add uid and gid to templates

2025-12-26 14:14:58 +08:00 · 2025-01-17 23:23:32 -06:00 · 2025-01-17 23:23:32 -06:00 · 787afce414
commit 787afce414
parent b33837ae3c
4 changed files with 107 additions and 15 deletions
--- a/checks/darwin.nix
+++ b/checks/darwin.nix
@ -8,9 +8,23 @@
  ];
  documentation.enable = false;
  sops.secrets.test_key = { };
-  sops.templates."template.toml".content = ''
-    password = "${config.sops.placeholder.test_key}";
-  '';
+  sops.templates."template.toml" = {
+    content = ''
+      password = "${config.sops.placeholder.test_key}";
+    '';
+  };
+  sops.templates."template-with-uid.toml" = {
+    content = ''
+      password = "${config.sops.placeholder.test_key}";
+    '';
+    uid = 1000;
+  };
+  sops.templates."template-with-gid.toml" = {
+    content = ''
+      password = "${config.sops.placeholder.test_key}";
+    '';
+    gid = 1000;
+  };
  sops.defaultSopsFile = ../pkgs/sops-install-secrets/test-assets/secrets.yaml;
  sops.age.generateKey = true;
  system.stateVersion = 5;
--- a/checks/nixos-test.nix
+++ b/checks/nixos-test.nix
@ -321,6 +321,14 @@ in
          path = "/etc/externally/linked";
        };

+        sops.templates.test_uid_gid = {
+          uid = 420;
+          gid = 420;
+          content = ''
+            Test value: ${config.sops.placeholder.test_key}
+          '';
+        };
+
        users.groups.somegroup = { };
        users.users.someuser = {
          isSystemUser = true;
@ -339,6 +347,8 @@ in
      machine.succeed("[ $(stat -c%G /run/secrets/rendered/test_template) = 'somegroup' ]")
      machine.succeed("[ $(stat -c%U /run/secrets/rendered/test_default) = 'root' ]")
      machine.succeed("[ $(stat -c%G /run/secrets/rendered/test_default) = 'root' ]")
+      machine.succeed("[ $(stat -c%u /run/secrets/rendered/test_uid_gid) = '420' ]")
+      machine.succeed("[ $(stat -c%g /run/secrets/rendered/test_uid_gid) = '420' ]")

      expected = """\
      This line is not modified.