syntactic sugar for long-syntax secrets

2024-08-04 15:28:22 +00:00 · 2024-08-04 15:28:22 +00:00 · f216ec0277
commit f216ec0277
parent 5a5ed5202f
2 changed files with 9 additions and 8 deletions
--- a/src/haskell/testdata/Arion/NixSpec/arion-context-compose.nix
+++ b/src/haskell/testdata/Arion/NixSpec/arion-context-compose.nix
@ -6,15 +6,14 @@
    ports = [
      "8080:80"
    ];
-    secrets = [
-      {
-        source = "foo";
+    secrets = {
+      "foo" = {
        target = "/run/secrets/foo";
        uid = "123";
        gid = "123";
        mode = "0440";
-      }
-    ];
+      };
+    };
  };
  secrets.foo.environment = "FOO";
 }
--- a/src/nix/modules/service/docker-compose-service.nix
+++ b/src/nix/modules/service/docker-compose-service.nix
@ -128,7 +128,7 @@ in
            '';
          };
          secrets = mkOption {
-            type = nullOr (listOf (either str serviceSecretType));
+            type = nullOr (either (listOf str) (attrsOf serviceSecretType));
            default = null;
            description = ''
              Build-time secrets exposed to the service.
@ -138,7 +138,7 @@ in
      });
    };
    service.secrets = mkOption {
-      type = nullOr (listOf (either str serviceSecretType));
+      type = nullOr (either (listOf str) (attrsOf serviceSecretType));
      default = [];
      description = ''
        Run-time secrets exposed to the service.
@ -451,7 +451,9 @@ in
  } // lib.optionalAttrs (config.service.extra_hosts != []) {
    inherit (config.service) extra_hosts;
  } // lib.optionalAttrs (config.service.secrets != []) {
-    secrets = lib.lists.map (s: {
+    secrets = lib.mapAttrsToList (k: s: {
+      source = k;
+      target = k;
    } // lib.optionalAttrs (s.source != null) {
      inherit (s) source;
    } // lib.optionalAttrs (s.target != null) {