ToDo/WIP: Home-Manager tests

default.nix

@@ -1,8 +1,16 @@
+<<<<<<< Updated upstream
 { pkgs ? import <nixpkgs> {}
 , vendorHash ? "sha256-wd25uVUm3ISDjafy+4vImmLyObagEEeE+Ci8PbvaYD8="
+=======
+{ 
+  home-manager ? import <home-manager> {},
+  pkgs ? import <nixpkgs> {}, 
+  vendorHash ? "sha256-CvIJqgqRk0fpU5lp3NO7bQC9vSU5a8SGnT3XsNLPpok="
+>>>>>>> Stashed changes
 }: let
   sops-install-secrets = pkgs.callPackage ./pkgs/sops-install-secrets {
     inherit vendorHash;
+    inherit home-manager;
   };
 in rec {
   inherit sops-install-secrets;
@@ -22,7 +30,7 @@ in rec {
   sops-pgp-hook-test = pkgs.callPackage ./pkgs/sops-pgp-hook-test.nix {
     inherit vendorHash;
   };
-  unit-tests = pkgs.callPackage ./pkgs/unit-tests.nix {};
+  unit-tests = pkgs.callPackage ./pkgs/unit-tests.nix { inherit home-manager; };
 } // (pkgs.lib.optionalAttrs pkgs.stdenv.isLinux {
   lint = pkgs.callPackage ./pkgs/lint.nix {
     inherit sops-install-secrets;

flake.nix

@@ -1,57 +1,72 @@
 {
   description = "Integrates sops into nixos";
-  inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
-  inputs.nixpkgs-stable.url = "github:NixOS/nixpkgs/release-24.05";
-  nixConfig.extra-substituters = ["https://cache.thalheim.io"];
-  nixConfig.extra-trusted-public-keys = ["cache.thalheim.io-1:R7msbosLEZKrxk/lKxf9BTjOOH7Ax3H0Qj0/6wiHOgc="];
+
+  inputs = {
+    home-manager.url =  "github:nix-community/home-manager";
+    nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
+    nixpkgs-stable.url = "github:NixOS/nixpkgs/release-24.05";
+  };
+
+  nixConfig = {
+    extra-substituters = ["https://cache.thalheim.io"];
+    extra-trusted-public-keys = ["cache.thalheim.io-1:R7msbosLEZKrxk/lKxf9BTjOOH7Ax3H0Qj0/6wiHOgc="];
+  };
+
   outputs = {
     self,
+    home-manager,
     nixpkgs,
-    nixpkgs-stable
+    nixpkgs-stable,
+    ...
   }: let
+    inherit (nixpkgs.lib) genAttrs mapAttrs' nameValuePair;
+
+    mkFlakePkgs = pkgs: import ./default.nix { inherit home-manager pkgs; };
+
+    forAllSystems = f: genAttrs systems (system: f system);
     systems = [
       "x86_64-linux"
       "x86_64-darwin"
       "aarch64-darwin"
       "aarch64-linux"
     ];
-    forAllSystems = f: nixpkgs.lib.genAttrs systems (system: f system);
-    suffix-version = version: attrs: nixpkgs.lib.mapAttrs' (name: value: nixpkgs.lib.nameValuePair (name + version) value) attrs;
+
     suffix-stable = suffix-version "-24_05";
+    suffix-version = version: attrs: mapAttrs' (name: value: nameValuePair (name + version) value) attrs;
   in {
-    overlays.default = final: prev: let
-      localPkgs = import ./default.nix {pkgs = final;};
-    in {
-      inherit (localPkgs) sops-install-secrets sops-init-gpg-key sops-pgp-hook sops-import-keys-hook sops-ssh-to-age;
-      # backward compatibility
-      inherit (prev) ssh-to-pgp;
-    };
-    nixosModules = {
-      sops = import ./modules/sops;
-      default = self.nixosModules.sops;
-    };
-    homeManagerModules.sops = import ./modules/home-manager/sops.nix;
-    homeManagerModule = self.homeManagerModules.sops;
-    packages = forAllSystems (system:
-      import ./default.nix {
-        pkgs = import nixpkgs {inherit system;};
-      });
-    checks = nixpkgs.lib.genAttrs ["x86_64-linux" "aarch64-linux"]
+    checks = genAttrs ["x86_64-linux" "aarch64-linux"]
       (system: let
         tests = self.packages.${system}.sops-install-secrets.tests;
-        packages-stable = import ./default.nix {
-          pkgs = import nixpkgs-stable {inherit system;};
-        };
+        packages-stable = mkFlakePkgs (import nixpkgs-stable {inherit system;});
         tests-stable = packages-stable.sops-install-secrets.tests;
       in tests //
-         (suffix-stable tests-stable) //
-         (suffix-stable packages-stable));
+        (suffix-stable tests-stable) //
+        (suffix-stable packages-stable));
 
     devShells = forAllSystems (system: let
       pkgs = nixpkgs.legacyPackages.${system};
     in {
-      unit-tests = pkgs.callPackage ./pkgs/unit-tests.nix {};
+      unit-tests = pkgs.callPackage ./pkgs/unit-tests.nix { inherit home-manager; };
       default = pkgs.callPackage ./shell.nix {};
+      hm-tests = self.packages.${system}.sops-install-secrets.hm-tests;
     });
+
+    homeManagerModule = self.homeManagerModules.sops;
+    homeManagerModules.sops = import ./modules/home-manager/sops.nix;
+
+    nixosModules = {
+      sops = import ./modules/sops;
+      default = self.nixosModules.sops;
+    };
+
+    overlays.default = final: prev: let
+      localPkgs = mkFlakePkgs final;
+    in {
+      inherit (localPkgs) sops-install-secrets sops-init-gpg-key sops-pgp-hook sops-import-keys-hook sops-ssh-to-age;
+      # backward compatibility
+      inherit (prev) ssh-to-pgp;
+    };
+
+    packages = forAllSystems (system: mkFlakePkgs (import nixpkgs {inherit system;}));
   };
 }

pkgs/sops-install-secrets/default.nix

@@ -1,4 +1,8 @@
+<<<<<<< Updated upstream
 { lib, buildGoModule, stdenv, vendorHash, go, callPackages }:
+=======
+{ lib, buildGoModule, path, pkgs, vendorHash, go, home-manager }:
+>>>>>>> Stashed changes
 buildGoModule {
   pname = "sops-install-secrets";
   version = "0.0.1";
@@ -10,7 +14,17 @@ buildGoModule {
   # requires root privileges for tests
   doCheck = false;
 
+<<<<<<< Updated upstream
   passthru.tests = callPackages ./nixos-test.nix { };
+=======
+  passthru = {
+    hm-tests = (import ./hm-test.nix { inherit pkgs; inherit home-manager; }).run.all;
+    tests = import ./nixos-test.nix {
+      makeTest = import (path + "/nixos/tests/make-test-python.nix");
+      inherit pkgs;
+    };
+  };
+>>>>>>> Stashed changes
 
   outputs = [ "out" ] ++
   lib.lists.optionals (stdenv.isLinux) [ "unittest" ];

pkgs/sops-install-secrets/hm-test.nix

@@ -0,0 +1,42 @@
+{ pkgs, home-manager }:
+
+let
+
+  lib = import "${home-manager}/modules/lib/stdlib-extended.nix" pkgs.lib;
+
+  nmtSrc = fetchTarball {
+    url = "https://git.sr.ht/~rycee/nmt/archive/v0.5.1.tar.gz";
+    sha256 = "0qhn7nnwdwzh910ss78ga2d00v42b0lspfd7ybl61mpfgz3lmdcj";
+  };
+
+  modules = import "${home-manager}/modules/modules.nix" {
+    inherit lib pkgs;
+    check = false;
+  } ++ [{
+    # Bypass <nixpkgs> reference inside modules/modules.nix to make the test
+    # suite more pure.
+    _module.args.pkgsPath = pkgs.path;
+
+    # Fix impurities. Without these some of the user's environment
+    # will leak into the tests through `builtins.getEnv`.
+    xdg.enable = true;
+    home = {
+      username = "hm-user";
+      homeDirectory = "/home/hm-user";
+      stateVersion = lib.mkDefault "18.09";
+    };
+
+    # Avoid including documentation since this will cause
+    # unnecessary rebuilds of the tests.
+    manual.manpages.enable = lib.mkDefault false;
+
+    # imports = [ ./asserts.nix ./big-test.nix ./stubs.nix ];
+  }];
+
+in import nmtSrc {
+  inherit lib pkgs modules;
+  testedAttrPath = [ "home" "activationPackage" ];
+  tests = {
+    default = (import ./hm-tests/basic.nix);
+  };
+}

pkgs/sops-install-secrets/hm-tests/basic.nix

@@ -0,0 +1,14 @@
+{ ... }:
+
+{
+  nix.gc = {
+    automatic = true;
+    frequency = "monthly";
+    options = "--delete-older-than 30d";
+  };
+
+  test.stubs.nix = { name = "nix"; };
+
+  nmt.script = ''
+  '';
+}

pkgs/unit-tests.nix

@@ -1,7 +1,8 @@
 { pkgs ? import <nixpkgs> {}
+, home-manager ? import <home-manager> {}
 }:
 let
-  sopsPkgs = import ../. { inherit pkgs; };
+  sopsPkgs = import ../. { inherit home-manager pkgs; };
 in pkgs.stdenv.mkDerivation {
   name = "env";
   nativeBuildInputs = with pkgs; [