add home-manager and sops-nix to ci

checks/darwin.nix

@@ -0,0 +1,11 @@
+
+{
+  imports = [
+    ../modules/nix-darwin/default.nix
+  ];
+  documentation.enable = false;
+  sops.secrets.test_key = { };
+  sops.defaultSopsFile = ../pkgs/sops-install-secrets/test-assets/secrets.yaml;
+  sops.age.generateKey = true;
+  system.stateVersion = 5;
+}

checks/home-manager.nix

@@ -0,0 +1,15 @@
+
+{ config, ... }: {
+  imports = [
+    ../modules/home-manager/sops.nix
+  ];
+  home.stateVersion = "25.05";
+  home.username = "sops-user";
+  home.homeDirectory = "/home/sops-user";
+  home.enableNixpkgsReleaseCheck = false;
+
+  sops.age.generateKey = true;
+  sops.age.keyFile = "${config.home.homeDirectory}/.age-key.txt";
+  sops.secrets.test_key = { };
+  sops.defaultSopsFile = ../pkgs/sops-install-secrets/test-assets/secrets.yaml;
+}

dev/private.narHash

@@ -1 +1 @@
-sha256-qF9EiqHqJARLtA+ZABXa2mstgbza762DwoGEIGkyqVY=
+sha256-rXlTQPa9c8Ou52KO5S36sOyKUzurr5fuZcXnHr7g6YY=

dev/private/flake.nix

@@ -5,5 +5,11 @@
   inputs.treefmt-nix.url = "github:numtide/treefmt-nix";
   inputs.treefmt-nix.inputs.nixpkgs.follows = "nixpkgs-stable";
 
+  inputs.nix-darwin.url = "github:LnL7/nix-darwin";
+  inputs.nix-darwin.inputs.nixpkgs.follows = "nixpkgs-stable";
+
+  inputs.home-manager.url = "github:nix-community/home-manager";
+  inputs.home-manager.inputs.nixpkgs.follows = "nixpkgs-stable";
+
   outputs = _: { };
 }

flake.nix

@@ -78,7 +78,7 @@
       # dev outputs
       {
         checks = eachSystem (
-          { system, ... }:
+          { pkgs, system, ... }:
           let
             tests = self.packages.${system}.sops-install-secrets.tests;
             packages-stable = import ./default.nix {
@@ -90,7 +90,43 @@
               nixpkgs.lib.mapAttrs' (name: value: nixpkgs.lib.nameValuePair (name + version) value) attrs;
             suffix-stable = suffix-version "-24_05";
           in
-          tests // (suffix-stable tests-stable) // (suffix-stable packages-stable)
+          tests
+          // (suffix-stable tests-stable)
+          // (suffix-stable packages-stable)
+          // {
+            home-manager = self.legacyPackages.${system}.homeConfigurations.sops.activation-script;
+          }
+          // nixpkgs.lib.optionalAttrs pkgs.stdenv.isDarwin {
+            darwin-sops =
+              self.darwinConfigurations."sops-${pkgs.hostPlatform.darwinArch}".config.system.build.toplevel;
+          }
+        );
+
+        darwinConfigurations.sops-arm64 = privateInputs.nix-darwin.lib.darwinSystem {
+          modules = [
+            ./checks/darwin.nix
+            #{ nixpkgs.pkgs = nixpkgs.legacyPackages.aarch64-darwin; }
+            { nixpkgs.hostPlatform = "aarch64-darwin"; }
+          ];
+        };
+
+        darwinConfigurations.sops-x86_64 = privateInputs.nix-darwin.lib.darwinSystem {
+          modules = [
+            ./checks/darwin.nix
+            { nixpkgs.hostPlatform = "x86_64-darwin"; }
+          ];
+        };
+
+        legacyPackages = eachSystem (
+          { pkgs, ... }:
+          {
+            homeConfigurations.sops = privateInputs.home-manager.lib.homeManagerConfiguration {
+              modules = [
+                ./checks/home-manager.nix
+              ];
+              inherit pkgs;
+            };
+          }
         );
 
         apps = eachSystem (
@@ -110,7 +146,7 @@
           { pkgs, ... }:
           {
             unit-tests = pkgs.callPackage ./pkgs/unit-tests.nix { };
-            default = pkgs.callPackage ./shell.nix {};
+            default = pkgs.callPackage ./shell.nix { };
           }
         );
       };