From 199460565b1794cf4521599ea532c655fc9ebc14 Mon Sep 17 00:00:00 2001 From: Thomas Boerger Date: Wed, 24 Jul 2024 12:28:11 +0200 Subject: [PATCH] ci: add automaerge and flake update, restructure flake config --- .github/settings.yml | 40 +--- .github/workflows/automerge.yml | 49 ++++ .github/workflows/flake.yml | 56 +++++ .gitignore | 1 + flake.lock | 408 ++++++++++++++++++++++++++++---- flake.nix | 93 ++++---- 6 files changed, 514 insertions(+), 133 deletions(-) create mode 100644 .github/workflows/automerge.yml create mode 100644 .github/workflows/flake.yml diff --git a/.github/settings.yml b/.github/settings.yml index fe49432..e353141 100644 --- a/.github/settings.yml +++ b/.github/settings.yml @@ -21,41 +21,6 @@ repository: enable_automated_security_fixes: true enable_vulnerability_alerts: true -labels: - - name: bug - color: d73a4a - description: Something isn't working - - name: documentation - color: 0075ca - description: Improvements or additions to documentation - - name: duplicate - color: cfd3d7 - description: This issue or pull request already exists - - name: enhancement - color: a2eeef - description: New feature or request - - name: good first issue - color: 7057ff - description: Good for newcomers - - name: help wanted - color: 008672 - description: Extra attention is needed - - name: invalid - color: e4e669 - description: This doesn't seem right - - name: question - color: d876e3 - description: Further information is requested - - name: wontfix - color: ffffff - description: This will not be worked on - - name: hacktoberfest-accepted - color: cccccc - description: Accepted as a Hacktoberfest submission - - name: renovate - color: e99695 - description: Automated action from Renovate - branches: - name: master protection: @@ -63,10 +28,13 @@ branches: required_pull_request_reviews: null required_status_checks: strict: true - contexts: [] + contexts: + - linting + - testing (default) enforce_admins: false restrictions: apps: + - rolehippie - renovate users: [] teams: diff --git a/.github/workflows/automerge.yml b/.github/workflows/automerge.yml new file mode 100644 index 0000000..2c9e5e6 --- /dev/null +++ b/.github/workflows/automerge.yml @@ -0,0 +1,49 @@ +--- +name: automerge + +"on": + workflow_dispatch: + pull_request: + branches: + - master + +permissions: + contents: write + pull-requests: write + +jobs: + dependabot: + runs-on: ubuntu-latest + if: github.actor == 'dependabot[bot]' + + steps: + - name: Generate token + id: token + uses: tibdex/github-app-token@v2 + with: + app_id: ${{ secrets.TOKEN_EXCHANGE_APP }} + installation_retrieval_mode: id + installation_retrieval_payload: ${{ secrets.TOKEN_EXCHANGE_INSTALL }} + private_key: ${{ secrets.TOKEN_EXCHANGE_KEY }} + permissions: >- + {"contents": "write", "pull_requests": "write", "issues": "write"} + + - name: Fetch metadata + id: metadata + uses: dependabot/fetch-metadata@v2 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + + - name: Approve request + id: approve + run: gh pr review --approve "${{github.event.pull_request.html_url}}" + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Enable automerge + id: automerge + run: gh pr merge --rebase --auto "${{github.event.pull_request.html_url}}" + env: + GH_TOKEN: ${{ steps.token.outputs.token }} + +... diff --git a/.github/workflows/flake.yml b/.github/workflows/flake.yml new file mode 100644 index 0000000..fd8af15 --- /dev/null +++ b/.github/workflows/flake.yml @@ -0,0 +1,56 @@ +--- +name: flake + +"on": + workflow_dispatch: + schedule: + - cron: "0 8 * * 1" + +permissions: + contents: write + pull-requests: write + +jobs: + flake: + runs-on: ubuntu-latest + + steps: + - name: Generate token + id: token + uses: tibdex/github-app-token@v2 + with: + app_id: ${{ secrets.TOKEN_EXCHANGE_APP }} + installation_retrieval_mode: id + installation_retrieval_payload: ${{ secrets.TOKEN_EXCHANGE_INSTALL }} + private_key: ${{ secrets.TOKEN_EXCHANGE_KEY }} + permissions: >- + {"contents": "write", "pull_requests": "write"} + + - name: Checkout source + id: source + uses: actions/checkout@v4 + + - name: Install nix + id: nix + uses: cachix/install-nix-action@v27 + + - name: Update flake + id: flake + uses: DeterminateSystems/update-flake-lock@v23 + with: + commit-msg: "chore(flake): updated lockfile" + pr-title: "chore: automated flake update" + pr-body: "New flakelock generated, automerge should handle that!" + pr-labels: renovate + git-author-name: GitHub Actions + git-author-email: github@webhippie.de + token: ${{ steps.token.outputs.token }} + + - name: Enable automerge + id: automerge + if: steps.flake.outputs.pull-request-operation == 'created' + run: gh pr merge --rebase --auto "${{ steps.flake.outputs.pull-request-number }}" + env: + GH_TOKEN: ${{ steps.token.outputs.token }} + +... diff --git a/.gitignore b/.gitignore index 3f20f38..8616286 100644 --- a/.gitignore +++ b/.gitignore @@ -8,3 +8,4 @@ __pycache__/ # ---> Flake .direnv/ +.devenv/ diff --git a/flake.lock b/flake.lock index 28755a1..e855519 100644 --- a/flake.lock +++ b/flake.lock @@ -1,25 +1,121 @@ { "nodes": { - "devshell": { + "cachix": { "inputs": { - "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs" + "devenv": "devenv_2", + "flake-compat": [ + "devenv", + "flake-compat" + ], + "nixpkgs": [ + "devenv", + "nixpkgs" + ], + "pre-commit-hooks": [ + "devenv", + "pre-commit-hooks" + ] }, "locked": { - "lastModified": 1705332421, - "narHash": "sha256-USpGLPme1IuqG78JNqSaRabilwkCyHmVWY0M9vYyqEA=", - "owner": "numtide", - "repo": "devshell", - "rev": "83cb93d6d063ad290beee669f4badf9914cc16ec", + "lastModified": 1712055811, + "narHash": "sha256-7FcfMm5A/f02yyzuavJe06zLa9hcMHsagE28ADcmQvk=", + "owner": "cachix", + "repo": "cachix", + "rev": "02e38da89851ec7fec3356a5c04bc8349cae0e30", "type": "github" }, "original": { - "owner": "numtide", - "repo": "devshell", + "owner": "cachix", + "repo": "cachix", + "type": "github" + } + }, + "devenv": { + "inputs": { + "cachix": "cachix", + "flake-compat": "flake-compat_2", + "nix": "nix_2", + "nixpkgs": "nixpkgs_2", + "pre-commit-hooks": "pre-commit-hooks" + }, + "locked": { + "lastModified": 1721762143, + "narHash": "sha256-mLTwGASk6DUJSKXdXLo01m1Vh9cWcNxELwnmYSLedBA=", + "owner": "cachix", + "repo": "devenv", + "rev": "5f06510dc5ea5e82db7a85f2e47c5face6e51717", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "devenv", + "type": "github" + } + }, + "devenv_2": { + "inputs": { + "flake-compat": [ + "devenv", + "cachix", + "flake-compat" + ], + "nix": "nix", + "nixpkgs": "nixpkgs", + "poetry2nix": "poetry2nix", + "pre-commit-hooks": [ + "devenv", + "cachix", + "pre-commit-hooks" + ] + }, + "locked": { + "lastModified": 1708704632, + "narHash": "sha256-w+dOIW60FKMaHI1q5714CSibk99JfYxm0CzTinYWr+Q=", + "owner": "cachix", + "repo": "devenv", + "rev": "2ee4450b0f4b95a1b90f2eb5ffea98b90e48c196", + "type": "github" + }, + "original": { + "owner": "cachix", + "ref": "python-rewrite", + "repo": "devenv", "type": "github" } }, "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_3": { "flake": false, "locked": { "lastModified": 1696426674, @@ -40,16 +136,17 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1706830856, - "narHash": "sha256-a0NYyp+h9hlb7ddVz4LUn1vT/PLwqfrWYcHMvFB1xYg=", + "lastModified": 1719994518, + "narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "b253292d9c0a5ead9bc98c4e9a26c6312e27d69f", + "rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7", "type": "github" }, "original": { - "id": "flake-parts", - "type": "indirect" + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" } }, "flake-utils": { @@ -57,11 +154,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1701680307, - "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", + "lastModified": 1689068808, + "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", "owner": "numtide", "repo": "flake-utils", - "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", + "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", "type": "github" }, "original": { @@ -75,11 +172,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1701680307, - "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", "type": "github" }, "original": { @@ -91,16 +188,38 @@ "gitignore": { "inputs": { "nixpkgs": [ + "devenv", "pre-commit-hooks", "nixpkgs" ] }, "locked": { - "lastModified": 1703887061, - "narHash": "sha256-gGPa9qWNc6eCXT/+Z5/zMkyYOuRZqeFZBDbopNZQkuY=", + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "gitignore_2": { + "inputs": { + "nixpkgs": [ + "pre-commit-hooks-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", "owner": "hercules-ci", "repo": "gitignore.nix", - "rev": "43e1aa1308018f37118e34d3a9cb4f5e75dc11d5", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", "type": "github" }, "original": { @@ -109,13 +228,90 @@ "type": "github" } }, + "nix": { + "inputs": { + "flake-compat": "flake-compat", + "nixpkgs": [ + "devenv", + "cachix", + "devenv", + "nixpkgs" + ], + "nixpkgs-regression": "nixpkgs-regression" + }, + "locked": { + "lastModified": 1712911606, + "narHash": "sha256-BGvBhepCufsjcUkXnEEXhEVjwdJAwPglCC2+bInc794=", + "owner": "domenkozar", + "repo": "nix", + "rev": "b24a9318ea3f3600c1e24b4a00691ee912d4de12", + "type": "github" + }, + "original": { + "owner": "domenkozar", + "ref": "devenv-2.21", + "repo": "nix", + "type": "github" + } + }, + "nix-github-actions": { + "inputs": { + "nixpkgs": [ + "devenv", + "cachix", + "devenv", + "poetry2nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1688870561, + "narHash": "sha256-4UYkifnPEw1nAzqqPOTL2MvWtm3sNGw1UTYTalkTcGY=", + "owner": "nix-community", + "repo": "nix-github-actions", + "rev": "165b1650b753316aa7f1787f3005a8d2da0f5301", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nix-github-actions", + "type": "github" + } + }, + "nix_2": { + "inputs": { + "flake-compat": [ + "devenv", + "flake-compat" + ], + "nixpkgs": [ + "devenv", + "nixpkgs" + ], + "nixpkgs-regression": "nixpkgs-regression_2" + }, + "locked": { + "lastModified": 1712911606, + "narHash": "sha256-BGvBhepCufsjcUkXnEEXhEVjwdJAwPglCC2+bInc794=", + "owner": "domenkozar", + "repo": "nix", + "rev": "b24a9318ea3f3600c1e24b4a00691ee912d4de12", + "type": "github" + }, + "original": { + "owner": "domenkozar", + "ref": "devenv-2.21", + "repo": "nix", + "type": "github" + } + }, "nixpkgs": { "locked": { - "lastModified": 1704161960, - "narHash": "sha256-QGua89Pmq+FBAro8NriTuoO/wNaUtugt29/qqA8zeeM=", + "lastModified": 1692808169, + "narHash": "sha256-x9Opq06rIiwdwGeK2Ykj69dNc2IvUH1fY55Wm7atwrE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "63143ac2c9186be6d9da6035fa22620018c85932", + "rev": "9201b5ff357e781bf014d0330d18555695df7ba8", "type": "github" }, "original": { @@ -127,29 +323,55 @@ }, "nixpkgs-lib": { "locked": { - "dir": "lib", - "lastModified": 1706550542, - "narHash": "sha256-UcsnCG6wx++23yeER4Hg18CXWbgNpqNXcHIo5/1Y+hc=", + "lastModified": 1719876945, + "narHash": "sha256-Fm2rDDs86sHy0/1jxTOKB1118Q0O3Uc7EC0iXvXKpbI=", + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/5daf0514482af3f97abaefc78a6606365c9108e2.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/5daf0514482af3f97abaefc78a6606365c9108e2.tar.gz" + } + }, + "nixpkgs-regression": { + "locked": { + "lastModified": 1643052045, + "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "97b17f32362e475016f942bbdfda4a4a72a8a652", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", "type": "github" }, "original": { - "dir": "lib", "owner": "NixOS", - "ref": "nixos-unstable", "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + } + }, + "nixpkgs-regression_2": { + "locked": { + "lastModified": 1643052045, + "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", "type": "github" } }, "nixpkgs-stable": { "locked": { - "lastModified": 1704874635, - "narHash": "sha256-YWuCrtsty5vVZvu+7BchAxmcYzTMfolSPP5io8+WYCg=", + "lastModified": 1710695816, + "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3dc440faeee9e889fe2d1b4d25ad0f430d449356", + "rev": "614b4613980a522ba49f0d194531beddbb7220d3", "type": "github" }, "original": { @@ -159,13 +381,45 @@ "type": "github" } }, + "nixpkgs-stable_2": { + "locked": { + "lastModified": 1720386169, + "narHash": "sha256-NGKVY4PjzwAa4upkGtAMz1npHGoRzWotlSnVlqI40mo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "194846768975b7ad2c4988bdb82572c00222c0d7", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs_2": { "locked": { - "lastModified": 1706913249, - "narHash": "sha256-x3M7iV++CsvRXI1fpyFPduGELUckZEhSv0XWnUopAG8=", + "lastModified": 1713361204, + "narHash": "sha256-TA6EDunWTkc5FvDCqU3W2T3SFn0gRZqh6D/hJnM02MM=", + "owner": "cachix", + "repo": "devenv-nixpkgs", + "rev": "285676e87ad9f0ca23d8714a6ab61e7e027020c6", + "type": "github" + }, + "original": { + "owner": "cachix", + "ref": "rolling", + "repo": "devenv-nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1721562059, + "narHash": "sha256-Tybxt65eyOARf285hMHIJ2uul8SULjFZbT9ZaEeUnP8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e92b6015881907e698782c77641aa49298330223", + "rev": "68c9ed8bbed9dfce253cc91560bf9043297ef2fe", "type": "github" }, "original": { @@ -175,13 +429,13 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_4": { "locked": { - "lastModified": 1704842529, - "narHash": "sha256-OTeQA+F8d/Evad33JMfuXC89VMetQbsU4qcaePchGr4=", + "lastModified": 1719082008, + "narHash": "sha256-jHJSUH619zBQ6WdC21fFAlDxHErKVDJ5fpN0Hgx4sjs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "eabe8d3eface69f5bb16c18f8662a702f50c20d5", + "rev": "9693852a2070b398ee123a329e68f0dab5526681", "type": "github" }, "original": { @@ -191,20 +445,72 @@ "type": "github" } }, + "poetry2nix": { + "inputs": { + "flake-utils": "flake-utils", + "nix-github-actions": "nix-github-actions", + "nixpkgs": [ + "devenv", + "cachix", + "devenv", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1692876271, + "narHash": "sha256-IXfZEkI0Mal5y1jr6IRWMqK8GW2/f28xJenZIPQqkY0=", + "owner": "nix-community", + "repo": "poetry2nix", + "rev": "d5006be9c2c2417dafb2e2e5034d83fabd207ee3", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "poetry2nix", + "type": "github" + } + }, "pre-commit-hooks": { "inputs": { - "flake-compat": "flake-compat", + "flake-compat": [ + "devenv", + "flake-compat" + ], "flake-utils": "flake-utils_2", "gitignore": "gitignore", - "nixpkgs": "nixpkgs_3", + "nixpkgs": [ + "devenv", + "nixpkgs" + ], "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1706424699, - "narHash": "sha256-Q3RBuOpZNH2eFA1e+IHgZLAOqDD9SKhJ/sszrL8bQD4=", + "lastModified": 1713775815, + "narHash": "sha256-Wu9cdYTnGQQwtT20QQMg7jzkANKQjwBD9iccfGKkfls=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "7c54e08a689b53c8a1e5d70169f2ec9e2a68ffaf", + "rev": "2ac4dcbf55ed43f3be0bae15e181f08a57af24a4", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, + "pre-commit-hooks-nix": { + "inputs": { + "flake-compat": "flake-compat_3", + "gitignore": "gitignore_2", + "nixpkgs": "nixpkgs_4", + "nixpkgs-stable": "nixpkgs-stable_2" + }, + "locked": { + "lastModified": 1721042469, + "narHash": "sha256-6FPUl7HVtvRHCCBQne7Ylp4p+dpP3P/OYuzjztZ4s70=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "f451c19376071a90d8c58ab1a953c6e9840527fd", "type": "github" }, "original": { @@ -215,10 +521,10 @@ }, "root": { "inputs": { - "devshell": "devshell", + "devenv": "devenv", "flake-parts": "flake-parts", - "nixpkgs": "nixpkgs_2", - "pre-commit-hooks": "pre-commit-hooks" + "nixpkgs": "nixpkgs_3", + "pre-commit-hooks-nix": "pre-commit-hooks-nix" } }, "systems": { diff --git a/flake.nix b/flake.nix index e3c6b9b..6b563ec 100644 --- a/flake.nix +++ b/flake.nix @@ -1,25 +1,29 @@ { - description = "Description for the project"; + description = "Nix flake for development"; inputs = { nixpkgs = { url = "github:NixOS/nixpkgs/nixos-unstable"; }; - pre-commit-hooks = { + devenv = { + url = "github:cachix/devenv"; + }; + + pre-commit-hooks-nix = { url = "github:cachix/pre-commit-hooks.nix"; }; - devshell = { - url = "github:numtide/devshell"; + flake-parts = { + url = "github:hercules-ci/flake-parts"; }; }; outputs = inputs@{ flake-parts, ... }: flake-parts.lib.mkFlake { inherit inputs; } { imports = [ - inputs.pre-commit-hooks.flakeModule - inputs.devshell.flakeModule + inputs.devenv.flakeModule + inputs.pre-commit-hooks-nix.flakeModule ]; systems = [ @@ -29,62 +33,59 @@ "aarch64-darwin" ]; - perSystem = { config, self', inputs', pkgs, system, ... }: - let - python310 = pkgs.python310.withPackages (p: with p; [ - pytest - pytest-testinfra - molecule - molecule-plugins - ]); + perSystem = { config, self', inputs', pkgs, system, ... }: { + imports = [ + { + _module.args.pkgs = import inputs.nixpkgs { + inherit system; + config.allowUnfree = true; + }; + } + ]; - in - { pre-commit = { - check = { - enable = true; - }; - settings = { hooks = { + nixpkgs-fmt = { + enable = true; + }; later = { enable = true; name = "ansible-later"; description = "Run ansible-later on all files in the project"; files = "\\.(yml|yaml)$"; - entry = "${pkgs.ansible-later}/bin/ansible-later"; + entry = "${pkgs.podman}/bin/podman run --pull newer -ti --rm -v $(pwd):$(pwd):Z -w $(pwd) ghcr.io/toolhippie/ansible-later ansible-later"; }; }; }; }; - devshells = { - default = { - commands = [ - { - name = "later"; - help = "execute later command"; - command = "${pkgs.ansible-later}/bin/ansible-later"; - } - { - name = "doctor"; - help = "execute doctor command"; - command = "${pkgs.ansible-doctor}/bin/ansible-doctor -fv"; - } - { - name = "testing"; - help = "execute molecule command"; - command = "${pkgs.molecule}/bin/molecule test --scenario-name default"; - } - ]; + devenv = { + shells = { + default = { + languages = { + python = { + enable = true; + package = pkgs.python312; + }; + }; - packages = with pkgs; [ - ansible-doctor - ansible-lint - ansible-later + scripts = { + testing = { + exec = "${pkgs.molecule}/bin/molecule test --scenario-name default"; + }; + later = { + exec = "${pkgs.podman}/bin/podman run --pull newer -ti --rm -v $(pwd):$(pwd):Z -w $(pwd) ghcr.io/toolhippie/ansible-later ansible-later"; + }; + doctor = { + exec = "${pkgs.podman}/bin/podman run --pull newer -ti --rm -v $(pwd):$(pwd):Z -w $(pwd) ghcr.io/toolhippie/ansible-doctor ansible-doctor -fv"; + }; + }; - python310 - ]; + packages = with pkgs; [ + nixpkgs-fmt + ]; + }; }; }; };