From 294c5548b9bc160dc1757e31d015e7a1cc975a48 Mon Sep 17 00:00:00 2001
From: Johannes Kirschbauer <hsjobeki@gmail.com>
Date: Wed, 19 Jun 2024 13:03:15 +0200
Subject: [PATCH 1/4] Inventory: add concrete use-case examples

---
 lib/jsonschema/default.nix         | 3 ++-
 lib/jsonschema/example-schema.json | 5 ++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/jsonschema/default.nix b/lib/jsonschema/default.nix
index df3f63b8..0a92da9b 100644
--- a/lib/jsonschema/default.nix
+++ b/lib/jsonschema/default.nix
@@ -47,7 +47,7 @@ rec {
     let
       evaled = lib.evalModules { modules = [ module ]; };
     in
-    parseOptions evaled.options;
+    { "$schema" = "http://json-schema.org/draft-07/schema#"; } // parseOptions evaled.options;
 
   # parses a set of evaluated nixos options to a jsonschema
   parseOptions =
@@ -66,6 +66,7 @@ rec {
     // {
       type = "object";
       inherit properties;
+      additionalProperties = false;
     };
 
   # parses and evaluated nixos option to a jsonschema property definition
diff --git a/lib/jsonschema/example-schema.json b/lib/jsonschema/example-schema.json
index 0073369e..1538a680 100644
--- a/lib/jsonschema/example-schema.json
+++ b/lib/jsonschema/example-schema.json
@@ -59,9 +59,8 @@
             "type": "string"
           }
         },
-        "required": [
-          "repo"
-        ],
+        "required": ["repo"],
+        "additionalProperties": false,
         "type": "object"
       },
       "default": {},

From 13c3169b413c0075a9ceb06b014f0e4b2810127e Mon Sep 17 00:00:00 2001
From: Johannes Kirschbauer <hsjobeki@gmail.com>
Date: Mon, 24 Jun 2024 15:47:25 +0200
Subject: [PATCH 2/4] lib: eval clan module as lib function

---
 lib/default.nix                   |  1 +
 lib/eval-clan-modules/default.nix | 34 +++++++++++++++++++++++++++++++
 lib/flake-module.nix              |  2 +-
 pkgs/schemas/flake-module.nix     | 28 ++++++-------------------
 4 files changed, 42 insertions(+), 23 deletions(-)
 create mode 100644 lib/eval-clan-modules/default.nix

diff --git a/lib/default.nix b/lib/default.nix
index e9fbde4d..ef5fe7ac 100644
--- a/lib/default.nix
+++ b/lib/default.nix
@@ -5,6 +5,7 @@
   ...
 }:
 {
+  evalClanModules = import ./eval-clan-modules { inherit clan-core nixpkgs lib; };
   jsonschema = import ./jsonschema { inherit lib; };
   modules = import ./description.nix { inherit clan-core lib; };
   buildClan = import ./build-clan { inherit clan-core lib nixpkgs; };
diff --git a/lib/eval-clan-modules/default.nix b/lib/eval-clan-modules/default.nix
new file mode 100644
index 00000000..814388d7
--- /dev/null
+++ b/lib/eval-clan-modules/default.nix
@@ -0,0 +1,34 @@
+{
+  nixpkgs,
+  clan-core,
+  lib,
+}:
+let
+  inherit (import nixpkgs { system = "x86_64-linux"; }) pkgs;
+
+  inherit (clan-core) clanModules;
+
+  baseModule = {
+    imports = (import (pkgs.path + "/nixos/modules/module-list.nix")) ++ [
+      {
+        nixpkgs.hostPlatform = "x86_64-linux";
+        clan.core.clanName = "dummy";
+      }
+    ];
+  };
+
+  # This function takes a list of module names and evaluates them
+  # evalClanModules :: [ String ] -> { config, options, ... }
+  evalClanModules =
+    modulenames:
+    let
+      evaled = lib.evalModules {
+        modules = [
+          baseModule
+          clan-core.nixosModules.clanCore
+        ] ++ (map (name: clanModules.${name}) modulenames);
+      };
+    in
+    evaled;
+in
+evalClanModules
diff --git a/lib/flake-module.nix b/lib/flake-module.nix
index 48437bb1..ef93467b 100644
--- a/lib/flake-module.nix
+++ b/lib/flake-module.nix
@@ -7,7 +7,7 @@
 {
   imports = [ ./jsonschema/flake-module.nix ];
   flake.lib = import ./default.nix {
-    inherit lib;
+    inherit lib inputs;
     inherit (inputs) nixpkgs;
     clan-core = self;
   };
diff --git a/pkgs/schemas/flake-module.nix b/pkgs/schemas/flake-module.nix
index 9ba6f4ef..59c25d01 100644
--- a/pkgs/schemas/flake-module.nix
+++ b/pkgs/schemas/flake-module.nix
@@ -10,37 +10,21 @@
       #   borgbackup = self.clanModules.borgbackup;
       # };
 
-      baseModule = {
-        imports = (import (pkgs.path + "/nixos/modules/module-list.nix")) ++ [
-          {
-            nixpkgs.hostPlatform = "x86_64-linux";
-            clan.core.clanName = "dummy";
-          }
-        ];
-      };
-
       optionsFromModule =
-        modulename: module:
+        mName:
         let
-          evaled = lib.evalModules {
-            modules = [
-              module
-              baseModule
-              self.nixosModules.clanCore
-            ];
-          };
+          eval = self.lib.evalClanModules [ mName ];
         in
-        # Filter out "injected" options that are not part of the module
-        if (evaled.options.clan ? "${modulename}") then evaled.options.clan.${modulename} else { };
+        if (eval.options.clan ? "${mName}") then eval.options.clan.${mName} else { };
 
       clanModuleSchemas = lib.mapAttrs (
-        modulename: module: self.lib.jsonschema.parseOptions (optionsFromModule modulename module)
+        modulename: _: self.lib.jsonschema.parseOptions (optionsFromModule modulename)
       ) clanModules;
 
-      clanModuleFunctionSchemas = lib.mapAttrsFlatten (modulename: module: {
+      clanModuleFunctionSchemas = lib.mapAttrsFlatten (modulename: _: {
         name = modulename;
         description = self.lib.modules.getShortDescription modulename;
-        parameters = self.lib.jsonschema.parseOptions (optionsFromModule modulename module);
+        parameters = self.lib.jsonschema.parseOptions (optionsFromModule modulename);
       }) clanModules;
     in
     rec {

From 51154c1d544fe96448ed59dcad2be55c41bed73f Mon Sep 17 00:00:00 2001
From: Johannes Kirschbauer <hsjobeki@gmail.com>
Date: Mon, 24 Jun 2024 15:55:48 +0200
Subject: [PATCH 3/4] schema improvements: add additionalProperties: false to
 ensure closed types

---
 lib/jsonschema/example-schema.json   | 2 ++
 lib/jsonschema/test_parseOption.nix  | 4 ++++
 lib/jsonschema/test_parseOptions.nix | 2 ++
 3 files changed, 8 insertions(+)

diff --git a/lib/jsonschema/example-schema.json b/lib/jsonschema/example-schema.json
index 1538a680..a470b3e4 100644
--- a/lib/jsonschema/example-schema.json
+++ b/lib/jsonschema/example-schema.json
@@ -1,5 +1,6 @@
 {
   "type": "object",
+  "additionalProperties": false,
   "properties": {
     "name": {
       "type": "string",
@@ -38,6 +39,7 @@
     },
     "services": {
       "type": "object",
+      "additionalProperties": false,
       "properties": {
         "opt": {
           "type": "string",
diff --git a/lib/jsonschema/test_parseOption.nix b/lib/jsonschema/test_parseOption.nix
index 8471ed43..930eee44 100644
--- a/lib/jsonschema/test_parseOption.nix
+++ b/lib/jsonschema/test_parseOption.nix
@@ -278,6 +278,7 @@ in
       expr = slib.parseOption (evalType (lib.types.submodule subModule) { });
       expected = {
         type = "object";
+        additionalProperties = false;
         properties = {
           opt = {
             type = "boolean";
@@ -301,6 +302,7 @@ in
       expr = slib.parseOption (evalType (lib.types.submodule subModule) { });
       expected = {
         type = "object";
+        additionalProperties = false;
         properties = {
           opt = {
             type = "boolean";
@@ -331,6 +333,7 @@ in
         type = "object";
         additionalProperties = {
           type = "object";
+          additionalProperties = false;
           properties = {
             opt = {
               type = "boolean";
@@ -363,6 +366,7 @@ in
         type = "array";
         items = {
           type = "object";
+          additionalProperties = false;
           properties = {
             opt = {
               type = "boolean";
diff --git a/lib/jsonschema/test_parseOptions.nix b/lib/jsonschema/test_parseOptions.nix
index 1faf6e3b..d32dde37 100644
--- a/lib/jsonschema/test_parseOptions.nix
+++ b/lib/jsonschema/test_parseOptions.nix
@@ -26,8 +26,10 @@ in
     {
       expr = slib.parseOptions evaled.options;
       expected = {
+        additionalProperties = false;
         properties = {
           foo = {
+            additionalProperties = false;
             properties = {
               bar = {
                 type = "boolean";

From d7dc66da031e3a0c116485cc72b3c1b562f65470 Mon Sep 17 00:00:00 2001
From: Johannes Kirschbauer <hsjobeki@gmail.com>
Date: Mon, 24 Jun 2024 16:00:46 +0200
Subject: [PATCH 4/4] Json-schema tests: add schema specifier to test

---
 lib/jsonschema/example-schema.json   | 1 +
 lib/jsonschema/test_parseOptions.nix | 9 +--------
 2 files changed, 2 insertions(+), 8 deletions(-)

diff --git a/lib/jsonschema/example-schema.json b/lib/jsonschema/example-schema.json
index a470b3e4..dbdb7536 100644
--- a/lib/jsonschema/example-schema.json
+++ b/lib/jsonschema/example-schema.json
@@ -1,4 +1,5 @@
 {
+  "$schema": "http://json-schema.org/draft-07/schema#",
   "type": "object",
   "additionalProperties": false,
   "properties": {
diff --git a/lib/jsonschema/test_parseOptions.nix b/lib/jsonschema/test_parseOptions.nix
index d32dde37..9467160f 100644
--- a/lib/jsonschema/test_parseOptions.nix
+++ b/lib/jsonschema/test_parseOptions.nix
@@ -4,16 +4,9 @@
   lib ? (import <nixpkgs> { }).lib,
   slib ? import ./. { inherit lib; },
 }:
-let
-  evaledOptions =
-    let
-      evaledConfig = lib.evalModules { modules = [ ./example-interface.nix ]; };
-    in
-    evaledConfig.options;
-in
 {
   testParseOptions = {
-    expr = slib.parseOptions evaledOptions;
+    expr = slib.parseModule ./example-interface.nix;
     expected = builtins.fromJSON (builtins.readFile ./example-schema.json);
   };