ghoscht/arion
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix types of long-syntax secrets: uid/gid should output strings, service secrets lists

Browse source
This commit is contained in:
Kiara Grouwstra 2024-08-04 15:20:41 +00:00
parent f2dc1d0996
commit 5a5ed5202f
3 changed files with 31 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
src/haskell/testdata/Arion/NixSpec/arion-context-compose.json vendored
View file

@ -22,15 +22,15 @@
"ports": [ "ports": [
"8080:80" "8080:80"
], ],
"secrets": { "secrets": [
"foo": { {
"gid": 123, "gid": "123",
"mode": "0440", "mode": "0440",
"source": "web_cache_redis_secret", "source": "foo",
"target": "/run/secrets/web_cache_redis_secret", "target": "/run/secrets/foo",
"uid": 123 "uid": "123"
} }
}, ],
"sysctls": {}, "sysctls": {},
"volumes": [] "volumes": []
} }

16
src/haskell/testdata/Arion/NixSpec/arion-context-compose.nix vendored
View file

@ -6,15 +6,15 @@
ports = [ ports = [
"8080:80" "8080:80"
]; ];
secrets = { secrets = [
foo = { {
source = "web_cache_redis_secret"; source = "foo";
target = "/run/secrets/web_cache_redis_secret"; target = "/run/secrets/foo";
uid = 123; uid = "123";
gid = 123; gid = "123";
mode = "0440"; mode = "0440";
}; }
}; ];
}; };
secrets.foo.environment = "FOO"; secrets.foo.environment = "FOO";
} }

21
src/nix/modules/service/docker-compose-service.nix
View file

@ -31,12 +31,12 @@ let
description = serviceRef "secrets"; description = serviceRef "secrets";
}; };
uid = mkOption { uid = mkOption {
type = nullOr (either str int); type = nullOr str;
default = null; default = null;
description = serviceRef "secrets"; description = serviceRef "secrets";
}; };
gid = mkOption { gid = mkOption {
type = nullOr (either str int); type = nullOr str;
default = null; default = null;
description = serviceRef "secrets"; description = serviceRef "secrets";
}; };
@ -128,7 +128,7 @@ in
''; '';
}; };
secrets = mkOption { secrets = mkOption {
type = nullOr (either (listOf str) (attrsOf serviceSecretType)); type = nullOr (listOf (either str serviceSecretType));
default = null; default = null;
description = '' description = ''
Build-time secrets exposed to the service. Build-time secrets exposed to the service.
@ -138,7 +138,7 @@ in
}); });
}; };
service.secrets = mkOption { service.secrets = mkOption {
type = either (listOf str) (attrsOf serviceSecretType); type = nullOr (listOf (either str serviceSecretType));
default = []; default = [];
description = '' description = ''
Run-time secrets exposed to the service. Run-time secrets exposed to the service.
@ -451,7 +451,18 @@ in
} // lib.optionalAttrs (config.service.extra_hosts != []) { } // lib.optionalAttrs (config.service.extra_hosts != []) {
inherit (config.service) extra_hosts; inherit (config.service) extra_hosts;
} // lib.optionalAttrs (config.service.secrets != []) { } // lib.optionalAttrs (config.service.secrets != []) {
inherit (config.service) secrets; secrets = lib.lists.map (s: {
} // lib.optionalAttrs (s.source != null) {
inherit (s) source;
} // lib.optionalAttrs (s.target != null) {
inherit (s) target;
} // lib.optionalAttrs (s.uid != null) {
inherit (s) uid;
} // lib.optionalAttrs (s.gid != null) {
inherit (s) gid;
} // lib.optionalAttrs (s.mode != null) {
inherit (s) mode;
}) config.service.secrets;
} // lib.optionalAttrs (config.service.hostname != null) { } // lib.optionalAttrs (config.service.hostname != null) {
inherit (config.service) hostname; inherit (config.service) hostname;
} // lib.optionalAttrs (config.service.dns != []) { } // lib.optionalAttrs (config.service.dns != []) {