chore: get secrets via input, mock for CI

this fixes CI, yay!
2026-03-16 10:11:08 +01:00 · 2023-06-27 17:57:42 +02:00
parent d0edb9c915
commit 3138fd23ef
32 changed files with 203 additions and 111 deletions
--- a/flake.nix
+++ b/flake.nix
@@ -13,6 +13,7 @@
    nixpkgs-unstable.url = "github:NixOS/nixpkgs/master";
    nur.url = "github:nix-community/NUR";
    recht.url = "github:kmein/recht";
+    secrets.url = "path:./secrets";
    scripts.url = "github:kmein/scripts";
    retiolum.url = "git+https://git.thalheim.io/Mic92/retiolum";
    rust-overlay.url = "github:oxalica/rust-overlay";
@@ -38,6 +39,7 @@
    scripts.inputs.flake-utils.follows = "flake-utils";
    scripts.inputs.nixpkgs.follows = "nixpkgs";
    scripts.inputs.rust-overlay.follows = "rust-overlay";
+    secrets.flake = false;
    tinc-graph.inputs.flake-utils.follows = "flake-utils";
    tinc-graph.inputs.nixpkgs.follows = "nixpkgs";
    tinc-graph.inputs.rust-overlay.follows = "rust-overlay";
@@ -62,19 +64,27 @@
      apps =
        nixinate.nixinate.x86_64-linux self
        // {
-          x86_64-linux.deploy = let
+          x86_64-linux = let
            pkgs = nixpkgs.legacyPackages.x86_64-linux;
          in {
-            type = "app";
-            program = toString (pkgs.writers.writeDash "deploy" ''
-              if [ $# -eq 0 ]
-              then
-                systems='${toString (builtins.attrNames self.nixosConfigurations)}'
-              else
-                systems=$*
-              fi
-              ${pkgs.parallel}/bin/parallel --line-buffer --tagstring '{}' 'nix run .\?submodules=1\#apps.nixinate.{}' ::: $systems
-            '');
+            mock-secrets = {
+              type = "app";
+              program = toString (pkgs.writers.writeDash "mock-secrets" ''
+                ${pkgs.findutils}/bin/find secrets -not -path '*/.*' -type f  > secrets.txt
+              '');
+            };
+            deploy =  {
+              type = "app";
+              program = toString (pkgs.writers.writeDash "deploy" ''
+                if [ $# -eq 0 ]
+                then
+                  systems='${toString (builtins.attrNames self.nixosConfigurations)}'
+                else
+                  systems=$*
+                fi
+                ${pkgs.parallel}/bin/parallel --line-buffer --tagstring '{}' 'nix run .\?submodules=1\#apps.nixinate.{}' ::: $systems
+              '');
+            };
          };
        };