Add deployment.keys.<name>.name

2021-12-05 01:14:12 -08:00 · 2021-12-05 01:14:12 -08:00 · 7433661aed
commit 7433661aed
parent fb69d701b3
6 changed files with 27 additions and 12 deletions
--- a/integration-tests/apply/hive.nix
+++ b/integration-tests/apply/hive.nix
@ -22,11 +22,15 @@ in {
    };
    users.groups.testgroup = {};

+    # /run/keys/custom-name
+    deployment.keys.original-name = {
+      name = "custom-name";
+      text = "@poison@";
+    };
+
    # /run/keys/key-text
    deployment.keys.key-text = {
-      text = ''
-        @poison@
-      '';
+      text = "@poison@";
    };

    # /tmp/another-key-dir/key-command
--- a/integration-tests/apply/test-script.py
+++ b/integration-tests/apply/test-script.py
@ -32,6 +32,7 @@ with subtest("Check that the new configurations are indeed applied"):

 with subtest("Check that key files have correct contents"):
    contents = {
+        "/run/keys/custom-name":            poison,
        "/run/keys/key-text":               poison,
        "/tmp/another-key-dir/key-command": "deployer",
        "/tmp/another-key-dir/key-file":    poison,
@ -46,6 +47,7 @@ with subtest("Check that key files have correct contents"):

 with subtest("Check that key files have correct permissions"):
    permissions = {
+        "/run/keys/custom-name":            "600 root root",
        "/run/keys/key-text":               "600 root root",
        "/tmp/another-key-dir/key-command": "600 root root",
        "/tmp/another-key-dir/key-file":    "600 root root",
--- a/src/nix/hive/eval.nix
+++ b/src/nix/hive/eval.nix
@ -16,7 +16,7 @@ let

  # Hive-wide options
  metaOptions = { lib, ... }: let
-    types = lib.types;
+    inherit (lib) types;
  in {
    options = {
      name = lib.mkOption {
@ -89,7 +89,7 @@ let
  #
  # Largely compatible with NixOps/Morph.
  deploymentOptions = { name, lib, ... }: let
-    types = lib.types;
+    inherit (lib) types;
  in {
    options = {
      deployment = {
@ -187,10 +187,17 @@ let
    };
  };

-  keyType = { lib, ... }: let
-    types = lib.types;
+  keyType = { lib, name, ... }: let
+    inherit (lib) types;
  in {
    options = {
+      name = lib.mkOption {
+        description = ''
+          File name of the key.
+        '';
+        default = name;
+        type = types.str;
+      };
      text = lib.mkOption {
        description = ''
          Content of the key.
--- a/src/nix/host/local.rs
+++ b/src/nix/host/local.rs
@ -106,8 +106,8 @@ impl Local {
            job.message(format!("Deploying key {}", name))?;
        }

-        let dest_path = key.dest_dir().join(name);
-        let key_script = format!("'{}'", key_uploader::generate_script(key, &dest_path, require_ownership));
+        let path = key.path();
+        let key_script = format!("'{}'", key_uploader::generate_script(key, &path, require_ownership));

        let mut command = Command::new("sh");

--- a/src/nix/host/ssh.rs
+++ b/src/nix/host/ssh.rs
@ -229,8 +229,8 @@ impl Ssh {
            job.message(format!("Uploading key {}", name))?;
        }

-        let dest_path = key.dest_dir().join(name);
-        let key_script = key_uploader::generate_script(key, &dest_path, require_ownership);
+        let path = key.path();
+        let key_script = key_uploader::generate_script(key, &path, require_ownership);

        let mut command = self.ssh(&["sh", "-c", &key_script]);

--- a/src/nix/key.rs
+++ b/src/nix/key.rs
@ -89,6 +89,8 @@ pub enum UploadAt {

 #[derive(Debug, Clone, Validate, Serialize, Deserialize)]
 pub struct Key {
+    name: String,
+
    #[serde(flatten)]
    source: KeySource,

@ -144,7 +146,7 @@ impl Key {
        }
    }

-    pub fn dest_dir(&self) -> &Path { &self.dest_dir }
+    pub fn path(&self) -> PathBuf { self.dest_dir.join(&self.name) }
    pub fn user(&self) -> &str { &self.user }
    pub fn group(&self) -> &str { &self.group }
    pub fn permissions(&self) -> &str { &self.permissions }