From 39d8d19f48c884ca3a7c7bde54545c1975616b39 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Mar 2023 22:59:01 +0000 Subject: [PATCH 01/17] Bump github.com/joho/godotenv from 1.4.0 to 1.5.1 Bumps [github.com/joho/godotenv](https://github.com/joho/godotenv) from 1.4.0 to 1.5.1. - [Release notes](https://github.com/joho/godotenv/releases) - [Commits](https://github.com/joho/godotenv/compare/v1.4.0...v1.5.1) --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 921d09f..e74f857 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.17 require ( github.com/Mic92/ssh-to-age v0.0.0-20220621201837-f006bbe6b80b github.com/ProtonMail/go-crypto v0.0.0-20220623141421-5afb4c282135 - github.com/joho/godotenv v1.4.0 + github.com/joho/godotenv v1.5.1 github.com/mozilla-services/yaml v0.0.0-20201007153854-c369669a6625 go.mozilla.org/sops/v3 v3.7.3 golang.org/x/crypto v0.6.0 diff --git a/go.sum b/go.sum index ec23163..c839d43 100644 --- a/go.sum +++ b/go.sum @@ -402,8 +402,8 @@ github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9Y github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= -github.com/joho/godotenv v1.4.0 h1:3l4+N6zfMWnkbPEXKng2o2/MR5mSwTrBih4ZEkkz1lg= -github.com/joho/godotenv v1.4.0/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= +github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0= +github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= From fb481fc6e18814930e96fd10ee9d5b7cf1512709 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Mar 2023 22:59:20 +0000 Subject: [PATCH 02/17] Bump golang.org/x/sys from 0.5.0 to 0.6.0 Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.5.0 to 0.6.0. - [Release notes](https://github.com/golang/sys/releases) - [Commits](https://github.com/golang/sys/compare/v0.5.0...v0.6.0) --- go.mod | 2 +- go.sum | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/go.mod b/go.mod index e74f857..eb6c758 100644 --- a/go.mod +++ b/go.mod @@ -9,7 +9,7 @@ require ( github.com/mozilla-services/yaml v0.0.0-20201007153854-c369669a6625 go.mozilla.org/sops/v3 v3.7.3 golang.org/x/crypto v0.6.0 - golang.org/x/sys v0.5.0 + golang.org/x/sys v0.6.0 ) require ( diff --git a/go.sum b/go.sum index c839d43..d6e4364 100644 --- a/go.sum +++ b/go.sum @@ -803,8 +803,9 @@ golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220610221304-9f5ed59c137d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220624220833-87e55d714810/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= From bc2240899818312c5284f225966c6a9ce61843bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 18 Mar 2023 15:45:49 +0100 Subject: [PATCH 03/17] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/2ce9b9842b5e63884dfc3dea6689769e2a1ea309' (2023-03-11) → 'github:NixOS/nixpkgs/194c2aa446b2b059886bb68be15ef6736d5a8c31' (2023-03-16) • Updated input 'nixpkgs-stable': 'github:NixOS/nixpkgs/c34fc09c77172c4189df4594a0749e25a23cdd9b' (2023-03-12) → 'github:NixOS/nixpkgs/08ef7dc8334521605a5c8b7086cc248e74ee338b' (2023-03-18) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 54f6849..cc2bb5d 100644 --- a/flake.lock +++ b/flake.lock @@ -2,11 +2,11 @@ "nodes": { "nixpkgs": { "locked": { - "lastModified": 1678500213, - "narHash": "sha256-A5s2rXawJ+dCThkMXoMuYW8dgyUmkElcyfVJUot/Vr0=", + "lastModified": 1678987615, + "narHash": "sha256-lF4agoB7ysQGNHRXvOqxtSKIZrUZwClA85aASahQlYM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2ce9b9842b5e63884dfc3dea6689769e2a1ea309", + "rev": "194c2aa446b2b059886bb68be15ef6736d5a8c31", "type": "github" }, "original": { @@ -18,11 +18,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1678582009, - "narHash": "sha256-J8QzUOOv3/y97q19pGOz28gLC3lAUy1c4bWpsi5D460=", + "lastModified": 1679139072, + "narHash": "sha256-Gtw2Yj8DfETie3u7iHv1y5Wt+plGRmp6nTQ0EEfaPho=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c34fc09c77172c4189df4594a0749e25a23cdd9b", + "rev": "08ef7dc8334521605a5c8b7086cc248e74ee338b", "type": "github" }, "original": { From f5256e20817da9094d7530fc55f2d73ddc26dda9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 18 Mar 2023 15:52:15 +0100 Subject: [PATCH 04/17] bump vendorSha256 --- default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/default.nix b/default.nix index 9a0fa7e..f92a777 100644 --- a/default.nix +++ b/default.nix @@ -1,5 +1,5 @@ { pkgs ? import {} }: let - vendorSha256 = "sha256-LgpG8xp5dSW5PW3ZlUi88N8NcjV22pyfEJqMs+RWRpY="; + vendorSha256 = "sha256-54xjn5zAHfwxRvJnWGQx6d/51/1cDzBwxOLtcOfhvQ8="; buildGoModule = if pkgs.lib.versionOlder pkgs.go.version "1.18" then pkgs.buildGo118Module else pkgs.buildGoModule; sops-install-secrets = pkgs.callPackage ./pkgs/sops-install-secrets { From fc6bd2bdfedf2a67d41cc6339ffa241375832941 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 18 Mar 2023 15:54:42 +0100 Subject: [PATCH 05/17] drop deprecated overlay/devShell output --- flake.nix | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/flake.nix b/flake.nix index 7d9c3d1..bcc42e8 100644 --- a/flake.nix +++ b/flake.nix @@ -19,7 +19,7 @@ suffix-version = version: attrs: nixpkgs.lib.mapAttrs' (name: value: nixpkgs.lib.nameValuePair (name + version) value) attrs; suffix-stable = suffix-version "-22_11"; in { - overlay = final: prev: let + overlays.default = final: prev: let localPkgs = import ./default.nix {pkgs = final;}; in { inherit (localPkgs) sops-install-secrets sops-init-gpg-key sops-pgp-hook sops-import-keys-hook sops-ssh-to-age; @@ -46,12 +46,11 @@ (suffix-stable packages-stable)); defaultPackage = forAllSystems (system: self.packages.${system}.sops-init-gpg-key); - devShell = forAllSystems ( - system: - nixpkgs.legacyPackages.${system}.callPackage ./shell.nix {} - ); - devShells = forAllSystems (system: { - unit-tests = nixpkgs.legacyPackages.${system}.callPackage ./pkgs/unit-tests.nix {}; + devShells = forAllSystems (system: let + pkgs = nixpkgs.legacyPackages.${system}; + in { + unit-tests = pkgs.callPackage ./pkgs/unit-tests.nix {}; + default = pkgs.callPackage ./shell.nix {}; }); }; } From 95d9e958ba1d7f7c9e0f1147ee8cf9e7d0c9f36b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 18 Mar 2023 15:56:42 +0100 Subject: [PATCH 06/17] update bors.toml --- bors.toml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/bors.toml b/bors.toml index bca5cfa..6c367e5 100644 --- a/bors.toml +++ b/bors.toml @@ -13,14 +13,14 @@ status = [ "check pruning-22_11 [x86_64-linux]", "check restart-and-reload [x86_64-linux]", "check restart-and-reload-22_11 [x86_64-linux]", - "check sops-import-keys-hook-22_11 [x86_64-linux]", "check sops-init-gpg-key-22_11 [x86_64-linux]", + "check sops-install-secrets-22_11 [x86_64-linux]", "check sops-pgp-hook-test-22_11 [x86_64-linux]", - "check ssh-keys-22_11 [x86_64-linux]", + "check ssh-keys [x86_64-linux]", "check ssh-to-pgp-22_11 [x86_64-linux]", "check unit-tests-22_11 [x86_64-linux]", - "default devShell [x86_64-linux]", - "default package [x86_64-linux]", + "check user-passwords [x86_64-linux]", + "check user-passwords-22_11 [x86_64-linux]", "package cross-build [x86_64-linux]", "package lint [x86_64-linux]", "package sops-import-keys-hook [x86_64-linux]", From 7fbbdb5f73740057c64c4f3df32f9b4a3994b292 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 18 Mar 2023 15:02:55 +0000 Subject: [PATCH 07/17] Bump golang.org/x/crypto from 0.6.0 to 0.7.0 Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.6.0 to 0.7.0. - [Release notes](https://github.com/golang/crypto/releases) - [Commits](https://github.com/golang/crypto/compare/v0.6.0...v0.7.0) --- go.mod | 8 ++++---- go.sum | 17 +++++++++++------ 2 files changed, 15 insertions(+), 10 deletions(-) diff --git a/go.mod b/go.mod index eb6c758..592f323 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/joho/godotenv v1.5.1 github.com/mozilla-services/yaml v0.0.0-20201007153854-c369669a6625 go.mozilla.org/sops/v3 v3.7.3 - golang.org/x/crypto v0.6.0 + golang.org/x/crypto v0.7.0 golang.org/x/sys v0.6.0 ) @@ -80,10 +80,10 @@ require ( go.mozilla.org/gopgagent v0.0.0-20170926210634-4d7ea76ff71a // indirect go.opencensus.io v0.23.0 // indirect go.uber.org/atomic v1.9.0 // indirect - golang.org/x/net v0.7.0 // indirect + golang.org/x/net v0.8.0 // indirect golang.org/x/oauth2 v0.0.0-20220630143837-2104d58473e0 // indirect - golang.org/x/term v0.5.0 // indirect - golang.org/x/text v0.7.0 // indirect + golang.org/x/term v0.6.0 // indirect + golang.org/x/text v0.8.0 // indirect golang.org/x/time v0.0.0-20220609170525-579cf78fd858 // indirect google.golang.org/api v0.86.0 // indirect google.golang.org/appengine v1.6.7 // indirect diff --git a/go.sum b/go.sum index d6e4364..40b3c2c 100644 --- a/go.sum +++ b/go.sum @@ -597,8 +597,8 @@ golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.6.0 h1:qfktjS5LUO+fFKeJXZ+ikTRijMmljikvG68fpMMruSc= -golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= +golang.org/x/crypto v0.7.0 h1:AvwMYaRytfdeVt3u6mLaxYtErKYjxA2OXjJ1HHq6t3A= +golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -635,6 +635,7 @@ golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= +golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20180530234432-1e491301e022/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -687,8 +688,8 @@ golang.org/x/net v0.0.0-20220607020251-c690dde0001d/go.mod h1:XRhObCWvk6IyKnWLug golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g= -golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.8.0 h1:Zrh2ngAOFYneWTAIAPethzeaQLuHwhuBkuV6ZiRnUaQ= +golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -725,6 +726,7 @@ golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -809,8 +811,9 @@ golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.5.0 h1:n2a8QNdAb0sZNpU9R1ALUXBbY+w51fCQDN+7EdxNBsY= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= +golang.org/x/term v0.6.0 h1:clScbb1cHjoCkyRbWwBEUZ5H/tIFu5TAXIqaZD0Gcjw= +golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -820,8 +823,9 @@ golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.8.0 h1:57P1ETyNKtuIjB4SRd15iJxuhj8Gc416Y78H3qgMh68= +golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -882,6 +886,7 @@ golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= From 55d5e5cb0beba5e07a41f3087da8c30740993d6c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 18 Mar 2023 16:09:29 +0100 Subject: [PATCH 08/17] bump vendorSha256 --- default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/default.nix b/default.nix index f92a777..78c66d8 100644 --- a/default.nix +++ b/default.nix @@ -1,5 +1,5 @@ { pkgs ? import {} }: let - vendorSha256 = "sha256-54xjn5zAHfwxRvJnWGQx6d/51/1cDzBwxOLtcOfhvQ8="; + vendorSha256 = "sha256-aPbzboKMAmrF3hb8nJ3Sy/S+HW6k8DJh8qKuT2ZXvM8="; buildGoModule = if pkgs.lib.versionOlder pkgs.go.version "1.18" then pkgs.buildGo118Module else pkgs.buildGoModule; sops-install-secrets = pkgs.callPackage ./pkgs/sops-install-secrets { From 215dcb71e7f066bb55265be9556fd9ebc385907b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 18 Mar 2023 16:09:42 +0100 Subject: [PATCH 09/17] drop flake defaultPackage --- default.nix | 2 ++ flake.nix | 1 - 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/default.nix b/default.nix index 78c66d8..b964c9c 100644 --- a/default.nix +++ b/default.nix @@ -9,6 +9,8 @@ in rec { inherit sops-install-secrets; sops-init-gpg-key = pkgs.callPackage ./pkgs/sops-init-gpg-key {}; + default = sops-init-gpg-key; + sops-pgp-hook = pkgs.lib.warn '' sops-pgp-hook is deprecated, use sops-import-keys-hook instead. Also see https://github.com/Mic92/sops-nix/issues/98 diff --git a/flake.nix b/flake.nix index bcc42e8..4f5494c 100644 --- a/flake.nix +++ b/flake.nix @@ -45,7 +45,6 @@ (suffix-stable tests-stable) // (suffix-stable packages-stable)); - defaultPackage = forAllSystems (system: self.packages.${system}.sops-init-gpg-key); devShells = forAllSystems (system: let pkgs = nixpkgs.legacyPackages.${system}; in { From 332f95d2db4944dfb354c6c357a893212309dbe8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 18 Mar 2023 16:10:04 +0100 Subject: [PATCH 10/17] drop nixosModule in favour of nixosModules.default --- flake.nix | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index 4f5494c..8c1204e 100644 --- a/flake.nix +++ b/flake.nix @@ -26,9 +26,13 @@ # backward compatibility inherit (prev) ssh-to-pgp; }; - nixosModules.sops = import ./modules/sops; + nixosModules = { + sops = import ./modules/sops; + default = self.nixosModules.sops; + }; + nixosModule = nixpkgs.lib.warn + "use sops.nixosModules.default instead of sops.nixosModule" self.nixosModules.sops; homeManagerModules.sops = import ./modules/home-manager/sops.nix; - nixosModule = self.nixosModules.sops; homeManagerModule = self.homeManagerModules.sops; packages = forAllSystems (system: import ./default.nix { From ce7eed673c7d10c86126d7dc266aba98e699834e Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Sun, 19 Mar 2023 03:02:51 +0000 Subject: [PATCH 11/17] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs-stable': 'github:NixOS/nixpkgs/08ef7dc8334521605a5c8b7086cc248e74ee338b' (2023-03-18) → 'github:NixOS/nixpkgs/c3912035d00ef755ab19394488b41feab95d2e40' (2023-03-18) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index cc2bb5d..8e035c5 100644 --- a/flake.lock +++ b/flake.lock @@ -18,11 +18,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1679139072, - "narHash": "sha256-Gtw2Yj8DfETie3u7iHv1y5Wt+plGRmp6nTQ0EEfaPho=", + "lastModified": 1679163677, + "narHash": "sha256-VC0tc3EjJZFPXgucFQAYMIHce5nJWYR0kVCk4TVg6gg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "08ef7dc8334521605a5c8b7086cc248e74ee338b", + "rev": "c3912035d00ef755ab19394488b41feab95d2e40", "type": "github" }, "original": { From 8db4597a952f0223942323712f0d797da682e9c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Tue, 21 Mar 2023 06:52:27 +0100 Subject: [PATCH 12/17] drop nixosModule warning this message seems to come up even if you don't use this attribute... --- flake.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/flake.nix b/flake.nix index 8c1204e..1c02c4d 100644 --- a/flake.nix +++ b/flake.nix @@ -30,8 +30,6 @@ sops = import ./modules/sops; default = self.nixosModules.sops; }; - nixosModule = nixpkgs.lib.warn - "use sops.nixosModules.default instead of sops.nixosModule" self.nixosModules.sops; homeManagerModules.sops = import ./modules/home-manager/sops.nix; homeManagerModule = self.homeManagerModules.sops; packages = forAllSystems (system: From 6f8251b2f0947c32c0ec4e3ef54231cf3d221fbb Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Sun, 26 Mar 2023 02:55:17 +0000 Subject: [PATCH 13/17] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/194c2aa446b2b059886bb68be15ef6736d5a8c31' (2023-03-16) → 'github:NixOS/nixpkgs/dbf5322e93bcc6cfc52268367a8ad21c09d76fea' (2023-03-25) • Updated input 'nixpkgs-stable': 'github:NixOS/nixpkgs/c3912035d00ef755ab19394488b41feab95d2e40' (2023-03-18) → 'github:NixOS/nixpkgs/da26ae9f6ce2c9ab380c0f394488892616fc5a6a' (2023-03-25) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 8e035c5..f3df0a8 100644 --- a/flake.lock +++ b/flake.lock @@ -2,11 +2,11 @@ "nodes": { "nixpkgs": { "locked": { - "lastModified": 1678987615, - "narHash": "sha256-lF4agoB7ysQGNHRXvOqxtSKIZrUZwClA85aASahQlYM=", + "lastModified": 1679734080, + "narHash": "sha256-z846xfGLlon6t9lqUzlNtBOmsgQLQIZvR6Lt2dImk1M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "194c2aa446b2b059886bb68be15ef6736d5a8c31", + "rev": "dbf5322e93bcc6cfc52268367a8ad21c09d76fea", "type": "github" }, "original": { @@ -18,11 +18,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1679163677, - "narHash": "sha256-VC0tc3EjJZFPXgucFQAYMIHce5nJWYR0kVCk4TVg6gg=", + "lastModified": 1679748960, + "narHash": "sha256-BP8XcYHyj1NxQi04RpyNW8e7KiXSoI+Fy1tXIK2GfdA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c3912035d00ef755ab19394488b41feab95d2e40", + "rev": "da26ae9f6ce2c9ab380c0f394488892616fc5a6a", "type": "github" }, "original": { From 592ba2629508bf7e582f5596bd1fa244fc06b0ca Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Mar 2023 22:56:42 +0000 Subject: [PATCH 14/17] Bump DeterminateSystems/update-flake-lock from 17 to 18 Bumps [DeterminateSystems/update-flake-lock](https://github.com/DeterminateSystems/update-flake-lock) from 17 to 18. - [Release notes](https://github.com/DeterminateSystems/update-flake-lock/releases) - [Commits](https://github.com/DeterminateSystems/update-flake-lock/compare/v17...v18) --- updated-dependencies: - dependency-name: DeterminateSystems/update-flake-lock dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/upgrade-flakes.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/upgrade-flakes.yml b/.github/workflows/upgrade-flakes.yml index a852b6e..1e25c6b 100644 --- a/.github/workflows/upgrade-flakes.yml +++ b/.github/workflows/upgrade-flakes.yml @@ -15,7 +15,7 @@ jobs: extra_nix_config: | access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} - name: Update flake.lock - uses: DeterminateSystems/update-flake-lock@v17 + uses: DeterminateSystems/update-flake-lock@v18 with: token: ${{ secrets.GH_TOKEN_FOR_UPDATES }} pr-body: | From 36871718cdb71075c7a07fc186c2e22255629fed Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Sun, 2 Apr 2023 02:55:17 +0000 Subject: [PATCH 15/17] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/dbf5322e93bcc6cfc52268367a8ad21c09d76fea' (2023-03-25) → 'github:NixOS/nixpkgs/3364b5b117f65fe1ce65a3cdd5612a078a3b31e3' (2023-03-31) • Updated input 'nixpkgs-stable': 'github:NixOS/nixpkgs/da26ae9f6ce2c9ab380c0f394488892616fc5a6a' (2023-03-25) → 'github:NixOS/nixpkgs/c1e2efaca8d8a3db6a36f652765d6c6ba7bb8fae' (2023-04-01) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index f3df0a8..1b66db1 100644 --- a/flake.lock +++ b/flake.lock @@ -2,11 +2,11 @@ "nodes": { "nixpkgs": { "locked": { - "lastModified": 1679734080, - "narHash": "sha256-z846xfGLlon6t9lqUzlNtBOmsgQLQIZvR6Lt2dImk1M=", + "lastModified": 1680273054, + "narHash": "sha256-Bs6/5LpvYp379qVqGt9mXxxx9GSE789k3oFc+OAL07M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "dbf5322e93bcc6cfc52268367a8ad21c09d76fea", + "rev": "3364b5b117f65fe1ce65a3cdd5612a078a3b31e3", "type": "github" }, "original": { @@ -18,11 +18,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1679748960, - "narHash": "sha256-BP8XcYHyj1NxQi04RpyNW8e7KiXSoI+Fy1tXIK2GfdA=", + "lastModified": 1680390120, + "narHash": "sha256-RyDJcG/7mfimadlo8vO0QjW22mvYH1+cCqMuigUntr8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "da26ae9f6ce2c9ab380c0f394488892616fc5a6a", + "rev": "c1e2efaca8d8a3db6a36f652765d6c6ba7bb8fae", "type": "github" }, "original": { From 3ae5e526b75e88093382c40089a8151d343dc1c3 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Sun, 9 Apr 2023 02:54:56 +0000 Subject: [PATCH 16/17] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/3364b5b117f65fe1ce65a3cdd5612a078a3b31e3' (2023-03-31) → 'github:NixOS/nixpkgs/6f95dd4fd050daf017cae2dfeb1cea1ec0e4c1a1' (2023-04-08) • Updated input 'nixpkgs-stable': 'github:NixOS/nixpkgs/c1e2efaca8d8a3db6a36f652765d6c6ba7bb8fae' (2023-04-01) → 'github:NixOS/nixpkgs/e45cc0138829ad86e7ff17a76acf2d05e781e30a' (2023-04-09) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 1b66db1..171aec4 100644 --- a/flake.lock +++ b/flake.lock @@ -2,11 +2,11 @@ "nodes": { "nixpkgs": { "locked": { - "lastModified": 1680273054, - "narHash": "sha256-Bs6/5LpvYp379qVqGt9mXxxx9GSE789k3oFc+OAL07M=", + "lastModified": 1680942619, + "narHash": "sha256-kpCW1IegAZfEjCVJW7IPN/hEtRL/9dxaFFYiHS5qVAk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3364b5b117f65fe1ce65a3cdd5612a078a3b31e3", + "rev": "6f95dd4fd050daf017cae2dfeb1cea1ec0e4c1a1", "type": "github" }, "original": { @@ -18,11 +18,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1680390120, - "narHash": "sha256-RyDJcG/7mfimadlo8vO0QjW22mvYH1+cCqMuigUntr8=", + "lastModified": 1681005198, + "narHash": "sha256-5LrnBeXR7Hv8OXh6eany7br4qBW+ZNl4LKf1CJu9zbg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c1e2efaca8d8a3db6a36f652765d6c6ba7bb8fae", + "rev": "e45cc0138829ad86e7ff17a76acf2d05e781e30a", "type": "github" }, "original": { From 31b95f641efa4f9d3df96ad05aae49c97ec279de Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 10 Apr 2023 22:56:37 +0000 Subject: [PATCH 17/17] Bump DeterminateSystems/update-flake-lock from 18 to 19 Bumps [DeterminateSystems/update-flake-lock](https://github.com/DeterminateSystems/update-flake-lock) from 18 to 19. - [Release notes](https://github.com/DeterminateSystems/update-flake-lock/releases) - [Commits](https://github.com/DeterminateSystems/update-flake-lock/compare/v18...v19) --- updated-dependencies: - dependency-name: DeterminateSystems/update-flake-lock dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/upgrade-flakes.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/upgrade-flakes.yml b/.github/workflows/upgrade-flakes.yml index 1e25c6b..a45a270 100644 --- a/.github/workflows/upgrade-flakes.yml +++ b/.github/workflows/upgrade-flakes.yml @@ -15,7 +15,7 @@ jobs: extra_nix_config: | access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} - name: Update flake.lock - uses: DeterminateSystems/update-flake-lock@v18 + uses: DeterminateSystems/update-flake-lock@v19 with: token: ${{ secrets.GH_TOKEN_FOR_UPDATES }} pr-body: |