From 0b61ed7af920e6248638d7b53d932c0470b9b054 Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Wed, 2 Sep 2020 00:40:27 +0200 Subject: [PATCH 01/14] lib/options: Don't show internal suboption in the manual Initially https://github.com/NixOS/nixpkgs/pull/82897 prevented non-visible options from being rendered in the manual, but visible-but-internal options were still being recursed into. This fixes this, aligning the recurse condition here with the one in make-options-doc/default.nix --- lib/options.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/options.nix b/lib/options.nix index 87cd8b797969..5c042a6c6f29 100644 --- a/lib/options.nix +++ b/lib/options.nix @@ -192,7 +192,7 @@ rec { let ss = opt.type.getSubOptions opt.loc; in if ss != {} then optionAttrSetToDocList' opt.loc ss else []; in - [ docOption ] ++ optionals docOption.visible subOptions) (collect isOption options); + [ docOption ] ++ optionals (docOption.visible && ! docOption.internal) subOptions) (collect isOption options); /* This function recursively removes all derivation attributes from From df5ba82f74df75e96390995472f3e1e5179da21c Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Tue, 1 Sep 2020 23:32:57 +0200 Subject: [PATCH 02/14] lib/modules: Implement module-builtin assertions This implements assertions/warnings supported by the module system directly, instead of just being a NixOS option (see nixos/modules/misc/assertions.nix). This has the following benefits: - It allows cleanly redoing the user interface. The new implementation specifically allows disabling assertions or converting them to warnings instead. - Assertions/warnings can now be thrown easily from within submodules, which previously wasn't possible and needed workarounds. --- lib/modules.nix | 153 +++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 152 insertions(+), 1 deletion(-) diff --git a/lib/modules.nix b/lib/modules.nix index 3f2bfd478b0d..0d761c632d02 100644 --- a/lib/modules.nix +++ b/lib/modules.nix @@ -46,6 +46,7 @@ let showFiles showOption unknownModule + literalExample ; in @@ -116,6 +117,98 @@ rec { turned off. ''; }; + + _module.assertions = mkOption { + description = '' + Assertions and warnings to trigger during module evaluation. The + attribute name will be displayed when it is triggered, allowing + users to disable/change these assertions again if necessary. See + the section on Warnings and Assertions in the manual for more + information. + ''; + example = literalExample '' + { + gpgSshAgent = { + enable = config.programs.gnupg.agent.enableSSHSupport && config.programs.ssh.startAgent; + message = "You can't use ssh-agent and GnuPG agent with SSH support enabled at the same time!"; + }; + + grafanaPassword = { + enable = config.services.grafana.database.password != ""; + message = "Grafana passwords will be stored as plaintext in the Nix store!"; + type = "warning"; + }; + } + ''; + default = {}; + internal = true; + type = types.attrsOf (types.submodule { + # TODO: Rename to assertion? Or allow also setting assertion? + options.enable = mkOption { + description = '' + Whether to enable this assertion. + + This is the inverse of asserting a condition: If a certain + condition should be true, then this + option should be set to false when that + case occurs + + ''; + type = types.bool; + }; + + options.type = mkOption { + description = '' + The type of the assertion. The default + "error" type will cause evaluation to fail, + while the "warning" type will only show a + warning. + ''; + type = types.enum [ "error" "warning" ]; + default = "error"; + example = "warning"; + }; + + options.message = mkOption { + description = '' + The assertion message to display if this assertion triggers. + To display option names in the message, add + options to the module function arguments + and use ''${options.path.to.option}. + ''; + type = types.str; + example = literalExample '' + Enabling both ''${options.services.foo.enable} and ''${options.services.bar.enable} is not possible. + ''; + }; + + options.triggerPath = mkOption { + description = '' + The config path which when evaluated should + trigger this assertion. By default this is + [], meaning evaluating + config at all will trigger the assertion. + On NixOS this default is changed to + [ "system" "build" "toplevel" such that + only a system evaluation triggers the assertions. + + Evaluating config from within the current + module evaluation doesn't cause a trigger. Only accessing it + from outside will do that. This means it's easy to miss + assertions if this option doesn't have an externally-accessed + value. + + ''; + # Mark as internal as it's easy to misuse it + internal = true; + type = types.uniq (types.listOf types.str); + # Default to [], causing assertions to be triggered when + # anything is evaluated. This is a safe and convenient default. + default = []; + example = [ "system" "build" "vm" ]; + }; + }); + }; }; config = { @@ -154,6 +247,64 @@ rec { # paths, meaning recursiveUpdate will never override any value else recursiveUpdate freeformConfig declaredConfig; + /* + Inject a list of assertions into a config value, corresponding to their + triggerPath (meaning when that path is accessed from the result of this + function, the assertion triggers). + */ + injectAssertions = assertions: config: let + # Partition into assertions that are triggered on this level and ones that aren't + parted = partition (a: length a.triggerPath == 0) assertions; + + # From the ones that are triggered, filter out ones that aren't enabled + # and group into warnings/errors + byType = groupBy (a: a.type) (filter (a: a.enable) parted.right); + + # Triggers semantically are just lib.id, but they print warning cause errors in addition + warningTrigger = value: lib.foldr (w: warn w.show) value (byType.warning or []); + errorTrigger = value: + if byType.error or [] == [] then value else + throw '' + Failed assertions: + ${concatMapStringsSep "\n" (a: "- ${a.show}") byType.error} + ''; + # Trigger for both warnings and errors + trigger = value: warningTrigger (errorTrigger value); + + # From the non-triggered assertions, split off the first element of triggerPath + # to get a mapping from nested attributes to a list of assertions for that attribute + nested = zipAttrs (map (a: { + ${head a.triggerPath} = a // { + triggerPath = tail a.triggerPath; + }; + }) parted.wrong); + + # Recursively inject assertions if config is an attribute set and we + # have assertions under its attributes + result = + if isAttrs config + then + mapAttrs (name: value: + if nested ? ${name} + then injectAssertions nested.${name} value + else value + ) config + else config; + in trigger result; + + # List of assertions for this module evaluation, where each assertion also + # has a `show` attribute for how to show it if triggered + assertions = mapAttrsToList (name: value: + let id = + if hasPrefix "_" name then "" + else "[${showOption prefix}${optionalString (prefix != []) "/"}${name}] "; + in value // { + show = "${id}${value.message}"; + } + ) config._module.assertions; + + finalConfig = injectAssertions assertions (removeAttrs config [ "_module" ]); + checkUnmatched = if config._module.check && config._module.freeformType == null && merged.unmatchedDefns != [] then let @@ -173,7 +324,7 @@ rec { result = builtins.seq checkUnmatched { inherit options; - config = removeAttrs config [ "_module" ]; + config = finalConfig; inherit (config) _module; }; in result; From 9523df7eb600e7fc2a88bc5227d9dfe12055a9bd Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Wed, 2 Sep 2020 00:17:26 +0200 Subject: [PATCH 03/14] nixos/assertions: Use module-builtin assertion implementation --- lib/modules.nix | 12 +++++------ nixos/modules/misc/assertions.nix | 21 ++++++++++++++++++- nixos/modules/system/activation/top-level.nix | 10 +-------- 3 files changed, 27 insertions(+), 16 deletions(-) diff --git a/lib/modules.nix b/lib/modules.nix index 0d761c632d02..31200ae0b035 100644 --- a/lib/modules.nix +++ b/lib/modules.nix @@ -254,11 +254,11 @@ rec { */ injectAssertions = assertions: config: let # Partition into assertions that are triggered on this level and ones that aren't - parted = partition (a: length a.triggerPath == 0) assertions; + parted = lib.partition (a: length a.triggerPath == 0) assertions; # From the ones that are triggered, filter out ones that aren't enabled # and group into warnings/errors - byType = groupBy (a: a.type) (filter (a: a.enable) parted.right); + byType = lib.groupBy (a: a.type) (filter (a: a.enable) parted.right); # Triggers semantically are just lib.id, but they print warning cause errors in addition warningTrigger = value: lib.foldr (w: warn w.show) value (byType.warning or []); @@ -266,16 +266,16 @@ rec { if byType.error or [] == [] then value else throw '' Failed assertions: - ${concatMapStringsSep "\n" (a: "- ${a.show}") byType.error} + ${lib.concatMapStringsSep "\n" (a: "- ${a.show}") byType.error} ''; # Trigger for both warnings and errors trigger = value: warningTrigger (errorTrigger value); # From the non-triggered assertions, split off the first element of triggerPath # to get a mapping from nested attributes to a list of assertions for that attribute - nested = zipAttrs (map (a: { + nested = lib.zipAttrs (map (a: { ${head a.triggerPath} = a // { - triggerPath = tail a.triggerPath; + triggerPath = lib.tail a.triggerPath; }; }) parted.wrong); @@ -296,7 +296,7 @@ rec { # has a `show` attribute for how to show it if triggered assertions = mapAttrsToList (name: value: let id = - if hasPrefix "_" name then "" + if lib.hasPrefix "_" name then "" else "[${showOption prefix}${optionalString (prefix != []) "/"}${name}] "; in value // { show = "${id}${value.message}"; diff --git a/nixos/modules/misc/assertions.nix b/nixos/modules/misc/assertions.nix index 550b3ac97f6a..e931611247f2 100644 --- a/nixos/modules/misc/assertions.nix +++ b/nixos/modules/misc/assertions.nix @@ -1,4 +1,4 @@ -{ lib, ... }: +{ lib, config, ... }: with lib; @@ -29,6 +29,25 @@ with lib; ''; }; + _module.assertions = mkOption { + type = types.attrsOf (types.submodule { + triggerPath = mkDefault [ "system" "build" "toplevel" ]; + }); + }; + }; + + config._module.assertions = lib.listToAttrs (lib.imap1 (n: value: + let + name = "_${toString n}"; + isWarning = lib.isString value; + result = { + enable = if isWarning then true else ! value.assertion; + type = if isWarning then "warning" else "error"; + message = if isWarning then value else value.message; + }; + in nameValuePair name result + ) (config.assertions ++ config.warnings)); + # impl of assertions is in } diff --git a/nixos/modules/system/activation/top-level.nix b/nixos/modules/system/activation/top-level.nix index 03d7e7493230..17b62ad9569b 100644 --- a/nixos/modules/system/activation/top-level.nix +++ b/nixos/modules/system/activation/top-level.nix @@ -117,18 +117,10 @@ let perl = "${pkgs.perl}/bin/perl " + (concatMapStringsSep " " (lib: "-I${lib}/${pkgs.perl.libPrefix}") (with pkgs.perlPackages; [ FileSlurp NetDBus XMLParser XMLTwig ])); }; - # Handle assertions and warnings - - failedAssertions = map (x: x.message) (filter (x: !x.assertion) config.assertions); - - baseSystemAssertWarn = if failedAssertions != [] - then throw "\nFailed assertions:\n${concatStringsSep "\n" (map (x: "- ${x}") failedAssertions)}" - else showWarnings config.warnings baseSystem; - # Replace runtime dependencies system = fold ({ oldDependency, newDependency }: drv: pkgs.replaceDependency { inherit oldDependency newDependency drv; } - ) baseSystemAssertWarn config.system.replaceRuntimeDependencies; + ) baseSystem config.system.replaceRuntimeDependencies; in From 20131348db3b51f7fe41f2d4aa3cd8875a6b48f2 Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Wed, 2 Sep 2020 15:43:16 +0200 Subject: [PATCH 04/14] lib/modules: Use module-builtin assertions for mkRemovedOptionModule and co. --- lib/modules.nix | 38 ++++++++++++++++++++++++-------------- 1 file changed, 24 insertions(+), 14 deletions(-) diff --git a/lib/modules.nix b/lib/modules.nix index 31200ae0b035..1902db5c6167 100644 --- a/lib/modules.nix +++ b/lib/modules.nix @@ -924,14 +924,16 @@ rec { visible = false; apply = x: throw "The option `${showOption optionName}' can no longer be used since it's been removed. ${replacementInstructions}"; }); - config.assertions = - let opt = getAttrFromPath optionName options; in [{ - assertion = !opt.isDefined; + config._module.assertions = + let opt = getAttrFromPath optionName options; in { + ${showOption optionName} = { + enable = mkDefault opt.isDefined; message = '' The option definition `${showOption optionName}' in ${showFiles opt.files} no longer has any effect; please remove it. ${replacementInstructions} ''; - }]; + }; + }; }; /* Return a module that causes a warning to be shown if the @@ -992,14 +994,19 @@ rec { })) from); config = { - warnings = filter (x: x != "") (map (f: - let val = getAttrFromPath f config; - opt = getAttrFromPath f options; - in - optionalString - (val != "_mkMergedOptionModule") - "The option `${showOption f}' defined in ${showFiles opt.files} has been changed to `${showOption to}' that has a different type. Please read `${showOption to}' documentation and update your configuration accordingly." - ) from); + _module.assertions = + let warningMessages = map (f: + let val = getAttrFromPath f config; + opt = getAttrFromPath f options; + in { + ${showOption f} = { + enable = mkDefault (val != "_mkMergedOptionModule"); + type = "warning"; + message = "The option `${showOption f}' defined in ${showFiles opt.files} has been changed to `${showOption to}' that has a different type. Please read `${showOption to}' documentation and update your configuration accordingly."; + }; + } + ) from; + in mkMerge warningMessages; } // setAttrByPath to (mkMerge (optional (any (f: (getAttrFromPath f config) != "_mkMergedOptionModule") from) @@ -1058,8 +1065,11 @@ rec { }); config = mkMerge [ { - warnings = optional (warn && fromOpt.isDefined) - "The option `${showOption from}' defined in ${showFiles fromOpt.files} has been renamed to `${showOption to}'."; + _module.assertions.${showOption from} = { + enable = mkDefault (warn && fromOpt.isDefined); + type = "warning"; + message = "The option `${showOption from}' defined in ${showFiles fromOpt.files} has been renamed to `${showOption to}'."; + }; } (if withPriority then mkAliasAndWrapDefsWithPriority (setAttrByPath to) fromOpt From 1e6a84b7af71f579f2467619f504d1cfe43bb3e9 Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Wed, 2 Sep 2020 16:10:17 +0200 Subject: [PATCH 05/14] nixos/modules: Allow options to be coerced to a string for convenience --- lib/modules.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/modules.nix b/lib/modules.nix index 1902db5c6167..9ff8f4701bb3 100644 --- a/lib/modules.nix +++ b/lib/modules.nix @@ -665,6 +665,8 @@ rec { definitions = map (def: def.value) res.defsFinal; files = map (def: def.file) res.defsFinal; inherit (res) isDefined; + # This allows options to be correctly displayed using `${options.path.to.it}` + __toString = _: showOption loc; }; # Merge definitions of a value of a given type. From 3759a77fcda2e33f89023b8c6b1476e8fa413a8e Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Wed, 2 Sep 2020 18:01:10 +0200 Subject: [PATCH 06/14] nixos/modules: Expose the internal module in the top-level documentation --- lib/modules.nix | 15 ++++++++++----- lib/tests/misc.nix | 2 +- 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/lib/modules.nix b/lib/modules.nix index 9ff8f4701bb3..e3f7ca3581ca 100644 --- a/lib/modules.nix +++ b/lib/modules.nix @@ -77,10 +77,15 @@ rec { # attribute. These options are fragile, as they are used by the # module system to change the interpretation of modules. internalModule = rec { - _file = ./modules.nix; + # FIXME: Using ./modules.nix directly breaks the doc for some reason + _file = "lib/modules.nix"; key = _file; + # These options are set to be internal only for prefix != [], aka it's + # a submodule evaluation. This way their docs are displayed only once + # as a top-level NixOS option, but will be hidden for all submodules, + # even though they are available there too options = { _module.args = mkOption { # Because things like `mkIf` are entirely useless for @@ -90,13 +95,13 @@ rec { # a `_module.args.pkgs = import (fetchTarball { ... }) {}` won't # start a download when `pkgs` wasn't evaluated. type = types.lazyAttrsOf types.unspecified; - internal = true; + internal = prefix != []; description = "Arguments passed to each module."; }; _module.check = mkOption { type = types.bool; - internal = true; + internal = prefix != []; default = check; description = "Whether to check whether all option definitions have matching declarations."; }; @@ -104,7 +109,7 @@ rec { _module.freeformType = mkOption { # Disallow merging for now, but could be implemented nicely with a `types.optionType` type = types.nullOr (types.uniq types.attrs); - internal = true; + internal = prefix != []; default = null; description = '' If set, merge all definitions that don't have an associated option @@ -141,7 +146,7 @@ rec { } ''; default = {}; - internal = true; + internal = prefix != []; type = types.attrsOf (types.submodule { # TODO: Rename to assertion? Or allow also setting assertion? options.enable = mkOption { diff --git a/lib/tests/misc.nix b/lib/tests/misc.nix index 35a5801c724f..2d53ed81176d 100644 --- a/lib/tests/misc.nix +++ b/lib/tests/misc.nix @@ -655,7 +655,7 @@ runTests { modules = [ module ]; }).options; - locs = filter (o: ! o.internal) (optionAttrSetToDocList options); + locs = filter (o: ! o.internal) (optionAttrSetToDocList (removeAttrs options [ "_module" ])); in map (o: o.loc) locs; expected = [ [ "foo" ] [ "foo" "" "bar" ] [ "foo" "bar" ] ]; }; From c4fb54e92a10f04bb70b31b397a50fdbc203bc66 Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Wed, 2 Sep 2020 19:23:39 +0200 Subject: [PATCH 07/14] nixos/docs: Update assertion docs for new module-builtin ones --- nixos/doc/manual/development/assertions.xml | 131 ++++++++++++++------ 1 file changed, 95 insertions(+), 36 deletions(-) diff --git a/nixos/doc/manual/development/assertions.xml b/nixos/doc/manual/development/assertions.xml index 32f90cf2e7c4..91506ba65a14 100644 --- a/nixos/doc/manual/development/assertions.xml +++ b/nixos/doc/manual/development/assertions.xml @@ -8,7 +8,7 @@ When configuration problems are detectable in a module, it is a good idea to write an assertion or warning. Doing so provides clear feedback to the user - and prevents errors after the build. + and can prevent errors before the build. @@ -20,55 +20,114 @@ NixOS module system. -
- Warnings +
+ Defining Warnings and Assertions - This is an example of using warnings. + Both warnings and assertions can be defined using the option. Each assertion needs an attribute name, under which you have to define an enable condition using and a message using . Note that the enable condition is inverse of what an assertion would be: To assert a value being true, the enable condition should be false in that case, so that it isn't triggered. For the assertion message, you can add options to the module arguments and use ${options.path.to.option} to print a context-aware string representation of the option path. Here is an example showing how this can be done. - +
-
- Assertions +
+ Ignoring Warnings and Assertions - This example, extracted from the - - syslogd module shows how to use - assertions. Since there can only be one active syslog - daemon at a time, an assertion is useful to prevent such a broken system - from being built. + Sometimes you can get warnings or assertions that don't apply to your specific case and you wish to ignore them, or at least make assertions non-fatal. You can do so for all assertions defined using by using the attribute name of the definition, which is conveniently printed using [...] when the assertion is triggered. For above example, the evaluation output when the assertions are triggered looks as follows: - +trace: warning: [grafanaPassword] The grafana password defined with + services.grafana.database.password will be stored as plaintext in the Nix store! +error: Failed assertions: +- [gpgSshAgent] You can't enable both programs.ssh.startAgent and + programs.gnupg.agent.enableSSHSupport! + + + The [grafanaPassword] and [gpgSshAgent] strings tell you that these were defined under the grafanaPassword and gpgSshAgent attributes of respectively. With this knowledge you can adjust them to your liking: + + + +{ lib, ... }: { + # Change the assertion into a non-fatal warning + _module.assertions.gpgSshAgent.type = "warning"; + + # We don't care about this warning, disable it + _module.assertions.grafanaPassword.enable = lib.mkForce false; +} + + + +
+
+ Warnings and Assertions in Submodules + + + Warnings and assertions can be defined within submodules in the same way. Here is an example: + + + +{ lib, ... }: { + + options.myServices = lib.mkOption { + type = lib.types.attrsOf (lib.types.submodule ({ config, options, ... }: { + options.port = lib.mkOption {}; + + config._module.assertions.portConflict = { + enable = config.port == 80; + message = "Port ${toString config.port} defined using" + + " ${options.port} is usually used for HTTP"; + type = "warning"; + }; + })); + }; + +} + + + + When this assertion is triggered, it shows both the submodule path along with the assertion attribute within that submodule, joined by a /. Note also how ${options.port} correctly shows the context of the option. + + + +trace: warning: [myServices.foo/portConflict] Port 80 defined using + myServices.foo.port is usually used for HTTP + + + + Therefore to disable such an assertion, you can do so by changing the option within the myServices.foo submodule: + + + +{ lib, ... }: { + myServices.foo._module.assertions.portConflict.enable = lib.mkForce false; +} + + + + + Assertions defined in submodules under types.listOf can't be ignored, since there's no way to change previously defined list items. + + +
From 900c4a5abd1061db2390224849cbc5eb8eb07059 Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Wed, 2 Sep 2020 22:33:29 +0200 Subject: [PATCH 08/14] lib/tests: Implement generalized checkConfigCodeOutErr for module tests --- lib/tests/modules.sh | 55 +++++++++++++++++++++++++++----------------- 1 file changed, 34 insertions(+), 21 deletions(-) diff --git a/lib/tests/modules.sh b/lib/tests/modules.sh index 309c5311361c..012835e48c13 100755 --- a/lib/tests/modules.sh +++ b/lib/tests/modules.sh @@ -27,37 +27,50 @@ reportFailure() { fail=$((fail + 1)) } -checkConfigOutput() { +checkConfigCodeOutErr() { + local expectedExit=$1 + shift; local outputContains=$1 shift; - if evalConfig "$@" 2>/dev/null | grep --silent "$outputContains" ; then - pass=$((pass + 1)) - return 0; - else - echo 2>&1 "error: Expected result matching '$outputContains', while evaluating" + local errorContains=$1 + shift; + out=$(mktemp) + err=$(mktemp) + evalConfig "$@" 1>"$out" 2>"$err" + if [[ "$?" -ne "$expectedExit" ]]; then + echo 2>&1 "error: Expected exit code $expectedExit while evaluating" reportFailure "$@" return 1 fi + + if [[ -n "$outputContains" ]] && ! grep -zP --silent "$outputContains" "$out"; then + echo 2>&1 "error: Expected output matching '$outputContains', while evaluating" + reportFailure "$@" + return 1 + fi + + if [[ -n "$errorContains" ]] && ! grep -zP --silent "$errorContains" "$err"; then + echo 2>&1 "error: Expected error matching '$errorContains', while evaluating" + reportFailure "$@" + return 1 + fi + + pass=$((pass + 1)) + + # Clean up temp files + rm "$out" "$err" +} + +checkConfigOutput() { + local outputContains=$1 + shift; + checkConfigCodeOutErr 0 "$outputContains" "" "$@" } checkConfigError() { local errorContains=$1 - local err="" shift; - if err==$(evalConfig "$@" 2>&1 >/dev/null); then - echo 2>&1 "error: Expected error code, got exit code 0, while evaluating" - reportFailure "$@" - return 1 - else - if echo "$err" | grep -zP --silent "$errorContains" ; then - pass=$((pass + 1)) - return 0; - else - echo 2>&1 "error: Expected error matching '$errorContains', while evaluating" - reportFailure "$@" - return 1 - fi - fi + checkConfigCodeOutErr 1 "" "$errorContains" "$@" } # Check boolean option. From 3e39d6efdf65ce8fbf18471c0bb1062b28bfe984 Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Wed, 2 Sep 2020 22:34:13 +0200 Subject: [PATCH 09/14] lib/tests: Add tests for module-builtin assertions --- lib/tests/modules.sh | 37 +++++++++++++++++++ lib/tests/modules/assertions/enable-false.nix | 8 ++++ lib/tests/modules/assertions/enable-lazy.nix | 17 +++++++++ lib/tests/modules/assertions/multi.nix | 23 ++++++++++++ .../modules/assertions/non-cascading.nix | 17 +++++++++ lib/tests/modules/assertions/simple.nix | 6 +++ .../assertions/submodule-attrsOf-attrsOf.nix | 13 +++++++ .../modules/assertions/submodule-attrsOf.nix | 13 +++++++ lib/tests/modules/assertions/submodule.nix | 13 +++++++ lib/tests/modules/assertions/trigger-lazy.nix | 15 ++++++++ .../modules/assertions/trigger-submodule.nix | 18 +++++++++ .../assertions/underscore-attributes.nix | 8 ++++ lib/tests/modules/assertions/warning.nix | 9 +++++ 13 files changed, 197 insertions(+) create mode 100644 lib/tests/modules/assertions/enable-false.nix create mode 100644 lib/tests/modules/assertions/enable-lazy.nix create mode 100644 lib/tests/modules/assertions/multi.nix create mode 100644 lib/tests/modules/assertions/non-cascading.nix create mode 100644 lib/tests/modules/assertions/simple.nix create mode 100644 lib/tests/modules/assertions/submodule-attrsOf-attrsOf.nix create mode 100644 lib/tests/modules/assertions/submodule-attrsOf.nix create mode 100644 lib/tests/modules/assertions/submodule.nix create mode 100644 lib/tests/modules/assertions/trigger-lazy.nix create mode 100644 lib/tests/modules/assertions/trigger-submodule.nix create mode 100644 lib/tests/modules/assertions/underscore-attributes.nix create mode 100644 lib/tests/modules/assertions/warning.nix diff --git a/lib/tests/modules.sh b/lib/tests/modules.sh index 012835e48c13..65eb91c99276 100755 --- a/lib/tests/modules.sh +++ b/lib/tests/modules.sh @@ -275,6 +275,43 @@ checkConfigOutput true config.value.mkbefore ./types-anything/mk-mods.nix checkConfigOutput 1 config.value.nested.foo ./types-anything/mk-mods.nix checkConfigOutput baz config.value.nested.bar.baz ./types-anything/mk-mods.nix +## Module assertions +# Check that assertions are triggered by default for just evaluating config +checkConfigError 'Failed assertions:\n- \[test\] Assertion failed' config ./assertions/simple.nix +# Check that assertions are only triggered if they have a triggerPath that's evaluated +checkConfigError 'Failed assertions:\n- \[test\] Assertion failed' config.foo ./assertions/trigger-lazy.nix +checkConfigOutput true config.bar ./assertions/trigger-lazy.nix + +# The assertions enable condition should only be evaluated if the trigger is evaluated +checkConfigError 'enable evaluated' config.foo ./assertions/enable-lazy.nix +checkConfigOutput true config.bar ./assertions/enable-lazy.nix + +# Assertion is not triggered when enable is false +checkConfigOutput '{ }' config ./assertions/enable-false.nix + +# Warnings should be displayed on standard error +checkConfigCodeOutErr 0 '{ }' 'warning: \[test\] Warning message' config ./assertions/warning.nix + +# A triggerPath can be set to a submodule path +checkConfigOutput '{ baz = ; }' config.foo.bar ./assertions/trigger-submodule.nix +checkConfigError 'Failed assertions:\n- \[test\] Assertion failed' config.foo.bar.baz ./assertions/trigger-submodule.nix + +# Check that multiple assertions and warnings can be triggered at once +checkConfigError 'Failed assertions:\n- \[test1\] Assertion 1 failed\n- \[test2\] Assertion 2 failed' config ./assertions/multi.nix +checkConfigError 'trace: warning: \[test3\] Warning 3 failed\ntrace: warning: \[test4\] Warning 4 failed' config ./assertions/multi.nix + +# Submodules should be able to trigger assertions and display the submodule prefix in their error +checkConfigError 'Failed assertions:\n- \[foo/test\] Assertion failed' config.foo ./assertions/submodule.nix +checkConfigError 'Failed assertions:\n- \[foo.bar/test\] Assertion failed' config.foo.bar ./assertions/submodule-attrsOf.nix +checkConfigError 'Failed assertions:\n- \[foo.bar.baz/test\] Assertion failed' config.foo.bar.baz ./assertions/submodule-attrsOf-attrsOf.nix + +# Assertions aren't triggered when the trigger path is only evaluated from within the same module evaluation +# This behavior is necessary to allow assertions to depend on config values. This could potentially be changed in the future if all of NixOS' assertions are rewritten to not depend on any config values +checkConfigOutput true config.bar ./assertions/non-cascading.nix + +# Assertions with an attribute starting with _ shouldn't have their name displayed +checkConfigError 'Failed assertions:\n- Assertion failed' config ./assertions/underscore-attributes.nix + cat < Date: Mon, 30 Nov 2020 20:04:03 +0100 Subject: [PATCH 10/14] lib/modules: Rename _module.assertions to _module.checks --- lib/modules.nix | 66 +++++++++-------- lib/tests/modules.sh | 16 ++-- lib/tests/modules/assertions/enable-false.nix | 2 +- lib/tests/modules/assertions/enable-lazy.nix | 2 +- lib/tests/modules/assertions/multi.nix | 2 +- .../modules/assertions/non-cascading.nix | 2 +- lib/tests/modules/assertions/simple.nix | 2 +- .../assertions/submodule-attrsOf-attrsOf.nix | 2 +- .../modules/assertions/submodule-attrsOf.nix | 2 +- lib/tests/modules/assertions/submodule.nix | 2 +- lib/tests/modules/assertions/trigger-lazy.nix | 2 +- .../modules/assertions/trigger-submodule.nix | 2 +- .../assertions/underscore-attributes.nix | 2 +- lib/tests/modules/assertions/warning.nix | 2 +- nixos/doc/manual/development/assertions.xml | 74 +++++++++++++------ nixos/modules/misc/assertions.nix | 4 +- 16 files changed, 108 insertions(+), 76 deletions(-) diff --git a/lib/modules.nix b/lib/modules.nix index e3f7ca3581ca..9aa638231bf4 100644 --- a/lib/modules.nix +++ b/lib/modules.nix @@ -103,7 +103,13 @@ rec { type = types.bool; internal = prefix != []; default = check; - description = "Whether to check whether all option definitions have matching declarations."; + description = '' + Whether to check whether all option definitions have matching + declarations. + + Note that this has nothing to do with the similarly named + option + ''; }; _module.freeformType = mkOption { @@ -123,11 +129,11 @@ rec { ''; }; - _module.assertions = mkOption { + _module.checks = mkOption { description = '' - Assertions and warnings to trigger during module evaluation. The + Evaluation checks to trigger during module evaluation. The attribute name will be displayed when it is triggered, allowing - users to disable/change these assertions again if necessary. See + users to disable/change these checks if necessary. See the section on Warnings and Assertions in the manual for more information. ''; @@ -151,7 +157,7 @@ rec { # TODO: Rename to assertion? Or allow also setting assertion? options.enable = mkOption { description = '' - Whether to enable this assertion. + Whether to enable this check. This is the inverse of asserting a condition: If a certain condition should be true, then this @@ -164,7 +170,7 @@ rec { options.type = mkOption { description = '' - The type of the assertion. The default + The type of the check. The default "error" type will cause evaluation to fail, while the "warning" type will only show a warning. @@ -176,7 +182,7 @@ rec { options.message = mkOption { description = '' - The assertion message to display if this assertion triggers. + The message to display if this check triggers. To display option names in the message, add options to the module function arguments and use ''${options.path.to.option}. @@ -190,24 +196,24 @@ rec { options.triggerPath = mkOption { description = '' The config path which when evaluated should - trigger this assertion. By default this is + trigger this check. By default this is [], meaning evaluating - config at all will trigger the assertion. + config at all will trigger the check. On NixOS this default is changed to [ "system" "build" "toplevel" such that - only a system evaluation triggers the assertions. + only a system evaluation triggers the checks. Evaluating config from within the current module evaluation doesn't cause a trigger. Only accessing it from outside will do that. This means it's easy to miss - assertions if this option doesn't have an externally-accessed + failing checks if this option doesn't have an externally-accessed value. ''; # Mark as internal as it's easy to misuse it internal = true; type = types.uniq (types.listOf types.str); - # Default to [], causing assertions to be triggered when + # Default to [], causing checks to be triggered when # anything is evaluated. This is a safe and convenient default. default = []; example = [ "system" "build" "vm" ]; @@ -253,13 +259,13 @@ rec { else recursiveUpdate freeformConfig declaredConfig; /* - Inject a list of assertions into a config value, corresponding to their + Inject a list of checks into a config value, corresponding to their triggerPath (meaning when that path is accessed from the result of this - function, the assertion triggers). + function, the check triggers). */ - injectAssertions = assertions: config: let - # Partition into assertions that are triggered on this level and ones that aren't - parted = lib.partition (a: length a.triggerPath == 0) assertions; + injectChecks = checks: config: let + # Partition into checks that are triggered on this level and ones that aren't + parted = lib.partition (a: length a.triggerPath == 0) checks; # From the ones that are triggered, filter out ones that aren't enabled # and group into warnings/errors @@ -270,45 +276,45 @@ rec { errorTrigger = value: if byType.error or [] == [] then value else throw '' - Failed assertions: + Failed checks: ${lib.concatMapStringsSep "\n" (a: "- ${a.show}") byType.error} ''; # Trigger for both warnings and errors trigger = value: warningTrigger (errorTrigger value); - # From the non-triggered assertions, split off the first element of triggerPath - # to get a mapping from nested attributes to a list of assertions for that attribute + # From the non-triggered checks, split off the first element of triggerPath + # to get a mapping from nested attributes to a list of checks for that attribute nested = lib.zipAttrs (map (a: { ${head a.triggerPath} = a // { triggerPath = lib.tail a.triggerPath; }; }) parted.wrong); - # Recursively inject assertions if config is an attribute set and we - # have assertions under its attributes + # Recursively inject checks if config is an attribute set and we + # have checks under its attributes result = if isAttrs config then mapAttrs (name: value: if nested ? ${name} - then injectAssertions nested.${name} value + then injectChecks nested.${name} value else value ) config else config; in trigger result; - # List of assertions for this module evaluation, where each assertion also + # List of checks for this module evaluation, where each check also # has a `show` attribute for how to show it if triggered - assertions = mapAttrsToList (name: value: + checks = mapAttrsToList (name: value: let id = if lib.hasPrefix "_" name then "" else "[${showOption prefix}${optionalString (prefix != []) "/"}${name}] "; in value // { show = "${id}${value.message}"; } - ) config._module.assertions; + ) config._module.checks; - finalConfig = injectAssertions assertions (removeAttrs config [ "_module" ]); + finalConfig = injectChecks checks (removeAttrs config [ "_module" ]); checkUnmatched = if config._module.check && config._module.freeformType == null && merged.unmatchedDefns != [] then @@ -931,7 +937,7 @@ rec { visible = false; apply = x: throw "The option `${showOption optionName}' can no longer be used since it's been removed. ${replacementInstructions}"; }); - config._module.assertions = + config._module.checks = let opt = getAttrFromPath optionName options; in { ${showOption optionName} = { enable = mkDefault opt.isDefined; @@ -1001,7 +1007,7 @@ rec { })) from); config = { - _module.assertions = + _module.checks = let warningMessages = map (f: let val = getAttrFromPath f config; opt = getAttrFromPath f options; @@ -1072,7 +1078,7 @@ rec { }); config = mkMerge [ { - _module.assertions.${showOption from} = { + _module.checks.${showOption from} = { enable = mkDefault (warn && fromOpt.isDefined); type = "warning"; message = "The option `${showOption from}' defined in ${showFiles fromOpt.files} has been renamed to `${showOption to}'."; diff --git a/lib/tests/modules.sh b/lib/tests/modules.sh index 65eb91c99276..43bcabdf8167 100755 --- a/lib/tests/modules.sh +++ b/lib/tests/modules.sh @@ -277,9 +277,9 @@ checkConfigOutput baz config.value.nested.bar.baz ./types-anything/mk-mods.nix ## Module assertions # Check that assertions are triggered by default for just evaluating config -checkConfigError 'Failed assertions:\n- \[test\] Assertion failed' config ./assertions/simple.nix +checkConfigError 'Failed checks:\n- \[test\] Assertion failed' config ./assertions/simple.nix # Check that assertions are only triggered if they have a triggerPath that's evaluated -checkConfigError 'Failed assertions:\n- \[test\] Assertion failed' config.foo ./assertions/trigger-lazy.nix +checkConfigError 'Failed checks:\n- \[test\] Assertion failed' config.foo ./assertions/trigger-lazy.nix checkConfigOutput true config.bar ./assertions/trigger-lazy.nix # The assertions enable condition should only be evaluated if the trigger is evaluated @@ -294,23 +294,23 @@ checkConfigCodeOutErr 0 '{ }' 'warning: \[test\] Warning message' config ./asser # A triggerPath can be set to a submodule path checkConfigOutput '{ baz = ; }' config.foo.bar ./assertions/trigger-submodule.nix -checkConfigError 'Failed assertions:\n- \[test\] Assertion failed' config.foo.bar.baz ./assertions/trigger-submodule.nix +checkConfigError 'Failed checks:\n- \[test\] Assertion failed' config.foo.bar.baz ./assertions/trigger-submodule.nix # Check that multiple assertions and warnings can be triggered at once -checkConfigError 'Failed assertions:\n- \[test1\] Assertion 1 failed\n- \[test2\] Assertion 2 failed' config ./assertions/multi.nix +checkConfigError 'Failed checks:\n- \[test1\] Assertion 1 failed\n- \[test2\] Assertion 2 failed' config ./assertions/multi.nix checkConfigError 'trace: warning: \[test3\] Warning 3 failed\ntrace: warning: \[test4\] Warning 4 failed' config ./assertions/multi.nix # Submodules should be able to trigger assertions and display the submodule prefix in their error -checkConfigError 'Failed assertions:\n- \[foo/test\] Assertion failed' config.foo ./assertions/submodule.nix -checkConfigError 'Failed assertions:\n- \[foo.bar/test\] Assertion failed' config.foo.bar ./assertions/submodule-attrsOf.nix -checkConfigError 'Failed assertions:\n- \[foo.bar.baz/test\] Assertion failed' config.foo.bar.baz ./assertions/submodule-attrsOf-attrsOf.nix +checkConfigError 'Failed checks:\n- \[foo/test\] Assertion failed' config.foo ./assertions/submodule.nix +checkConfigError 'Failed checks:\n- \[foo.bar/test\] Assertion failed' config.foo.bar ./assertions/submodule-attrsOf.nix +checkConfigError 'Failed checks:\n- \[foo.bar.baz/test\] Assertion failed' config.foo.bar.baz ./assertions/submodule-attrsOf-attrsOf.nix # Assertions aren't triggered when the trigger path is only evaluated from within the same module evaluation # This behavior is necessary to allow assertions to depend on config values. This could potentially be changed in the future if all of NixOS' assertions are rewritten to not depend on any config values checkConfigOutput true config.bar ./assertions/non-cascading.nix # Assertions with an attribute starting with _ shouldn't have their name displayed -checkConfigError 'Failed assertions:\n- Assertion failed' config ./assertions/underscore-attributes.nix +checkConfigError 'Failed checks:\n- Assertion failed' config ./assertions/underscore-attributes.nix cat < - Warnings and Assertions + Evaluation Checks When configuration problems are detectable in a module, it is a good idea to - write an assertion or warning. Doing so provides clear feedback to the user - and can prevent errors before the build. + write a check for catching it early. Doing so can provide clear feedback to + the user and can prevent errors before the build. Although Nix has the abort and builtins.trace functions - to perform such tasks, they are not ideally suited for NixOS modules. Instead - of these functions, you can declare your warnings and assertions using the - NixOS module system. + to perform such tasks generally, they are not ideally suited for NixOS + modules. Instead of these functions, you can declare your evaluation checks + using the NixOS module system.
- Defining Warnings and Assertions + Defining Checks - Both warnings and assertions can be defined using the option. Each assertion needs an attribute name, under which you have to define an enable condition using and a message using . Note that the enable condition is inverse of what an assertion would be: To assert a value being true, the enable condition should be false in that case, so that it isn't triggered. For the assertion message, you can add options to the module arguments and use ${options.path.to.option} to print a context-aware string representation of the option path. Here is an example showing how this can be done. + Checks can be defined using the option. + Each check needs an attribute name, under which you have to define an enable + condition using and a + message using . Note that + the enable condition is inverse of what an assertion + would be: To assert a value being true, the enable condition should be false + in that case, so that it isn't triggered. For the check message, you can add + options to the module arguments and use + ${options.path.to.option} to print a context-aware string + representation of the option path. Here is an example showing how this can be + done. { config, options, ... }: { - _module.assertions.gpgSshAgent = { + _module.checks.gpgSshAgent = { enable = config.programs.gnupg.agent.enableSSHSupport && config.programs.ssh.startAgent; message = "You can't enable both ${options.programs.ssh.startAgent}" + " and ${options.programs.gnupg.agent.enableSSHSupport}!"; }; - _module.assertions.grafanaPassword = { + _module.checks.grafanaPassword = { enable = config.services.grafana.database.password != ""; message = "The grafana password defined with ${options.services.grafana.database.password}" + " will be stored as plaintext in the Nix store!"; @@ -48,41 +58,51 @@
- Ignoring Warnings and Assertions + Ignoring Checks - Sometimes you can get warnings or assertions that don't apply to your specific case and you wish to ignore them, or at least make assertions non-fatal. You can do so for all assertions defined using by using the attribute name of the definition, which is conveniently printed using [...] when the assertion is triggered. For above example, the evaluation output when the assertions are triggered looks as follows: + Sometimes you can get failing checks that don't apply to your specific case + and you wish to ignore them, or at least make errors non-fatal. You can do so + for all checks defined using by + using the attribute name of the definition, which is conveniently printed + using [...] when the check is triggered. For above + example, the evaluation output when the checks are triggered looks as + follows: trace: warning: [grafanaPassword] The grafana password defined with services.grafana.database.password will be stored as plaintext in the Nix store! -error: Failed assertions: +error: Failed checks: - [gpgSshAgent] You can't enable both programs.ssh.startAgent and programs.gnupg.agent.enableSSHSupport! - The [grafanaPassword] and [gpgSshAgent] strings tell you that these were defined under the grafanaPassword and gpgSshAgent attributes of respectively. With this knowledge you can adjust them to your liking: + The [grafanaPassword] and [gpgSshAgent] + strings tell you that these were defined under the grafanaPassword + and gpgSshAgent attributes of + respectively. With this knowledge + you can adjust them to your liking: { lib, ... }: { - # Change the assertion into a non-fatal warning - _module.assertions.gpgSshAgent.type = "warning"; + # Change the error into a non-fatal warning + _module.checks.gpgSshAgent.type = "warning"; # We don't care about this warning, disable it - _module.assertions.grafanaPassword.enable = lib.mkForce false; + _module.checks.grafanaPassword.enable = lib.mkForce false; }
- Warnings and Assertions in Submodules + Checks in Submodules - Warnings and assertions can be defined within submodules in the same way. Here is an example: + Evaluation checks can be defined within submodules in the same way. Here is an example: @@ -92,7 +112,7 @@ error: Failed assertions: type = lib.types.attrsOf (lib.types.submodule ({ config, options, ... }: { options.port = lib.mkOption {}; - config._module.assertions.portConflict = { + config._module.checks.portConflict = { enable = config.port == 80; message = "Port ${toString config.port} defined using" + " ${options.port} is usually used for HTTP"; @@ -105,7 +125,10 @@ error: Failed assertions: - When this assertion is triggered, it shows both the submodule path along with the assertion attribute within that submodule, joined by a /. Note also how ${options.port} correctly shows the context of the option. + When this check is triggered, it shows both the submodule path along with + the check attribute within that submodule, joined by a + /. Note also how ${options.port} + correctly shows the context of the option. @@ -114,18 +137,21 @@ trace: warning: [myServices.foo/portConflict] Port 80 defined using - Therefore to disable such an assertion, you can do so by changing the option within the myServices.foo submodule: + Therefore to disable such a check, you can do so by changing the + option within the + myServices.foo submodule: { lib, ... }: { - myServices.foo._module.assertions.portConflict.enable = lib.mkForce false; + myServices.foo._module.checks.portConflict.enable = lib.mkForce false; } - Assertions defined in submodules under types.listOf can't be ignored, since there's no way to change previously defined list items. + Checks defined in submodules under types.listOf can't be + ignored, since there's no way to change previously defined list items. diff --git a/nixos/modules/misc/assertions.nix b/nixos/modules/misc/assertions.nix index e931611247f2..e8b1f5afca3f 100644 --- a/nixos/modules/misc/assertions.nix +++ b/nixos/modules/misc/assertions.nix @@ -29,7 +29,7 @@ with lib; ''; }; - _module.assertions = mkOption { + _module.checks = mkOption { type = types.attrsOf (types.submodule { triggerPath = mkDefault [ "system" "build" "toplevel" ]; }); @@ -37,7 +37,7 @@ with lib; }; - config._module.assertions = lib.listToAttrs (lib.imap1 (n: value: + config._module.checks = lib.listToAttrs (lib.imap1 (n: value: let name = "_${toString n}"; isWarning = lib.isString value; From 8dea4df90323c43f9cc86a629f1581b91866e11d Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Mon, 30 Nov 2020 21:42:52 +0100 Subject: [PATCH 11/14] lib/modules: Remove _module.checks.*.triggerPath as it's not necessary Previously this option was thought to be necessary to avoid infinite recursion, but it actually isn't, since the check evaluation isn't fed back into the module fixed-point. --- lib/modules.nix | 99 +++++-------------- lib/tests/modules.sh | 15 --- lib/tests/modules/assertions/enable-lazy.nix | 17 ---- .../modules/assertions/non-cascading.nix | 17 ---- lib/tests/modules/assertions/trigger-lazy.nix | 15 --- .../modules/assertions/trigger-submodule.nix | 18 ---- nixos/modules/misc/assertions.nix | 6 -- 7 files changed, 22 insertions(+), 165 deletions(-) delete mode 100644 lib/tests/modules/assertions/enable-lazy.nix delete mode 100644 lib/tests/modules/assertions/non-cascading.nix delete mode 100644 lib/tests/modules/assertions/trigger-lazy.nix delete mode 100644 lib/tests/modules/assertions/trigger-submodule.nix diff --git a/lib/modules.nix b/lib/modules.nix index 9aa638231bf4..2c827a01e01b 100644 --- a/lib/modules.nix +++ b/lib/modules.nix @@ -192,32 +192,6 @@ rec { Enabling both ''${options.services.foo.enable} and ''${options.services.bar.enable} is not possible. ''; }; - - options.triggerPath = mkOption { - description = '' - The config path which when evaluated should - trigger this check. By default this is - [], meaning evaluating - config at all will trigger the check. - On NixOS this default is changed to - [ "system" "build" "toplevel" such that - only a system evaluation triggers the checks. - - Evaluating config from within the current - module evaluation doesn't cause a trigger. Only accessing it - from outside will do that. This means it's easy to miss - failing checks if this option doesn't have an externally-accessed - value. - - ''; - # Mark as internal as it's easy to misuse it - internal = true; - type = types.uniq (types.listOf types.str); - # Default to [], causing checks to be triggered when - # anything is evaluated. This is a safe and convenient default. - default = []; - example = [ "system" "build" "vm" ]; - }; }); }; }; @@ -258,63 +232,34 @@ rec { # paths, meaning recursiveUpdate will never override any value else recursiveUpdate freeformConfig declaredConfig; - /* - Inject a list of checks into a config value, corresponding to their - triggerPath (meaning when that path is accessed from the result of this - function, the check triggers). - */ - injectChecks = checks: config: let - # Partition into checks that are triggered on this level and ones that aren't - parted = lib.partition (a: length a.triggerPath == 0) checks; + # Triggers all checks defined by _module.checks before returning its argument + triggerChecks = let - # From the ones that are triggered, filter out ones that aren't enabled - # and group into warnings/errors - byType = lib.groupBy (a: a.type) (filter (a: a.enable) parted.right); + handleCheck = errors: name: + let + value = config._module.checks.${name}; + show = + # Assertions with a _ prefix aren't meant to be configurable + if lib.hasPrefix "_" name then value.message + else "[${showOption prefix}${optionalString (prefix != []) "/"}${name}] ${value.message}"; + in + if ! value.enable then errors + else if value.type == "warning" then lib.warn show errors + else if value.type == "error" then errors ++ [ show ] + else abort "Unknown check type ${value.type}"; - # Triggers semantically are just lib.id, but they print warning cause errors in addition - warningTrigger = value: lib.foldr (w: warn w.show) value (byType.warning or []); - errorTrigger = value: - if byType.error or [] == [] then value else - throw '' - Failed checks: - ${lib.concatMapStringsSep "\n" (a: "- ${a.show}") byType.error} - ''; - # Trigger for both warnings and errors - trigger = value: warningTrigger (errorTrigger value); + errors = lib.foldl' handleCheck [] (lib.attrNames config._module.checks); - # From the non-triggered checks, split off the first element of triggerPath - # to get a mapping from nested attributes to a list of checks for that attribute - nested = lib.zipAttrs (map (a: { - ${head a.triggerPath} = a // { - triggerPath = lib.tail a.triggerPath; - }; - }) parted.wrong); + errorMessage = '' + Failed checks: + ${lib.concatMapStringsSep "\n" (a: "- ${a}") errors} + ''; - # Recursively inject checks if config is an attribute set and we - # have checks under its attributes - result = - if isAttrs config - then - mapAttrs (name: value: - if nested ? ${name} - then injectChecks nested.${name} value - else value - ) config - else config; - in trigger result; + trigger = if errors == [] then null else throw errorMessage; - # List of checks for this module evaluation, where each check also - # has a `show` attribute for how to show it if triggered - checks = mapAttrsToList (name: value: - let id = - if lib.hasPrefix "_" name then "" - else "[${showOption prefix}${optionalString (prefix != []) "/"}${name}] "; - in value // { - show = "${id}${value.message}"; - } - ) config._module.checks; + in builtins.seq trigger; - finalConfig = injectChecks checks (removeAttrs config [ "_module" ]); + finalConfig = triggerChecks (removeAttrs config [ "_module" ]); checkUnmatched = if config._module.check && config._module.freeformType == null && merged.unmatchedDefns != [] then diff --git a/lib/tests/modules.sh b/lib/tests/modules.sh index 43bcabdf8167..9e85c90d15c5 100755 --- a/lib/tests/modules.sh +++ b/lib/tests/modules.sh @@ -278,13 +278,6 @@ checkConfigOutput baz config.value.nested.bar.baz ./types-anything/mk-mods.nix ## Module assertions # Check that assertions are triggered by default for just evaluating config checkConfigError 'Failed checks:\n- \[test\] Assertion failed' config ./assertions/simple.nix -# Check that assertions are only triggered if they have a triggerPath that's evaluated -checkConfigError 'Failed checks:\n- \[test\] Assertion failed' config.foo ./assertions/trigger-lazy.nix -checkConfigOutput true config.bar ./assertions/trigger-lazy.nix - -# The assertions enable condition should only be evaluated if the trigger is evaluated -checkConfigError 'enable evaluated' config.foo ./assertions/enable-lazy.nix -checkConfigOutput true config.bar ./assertions/enable-lazy.nix # Assertion is not triggered when enable is false checkConfigOutput '{ }' config ./assertions/enable-false.nix @@ -292,10 +285,6 @@ checkConfigOutput '{ }' config ./assertions/enable-false.nix # Warnings should be displayed on standard error checkConfigCodeOutErr 0 '{ }' 'warning: \[test\] Warning message' config ./assertions/warning.nix -# A triggerPath can be set to a submodule path -checkConfigOutput '{ baz = ; }' config.foo.bar ./assertions/trigger-submodule.nix -checkConfigError 'Failed checks:\n- \[test\] Assertion failed' config.foo.bar.baz ./assertions/trigger-submodule.nix - # Check that multiple assertions and warnings can be triggered at once checkConfigError 'Failed checks:\n- \[test1\] Assertion 1 failed\n- \[test2\] Assertion 2 failed' config ./assertions/multi.nix checkConfigError 'trace: warning: \[test3\] Warning 3 failed\ntrace: warning: \[test4\] Warning 4 failed' config ./assertions/multi.nix @@ -305,10 +294,6 @@ checkConfigError 'Failed checks:\n- \[foo/test\] Assertion failed' config.foo ./ checkConfigError 'Failed checks:\n- \[foo.bar/test\] Assertion failed' config.foo.bar ./assertions/submodule-attrsOf.nix checkConfigError 'Failed checks:\n- \[foo.bar.baz/test\] Assertion failed' config.foo.bar.baz ./assertions/submodule-attrsOf-attrsOf.nix -# Assertions aren't triggered when the trigger path is only evaluated from within the same module evaluation -# This behavior is necessary to allow assertions to depend on config values. This could potentially be changed in the future if all of NixOS' assertions are rewritten to not depend on any config values -checkConfigOutput true config.bar ./assertions/non-cascading.nix - # Assertions with an attribute starting with _ shouldn't have their name displayed checkConfigError 'Failed checks:\n- Assertion failed' config ./assertions/underscore-attributes.nix diff --git a/lib/tests/modules/assertions/enable-lazy.nix b/lib/tests/modules/assertions/enable-lazy.nix deleted file mode 100644 index e25190228649..000000000000 --- a/lib/tests/modules/assertions/enable-lazy.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ lib, ... }: { - - options.foo = lib.mkOption { - default = true; - }; - - options.bar = lib.mkOption { - default = true; - }; - - config._module.checks.test = { - enable = throw "enable evaluated"; - message = "Assertion failed"; - triggerPath = [ "foo" ]; - }; - -} diff --git a/lib/tests/modules/assertions/non-cascading.nix b/lib/tests/modules/assertions/non-cascading.nix deleted file mode 100644 index 7b9e333a11a8..000000000000 --- a/lib/tests/modules/assertions/non-cascading.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ lib, config, ... }: { - - options.foo = lib.mkOption { - default = true; - }; - - options.bar = lib.mkOption { - default = config.foo; - }; - - config._module.checks.foo = { - enable = true; - message = "Foo assertion"; - triggerPath = [ "foo" ]; - }; - -} diff --git a/lib/tests/modules/assertions/trigger-lazy.nix b/lib/tests/modules/assertions/trigger-lazy.nix deleted file mode 100644 index 9e9e3683b0cd..000000000000 --- a/lib/tests/modules/assertions/trigger-lazy.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ lib, ... }: { - options.foo = lib.mkOption { - default = true; - }; - - options.bar = lib.mkOption { - default = true; - }; - - config._module.checks.test = { - enable = true; - message = "Assertion failed"; - triggerPath = [ "foo" ]; - }; -} diff --git a/lib/tests/modules/assertions/trigger-submodule.nix b/lib/tests/modules/assertions/trigger-submodule.nix deleted file mode 100644 index 27deb48e4a9f..000000000000 --- a/lib/tests/modules/assertions/trigger-submodule.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ lib, ... }: { - - options.foo = lib.mkOption { - default = { bar = {}; }; - type = lib.types.attrsOf (lib.types.submodule { - options.baz = lib.mkOption { - default = true; - }; - }); - }; - - config._module.checks.test = { - enable = true; - message = "Assertion failed"; - triggerPath = [ "foo" "bar" "baz" ]; - }; - -} diff --git a/nixos/modules/misc/assertions.nix b/nixos/modules/misc/assertions.nix index e8b1f5afca3f..6a26a2332f25 100644 --- a/nixos/modules/misc/assertions.nix +++ b/nixos/modules/misc/assertions.nix @@ -29,12 +29,6 @@ with lib; ''; }; - _module.checks = mkOption { - type = types.attrsOf (types.submodule { - triggerPath = mkDefault [ "system" "build" "toplevel" ]; - }); - }; - }; config._module.checks = lib.listToAttrs (lib.imap1 (n: value: From 991dfccbd1935aabb76a20245ca0108aadd38f3c Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Mon, 30 Nov 2020 22:10:48 +0100 Subject: [PATCH 12/14] lib/modules: _module.check should always be internal Honestly this option should probably just be removed --- lib/modules.nix | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/lib/modules.nix b/lib/modules.nix index 2c827a01e01b..23dbe962491b 100644 --- a/lib/modules.nix +++ b/lib/modules.nix @@ -73,19 +73,20 @@ rec { check ? true }: let - # This internal module declare internal options under the `_module' - # attribute. These options are fragile, as they are used by the - # module system to change the interpretation of modules. + # An internal module that's always added, defining special options which + # change the behavior of the module evaluation itself. This is under a + # `_`-prefixed namespace in order to prevent name clashes with + # user-defined options internalModule = rec { # FIXME: Using ./modules.nix directly breaks the doc for some reason _file = "lib/modules.nix"; key = _file; - # These options are set to be internal only for prefix != [], aka it's - # a submodule evaluation. This way their docs are displayed only once - # as a top-level NixOS option, but will be hidden for all submodules, - # even though they are available there too + # Most of these options are set to be internal only for prefix != [], + # aka it's a submodule evaluation. This way their docs are displayed + # only once as a top-level NixOS option, but will be hidden for all + # submodules, even though they are available there too options = { _module.args = mkOption { # Because things like `mkIf` are entirely useless for @@ -101,7 +102,7 @@ rec { _module.check = mkOption { type = types.bool; - internal = prefix != []; + internal = true; default = check; description = '' Whether to check whether all option definitions have matching From 767d80099cd8418b3cc7338eb24f9217fedb6449 Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Mon, 30 Nov 2020 22:38:56 +0100 Subject: [PATCH 13/14] lib/modules: Introduce _module.checks.*.check Previously the .enable option was used to encode the condition as well, which lead to some oddness: - In order to encode an assertion, one had to invert it - To disable a check, one had to mkForce it By introducing a separate .check option this is solved because: - It can be used to encode assertions - Disabling is done separately with .enable option, whose default can be overridden without a mkForce --- lib/modules.nix | 36 +++++++++---------- lib/tests/modules.sh | 3 +- .../modules/assertions/condition-true.nix | 8 +++++ lib/tests/modules/assertions/enable-false.nix | 1 + lib/tests/modules/assertions/multi.nix | 8 ++--- lib/tests/modules/assertions/simple.nix | 2 +- .../assertions/submodule-attrsOf-attrsOf.nix | 2 +- .../modules/assertions/submodule-attrsOf.nix | 2 +- lib/tests/modules/assertions/submodule.nix | 2 +- .../assertions/underscore-attributes.nix | 2 +- lib/tests/modules/assertions/warning.nix | 2 +- nixos/doc/manual/development/assertions.xml | 34 +++++++++--------- nixos/modules/misc/assertions.nix | 2 +- 13 files changed, 56 insertions(+), 48 deletions(-) create mode 100644 lib/tests/modules/assertions/condition-true.nix diff --git a/lib/modules.nix b/lib/modules.nix index 23dbe962491b..468c373d6aa4 100644 --- a/lib/modules.nix +++ b/lib/modules.nix @@ -155,17 +155,22 @@ rec { default = {}; internal = prefix != []; type = types.attrsOf (types.submodule { - # TODO: Rename to assertion? Or allow also setting assertion? options.enable = mkOption { description = '' - Whether to enable this check. - - This is the inverse of asserting a condition: If a certain - condition should be true, then this - option should be set to false when that - case occurs - + Whether to enable this check. Set this to false to not trigger + any errors or warning messages. This is useful for ignoring a + check in case it doesn't make sense in certain scenarios. ''; + default = true; + type = types.bool; + }; + + options.check = mkOption { + description = '' + The condition that must succeed in order for this check to be + successful and not trigger a warning or error. + ''; + readOnly = true; type = types.bool; }; @@ -189,9 +194,7 @@ rec { and use ''${options.path.to.option}. ''; type = types.str; - example = literalExample '' - Enabling both ''${options.services.foo.enable} and ''${options.services.bar.enable} is not possible. - ''; + example = "Enabling both \${options.services.foo.enable} and \${options.services.bar.enable} is not possible."; }; }); }; @@ -244,7 +247,7 @@ rec { if lib.hasPrefix "_" name then value.message else "[${showOption prefix}${optionalString (prefix != []) "/"}${name}] ${value.message}"; in - if ! value.enable then errors + if value.enable -> value.check then errors else if value.type == "warning" then lib.warn show errors else if value.type == "error" then errors ++ [ show ] else abort "Unknown check type ${value.type}"; @@ -885,8 +888,7 @@ rec { }); config._module.checks = let opt = getAttrFromPath optionName options; in { - ${showOption optionName} = { - enable = mkDefault opt.isDefined; + ${showOption optionName} = lib.mkIf opt.isDefined { message = '' The option definition `${showOption optionName}' in ${showFiles opt.files} no longer has any effect; please remove it. ${replacementInstructions} @@ -958,8 +960,7 @@ rec { let val = getAttrFromPath f config; opt = getAttrFromPath f options; in { - ${showOption f} = { - enable = mkDefault (val != "_mkMergedOptionModule"); + ${showOption f} = lib.mkIf (val != "_mkMergedOptionModule") { type = "warning"; message = "The option `${showOption f}' defined in ${showFiles opt.files} has been changed to `${showOption to}' that has a different type. Please read `${showOption to}' documentation and update your configuration accordingly."; }; @@ -1024,8 +1025,7 @@ rec { }); config = mkMerge [ { - _module.checks.${showOption from} = { - enable = mkDefault (warn && fromOpt.isDefined); + _module.checks.${showOption from} = mkIf (warn && fromOpt.isDefined) { type = "warning"; message = "The option `${showOption from}' defined in ${showFiles fromOpt.files} has been renamed to `${showOption to}'."; }; diff --git a/lib/tests/modules.sh b/lib/tests/modules.sh index 9e85c90d15c5..775be9f7209b 100755 --- a/lib/tests/modules.sh +++ b/lib/tests/modules.sh @@ -279,7 +279,8 @@ checkConfigOutput baz config.value.nested.bar.baz ./types-anything/mk-mods.nix # Check that assertions are triggered by default for just evaluating config checkConfigError 'Failed checks:\n- \[test\] Assertion failed' config ./assertions/simple.nix -# Assertion is not triggered when enable is false +# Assertion is not triggered when enable is false or condition is true +checkConfigOutput '{ }' config ./assertions/condition-true.nix checkConfigOutput '{ }' config ./assertions/enable-false.nix # Warnings should be displayed on standard error diff --git a/lib/tests/modules/assertions/condition-true.nix b/lib/tests/modules/assertions/condition-true.nix new file mode 100644 index 000000000000..7ca0817a2397 --- /dev/null +++ b/lib/tests/modules/assertions/condition-true.nix @@ -0,0 +1,8 @@ +{ + + _module.checks.test = { + check = true; + message = "Assertion failed"; + }; + +} diff --git a/lib/tests/modules/assertions/enable-false.nix b/lib/tests/modules/assertions/enable-false.nix index c326c086f03f..11f753bb32e8 100644 --- a/lib/tests/modules/assertions/enable-false.nix +++ b/lib/tests/modules/assertions/enable-false.nix @@ -2,6 +2,7 @@ _module.checks.test = { enable = false; + check = false; message = "Assertion failed"; }; diff --git a/lib/tests/modules/assertions/multi.nix b/lib/tests/modules/assertions/multi.nix index ebbe17f3a558..1e2e14b8643a 100644 --- a/lib/tests/modules/assertions/multi.nix +++ b/lib/tests/modules/assertions/multi.nix @@ -2,20 +2,20 @@ _module.checks = { test1 = { - enable = true; + check = false; message = "Assertion 1 failed"; }; test2 = { - enable = true; + check = false; message = "Assertion 2 failed"; }; test3 = { - enable = true; + check = false; message = "Warning 3 failed"; type = "warning"; }; test4 = { - enable = true; + check = false; message = "Warning 4 failed"; type = "warning"; }; diff --git a/lib/tests/modules/assertions/simple.nix b/lib/tests/modules/assertions/simple.nix index a63b8090f910..115d89a30362 100644 --- a/lib/tests/modules/assertions/simple.nix +++ b/lib/tests/modules/assertions/simple.nix @@ -1,6 +1,6 @@ { _module.checks.test = { - enable = true; + check = false; message = "Assertion failed"; }; } diff --git a/lib/tests/modules/assertions/submodule-attrsOf-attrsOf.nix b/lib/tests/modules/assertions/submodule-attrsOf-attrsOf.nix index a5f92aa93c7d..27a63d1e4329 100644 --- a/lib/tests/modules/assertions/submodule-attrsOf-attrsOf.nix +++ b/lib/tests/modules/assertions/submodule-attrsOf-attrsOf.nix @@ -4,7 +4,7 @@ default = { bar.baz = {}; }; type = lib.types.attrsOf (lib.types.attrsOf (lib.types.submodule { _module.checks.test = { - enable = true; + check = false; message = "Assertion failed"; }; })); diff --git a/lib/tests/modules/assertions/submodule-attrsOf.nix b/lib/tests/modules/assertions/submodule-attrsOf.nix index 450cad0804df..aac5937cf7e5 100644 --- a/lib/tests/modules/assertions/submodule-attrsOf.nix +++ b/lib/tests/modules/assertions/submodule-attrsOf.nix @@ -4,7 +4,7 @@ default = { bar = {}; }; type = lib.types.attrsOf (lib.types.submodule { _module.checks.test = { - enable = true; + check = false; message = "Assertion failed"; }; }); diff --git a/lib/tests/modules/assertions/submodule.nix b/lib/tests/modules/assertions/submodule.nix index a46734a326bf..4e7e0b1bd61e 100644 --- a/lib/tests/modules/assertions/submodule.nix +++ b/lib/tests/modules/assertions/submodule.nix @@ -4,7 +4,7 @@ default = {}; type = lib.types.submodule { _module.checks.test = { - enable = true; + check = false; message = "Assertion failed"; }; }; diff --git a/lib/tests/modules/assertions/underscore-attributes.nix b/lib/tests/modules/assertions/underscore-attributes.nix index c28c9dcd9180..f9ee5c5787b0 100644 --- a/lib/tests/modules/assertions/underscore-attributes.nix +++ b/lib/tests/modules/assertions/underscore-attributes.nix @@ -1,7 +1,7 @@ { _module.checks._test = { - enable = true; + check = false; message = "Assertion failed"; }; diff --git a/lib/tests/modules/assertions/warning.nix b/lib/tests/modules/assertions/warning.nix index 8fed9871aa2c..72598ba3fdd5 100644 --- a/lib/tests/modules/assertions/warning.nix +++ b/lib/tests/modules/assertions/warning.nix @@ -1,7 +1,7 @@ { _module.checks.test = { - enable = true; + check = false; type = "warning"; message = "Warning message"; }; diff --git a/nixos/doc/manual/development/assertions.xml b/nixos/doc/manual/development/assertions.xml index a873345ef43a..31d09f958af5 100644 --- a/nixos/doc/manual/development/assertions.xml +++ b/nixos/doc/manual/development/assertions.xml @@ -25,28 +25,26 @@ Checks can be defined using the option. - Each check needs an attribute name, under which you have to define an enable - condition using and a - message using . Note that - the enable condition is inverse of what an assertion - would be: To assert a value being true, the enable condition should be false - in that case, so that it isn't triggered. For the check message, you can add + Each check needs an attribute name, under which you can define a trigger + assertion using and a + message using . + For the message, you can add options to the module arguments and use ${options.path.to.option} to print a context-aware string - representation of the option path. Here is an example showing how this can be + representation of an option path. Here is an example showing how this can be done. { config, options, ... }: { _module.checks.gpgSshAgent = { - enable = config.programs.gnupg.agent.enableSSHSupport && config.programs.ssh.startAgent; - message = "You can't enable both ${options.programs.ssh.startAgent}" - + " and ${options.programs.gnupg.agent.enableSSHSupport}!"; + check = config.programs.gnupg.agent.enableSSHSupport -> !config.programs.ssh.startAgent; + message = "If you have ${options.programs.gnupg.agent.enableSSHSupport} enabled," + + " you can't enable ${options.programs.ssh.startAgent} as well!"; }; _module.checks.grafanaPassword = { - enable = config.services.grafana.database.password != ""; + check = config.services.grafana.database.password == ""; message = "The grafana password defined with ${options.services.grafana.database.password}" + " will be stored as plaintext in the Nix store!"; # This is a non-fatal warning @@ -74,8 +72,8 @@ trace: warning: [grafanaPassword] The grafana password defined with services.grafana.database.password will be stored as plaintext in the Nix store! error: Failed checks: -- [gpgSshAgent] You can't enable both programs.ssh.startAgent and - programs.gnupg.agent.enableSSHSupport! +- [gpgSshAgent] If you have programs.gnupg.agent.enableSSHSupport + enabled, you can't enable programs.ssh.startAgent as well! @@ -87,12 +85,12 @@ error: Failed checks: -{ lib, ... }: { +{ # Change the error into a non-fatal warning _module.checks.gpgSshAgent.type = "warning"; # We don't care about this warning, disable it - _module.checks.grafanaPassword.enable = lib.mkForce false; + _module.checks.grafanaPassword.enable = false; } @@ -113,7 +111,7 @@ error: Failed checks: options.port = lib.mkOption {}; config._module.checks.portConflict = { - enable = config.port == 80; + check = config.port != 80; message = "Port ${toString config.port} defined using" + " ${options.port} is usually used for HTTP"; type = "warning"; @@ -143,8 +141,8 @@ trace: warning: [myServices.foo/portConflict] Port 80 defined using -{ lib, ... }: { - myServices.foo._module.checks.portConflict.enable = lib.mkForce false; +{ + myServices.foo._module.checks.portConflict.enable = false; } diff --git a/nixos/modules/misc/assertions.nix b/nixos/modules/misc/assertions.nix index 6a26a2332f25..d7cdb32491d3 100644 --- a/nixos/modules/misc/assertions.nix +++ b/nixos/modules/misc/assertions.nix @@ -36,7 +36,7 @@ with lib; name = "_${toString n}"; isWarning = lib.isString value; result = { - enable = if isWarning then true else ! value.assertion; + check = if isWarning then false else value.assertion; type = if isWarning then "warning" else "error"; message = if isWarning then value else value.message; }; From a6a70d14a9f7b885e65a51c5e6bd02145884ee50 Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Thu, 17 Dec 2020 21:50:51 +0100 Subject: [PATCH 14/14] lib/modules: Prefix mkRemovedOptionModule & co. check names To avoid name clashes Co-authored-by: Robert Hensing --- lib/modules.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/modules.nix b/lib/modules.nix index 468c373d6aa4..5548c5f7049c 100644 --- a/lib/modules.nix +++ b/lib/modules.nix @@ -888,7 +888,7 @@ rec { }); config._module.checks = let opt = getAttrFromPath optionName options; in { - ${showOption optionName} = lib.mkIf opt.isDefined { + ${"removed-" + showOption optionName} = lib.mkIf opt.isDefined { message = '' The option definition `${showOption optionName}' in ${showFiles opt.files} no longer has any effect; please remove it. ${replacementInstructions} @@ -960,7 +960,7 @@ rec { let val = getAttrFromPath f config; opt = getAttrFromPath f options; in { - ${showOption f} = lib.mkIf (val != "_mkMergedOptionModule") { + ${"merged" + showOption f} = lib.mkIf (val != "_mkMergedOptionModule") { type = "warning"; message = "The option `${showOption f}' defined in ${showFiles opt.files} has been changed to `${showOption to}' that has a different type. Please read `${showOption to}' documentation and update your configuration accordingly."; }; @@ -1025,7 +1025,7 @@ rec { }); config = mkMerge [ { - _module.checks.${showOption from} = mkIf (warn && fromOpt.isDefined) { + _module.checks.${"renamed-" + showOption from} = mkIf (warn && fromOpt.isDefined) { type = "warning"; message = "The option `${showOption from}' defined in ${showFiles fromOpt.files} has been renamed to `${showOption to}'."; };