From 3c1b9197b08894d15ca73eeb04caa728ebea39ce Mon Sep 17 00:00:00 2001
From: Eduard Bopp <eduard.bopp@aepsil0n.de>
Date: Tue, 26 Jan 2021 13:25:51 +0100
Subject: [PATCH 1/3] Fix basic flake structure

This makes at least `nix flake show` work and some of the packages.
---
 flake.nix | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/flake.nix b/flake.nix
index 3880762..e2f15af 100644
--- a/flake.nix
+++ b/flake.nix
@@ -13,7 +13,9 @@
     forAllSystems = f: nixpkgs.lib.genAttrs systems (system: f system);
   in {
     nixosModules.sops = import ./modules/sops;
-    packages = forAllSystems (system: nixpkgs.legacyPackages.${system}.callPackage ./default.nix {});
+    packages = forAllSystems (system: import ./default.nix {
+      pkgs = import nixpkgs { inherit system; };
+    });
     defaultPackage = forAllSystems (system: self.packages.${system}.sops-init-gpg-key);
   };
 }

From 0be44e088b464d3f23e4d25ed3a5b5376cdd5001 Mon Sep 17 00:00:00 2001
From: Eduard Bopp <eduard.bopp@aepsil0n.de>
Date: Tue, 26 Jan 2021 14:20:27 +0100
Subject: [PATCH 2/3] Fix impurity in test invocation

The system must be specified, as its default is
`builtins.currentSystem`, which is disallowed as an impure function
during flake evaluation.
---
 pkgs/sops-install-secrets/nixos-test.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/pkgs/sops-install-secrets/nixos-test.nix b/pkgs/sops-install-secrets/nixos-test.nix
index 73147fe..ed3fbce 100644
--- a/pkgs/sops-install-secrets/nixos-test.nix
+++ b/pkgs/sops-install-secrets/nixos-test.nix
@@ -20,6 +20,7 @@
   '';
  } {
    inherit pkgs;
+   inherit (pkgs) system;
  };
 
  pgp-keys = makeTest {
@@ -73,5 +74,6 @@
   '';
  } {
    inherit pkgs;
+   inherit (pkgs) system;
  };
 }

From 5ad42ebfb3a26997aa5741e87df607baa39336b8 Mon Sep 17 00:00:00 2001
From: Eduard Bopp <eduard.bopp@aepsil0n.de>
Date: Tue, 26 Jan 2021 13:26:28 +0100
Subject: [PATCH 3/3] Add flake-based GitHub Actions workflow

---
 .github/workflows/test-flakes.yml | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 .github/workflows/test-flakes.yml

diff --git a/.github/workflows/test-flakes.yml b/.github/workflows/test-flakes.yml
new file mode 100644
index 0000000..faf1157
--- /dev/null
+++ b/.github/workflows/test-flakes.yml
@@ -0,0 +1,31 @@
+name: "Flake test"
+on:
+  pull_request:
+  schedule:
+    - cron:  '51 2 * * *'
+jobs:
+  tests:
+    strategy:
+      matrix:
+        os: [ ubuntu-latest, macos-latest ]
+    runs-on: ${{ matrix.os }}
+    steps:
+    - uses: actions/checkout@v2
+      with:
+          # Nix Flakes doesn't work on shallow clones
+          fetch-depth: 0
+    - uses: cachix/install-nix-action@v12
+      with:
+        install_url: https://github.com/numtide/nix-flakes-installer/releases/download/nix-2.4pre20201221_9fab14a/install
+        extra_nix_config: |
+          experimental-features = nix-command flakes
+          system-features = nixos-test benchmark big-parallel kvm
+    - name: Setup cachix
+      uses: cachix/cachix-action@v8
+      with:
+        name: mic92
+        signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
+    - name: List flake structure
+      run: nix flake show
+    - name: Run unit tests (flake)
+      run: nix build --no-link .#unit-tests -L