;151 };152 prefixAttrs =153 prefix: attrs:154 mapAttrs' (name: value: {155 name = "${prefix}${name}";156 value = value.overrideAttrs (prev: {157 pname = "${prefix}${prev.pname}";158 });159 }) attrs;160 in161 # fleet-install-secrets is installed to remote systems, thus needs to work162 # with rust in nixpkgs.163 (prefixAttrs "nixpkgs-" {164 inherit (packages) fleet-install-secrets;165 })166 // {167 formatting = treefmt.check self;168 };169 # TODO: It should be possible to move lib.mkIf to default attribute, instead of disabling the whole170 # devShells block, yet nix flake check fails here, due to no default shell found. It is nix or flake-parts bug?171 shelly.shells.default = lib.mkIf deployerSystem {172 factory = craneLib.devShell;173 packages = with pkgs; [174 rust175 cargo-edit176 cargo-udeps177 cargo-fuzz178 cargo-watch179 cargo-outdated180181 pkg-config182 openssl183 rustPlatform.bindgenHook184 inputs'.nix.packages.nix-expr-c185 inputs'.nix.packages.nix-flake-c186 inputs'.nix.packages.nix-fetchers-c187 ];188 environment.PROTOC = "${pkgs.protobuf}/bin/protoc";189 };190 formatter = treefmt.wrapper;191 };192 };193}modules/extras/tf-bootstrap.nixdiffbeforeafterboth--- /dev/null
+++ b/modules/extras/tf-bootstrap.nix
@@ -0,0 +1,37 @@
+{
+ lib,
+ inputs',
+ pkgs,
+ config,
+ ...
+}:
+let
+ inherit (lib.options) mkOption mkPackageOption;
+ inherit (lib.types) listOf package functionTo;
+in
+{
+ options = {
+ tf.package = mkPackageOption pkgs "terraform" {
+ extraDescription = "Terraform package to use";
+ };
+ tf.providers = mkOption {
+ description = "List of used terraform providers";
+ type = functionTo (listOf package);
+ default = _: [ ];
+ };
+ tf.finalPackage = mkOption {
+ description = "Terraform package with all providers";
+ type = package;
+ };
+ };
+ config = {
+ tf.finalPackage = inputs'.fleet-tf.packages.terraform-locked.override {
+ inherit (config.tf) providers;
+ terraform = config.tf.package;
+ };
+ shelly.shells.default = {
+ packages = [ config.tf.finalPackage ];
+ };
+ packages.terraform = config.tf.finalPackage;
+ };
+}
modules/extras/tf.nixdiffbeforeafterboth--- a/modules/extras/tf.nix
+++ b/modules/extras/tf.nix
@@ -11,6 +11,7 @@
inherit (fleetLib.options) mkDataOption;
in
{
+
options = {
tf = mkOption {
type = deferredModule;
@@ -18,7 +19,7 @@
module: system:
inputs.terranix.lib.terranixConfiguration {
inherit system;
- pkgs = config.nixpkgs.buildUsing.legacyPackages.${system};
+ pkgs = inputs.nixpkgs.legacyPackages.${system};
modules = [
module
];
@@ -35,6 +36,8 @@
};
config = {
+ flake.tf = config.tf;
+
tf.output.fleet = {
value = {
managed = true;
@@ -43,6 +46,8 @@
# will be somehow processed by fleet tf.
sensitive = true;
};
- hosts = config.data.extra.terraformHosts;
+ fleetConfigurations.default.hosts = config.data.extra.terraformHosts;
+
+ perSystem.imports = [ ./tf-bootstrap.nix ];
};
}