Merge branch 'cachix:main' into mongo-improvements

cachix · Mar 1, 2024 · c33bef7 · c33bef7
2 parents b79443d + fa9a708
commit c33bef7
Show file tree

Hide file tree

Showing 5 changed files with 286 additions and 9 deletions.
diff --git a/docs/reference/options.md b/docs/reference/options.md
@@ -19,10 +19,195 @@ list of package
 
 
 
+## aws-vault.enable
+
+Whether to enable aws-vault integration.
+
+
+
+*Type:*
+boolean
+
+
+
+*Default:*
+` false `
+
+
+
+*Example:*
+` true `
+
+*Declared by:*
+ - [https://github.com/cachix/devenv/blob/main/src/modules/integrations/aws-vault.nix](https://github.com/cachix/devenv/blob/main/src/modules/integrations/aws-vault.nix)
+
+
+
+## aws-vault.package
+
+The aws-vault package to use.
+
+
+
+*Type:*
+package
+
+
+
+*Default:*
+` pkgs.aws-vault `
+
+*Declared by:*
+ - [https://github.com/cachix/devenv/blob/main/src/modules/integrations/aws-vault.nix](https://github.com/cachix/devenv/blob/main/src/modules/integrations/aws-vault.nix)
+
+
+
+## aws-vault.awscliWrapper
+
+Attribute set of packages including awscli2
+
+*Type:*
+submodule
+
+
+
+*Default:*
+` pkgs `
+
+*Declared by:*
+ - [https://github.com/cachix/devenv/blob/main/src/modules/integrations/aws-vault.nix](https://github.com/cachix/devenv/blob/main/src/modules/integrations/aws-vault.nix)
+
+
+
+## aws-vault.awscliWrapper.enable
+
+Whether to enable Wraps awscli2 binary as `aws-vault exec <profile> -- aws <args>`.
+.
+
+
+
+*Type:*
+boolean
+
+
+
+*Default:*
+` false `
+
+
+
+*Example:*
+` true `
+
+*Declared by:*
+ - [https://github.com/cachix/devenv/blob/main/src/modules/integrations/aws-vault.nix](https://github.com/cachix/devenv/blob/main/src/modules/integrations/aws-vault.nix)
+
+
+
+## aws-vault.awscliWrapper.package
+
+The awscli2 package to use.
+
+
+
+*Type:*
+package
+
+
+
+*Default:*
+` pkgs.awscli2 `
+
+*Declared by:*
+ - [https://github.com/cachix/devenv/blob/main/src/modules/integrations/aws-vault.nix](https://github.com/cachix/devenv/blob/main/src/modules/integrations/aws-vault.nix)
+
+
+
+## aws-vault.profile
+
+
+
+The profile name passed to ` aws-vault exec `.
+
+
+
+*Type:*
+string
+
+*Declared by:*
+ - [https://github.com/cachix/devenv/blob/main/src/modules/integrations/aws-vault.nix](https://github.com/cachix/devenv/blob/main/src/modules/integrations/aws-vault.nix)
+
+
+
+## aws-vault.terraformWrapper
+
+Attribute set of packages including terraform
+
+
+
+*Type:*
+submodule
+
+
+
+*Default:*
+` pkgs `
+
+*Declared by:*
+ - [https://github.com/cachix/devenv/blob/main/src/modules/integrations/aws-vault.nix](https://github.com/cachix/devenv/blob/main/src/modules/integrations/aws-vault.nix)
+
+
+
+## aws-vault.terraformWrapper.enable
+
+Whether to enable Wraps terraform binary as `aws-vault exec <profile> -- terraform <args>`.
+.
+
+
+
+*Type:*
+boolean
+
+
+
+*Default:*
+` false `
+
+
+
+*Example:*
+` true `
+
+*Declared by:*
+ - [https://github.com/cachix/devenv/blob/main/src/modules/integrations/aws-vault.nix](https://github.com/cachix/devenv/blob/main/src/modules/integrations/aws-vault.nix)
+
+
+
+## aws-vault.terraformWrapper.package
+
+The terraform package to use.
+
+
+
+*Type:*
+package
+
+
+
+*Default:*
+` pkgs.terraform `
+
+*Declared by:*
+ - [https://github.com/cachix/devenv/blob/main/src/modules/integrations/aws-vault.nix](https://github.com/cachix/devenv/blob/main/src/modules/integrations/aws-vault.nix)
+
+
+
 ## certificates
 
 List of domains to generate certificates for.
 
+
+
 *Type:*
 list of string
 
@@ -2081,8 +2266,6 @@ null or strings concatenated with “\\n”
 Options appended to the PHP configuration file `php.ini`.
 
 
-
-
 *Type:*
 strings concatenated with “\\n”
 
@@ -2342,6 +2525,8 @@ You need not specify the options `error_log` or `daemonize` here, since
 they are already set.
 
 
+
+
 *Type:*
 attribute set of (string or signed integer or boolean)
 
@@ -4663,8 +4848,6 @@ boolean
 
 ## pre-commit.settings.alejandra.exclude
 
-
-
 Files or directories to exclude from formatting.
 
 
@@ -4856,6 +5039,8 @@ boolean
 
 ## pre-commit.settings.clippy.denyWarnings
 
+
+
 Fail when warnings are present
 
 
@@ -6828,8 +7013,6 @@ one of “stderr”, “errfmt”, “json”
 
 ## pre-commit.settings.statix.ignore
 
-
-
 Globs of file patterns to skip.
 
 
@@ -7064,6 +7247,8 @@ boolean
 
 ## pre-commit.settings.typos.locale
 
+
+
 Which language to use for spell checking.
 
 

diff --git a/examples/aws-vault/devenv.nix b/examples/aws-vault/devenv.nix
@@ -0,0 +1,10 @@
+{ pkgs, ... }: {
+  languages.terraform.enable = true;
+
+  aws-vault = {
+    enable = true;
+    profile = "aws-profile";
+    awscliWrapper.enable = true;
+    terraformWrapper.enable = true;
+  };
+}
diff --git a/examples/aws-vault/devenv.yaml b/examples/aws-vault/devenv.yaml
@@ -0,0 +1,3 @@
+inputs:
+  nixpkgs:
+    url: github:NixOS/nixpkgs/nixpkgs-unstable
diff --git a/src/modules/integrations/aws-vault.nix b/src/modules/integrations/aws-vault.nix
@@ -0,0 +1,79 @@
+{ pkgs, config, lib, ... }:
+
+let
+  cfg = config.aws-vault;
+in
+{
+  options.aws-vault = {
+    enable = lib.mkEnableOption "aws-vault integration";
+
+    package = lib.mkOption {
+      type = lib.types.package;
+      default = pkgs.aws-vault;
+      defaultText = lib.literalExpression "pkgs.aws-vault";
+      description = "The aws-vault package to use.";
+    };
+
+    profile = lib.mkOption {
+      type = lib.types.str;
+      description = lib.mdDoc ''
+        The profile name passed to `aws-vault exec`.
+      '';
+    };
+
+    awscliWrapper = lib.mkOption {
+      type = lib.types.submodule {
+        options = {
+          enable = lib.mkEnableOption ''
+            Wraps awscli2 binary as `aws-vault exec <profile> -- aws <args>`.
+          '';
+
+          package = lib.mkOption {
+            type = lib.types.package;
+            default = pkgs.awscli2;
+            defaultText = lib.literalExpression "pkgs.awscli2";
+            description = "The awscli2 package to use.";
+          };
+        };
+      };
+      defaultText = lib.literalExpression "pkgs";
+      default = { };
+      description = "Attribute set of packages including awscli2";
+    };
+
+    terraformWrapper = lib.mkOption {
+      type = lib.types.submodule {
+        options = {
+          enable = lib.mkEnableOption ''
+            Wraps terraform binary as `aws-vault exec <profile> -- terraform <args>`.
+          '';
+
+          package = lib.mkOption {
+            type = lib.types.package;
+            default = pkgs.terraform;
+            defaultText = lib.literalExpression "pkgs.terraform";
+            description = "The terraform package to use.";
+          };
+        };
+      };
+      defaultText = lib.literalExpression "pkgs";
+      default = { };
+      description = "Attribute set of packages including terraform";
+    };
+  };
+
+  config = lib.mkMerge [
+    (lib.mkIf (cfg.enable && cfg.awscliWrapper.enable) {
+      packages = [
+        (pkgs.writeScriptBin "aws" ''
+          ${cfg.package}/bin/aws-vault exec ${cfg.profile} -- ${cfg.awscliWrapper.package}/bin/aws "$@"
+        '')
+      ];
+    })
+    (lib.mkIf (cfg.enable && cfg.terraformWrapper.enable) {
+      languages.terraform.package = pkgs.writeScriptBin "terraform" ''
+        ${cfg.package}/bin/aws-vault exec ${cfg.profile} -- ${cfg.terraformWrapper.package}/bin/terraform "$@"
+      '';
+    })
+  ];
+}
diff --git a/src/modules/languages/rust.nix b/src/modules/languages/rust.nix
@@ -98,9 +98,9 @@ in
       }
     ))
     (lib.mkIf (cfg.enable && pkgs.stdenv.isDarwin) {
-      env.RUSTFLAGS = [ "-L framework=${config.devenv.profile}/Library/Frameworks" ];
-      env.RUSTDOCFLAGS = [ "-L framework=${config.devenv.profile}/Library/Frameworks" ];
-      env.CFLAGS = [ "-iframework ${config.devenv.profile}/Library/Frameworks" ];
+      env.RUSTFLAGS = "-L framework=${config.devenv.profile}/Library/Frameworks";
+      env.RUSTDOCFLAGS = "-L framework=${config.devenv.profile}/Library/Frameworks";
+      env.CFLAGS = "-iframework ${config.devenv.profile}/Library/Frameworks";
     })
     (lib.mkIf (cfg.channel != "nixpkgs") (
       let