From 94920217178e2fcae93b7e22f7e02e61da5eadd6 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Sat, 27 Apr 2024 12:50:58 +0200 Subject: [PATCH] Test terraform --- .github/workflows/build.yaml | 11 ++++++----- keys/module.nix | 15 ++++++++------- 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 5cc68a5..42e2e5b 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -29,8 +29,9 @@ jobs: with: name: nix-pizza authToken: ${{ steps.retrieve-cachix-auth-token.outputs.CACHIX_AUTH_TOKEN }} - - run: nix flake check -L - # - run: | - # source "$(nix build .#inject-secrets --no-link --print-out-paths)"/bin/install-agenix-shell - # nix run .#opentofu -- init - # nix run .#opentofu -- apply --auto-approve + # - run: nix flake check -L + - run: | + source "$(nix build .#inject-secrets --no-link --print-out-paths)"/bin/install-agenix-shell + TF_VAR_ssh_public_keys="$(nix build .#ssh-public-keys --no-link --print-out-paths)" + nix run .#opentofu -- init + nix run .#opentofu -- apply --auto-approve diff --git a/keys/module.nix b/keys/module.nix index a4f6bee..9aff4b1 100644 --- a/keys/module.nix +++ b/keys/module.nix @@ -1,4 +1,4 @@ -{ config, lib, ... }: { +topArgs@{ lib, ... }: { options.infra.sshKeys = lib.mkOption { type = lib.types.attrsOf (lib.types.submodule ({ config, ... }: { options = { @@ -27,14 +27,15 @@ description = "SSH keys"; }; - config.perSystem = { pkgs, ... }: { + config.perSystem = { config, pkgs, ... }: { + packages.ssh-public-keys = + let + keys = lib.filterAttrs (_: key: key.terraform) topArgs.config.infra.sshKeys; + in + pkgs.writers.writeJSON "ssh_public_keys.json" keys; devshells.default.env = [{ name = "TF_VAR_ssh_public_keys"; - value = - let - keys = lib.filterAttrs (_: key: key.terraform) config.infra.sshKeys; - in - pkgs.writers.writeJSON "ssh_public_keys.json" keys; + value = config.packages.ssh-public-keys; }]; };