Merge branch 'feat/secrets' into 'main'

feat: add secrets module

See merge request TECHNOFAB/nixlets!2

lib/default.nix

@@ -64,6 +64,7 @@ with lib; rec {
             helm
             docker
             files
+            ./secretsModule.nix
             ({...}: let
               finalValues = mkValues "${path}/values.nix" {
                 rawValues = values;
@@ -94,6 +95,8 @@ with lib; rec {
       .config
       .kubernetes
       .resultYAML;
+    # combines all secrets files in a single directory
+    secrets = args: (eval args).config.kubernetes.secretsCombined;
   };
 
   fetchNixlet = url: sha256: mkNixlet (builtins.fetchTarball {inherit url sha256;});

lib/secretsModule.nix

@@ -0,0 +1,37 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}: let
+  inherit (lib) mkOption types;
+in {
+  options.kubernetes = {
+    secrets = mkOption {
+      type = types.attrsOf types.path;
+      description = "sops encrypted secrets";
+      example = ''
+        {
+          "abc" = ./some-secret.sops.yaml;
+        }
+      '';
+    };
+    secretsCombined = mkOption {
+      internal = true;
+      type = types.package;
+      description = "All sops encrypted secret files in a directory";
+    };
+  };
+  config.kubernetes.secretsCombined = let
+    commands = builtins.concatStringsSep "\n" (
+      map (
+        secret: "ln -s ${builtins.getAttr secret config.kubernetes.secrets} $out/${secret}.yaml"
+      )
+      (builtins.attrNames config.kubernetes.secrets)
+    );
+  in
+    pkgs.runCommand "nixlets-secrets-combined" {} ''
+      mkdir -p $out
+      ${commands}
+    '';
+}