From 5179a8d0a74c650cd7af9c8ff1be74e6d5eead7d Mon Sep 17 00:00:00 2001
From: Jaka Hudoklin <jakahudoklin@gmail.com>
Date: Mon, 18 Dec 2017 12:22:18 +0100
Subject: [PATCH] feat: deprecate mkValueOrSecretOption with mkSecretOption

---
 default.nix      |  2 +-
 lib.nix          | 47 ++++++++++++++++++++++++-----------------------
 test/default.nix |  2 +-
 test/modules.nix | 12 +++++++++---
 4 files changed, 35 insertions(+), 28 deletions(-)

diff --git a/default.nix b/default.nix
index 96a005d..431f328 100644
--- a/default.nix
+++ b/default.nix
@@ -14,7 +14,7 @@ let
     args = {
       inherit pkgs;
       name = "default";
-      k8s = { inherit loadJSON loadYAML toYAML toBase64 octalToDecimal mkValueOrSecretOption; };
+      k8s = { inherit loadJSON loadYAML toYAML toBase64 octalToDecimal mkSecretOption; };
     };
   };
 
diff --git a/lib.nix b/lib.nix
index 1595a4b..2ac6747 100644
--- a/lib.nix
+++ b/lib.nix
@@ -44,28 +44,29 @@ rec {
       value = acc.value + (toInt char) * (exp 8 acc.i);
     }) {i = 0; value = 0;} (stringToCharacters value)).value;
 
-  mkValueOrSecretOption = {...}@options: mkOption ({
-    type = types.nullOr (types.either types.str (types.submodule {
-      options.secret = mkOption {
-        description = "Name of the secret where password is stored";
-        type = types.str;
-      };
-
-      options.key = mkOption {
-        description = "Name of the key where password is stored";
-        type = types.str;
-        default = "password";
-      };
-    }));
-
-    apply = value:
-      if isAttrs value
-      then {
-        valueFrom.secretKeyRef = {
-          name = value.secret;
-          key = value.key;
+  mkSecretOption = {...}@options: mkOption (options // {
+    type = types.nullOr (types.submodule {
+      options = {
+        name = mkOption {
+          description = "Name of the secret where secret is stored";
+          type = types.str;
         };
-      }
-      else {inherit value;};
-  } // options);
+
+        key = mkOption {
+          description = "Name of the key where secret is stored";
+          type = types.str;
+        };
+      };
+
+      config = mkIf (hasAttr "default" options) (mkAllDefault options.default 1000);
+    });
+
+    apply = value: {
+      valueFrom.secretKeyRef = {
+        inherit (value) name key;
+      };
+    };
+
+    default = {};
+  });
 }
diff --git a/test/default.nix b/test/default.nix
index e05ec99..aa56478 100644
--- a/test/default.nix
+++ b/test/default.nix
@@ -1,7 +1,7 @@
 { config, ... }:
 
 {
-  kubernetes.version = "1.7";
+  kubernetes.version = "1.9";
 
   require = [./modules.nix ./deployment.nix];
 }
diff --git a/test/modules.nix b/test/modules.nix
index bdf2ef4..204a918 100644
--- a/test/modules.nix
+++ b/test/modules.nix
@@ -13,9 +13,12 @@ with lib;
           default = 80;
         };
 
-        password = mkValueOrSecretOption {
+        password = mkSecretOption {
           description = "Nginx simple auth credentials";
-          default.secret = "test";
+          default = {
+            name = "test";
+            key = "password";
+          };
         };
       };
 
@@ -47,7 +50,10 @@ with lib;
       };
     };
 
-    kubernetes.modules.app-v1.module = "nginx";
+    kubernetes.modules.app-v1 = {
+      module = "nginx";
+      configuration.password.name = "test2";
+    };
     kubernetes.modules.app-v2 = {
       module = "nginx";
       configuration.port = 8080;