c68f5d1387
Closes #1032 Add `"check"` to the `onActivation.cleanup` enum. When set, nix-darwin runs `brew bundle cleanup` during system checks to detect Homebrew packages that are installed but not present in the generated Brewfile. If extra packages are found, activation fails with a list of them and remediation steps. Unlike `"uninstall"` and `"zap"`, the `"check"` mode never removes packages -- it only reports. This runs during both `darwin-rebuild check` and `darwin-rebuild switch`, matching the behavior of all other system checks.
19 lines
609 B
Nix
19 lines
609 B
Nix
{ config, ... }:
|
|
|
|
{
|
|
homebrew.enable = true;
|
|
homebrew.user = "test-homebrew-user";
|
|
homebrew.onActivation.cleanup = "check";
|
|
|
|
test = ''
|
|
echo "checking that cleanup check is present in system checks" >&2
|
|
grep 'brew bundle cleanup --file=' ${config.out}/activate
|
|
|
|
echo "checking that brew bundle command does not have --cleanup flag" >&2
|
|
if echo "${config.homebrew.onActivation.brewBundleCmd}" | grep -F -- '--cleanup' > /dev/null; then
|
|
echo "Expected no --cleanup flag in brewBundleCmd"
|
|
echo "Actual: ${config.homebrew.onActivation.brewBundleCmd}"
|
|
exit 1
|
|
fi
|
|
'';
|
|
}
|