internal scripts: use pinned, cached pkgs
Instead of setting up the script PATH via nix-shell, use
`nix shell` with inputs from the nix-bitcoin flake.
Advantages:
- Uses the nixpkgs version from the nix-bitcoin flake instead of
`<nixpkgs>` from the user env (NIX_PATH), so the script runtime
env is reproducible.
- The pkg derivations for the runtime env are cached, which greatly
increases script startup speed.
This commit was generated by running the following script inside the
repo root dir:
def transform(path, src)
if src =~ /#! *nix-shell +-i +bash +-p +(.*)/
pkgs = $1
if src =~ /^.*?(set -e.*?pipefail)\n/
set_statement = $1
src.sub!($&, '')
end
src.sub!(/\A.*?#! *nix-shell.*?\n/m, '')
parents = ([ '..' ] * (path.split('/').count - 1)).join('/')
[
'#!/usr/bin/env bash',
*set_statement,
%(. "${BASH_SOURCE[0]%/*}/#{parents}/helper/run-in-nix-env" "#{pkgs}" "$@"),
nil,
src
].join("\n")
end
end
Dir['**/*.sh'].each do |f|
src = File.read(f)
if new_src = transform(f, src)
puts "Changed file #{f}"
File.write(f, new_src)
end
end
2022-08-22 15:57:39 +03:00
|
|
|
#!/usr/bin/env bash
|
2020-04-24 17:51:32 +03:00
|
|
|
set -euo pipefail
|
internal scripts: use pinned, cached pkgs
Instead of setting up the script PATH via nix-shell, use
`nix shell` with inputs from the nix-bitcoin flake.
Advantages:
- Uses the nixpkgs version from the nix-bitcoin flake instead of
`<nixpkgs>` from the user env (NIX_PATH), so the script runtime
env is reproducible.
- The pkg derivations for the runtime env are cached, which greatly
increases script startup speed.
This commit was generated by running the following script inside the
repo root dir:
def transform(path, src)
if src =~ /#! *nix-shell +-i +bash +-p +(.*)/
pkgs = $1
if src =~ /^.*?(set -e.*?pipefail)\n/
set_statement = $1
src.sub!($&, '')
end
src.sub!(/\A.*?#! *nix-shell.*?\n/m, '')
parents = ([ '..' ] * (path.split('/').count - 1)).join('/')
[
'#!/usr/bin/env bash',
*set_statement,
%(. "${BASH_SOURCE[0]%/*}/#{parents}/helper/run-in-nix-env" "#{pkgs}" "$@"),
nil,
src
].join("\n")
end
end
Dir['**/*.sh'].each do |f|
src = File.read(f)
if new_src = transform(f, src)
puts "Changed file #{f}"
File.write(f, new_src)
end
end
2022-08-22 15:57:39 +03:00
|
|
|
. "${BASH_SOURCE[0]%/*}/../../helper/run-in-nix-env" "nodePackages.node2nix gnupg wget jq moreutils gnused" "$@"
|
2020-04-24 17:51:32 +03:00
|
|
|
|
2022-08-16 22:00:00 +03:00
|
|
|
TMPDIR=$(mktemp -d -p /tmp)
|
|
|
|
trap 'rm -rf $TMPDIR' EXIT
|
2020-04-24 17:51:32 +03:00
|
|
|
|
2021-11-09 18:19:14 +03:00
|
|
|
version="0.3.1"
|
2021-12-14 21:51:21 +03:00
|
|
|
repo=https://github.com/shesek/spark-wallet
|
|
|
|
|
|
|
|
# Fetch and verify source tarball
|
|
|
|
file=spark-wallet-${version}-npm.tgz
|
2022-08-16 22:00:00 +03:00
|
|
|
url=$repo/releases/download/v${version}/$file
|
2020-04-24 17:51:32 +03:00
|
|
|
export GNUPGHOME=$TMPDIR
|
2020-08-25 15:39:54 +03:00
|
|
|
gpg --keyserver hkps://keyserver.ubuntu.com --recv-key FCF19B67866562F08A43AAD681F6104CD0F150FC
|
2022-08-16 22:00:00 +03:00
|
|
|
wget -P "$TMPDIR" "$url"
|
|
|
|
wget -P "$TMPDIR" "$repo/releases/download/v${version}/SHA256SUMS.asc"
|
|
|
|
gpg --verify "$TMPDIR/SHA256SUMS.asc"
|
|
|
|
(cd "$TMPDIR"; sha256sum --check --ignore-missing SHA256SUMS.asc)
|
|
|
|
hash=$(nix hash file "$TMPDIR/$file")
|
2021-12-14 21:51:21 +03:00
|
|
|
|
|
|
|
# Extract source
|
|
|
|
src=$TMPDIR/src
|
2022-08-16 22:00:00 +03:00
|
|
|
mkdir "$src"
|
|
|
|
tar xvf "$TMPDIR/$file" -C "$src" --strip-components 1 >/dev/null
|
2020-04-24 17:51:32 +03:00
|
|
|
|
|
|
|
# Make qrcode-terminal a strict dependency so that node2nix includes it in the package derivation.
|
2022-08-16 22:00:00 +03:00
|
|
|
jq '.dependencies["qrcode-terminal"] = .optionalDependencies["qrcode-terminal"]' "$src/package.json" | sponge "$src/package.json"
|
2020-04-24 17:51:32 +03:00
|
|
|
|
2021-12-14 21:51:21 +03:00
|
|
|
node2nix \
|
2022-05-30 18:28:06 +03:00
|
|
|
--nodejs-14 \
|
2022-08-16 22:00:00 +03:00
|
|
|
--input "$src/package.json" \
|
|
|
|
--lock "$src/npm-shrinkwrap.json" \
|
2021-12-14 21:51:21 +03:00
|
|
|
--composition composition.nix \
|
|
|
|
--no-copy-node-env
|
2020-04-24 17:51:32 +03:00
|
|
|
|
2021-12-14 21:51:21 +03:00
|
|
|
# Use node-env.nix from nixpkgs
|
2022-08-16 22:00:00 +03:00
|
|
|
# shellcheck disable=SC2016
|
2021-03-16 14:45:21 +03:00
|
|
|
nodeEnvImport='import "${toString pkgs.path}/pkgs/development/node-packages/node-env.nix"'
|
|
|
|
sed -i "s|import ./node-env.nix|$nodeEnvImport|" composition.nix
|
|
|
|
|
2021-12-14 21:51:21 +03:00
|
|
|
# Use the verified package src
|
2022-08-16 22:00:00 +03:00
|
|
|
read -rd '' fetchurl <<EOF || :
|
2021-12-14 21:51:21 +03:00
|
|
|
fetchurl {
|
|
|
|
url = "$url";
|
|
|
|
hash = "$hash";
|
|
|
|
};
|
|
|
|
EOF
|
2021-12-30 15:55:10 +03:00
|
|
|
|
|
|
|
sed -i "
|
|
|
|
# Use the verified package src
|
|
|
|
s|src = .*/src;|src = ${fetchurl//$'\n'/\\n}|
|
|
|
|
|
|
|
|
# github: use HTTPS instead of SSH, which requires user authentication
|
|
|
|
s|git+ssh://git@|https://|
|
|
|
|
s|ssh://git@|https://|
|
|
|
|
s|\.git#|#|
|
|
|
|
" node-packages.nix
|