{ system ? builtins.currentSystem, sources ? import ./npins, pkgs ? import sources.nixpkgs { inherit system; }, }: let inherit (sources) nixpkgs git-hooks gitignore ; inherit (pkgs) lib; inherit (import sources.flake-inputs) import-flake; inputs = (import-flake { src = ./.; }).inputs; inherit (inputs) nixops4; panel = import ./panel { inherit sources system; }; pre-commit-check = (import "${git-hooks}/nix" { inherit nixpkgs system; gitignore-nix-src = { lib = import gitignore { inherit lib; }; }; }).run { src = ./.; hooks = let ## Add a directory here if pre-commit hooks shouldn't apply to it. optout = [ "npins" ]; excludes = map (dir: "^${dir}/") optout; addExcludes = lib.mapAttrs (_: c: c // { inherit excludes; }); in addExcludes { nixfmt-rfc-style.enable = true; deadnix.enable = true; trim-trailing-whitespace.enable = true; shellcheck.enable = true; }; }; in { # shell for testing TF directly shell = pkgs.mkShellNoCC { inherit (pre-commit-check) shellHook; buildInputs = pre-commit-check.enabledPackages; packages = let test-loop = pkgs.writeShellApplication { name = "test-loop"; runtimeInputs = [ pkgs.watchexec pkgs.nix-unit ]; text = '' watchexec -w ${builtins.toString ./.} -- nix-unit ${builtins.toString ./deployment/data-model-test.nix} "$@" ''; }; in [ pkgs.npins pkgs.nil (pkgs.callPackage "${sources.agenix}/pkgs/agenix.nix" { }) pkgs.openssh pkgs.httpie pkgs.jq pkgs.nix-unit test-loop nixops4.packages.${system}.default ]; }; tests = { inherit pre-commit-check; panel = panel.tests; }; # re-export inputs so they can be overridden granularly # (they can't be accessed from the outside any other way) inherit inputs sources system pkgs ; }