From 4c4652aabf2cb3ac8b40f2856eca07a1df9c27e0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= <ismael.bouya@normalesup.org>
Date: Sat, 16 Oct 2021 17:40:07 +0200
Subject: Use attrs for secrets instead of lists

---
 modules/private/buildbot/default.nix | 36 +++++++++++++++---------------------
 1 file changed, 15 insertions(+), 21 deletions(-)

(limited to 'modules/private/buildbot')

diff --git a/modules/private/buildbot/default.nix b/modules/private/buildbot/default.nix
index 903f453..dc8a0d2 100644
--- a/modules/private/buildbot/default.nix
+++ b/modules/private/buildbot/default.nix
@@ -76,33 +76,30 @@ in
         '';
     }) config.myEnv.buildbot.projects;
 
-    secrets.keys = (
+    secrets.keys = lib.listToAttrs (
       lib.lists.flatten (
         lib.attrsets.mapAttrsToList (k: project:
           lib.attrsets.mapAttrsToList (k: v:
-            {
+            (lib.nameValuePair "buildbot/${project.name}/${k}" {
               permissions = "0600";
               user = "buildbot";
               group = "buildbot";
               text = v;
-              dest = "buildbot/${project.name}/${k}";
-            }
+            })
           ) project.secrets
           ++ [
-            {
+            (lib.nameValuePair "buildbot/${project.name}/webhook-httpd-include" {
               permissions = "0600";
               user = "wwwrun";
               group = "wwwrun";
               text = lib.optionalString (project.webhookTokens != null) ''
                 Require expr "req('Access-Key') in { ${builtins.concatStringsSep ", " (map (x: "'${x}'") project.webhookTokens)} }"
                 '';
-              dest = "buildbot/${project.name}/webhook-httpd-include";
-            }
-            {
+            })
+            (lib.nameValuePair "buildbot/${project.name}/environment_file" {
               permissions = "0600";
               user = "buildbot";
               group = "buildbot";
-              dest = "buildbot/${project.name}/environment_file";
               text = let
                 project_env = with lib.attrsets;
                   mapAttrs' (k: v: nameValuePair "BUILDBOT_${k}" v) project.environment //
@@ -115,33 +112,30 @@ in
                   };
                 in builtins.concatStringsSep "\n"
                   (lib.mapAttrsToList (envK: envV: "${envK}=${envV}") project_env);
-            }
+            })
           ]
         ) config.myEnv.buildbot.projects
       )
-    ) ++ [
-      {
+    ) // {
+      "buildbot/ldap" = {
         permissions = "0600";
         user = "buildbot";
         group = "buildbot";
         text = config.myEnv.buildbot.ldap.password;
-        dest = "buildbot/ldap";
-      }
-      {
+      };
+      "buildbot/worker_password" = {
         permissions = "0600";
         user = "buildbot";
         group = "buildbot";
         text = config.myEnv.buildbot.workerPassword;
-        dest = "buildbot/worker_password";
-      }
-      {
+      };
+      "buildbot/ssh_key" = {
         permissions = "0600";
         user = "buildbot";
         group = "buildbot";
         text = config.myEnv.buildbot.ssh_key.private;
-        dest = "buildbot/ssh_key";
-      }
-    ];
+      };
+    };
 
     services.filesWatcher = lib.attrsets.mapAttrs' (k: project: lib.attrsets.nameValuePair "buildbot-${project.name}" {
       restart = true;
-- 
cgit v1.2.3