Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: stackbuilders/nixpkgs-terraform
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v2.6.1
Choose a base ref
...
head repository: stackbuilders/nixpkgs-terraform
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: main
Choose a head ref

Commits on Mar 7, 2024

  1. feat: Add template for terranix (#43)

    oscar-izval authored Mar 7, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    ac7e620 View commit details
  2. Update Flakestry status badge

    sestrella authored Mar 7, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    9ff7959 View commit details
  3. Update README.md

    sestrella authored Mar 7, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    d316e03 View commit details

Commits on Mar 17, 2024

  1. Update Terraform versions (#61)

    Co-authored-by: GitHub <noreply@github.com>
    stackbuildersbot and web-flow authored Mar 17, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    c17f7e6 View commit details
  2. Bump cachix/install-nix-action from 25 to 26 (#56)

    Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 25 to 26.
    - [Release notes](https://github.com/cachix/install-nix-action/releases)
    - [Commits](cachix/install-nix-action@v25...v26)
    
    ---
    updated-dependencies:
    - dependency-name: cachix/install-nix-action
      dependency-type: direct:production
      update-type: version-update:semver-major
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    dependabot[bot] authored Mar 17, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    c284e4f View commit details

Commits on Mar 21, 2024

  1. fix: Drop duplicated all from cycle packages name (#57)

    sestrella authored Mar 21, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    90cb77d View commit details
  2. ci: Run build on macOS runners (M1, Intel) (#49)

    sestrella authored Mar 21, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    f37a0ec View commit details
  3. Add the keyword to update PRs to make sure they produce a new minor (#62

    )
    oscar-izval authored Mar 21, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    c399b40 View commit details

Commits on Mar 27, 2024

  1. feat: Extract default devshell to devenv.nix (#42)

    BREAKING CHANGE: Remove default devshell from flake.nix
    sestrella authored Mar 27, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    4cbc7b5 View commit details
  2. feat: Remove cycles from packages (#66)

    BREAKING CHANGE: Remove cycle packages from flake.nix
    sestrella authored Mar 27, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    1002509 View commit details

Commits on Apr 10, 2024

  1. feat: Expose packages with the latest version per cycle (#63)

    oscar-izval authored Apr 10, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    596c4ab View commit details

Commits on Apr 11, 2024

  1. feat: Add Terraform 1.8.0 (#68)

    sestrella authored Apr 11, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    2689303 View commit details
  2. Update versions daily (#69)

    oscar-izval authored Apr 11, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    cafbf44 View commit details

Commits on Apr 18, 2024

  1. Add support for 1.8.1 (#70)

    oscar-izval authored Apr 18, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    1430810 View commit details

Commits on May 9, 2024

  1. feat: Enable allowUnfree for Terraform versions >= 1.6 (#72)

    BREAKING CHANGE: Change `nixpkgs-unstable` config to allow unfree packages
    sestrella authored May 9, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    4f09d5a View commit details
  2. Update reference to config input

    sestrella committed May 9, 2024
    Copy the full SHA
    95a9f9e View commit details

Commits on May 14, 2024

  1. feat: Add support for Terraform versions 1.8.2 and 1.8.3

    fm7-1 authored May 14, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    8d7d086 View commit details

Commits on May 30, 2024

  1. feat: Add support for 1.8.4 (#78)

    sestrella authored May 30, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    9f58f22 View commit details
  2. build(deps): Bump cachix/cachix-action from 14 to 15 (#76)

    Bumps [cachix/cachix-action](https://github.com/cachix/cachix-action) from 14 to 15.
    - [Release notes](https://github.com/cachix/cachix-action/releases)
    - [Commits](cachix/cachix-action@v14...v15)
    
    ---
    updated-dependencies:
    - dependency-name: cachix/cachix-action
      dependency-type: direct:production
      update-type: version-update:semver-major
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    dependabot[bot] authored May 30, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    d75e987 View commit details
  3. build(deps): Bump cachix/install-nix-action from 26 to 27 (#77)

    Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 26 to 27.
    - [Release notes](https://github.com/cachix/install-nix-action/releases)
    - [Commits](cachix/install-nix-action@v26...V27)
    
    ---
    updated-dependencies:
    - dependency-name: cachix/install-nix-action
      dependency-type: direct:production
      update-type: version-update:semver-major
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    dependabot[bot] authored May 30, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    4372096 View commit details

Commits on Jun 7, 2024

  1. build(deps): Bump DeterminateSystems/flakehub-push from 3 to 4 (#79)

    Bumps [DeterminateSystems/flakehub-push](https://github.com/determinatesystems/flakehub-push) from 3 to 4.
    - [Release notes](https://github.com/determinatesystems/flakehub-push/releases)
    - [Commits](DeterminateSystems/flakehub-push@v3...v4)
    
    ---
    updated-dependencies:
    - dependency-name: DeterminateSystems/flakehub-push
      dependency-type: direct:production
      update-type: version-update:semver-major
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    dependabot[bot] authored Jun 7, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    5d6af13 View commit details

Commits on Jun 10, 2024

  1. feat: Add Terraform version 1.8.5 (#80)

    sestrella authored Jun 10, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    4c9dfa1 View commit details

Commits on Jul 2, 2024

  1. ci: Rewrite update-versions script in Go (#81)

    sestrella authored Jul 2, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    034287e View commit details

Commits on Aug 7, 2024

  1. feat: Initial support for Terraform 1.9 versions (#83)

    sestrella authored Aug 7, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    8939196 View commit details

Commits on Aug 8, 2024

  1. ci: Fix flakestry job (#84)

    * ci: Fix flakestry job
    
    * Test flakestry job
    
    * Change flakestry-publish to use a fork
    
    * Change flakestry-publish branch
    
    * Add link to err-last-modified issue
    
    * Revert some CI changes
    
    * Add more information about the fork
    
    * Revert changes on version
    sestrella authored Aug 8, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    2a78267 View commit details
  2. feat: Add Terraform versions 1.9.3 and 1.9.4 (#85)

    * fix: Update inputs on vendor-hash
    
    * feat: Add Terraform versions 1.9.3 and 1.9.4
    sestrella authored Aug 8, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    6b5daf2 View commit details

Commits on Aug 21, 2024

  1. Update Terraform versions (#86)

    Co-authored-by: GitHub <noreply@github.com>
    stackbuildersbot and web-flow authored Aug 21, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    c521613 View commit details

Commits on Sep 4, 2024

  1. chore: fixed Stack Builders footer image (#87)

    DavidMazarro authored Sep 4, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    7bc72b3 View commit details

Commits on Sep 23, 2024

  1. Bump go 1.22.7 (#91)

    oscar-izval authored Sep 23, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    9cc795d View commit details
  2. build(deps): Bump cachix/install-nix-action from V27 to 28 (#90)

    Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from V27 to 28. This release includes the previously tagged commit.
    - [Release notes](https://github.com/cachix/install-nix-action/releases)
    - [Commits](cachix/install-nix-action@V27...V28)
    
    ---
    updated-dependencies:
    - dependency-name: cachix/install-nix-action
      dependency-type: direct:production
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    dependabot[bot] authored Sep 23, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    2458ca7 View commit details
  3. build(deps): Bump peter-evans/create-pull-request from 6 to 7 (#88)

    Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6 to 7.
    - [Release notes](https://github.com/peter-evans/create-pull-request/releases)
    - [Commits](peter-evans/create-pull-request@v6...v7)
    
    ---
    updated-dependencies:
    - dependency-name: peter-evans/create-pull-request
      dependency-type: direct:production
      update-type: version-update:semver-major
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    dependabot[bot] authored Sep 23, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    df5d2c5 View commit details
  4. build(deps): Bump DeterminateSystems/flakehub-push from 4 to 5 (#89)

    Bumps [DeterminateSystems/flakehub-push](https://github.com/determinatesystems/flakehub-push) from 4 to 5.
    - [Release notes](https://github.com/determinatesystems/flakehub-push/releases)
    - [Commits](DeterminateSystems/flakehub-push@v4...v5)
    
    ---
    updated-dependencies:
    - dependency-name: DeterminateSystems/flakehub-push
      dependency-type: direct:production
      update-type: version-update:semver-major
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    dependabot[bot] authored Sep 23, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    af5bca2 View commit details
  5. Update Terraform versions (#92)

    Co-authored-by: GitHub <noreply@github.com>
    stackbuildersbot and web-flow authored Sep 23, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    71983f3 View commit details
  6. feat: Add Terraform versions 1.9.5 and 1.9.6

    sestrella committed Sep 23, 2024
    Copy the full SHA
    827484c View commit details

Commits on Oct 3, 2024

  1. feat: Add Terraform version 1.9.7 (#96)

    stackbuildersbot authored Oct 3, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    fb4abdb View commit details
  2. build(deps): Bump cachix/install-nix-action from V28 to 29 (#95)

    Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from V28 to 29. This release includes the previously tagged commit.
    - [Release notes](https://github.com/cachix/install-nix-action/releases)
    - [Commits](cachix/install-nix-action@V28...v29)
    
    ---
    updated-dependencies:
    - dependency-name: cachix/install-nix-action
      dependency-type: direct:production
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    dependabot[bot] authored Oct 3, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    6df61dd View commit details

Commits on Oct 7, 2024

  1. build(deps): Bump cachix/install-nix-action from 29 to 30 (#97)

    Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 29 to 30.
    - [Release notes](https://github.com/cachix/install-nix-action/releases)
    - [Commits](cachix/install-nix-action@v29...v30)
    
    ---
    updated-dependencies:
    - dependency-name: cachix/install-nix-action
      dependency-type: direct:production
      update-type: version-update:semver-major
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    dependabot[bot] authored Oct 7, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    08ed3a4 View commit details

Commits on Oct 17, 2024

  1. feat: Update Terraform versions (#98)

    Co-authored-by: GitHub <noreply@github.com>
    stackbuildersbot and web-flow authored Oct 17, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    db8dc49 View commit details

Commits on Nov 28, 2024

  1. feat: Add Terraform version 1.10.0 (#99)

    oscar-izval authored Nov 28, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    a83ca95 View commit details

Commits on Nov 29, 2024

  1. Reorder entries on versions.json

    Co-authored-by: GitHub <noreply@github.com>
    stackbuildersbot and web-flow authored Nov 29, 2024

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    b4db1b5 View commit details

Commits on Jan 3, 2025

  1. feat: Add Terraform versions 1.10.1, 1.10.2 and 1.10.3

    oscar-izval authored Jan 3, 2025

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    6a084f0 View commit details

Commits on Feb 1, 2025

  1. feat: Add Terraform versions 1.10.4 and 1.10.5 (#104)

    oscar-izval authored Feb 1, 2025

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    6540f08 View commit details

Commits on Feb 14, 2025

  1. Update Terraform versions (#105)

    Co-authored-by: GitHub <noreply@github.com>
    stackbuildersbot and web-flow authored Feb 14, 2025

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    cb096e4 View commit details
  2. ci: Fix the update script (#103)

    oscar-izval authored Feb 14, 2025

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    49bd7c1 View commit details

Commits on Feb 28, 2025

  1. feat: Add Terraform version 1.11.0 (#107)

    Co-authored-by: GitHub <noreply@github.com>
    stackbuildersbot and web-flow authored Feb 28, 2025

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    5512e93 View commit details

Commits on Mar 6, 2025

  1. feat: Add Terraform version 1.11.1

    Co-authored-by: GitHub <noreply@github.com>
    stackbuildersbot and web-flow authored Mar 6, 2025

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    26e0cf4 View commit details

Commits on Mar 10, 2025

  1. build(deps): Bump cachix/install-nix-action from 30 to 31 (#109)

    Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 30 to 31.
    - [Release notes](https://github.com/cachix/install-nix-action/releases)
    - [Commits](cachix/install-nix-action@v30...v31)
    
    ---
    updated-dependencies:
    - dependency-name: cachix/install-nix-action
      dependency-type: direct:production
      update-type: version-update:semver-major
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    dependabot[bot] authored Mar 10, 2025

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    d82beb6 View commit details

Commits on Mar 13, 2025

  1. feat: Update Terraform versions (#110)

    Co-authored-by: GitHub <noreply@github.com>
    stackbuildersbot and web-flow authored Mar 13, 2025

    Verified

    This commit was created on github.com and signed with GitHub’s verified signature.
    Copy the full SHA
    19fc112 View commit details
4 changes: 3 additions & 1 deletion .envrc
Original file line number Diff line number Diff line change
@@ -1 +1,3 @@
use flake
source_url "https://raw.githubusercontent.com/cachix/devenv/790c4230a547243a01435fc8c5292cd54abaec74/direnvrc" "sha256-YBzqskFZxmNb3kYVoKD9ZixoPXJh1C9ZvTLGFRkauZ0="

use devenv
70 changes: 41 additions & 29 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
@@ -11,69 +11,81 @@ concurrency:
cancel-in-progress: true

jobs:
build:
check:
runs-on: ubuntu-latest
timeout-minutes: 20
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install Nix
uses: cachix/install-nix-action@v31
with:
nix_path: nixpkgs=channel:nixos-24.11-small
- name: Install devenv
run: |
nix profile install --accept-flake-config nixpkgs#devenv
devenv version
- name: Run tests
run: devenv test

build:
strategy:
matrix:
# INFO: This is only a workaround to avoid timeout issues with the CI;
# whether it becomes a definitive solution or not will require a
# separate discussion with Oscar.
cycle:
- "all-1.7"
- "all-1.6"
- "all-1.5"
- "all-1.4"
- "all-1.3"
- "all-1.2"
- "all-1.1"
- "all-1.0"
os:
- macos-13 # x86_64-darwin
- macos-latest # aarch64-darwin
- ubuntu-latest # x86_64-linux
fail-fast: false
runs-on: ${{ matrix.os }}
needs: [check]
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install Nix
uses: cachix/install-nix-action@v25
uses: cachix/install-nix-action@v31
- name: Setup Cachix
uses: cachix/cachix-action@v14
uses: cachix/cachix-action@v15
with:
name: nixpkgs-terraform
authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
skipPush: false
skipPush: true
- name: Build packages
run: |
if grep -q authToken ~/.config/cachix/cachix.dhall; then
echo "Cachix token is present"
cachix watch-exec nixpkgs-terraform nix -- build .#\"${{ matrix.cycle }}\" --impure
cachix watch-exec nixpkgs-terraform nix -- flake check --max-jobs 2
else
echo "Cachix token is not present"
nix build .#\"${{ matrix.cycle }}\" --impure
nix flake check --max-jobs 2
fi
env:
NIXPKGS_ALLOW_UNFREE: 1
template:
runs-on: ubuntu-latest
timeout-minutes: 5
timeout-minutes: 8
needs: [build]
strategy:
matrix:
template: [default, devenv]
template:
- name: config
test: nix flake metadata
- name: default
test: nix develop --accept-flake-config --impure -c terraform --version
- name: devenv
test: nix develop --accept-flake-config --impure -c terraform --version
- name: terranix
test: nix develop --accept-flake-config --impure -c terraform --version
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install Nix
uses: cachix/install-nix-action@v25
uses: cachix/install-nix-action@v31
- name: Replace inputs on templates
run: sed -i 's/github:stackbuilders\/nixpkgs-terraform/github:stackbuilders\/nixpkgs-terraform\/${{ github.sha }}/g' templates/*/flake.nix
- name: Create a temporary directory
run: echo "tmpdir=$(mktemp -d)" >> "$GITHUB_OUTPUT"
id: mktemp
- name: Scaffold a new project
run: nix flake init -t ${{ github.workspace }}#${{ matrix.template }}
run: nix flake init -t ${{ github.workspace }}#${{ matrix.template.name }}
working-directory: ${{ steps.mktemp.outputs.tmpdir }}
- name: Run smoke test
run: nix develop --accept-flake-config --impure -c terraform --version
- name: Run test
run: ${{ matrix.template.test }}
working-directory: ${{ steps.mktemp.outputs.tmpdir }}
env:
NIXPKGS_ALLOW_UNFREE: 1
8 changes: 5 additions & 3 deletions .github/workflows/publish.yml
Original file line number Diff line number Diff line change
@@ -21,17 +21,19 @@ jobs:
with:
ref: ${{ github.ref_name }}
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@v9
uses: cachix/install-nix-action@v31
- name: Publish flake
uses: DeterminateSystems/flakehub-push@v3
uses: DeterminateSystems/flakehub-push@v5
with:
tag: ${{ github.ref_name }}
visibility: public

# INFO: The following fork updates the Nix version used by the action to fix
# the "lastModified" issue. https://flakehub.com/docs/faq#err-last-modified
flakestry:
runs-on: ubuntu-latest
steps:
- name: Publish flake
uses: flakestry/flakestry-publish@645c2ab3c99b97f5f1abc383370ae5e72c9e7d9b
uses: stackbuilders/flakestry-publish@update_install_nix_action
with:
version: ${{ github.ref_name }}
14 changes: 8 additions & 6 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
@@ -18,12 +18,14 @@ jobs:
- name: Checkout code
uses: actions/checkout@v4
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@v9
- name: Install tools via Nix
run: nix develop --check
- name: Install dependencies
run: nix develop -c npm ci
uses: cachix/install-nix-action@v31
- name: Setup Cachix
uses: cachix/cachix-action@v15
with:
name: devenv
- name: Install devenv
run: nix-env -if https://install.devenv.sh/latest
- name: Run semantic-release
run: nix develop -c npx semantic-release
run: devenv shell semantic-release
env:
GITHUB_TOKEN: ${{ secrets.BOT_TOKEN }}
31 changes: 20 additions & 11 deletions .github/workflows/update.yml
Original file line number Diff line number Diff line change
@@ -2,42 +2,51 @@
name: Update

on:
workflow_dispatch:
schedule:
- cron: "0 0 * * 0"
- cron: "0 0 * * *"

concurrency:
group: update
cancel-in-progress: true

jobs:
update:
runs-on: ubuntu-latest
runs-on: macos-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
ref: main
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@v9
- name: Install tools via Nix
run: nix develop --impure --check
uses: cachix/install-nix-action@v31
with:
nix_path: nixpkgs=channel:nixos-24.11-small
- name: Install devenv
run: |
nix profile install --accept-flake-config nixpkgs#devenv
devenv version
- name: Update versions
run: nix develop --impure --command python3 update-versions.py
run: |
devenv shell -- go run . update-versions \
--versions ../versions.json \
--vendor-hash ../vendor-hash.nix
env:
GITHUB_TOKEN: ${{ secrets.BOT_TOKEN }}
CLI_GITHUB_TOKEN: ${{ secrets.BOT_TOKEN }}
working-directory: cli
- name: Create pull request
uses: peter-evans/create-pull-request@v6
uses: peter-evans/create-pull-request@v7
with:
author: GitHub <noreply@github.com>
commit-message: Update Terraform versions
title: Update Terraform versions
title: "feat: Update Terraform versions"
body: |
Automatically created pull-request to update Terraform versions.
This is the result of running:
This is the result of configuring a CLI_GITHUB_TOKEN in `.env` and running:
```
env GITHUB_TOKEN=<token> nix develop --impure --command python3 update-versions.py
cli update-versions
```
delete-branch: true
reviewers: |
4 changes: 2 additions & 2 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
.devenv*
.direnv
.env
node_modules
.pre-commit-config.yaml
result
templates/*/flake.lock
38 changes: 28 additions & 10 deletions README.md
Original file line number Diff line number Diff line change
@@ -6,13 +6,18 @@
[![Publish](https://github.com/stackbuilders/nixpkgs-terraform/actions/workflows/publish.yml/badge.svg)](https://github.com/stackbuilders/nixpkgs-terraform/actions/workflows/publish.yml)

[![FlakeHub](https://img.shields.io/endpoint?url=https://flakehub.com/f/stackbuilders/nixpkgs-terraform/badge)](https://flakehub.com/flake/stackbuilders/nixpkgs-terraform)
[![flakestry.dev](https://flakestry.dev/api/badge/flake/github/stackbuilders/nixpkgs-terraform)](https://flakestry.dev/flake/github/stackbuilders/nixpkgs-terraform)
[![flakestry.dev](https://flakestry.dev/api/badge/flake/github/stackbuilders/nixpkgs-terraform)](https://flakestry.dev/flake/github/stackbuilders/nixpkgs-terraform/)

This [flake](https://nixos.wiki/wiki/Flakes) exposes a collection of Terraform
[versions](versions.json) as Nix packages, starting with version 1.0.0. The
[versions](versions.json) as Nix packages, starting with version `1.0.0`. The
packages provided can be used for creating reproducible development
environments using a [nix-shell] or [devenv](https://devenv.sh).

**Note:** Starting with version `4.0`, this project enables `allowUnfree` by
default in order to build Terraform versions with a [BSL
license][license-change]; however, this flag can be disabled via a
configuration flake; see [here](templates/config) for more details.

## How it works

This flake provides a set of Terraform versions in the form of:
@@ -21,6 +26,11 @@ This flake provides a set of Terraform versions in the form of:
nixpkgs-terraform.packages.${system}.${version}
```

Where `version` is a specific `X.Y.Z` version or an alias `X.Y` pointing to the
latest patch version within the same cycle, for example, `1.5` points to
`1.5.7`. The [versions.json](./versions.json) file contains a complete list of
all the available versions and aliases.

Terraform versions are kept up to date via a weekly scheduled [CI
workflow](.github/workflows/update.yml).

@@ -62,6 +72,12 @@ nixConfig = {
};
```

Currently, the binary cache supports the following systems:

- aarch64-darwin
- x86_64-darwin
- x86_64-linux

## Usage

After configuring the inputs from the [Install](#install) section, a common use
@@ -76,14 +92,15 @@ outputs = { self, flake-utils, nixpkgs-terraform, nixpkgs }:
flake-utils.lib.eachDefaultSystem (system:
let
pkgs = nixpkgs.legacyPackages.${system};
terraform = nixpkgs-terraform.packages.${system}."1.6.3";
terraform = nixpkgs-terraform.packages.${system}."X.Y.Z";
in
{
devShells.default = pkgs.mkShell {
buildInputs = [ terraform ];
};
});
```
where `X.Y.Z` is one of the supported versions in the `versions.json` file.

#### As an overlay

@@ -98,10 +115,11 @@ outputs = { self, flake-utils, nixpkgs-terraform, nixpkgs }:
in
{
devShells.default = pkgs.mkShell {
buildInputs = [ pkgs.terraform-versions."1.6.3" ];
buildInputs = [ pkgs.terraform-versions."X.Y.Z" ];
};
});
```
where `X.Y.Z` is one of the supported versions in the `versions.json` file.

Start a new [nix-shell] with Terraform in scope by running the following
command:
@@ -110,10 +128,9 @@ command:
env NIXPKGS_ALLOW_UNFREE=1 nix develop --impure
```

**Note:** Due to Hashicorp’s most recent [license
change](https://www.hashicorp.com/blog/hashicorp-adopts-business-source-license),
the `NIXPKGS_ALLOW_UNFREE` flag is required for Terraform versions `>= 1.6.0`,
`nix develop` should work out of the box for older versions.
**Note:** Due to Hashicorp’s most recent [license change][license-change] the
`NIXPKGS_ALLOW_UNFREE` flag is required for Terraform versions `>= 1.6.0`, `nix
develop` should work out of the box for older versions.

### Templates

@@ -122,6 +139,7 @@ This flake provides the following templates:
- [default](templates/default) - Simple nix-shell with Terraform installed via
nixpkgs-terraform.
- [devenv](templates/devenv) - Using nixpkgs-terraform with devenv.
- [terranix](templates/terranix) - Using nixpkgs-terraform with terranix.

Run the following command to scaffold a new project using a template:

@@ -159,10 +177,10 @@ to make it easier for maintainers to release new changes.

---

<img src="https://www.stackbuilders.com/media/images/Sb-supports.original.png"
alt="Stack Builders" width="50%"></img>
<img src="https://cdn.stackbuilders.com/media/images/Sb-supports.original.png" alt="Stack Builders" width="50%"></img>
[Check out our libraries](https://github.com/stackbuilders/) | [Join our
team](https://www.stackbuilders.com/join-us/)

[license-change]: https://www.hashicorp.com/blog/hashicorp-adopts-business-source-license
[nix-shell]: https://nixos.wiki/wiki/Development_environment_with_nix-shell
[semantic-release]: https://semantic-release.gitbook.io/semantic-release/
1 change: 1 addition & 0 deletions cli/.env.example
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
CLI_GITHUB_TOKEN=
3 changes: 3 additions & 0 deletions cli/.envrc
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
source_url "https://raw.githubusercontent.com/cachix/devenv/790c4230a547243a01435fc8c5292cd54abaec74/direnvrc" "sha256-YBzqskFZxmNb3kYVoKD9ZixoPXJh1C9ZvTLGFRkauZ0="

use devenv
2 changes: 2 additions & 0 deletions cli/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
.env
cli
37 changes: 37 additions & 0 deletions cli/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
# CLI

A set of tools for maintainers.

## Requirements

Install [devenv](https://devenv.sh/getting-started/)

## Usage

Change working directory:

```
cd cli
```

Spawn a [nix-shell]:

```
devenv shell
```

Compile code:

```
go build
```

Update versions file:

```
go run . update-versions \
--versions ../versions.json \
--vendor-hash ../vendor-hash.nix
```

[nix-shell]: https://nixos.wiki/wiki/Development_environment_with_nix-shell
22 changes: 22 additions & 0 deletions cli/cmd/root.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
package cmd

import (
"os"

"github.com/spf13/cobra"
)

var rootCmd = &cobra.Command{
Use: "cli",
Short: "A set of tools for maintainers",
Long: "A set of tools for maintainers",
}

func Execute() {
err := rootCmd.Execute()
if err != nil {
os.Exit(1)
}
}

func init() {}
249 changes: 249 additions & 0 deletions cli/cmd/updateVersions.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,249 @@
package cmd

import (
"context"
"encoding/json"
"fmt"
"log"
"os"
"os/exec"
"path/filepath"
"strings"

"github.com/Masterminds/semver/v3"
"github.com/google/go-github/v62/github"
"github.com/spf13/cobra"
)

var owner string
var repo string
var vendorHashPath string
var versionsPath string
var minVersionStr string
var maxVersionStr string

type Versions struct {
Releases map[semver.Version]Release `json:"releases"`
Latest map[Alias]semver.Version `json:"latest"`
}

type Release struct {
Hash string `json:"hash"`
VendorHash string `json:"vendorHash"`
}

type Alias struct {
semver.Version
}

func (a Alias) MarshalText() ([]byte, error) {
return []byte(fmt.Sprintf("%d.%d", a.Major(), a.Minor())), nil
}

var updateVersionsCmd = &cobra.Command{
Use: "update-versions",
Short: "Update versions file",
Long: "Look up the most recent Terraform releases and calculate the needed hashes for new versions",
Run: func(cmd *cobra.Command, args []string) {
token := os.Getenv("CLI_GITHUB_TOKEN")
if token == "" {
log.Fatal("Environment variable CLI_GITHUB_TOKEN is missing")
}

versionsPath, err := filepath.Abs(versionsPath)
if err != nil {
log.Fatal("File versions.json not found: ", err)
}

vendorHashPath, err := filepath.Abs(vendorHashPath)
if err != nil {
log.Fatal("File vendor-hash.nix not found: ", err)
}

minVersion, err := semver.NewVersion(minVersionStr)
if err != nil {
log.Fatal("Invalid min-version: ", err)
}

var maxVersion *semver.Version
if maxVersionStr != "" {
maxVersion, err = semver.NewVersion(maxVersionStr)
if err != nil {
log.Fatal("Invalid max-version: ", err)
}
}

err = updateVersions(token, versionsPath, vendorHashPath, minVersion, maxVersion)
if err != nil {
log.Fatal("Unable to update versions: ", err)
}
},
}

func updateVersions(token string, versionsPath string, vendorHashPath string, minVersion *semver.Version, maxVersion *semver.Version) error {
nixPrefetchPath, err := exec.LookPath("nix-prefetch")
if err != nil {
return fmt.Errorf("nix-prefetch not found: %w", err)
}

nixBinaryPath, err := exec.LookPath("nix")
if err != nil {
return fmt.Errorf("nix not found: %w", err)
}

versions, err := readVersions(versionsPath)
if err != nil {
return err
}

err = withReleases(token, func(release *github.RepositoryRelease) error {
tagName := release.GetTagName()
version, err := semver.NewVersion(strings.TrimLeft(tagName, "v"))
if err != nil {
return err
}
if version.Compare(minVersion) >= 0 && (maxVersion == nil || version.Compare(maxVersion) <= 0) && version.Prerelease() == "" {
if _, ok := versions.Releases[*version]; ok {
log.Printf("Version %s found in file\n", version)
} else {
log.Printf("Computing hashes for %s\n", version)
hash, err := computeHash(nixBinaryPath, tagName)
if err != nil {
return fmt.Errorf("Unable to compute hash: %w", err)
}
log.Printf("Computed hash: %s\n", hash)
vendorHash, err := computeVendorHash(nixPrefetchPath, vendorHashPath, version, hash)
if err != nil {
return fmt.Errorf("Unable to compute vendor hash: %w", err)
}
log.Printf("Computed vendor hash: %s\n", vendorHash)
versions.Releases[*version] = Release{Hash: hash, VendorHash: vendorHash}
}
}
return nil
})
if err != nil {
return err
}

versions.Latest = make(map[Alias]semver.Version)
for version := range versions.Releases {
alias := Alias{*semver.New(version.Major(), version.Minor(), 0, "", "")}
if latest, ok := versions.Latest[alias]; !ok || version.Compare(&latest) > 0 {
versions.Latest[alias] = version
}
}

content, err := json.MarshalIndent(versions, "", " ")
if err != nil {
log.Fatal("Unable to marshall versions: ", err)
}

err = os.WriteFile(versionsPath, content, 0644)
if err != nil {
log.Fatal("Unable to write file: ", err)
}

return nil
}

func readVersions(versionsPath string) (*Versions, error) {
content, err := os.ReadFile(versionsPath)
if err != nil {
return nil, err
}
var versions *Versions
err = json.Unmarshal(content, &versions)
if err != nil {
return nil, err
}
return versions, nil
}

func withReleases(token string, f func(release *github.RepositoryRelease) error) error {
client := github.NewClient(nil).WithAuthToken(token)
opt := &github.ListOptions{Page: 1}
for {
releases, resp, err := client.Repositories.ListReleases(context.Background(), owner, repo, opt)
if err != nil {
return err
}
for _, release := range releases {
err = f(release)
if err != nil {
return err
}
}
if resp.NextPage == 0 {
break
}
opt.Page = resp.NextPage
}
return nil
}

func computeHash(nixBinaryPath string, tagName string) (string, error) {
cmd := exec.Command(
nixBinaryPath, "flake", "prefetch",
"--extra-experimental-features", "nix-command flakes",
"--json", fmt.Sprintf("github:%s/%s/%s", owner, repo, tagName),
)

// Redirect stderr to the standard logger
cmd.Stderr = log.Writer()

// Get the output
output, err := cmd.Output()
if err != nil {
return "", fmt.Errorf("command execution failed: %w", err)
}

// Parse JSON output to get hash
var result struct {
Hash string `json:"hash"`
}
if err := json.Unmarshal(output, &result); err != nil {
return "", fmt.Errorf("failed to parse JSON output: %w", err)
}

return result.Hash, nil
}

func computeVendorHash(nixPrefetchPath string, vendorHashFile string, version *semver.Version, hash string) (string, error) {
vendorHash, err := runNixPrefetch(
nixPrefetchPath,
"--file",
vendorHashFile,
"--argstr",
"version",
version.String(),
"--argstr",
"hash",
hash)
if err != nil {
return "", err
}
return vendorHash, nil
}

func runNixPrefetch(nixPrefetchPath string, extraArgs ...string) (string, error) {
args := append([]string{"--option", "extra-experimental-features", "flakes"}, extraArgs...)
cmd := exec.Command(nixPrefetchPath, args...)
cmd.Stderr = log.Writer()
output, err := cmd.Output()
if err != nil {
return "", err
}
return strings.TrimRight(string(output), "\n"), nil
}

func init() {
rootCmd.AddCommand(updateVersionsCmd)

updateVersionsCmd.Flags().StringVarP(&owner, "owner", "", "hashicorp", "The owner name of the repository on GitHub")
updateVersionsCmd.Flags().StringVarP(&repo, "repo", "", "terraform", "The repository name on GitHub")
updateVersionsCmd.Flags().StringVarP(&vendorHashPath, "vendor-hash", "", "vendor-hash.nix", "Nix file required to compute vendorHash")
updateVersionsCmd.Flags().StringVarP(&versionsPath, "versions", "", "versions.json", "The file to be updated")
updateVersionsCmd.Flags().StringVarP(&minVersionStr, "min-version", "", "1.0.0", "Min release version")
updateVersionsCmd.Flags().StringVarP(&maxVersionStr, "max-version", "", "", "Max release version")
}
103 changes: 103 additions & 0 deletions cli/devenv.lock
Original file line number Diff line number Diff line change
@@ -0,0 +1,103 @@
{
"nodes": {
"devenv": {
"locked": {
"dir": "src/modules",
"lastModified": 1739444039,
"owner": "cachix",
"repo": "devenv",
"rev": "1235cd13f47df6ad19c8a183c6eabc1facb7c399",
"type": "github"
},
"original": {
"dir": "src/modules",
"owner": "cachix",
"repo": "devenv",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1733328505,
"owner": "edolstra",
"repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"git-hooks": {
"inputs": {
"flake-compat": "flake-compat",
"gitignore": "gitignore",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1737465171,
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "9364dc02281ce2d37a1f55b6e51f7c0f65a75f17",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1739461644,
"owner": "nixos",
"repo": "nixpkgs",
"rev": "97a719c9f0a07923c957cf51b20b329f9fb9d43f",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-24.11-small",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"devenv": "devenv",
"git-hooks": "git-hooks",
"nixpkgs": "nixpkgs",
"pre-commit-hooks": [
"git-hooks"
]
}
}
},
"root": "root",
"version": 7
}
12 changes: 12 additions & 0 deletions cli/devenv.nix
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
{ pkgs, ... }:

{
dotenv.enable = true;

packages = [
pkgs.cobra-cli
pkgs.nix-prefetch
];

languages.go.enable = true;
}
3 changes: 3 additions & 0 deletions cli/devenv.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
inputs:
nixpkgs:
url: github:nixos/nixpkgs/nixos-24.11-small
15 changes: 15 additions & 0 deletions cli/go.mod
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
module github.com/stackbuilders/nixpkgs-terraform/cli

go 1.22.1

require (
github.com/Masterminds/semver/v3 v3.2.1
github.com/google/go-github/v62 v62.0.0
github.com/spf13/cobra v1.8.1
)

require (
github.com/google/go-querystring v1.1.0 // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/spf13/pflag v1.0.5 // indirect
)
20 changes: 20 additions & 0 deletions cli/go.sum
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
github.com/Masterminds/semver/v3 v3.2.1 h1:RN9w6+7QoMeJVGyfmbcgs28Br8cvmnucEXnY0rYXWg0=
github.com/Masterminds/semver/v3 v3.2.1/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ=
github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/go-github/v62 v62.0.0 h1:/6mGCaRywZz9MuHyw9gD1CwsbmBX8GWsbFkwMmHdhl4=
github.com/google/go-github/v62 v62.0.0/go.mod h1:EMxeUqGJq2xRu9DYBMwel/mr7kZrzUOfQmmpYrZn2a4=
github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM=
github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y=
github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
7 changes: 7 additions & 0 deletions cli/main.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
package main

import "github.com/stackbuilders/nixpkgs-terraform/cli/cmd"

func main() {
cmd.Execute()
}
103 changes: 103 additions & 0 deletions devenv.lock
Original file line number Diff line number Diff line change
@@ -0,0 +1,103 @@
{
"nodes": {
"devenv": {
"locked": {
"dir": "src/modules",
"lastModified": 1739444039,
"owner": "cachix",
"repo": "devenv",
"rev": "1235cd13f47df6ad19c8a183c6eabc1facb7c399",
"type": "github"
},
"original": {
"dir": "src/modules",
"owner": "cachix",
"repo": "devenv",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1733328505,
"owner": "edolstra",
"repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"git-hooks": {
"inputs": {
"flake-compat": "flake-compat",
"gitignore": "gitignore",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1737465171,
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "9364dc02281ce2d37a1f55b6e51f7c0f65a75f17",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1739461644,
"owner": "nixos",
"repo": "nixpkgs",
"rev": "97a719c9f0a07923c957cf51b20b329f9fb9d43f",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-24.11-small",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"devenv": "devenv",
"git-hooks": "git-hooks",
"nixpkgs": "nixpkgs",
"pre-commit-hooks": [
"git-hooks"
]
}
}
},
"root": "root",
"version": 7
}
9 changes: 9 additions & 0 deletions devenv.nix
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
{ pkgs, ... }:

{
packages = [
pkgs.semantic-release
];

pre-commit.hooks.nixpkgs-fmt.enable = true;
}
3 changes: 3 additions & 0 deletions devenv.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
inputs:
nixpkgs:
url: github:nixos/nixpkgs/nixos-24.11-small
71 changes: 50 additions & 21 deletions flake.lock
134 changes: 73 additions & 61 deletions flake.nix
Original file line number Diff line number Diff line change
@@ -2,79 +2,91 @@
description = "A collection of Terraform versions that are automatically updated";

inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable";

systems.url = "github:nix-systems/default";
config.url = "github:stackbuilders/nixpkgs-terraform?dir=templates/config";
flake-parts.url = "github:hercules-ci/flake-parts";
nixpkgs-1_0.url = "github:nixos/nixpkgs/41de143fda10e33be0f47eab2bfe08a50f234267"; # nixos-23.05
nixpkgs-1_6.url = "github:nixos/nixpkgs/d6b3ddd253c578a7ab98f8011e59990f21dc3932"; # nixos-24.05
nixpkgs-1_9.url = "github:nixos/nixpkgs/af51545ec9a44eadf3fe3547610a5cdd882bc34e"; # nixpkgs-unstable
systems.url = "github:nix-systems/default";
};

outputs = { self, flake-parts, ... }@inputs: flake-parts.lib.mkFlake { inherit inputs; } {
imports = [
inputs.flake-parts.flakeModules.easyOverlay
];
systems = import inputs.systems;
outputs = inputs@{ self, ... }: inputs.flake-parts.lib.mkFlake
{ inherit inputs; }
{
imports = [
inputs.flake-parts.flakeModules.easyOverlay
];

perSystem = { config, pkgs, pkgs-unstable, system, ... }: {
_module.args = {
pkgs-unstable = inputs.nixpkgs-unstable.legacyPackages.${system};
};
systems = import inputs.systems;

packages =
perSystem = { config, pkgs-1_0, pkgs-1_6, pkgs-1_9, system, ... }:
let
versions = import ./lib/packages.nix { inherit pkgs pkgs-unstable; custom-lib = self.lib; };
linkPackagesByCycle = versionsPerCycle: builtins.mapAttrs
(cycle: cycleVersions: pkgs.symlinkJoin {
name = "terraform-all-${cycle}";
paths = builtins.map (version: versions.${version}) cycleVersions;
})
versionsPerCycle;
groupVersionsByCycle = versions: builtins.groupBy
(version:
let
splittedVersion = builtins.splitVersion version;
in
"all-" + (builtins.concatStringsSep "." [
(builtins.elemAt splittedVersion 0)
(builtins.elemAt splittedVersion 1)
])
)
(builtins.attrNames versions);
cycles = linkPackagesByCycle (groupVersionsByCycle versions);
flakeConfig = import inputs.config;
in
versions // cycles;
{
_module.args = {
pkgs-1_0 = import inputs.nixpkgs-1_0 {
inherit system;
};
pkgs-1_6 = import inputs.nixpkgs-1_6 {
inherit system;
config = flakeConfig.nixpkgs-unstable;
};
pkgs-1_9 = import inputs.nixpkgs-1_9 {
inherit system;
config = flakeConfig.nixpkgs-unstable;
};
};

overlayAttrs = {
terraform-versions = config.packages;
};
checks = config.packages;

devShells.default = pkgs.mkShell {
buildInputs = [
pkgs-unstable.black
(pkgs-unstable.python3.withPackages (ps: [
ps.pygithub
ps.semver
]))
pkgs-unstable.nix-prefetch
pkgs.nodejs
pkgs.rubyPackages.dotenv
];
};
};
packages =
let
filteredVersions =
let
versions = builtins.fromJSON (builtins.readFile ./versions.json);
allowUnfree = flakeConfig.nixpkgs-unstable.allowUnfree;
versionLessThan1_6 = version: builtins.compareVersions version "1.6.0" < 0;
in
{
releases = pkgs-1_9.lib.filterAttrs (version: _: allowUnfree || versionLessThan1_6 version) versions.releases;
latest = pkgs-1_9.lib.filterAttrs (_: version: allowUnfree || versionLessThan1_6 version) versions.latest;
};
releases = import ./lib/releases.nix {
inherit pkgs-1_0 pkgs-1_6 pkgs-1_9; custom-lib = self.lib;
releases = filteredVersions.releases;
silenceWarnings = flakeConfig.nixpkgs-terraform.silenceWarnings;
};
latestVersions = builtins.mapAttrs (_cycle: version: releases.${version}) filteredVersions.latest;
in
releases // latestVersions;

flake = {
templates = {
default = {
description = "Simple nix-shell with Terraform installed via nixpkgs-terraform";
path = ./templates/default;
overlayAttrs = {
terraform-versions = config.packages;
};
};
devenv = {
description = "Using nixpkgs-terraform with devenv";
path = ./templates/devenv;

flake = {
templates = {
config = {
description = "Template use to override nixpkgs-terraform default configuration";
path = ./templates/config;
};
default = {
description = "Simple nix-shell with Terraform installed via nixpkgs-terraform";
path = ./templates/default;
};
devenv = {
description = "Using nixpkgs-terraform with devenv";
path = ./templates/devenv;
};
terranix = {
description = "Using nixpkgs-terraform with terranix";
path = ./templates/terranix;
};
};
};

lib = import ./lib;
lib = import ./lib;
};
};
};
}
17 changes: 12 additions & 5 deletions lib/build-terraform.nix
Original file line number Diff line number Diff line change
@@ -1,15 +1,22 @@
{ pkgs, pkgs-unstable, version, hash, vendorHash }:
{ pkgs-1_0, pkgs-1_6, pkgs-1_9, version, hash, vendorHash, silenceWarnings ? false }:
# https://www.hashicorp.com/blog/hashicorp-adopts-business-source-license
if builtins.compareVersions version "1.6.0" >= 0
if builtins.compareVersions version "1.9.0" >= 0
then
# https://github.com/NixOS/nixpkgs/blob/nixpkgs-unstable/pkgs/applications/networking/cluster/terraform/default.nix
(pkgs-unstable.mkTerraform {
(pkgs-1_9.lib.warnIf (! silenceWarnings) ("allowUnfree is enabled to build version " + version) pkgs-1_9.mkTerraform
{
inherit version hash vendorHash;
patches = [ ../patches/provider-path-1_9.patch ];
})
else if builtins.compareVersions version "1.6.0" >= 0
then
(pkgs-1_6.lib.warnIf (! silenceWarnings) ("allowUnfree is enabled to build version " + version) pkgs-1_6.mkTerraform
{
inherit version hash vendorHash;
patches = [ ../patches/provider-path-0_15.patch ];
})
else
# https://github.com/NixOS/nixpkgs/blob/nixos-23.05/pkgs/applications/networking/cluster/terraform/default.nix
(pkgs.mkTerraform {
(pkgs-1_0.mkTerraform {
inherit version hash vendorHash;
patches = [ ../patches/provider-path-0_15.patch ];
})
9 changes: 0 additions & 9 deletions lib/packages.nix

This file was deleted.

6 changes: 6 additions & 0 deletions lib/releases.nix
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{ custom-lib, pkgs-1_0, pkgs-1_6, pkgs-1_9, releases, silenceWarnings }:
builtins.mapAttrs
(version: { hash, vendorHash }: custom-lib.buildTerraform {
inherit pkgs-1_0 pkgs-1_6 pkgs-1_9 version hash vendorHash silenceWarnings;
})
releases
5,682 changes: 0 additions & 5,682 deletions package-lock.json

This file was deleted.

6 changes: 0 additions & 6 deletions package.json

This file was deleted.

23 changes: 23 additions & 0 deletions patches/provider-path-1_9.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
diff -Naur terraform.old/internal/command/init.go terraform.new/internal/command/init.go
--- terraform.old/internal/command/init.go
+++ terraform.new/internal/command/init.go
@@ -7,6 +7,7 @@
"context"
"errors"
"fmt"
+ "os"
"log"
"reflect"
"sort"
@@ -77,6 +78,11 @@
// -force-copy implies -migrate-state
if c.forceInitCopy {
c.migrateState = true
+ }
+
+ val, ok := os.LookupEnv("NIX_TERRAFORM_PLUGIN_DIR")
+ if ok {
+ initArgs.PluginPath = append(initArgs.PluginPath, val)
}

if len(initArgs.PluginPath) > 0 {
61 changes: 61 additions & 0 deletions templates/config/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
# nixpkgs-terraform - config

This flake stores the default configuration for `nixpkgs-terraform`.

## Usage

To override the default configuration, create a new flake project and follow
the steps described below:

Create an empty directory:

```sh
mkdir config
```

Scaffold a new flake project using the `config` template:

```sh
cd config
nix flake init -t github:stackbuilders/nixpkgs-terraform#config
```

After modifying the default configuration in the `default.nix` file, create a
new input for the configuration flake and override the `config` input for
`nixpkgs-terraform` as follows:

```nix
inputs = {
nixpkgs-terraform-config.url = "./config";
nixpkgs-terraform.url = "github:stackbuilders/nixpkgs-terraform";
nixpkgs-terraform.inputs.config.follows = "nixpkgs-terraform-config";
};
```

The relative path `./config` provided in the example above could be replaced
with a full path or a git URL; look at the [URL-like
syntax](https://nixos.org/manual/nix/stable/command-ref/new-cli/nix3-flake.html#url-like-syntax)
for more details.

## Overview

The following section provides an overview of all the available options
supported by `nixpkgs-terraform`.

### `nixpkgs-unstable.allowUnfree` (default `true`)

Control whether Terraform versions after the [HashiCorp license
change](https://www.hashicorp.com/blog/hashicorp-adopts-business-source-license)
are available or not; if set to `true`, all free and non-free versions are
available; otherwise, only free versions are available.

### `nixpkgs-terraform.silenceWarnings` (default `true`)

Starting with version `4.0`, the flag `allowUnfree` is enabled by default; to
notify users of this change, a warning message is printed whenever a non-free
package is evaluated. If set to `true`, the warning message is silence.

## References

This configuration flake has the same structure as
[nix-systems/default](https://github.com/nix-systems/default).
4 changes: 4 additions & 0 deletions templates/config/default.nix
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
{
nixpkgs-unstable.allowUnfree = true;
nixpkgs-terraform.silenceWarnings = false;
}
5 changes: 5 additions & 0 deletions templates/config/flake.nix
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
{
description = "Template use to override nixpkgs-terraform default configuration";

outputs = _: { };
}
30 changes: 18 additions & 12 deletions templates/default/flake.nix
Original file line number Diff line number Diff line change
@@ -1,24 +1,30 @@
{
inputs = {
flake-utils.url = "github:numtide/flake-utils";
nixpkgs-terraform.url = "github:stackbuilders/nixpkgs-terraform";
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
systems.url = "github:nix-systems/default";
};

nixConfig = {
extra-substituters = "https://nixpkgs-terraform.cachix.org";
extra-trusted-public-keys = "nixpkgs-terraform.cachix.org-1:8Sit092rIdAVENA3ZVeH9hzSiqI/jng6JiCrQ1Dmusw=";
};

outputs = { self, flake-utils, nixpkgs-terraform, nixpkgs }:
flake-utils.lib.eachDefaultSystem (system:
let
pkgs = nixpkgs.legacyPackages.${system};
terraform = nixpkgs-terraform.packages.${system}."1.7.2";
in
{
devShells.default = pkgs.mkShell {
buildInputs = [ terraform ];
};
});
outputs = { self, nixpkgs-terraform, nixpkgs, systems }:
let
forEachSystem = nixpkgs.lib.genAttrs (import systems);
in
{
devShells = forEachSystem
(system:
let
pkgs = nixpkgs.legacyPackages.${system};
terraform = nixpkgs-terraform.packages.${system}."1.8.1";
in
{
default = pkgs.mkShell {
buildInputs = [ terraform ];
};
});
};
}
41 changes: 23 additions & 18 deletions templates/devenv/flake.nix
Original file line number Diff line number Diff line change
@@ -1,31 +1,36 @@
{
inputs = {
devenv.url = "github:cachix/devenv";
flake-utils.url = "github:numtide/flake-utils";
nixpkgs-terraform.url = "github:stackbuilders/nixpkgs-terraform";
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
systems.url = "github:nix-systems/default";
};

nixConfig = {
extra-substituters = "https://nixpkgs-terraform.cachix.org";
extra-trusted-public-keys = "nixpkgs-terraform.cachix.org-1:8Sit092rIdAVENA3ZVeH9hzSiqI/jng6JiCrQ1Dmusw=";
};

outputs = inputs@{ self, devenv, flake-utils, nixpkgs-terraform, nixpkgs }:
flake-utils.lib.eachDefaultSystem (system:
let
pkgs = nixpkgs.legacyPackages.${system};
terraform = nixpkgs-terraform.packages.${system}."1.7.2";
in
{
devShells.default = devenv.lib.mkShell {
inherit inputs pkgs;
modules = [
({ pkgs, config, ... }: {
languages.terraform.enable = true;
languages.terraform.package = terraform;
})
];
};
});
outputs = inputs@{ self, devenv, nixpkgs-terraform, nixpkgs, systems }:
let
forEachSystem = nixpkgs.lib.genAttrs (import systems);
in
{
devShells = forEachSystem
(system:
let
pkgs = nixpkgs.legacyPackages.${system};
in
{
default = devenv.lib.mkShell {
inherit inputs pkgs;
modules = [
({ pkgs, config, ... }: {
languages.terraform.enable = true;
languages.terraform.version = "1.9";
})
];
};
});
};
}
17 changes: 17 additions & 0 deletions templates/terranix/config.nix
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
# Example config.nix from https://terranix.org/documentation/getting-started.html,
# Make sure to update it with your own resources before applying.
{ ... }:
{
resource.hcloud_server.nginx = {
name = "terranix.nginx";
image = "debian-10";
server_type = "cx11";
backups = false;
};
resource.hcloud_server.test = {
name = "terranix.test";
image = "debian-9";
server_type = "cx11";
backups = true;
};
}
37 changes: 37 additions & 0 deletions templates/terranix/flake.nix
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
{
inputs = {
nixpkgs-terraform.url = "github:stackbuilders/nixpkgs-terraform";
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
systems.url = "github:nix-systems/default";
terranix.url = "github:terranix/terranix";
};

nixConfig = {
extra-substituters = "https://nixpkgs-terraform.cachix.org";
extra-trusted-public-keys = "nixpkgs-terraform.cachix.org-1:8Sit092rIdAVENA3ZVeH9hzSiqI/jng6JiCrQ1Dmusw=";
};

outputs = { self, nixpkgs-terraform, nixpkgs, systems, terranix }:
let
forEachSystem = nixpkgs.lib.genAttrs (import systems);
in
{
packages = forEachSystem (system: {
default = terranix.lib.terranixConfiguration {
inherit system;
modules = [ ./config.nix ];
};
});
devShells = forEachSystem
(system:
let
pkgs = nixpkgs.legacyPackages.${system};
terraform = nixpkgs-terraform.packages.${system}."1.9";
in
{
default = pkgs.mkShell {
buildInputs = [ terraform pkgs.terranix ];
};
});
};
}
182 changes: 0 additions & 182 deletions update-versions.py

This file was deleted.

7 changes: 4 additions & 3 deletions vendor-hash.nix
Original file line number Diff line number Diff line change
@@ -3,11 +3,12 @@ let
flake = builtins.getFlake (toString ./.);
system = builtins.currentSystem;

pkgs = flake.inputs.nixpkgs.legacyPackages.${system};
pkgs-unstable = flake.inputs.nixpkgs-unstable.legacyPackages.${system};
pkgs-1_0 = flake.inputs.nixpkgs-1_0.legacyPackages.${system};
pkgs-1_6 = flake.inputs.nixpkgs-1_6.legacyPackages.${system};
pkgs-1_9 = flake.inputs.nixpkgs-1_9.legacyPackages.${system};

terraform = flake.lib.buildTerraform {
inherit pkgs pkgs-unstable version hash;
inherit pkgs-1_0 pkgs-1_6 pkgs-1_9 version hash;
vendorHash = sha256;
};
in
682 changes: 399 additions & 283 deletions versions.json

Large diffs are not rendered by default.