nix-community/nixpkgs-update
1
1
Fork 0
mirror of https://github.com/nix-community/nixpkgs-update.git synced 2024-09-11 14:05:43 +03:00
Code Issues Packages Projects Releases Wiki Activity

Drop hub dependency

Browse Source 
Also be more permissive when a GitHub token isn't available.
This commit is contained in:
Ryan Hendrickson 2023-03-02 23:30:36 -05:00
parent f739d495cd
commit 8e5317cb5e
6 changed files with 22 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
app/Main.hs
View File

@ -10,6 +10,7 @@ import qualified Data.Text as T
import qualified Data.Text.IO as T import qualified Data.Text.IO as T
import DeleteMerged (deleteDone) import DeleteMerged (deleteDone)
import Git import Git
import qualified GitHub as GH
import NVD (withVulnDB) import NVD (withVulnDB)
import qualified Nix import qualified Nix
import qualified Options.Applicative as O import qualified Options.Applicative as O
@ -134,19 +135,19 @@ main = do
hSetBuffering stderr LineBuffering hSetBuffering stderr LineBuffering
command <- O.execParser programInfo command <- O.execParser programInfo
ghUser <- getGithubUser ghUser <- getGithubUser
token <- getGithubToken <|> undefined token <- fromMaybe "" <$> getGithubToken
P.setEnv "GITHUB_TOKEN" (T.unpack token) True P.setEnv "GITHUB_TOKEN" (T.unpack token) True
P.setEnv "GITHUB_API_TOKEN" (T.unpack token) True P.setEnv "GITHUB_API_TOKEN" (T.unpack token) True
P.setEnv "PAGER" "" True P.setEnv "PAGER" "" True
case command of case command of
DeleteDone delete -> do DeleteDone delete -> do
Git.setupNixpkgs token setupNixpkgs $ GH.untagName ghUser
deleteDone delete token ghUser deleteDone delete token ghUser
Update UpdateOptions {pr, cve, nixpkgsReview, outpaths, attrpathOpt} update -> do Update UpdateOptions {pr, cve, nixpkgsReview, outpaths, attrpathOpt} update -> do
Git.setupNixpkgs token setupNixpkgs $ GH.untagName ghUser
updatePackage (Options pr False ghUser token cve nixpkgsReview outpaths attrpathOpt) update updatePackage (Options pr False ghUser token cve nixpkgsReview outpaths attrpathOpt) update
UpdateBatch UpdateOptions {pr, cve, nixpkgsReview, outpaths, attrpathOpt} update -> do UpdateBatch UpdateOptions {pr, cve, nixpkgsReview, outpaths, attrpathOpt} update -> do
Git.setupNixpkgs token setupNixpkgs $ GH.untagName ghUser
updatePackage (Options pr True ghUser token cve nixpkgsReview outpaths attrpathOpt) update updatePackage (Options pr True ghUser token cve nixpkgsReview outpaths attrpathOpt) update
Version -> do Version -> do
v <- runExceptT Nix.version v <- runExceptT Nix.version
@ -155,17 +156,17 @@ main = do
Right t -> T.putStrLn t Right t -> T.putStrLn t
UpdateVulnDB -> withVulnDB $ \_conn -> pure () UpdateVulnDB -> withVulnDB $ \_conn -> pure ()
CheckAllVulnerable -> do CheckAllVulnerable -> do
setupNixpkgs undefined setupNixpkgs $ GH.untagName ghUser
updates <- T.readFile "packages-to-update.txt" updates <- T.readFile "packages-to-update.txt"
cveAll undefined updates cveAll undefined updates
CheckVulnerable productID oldVersion newVersion -> do CheckVulnerable productID oldVersion newVersion -> do
setupNixpkgs undefined setupNixpkgs $ GH.untagName ghUser
report <- report <-
cveReport cveReport
(UpdateEnv productID oldVersion newVersion Nothing (Options False False ghUser token False False False False)) (UpdateEnv productID oldVersion newVersion Nothing (Options False False ghUser token False False False False))
T.putStrLn report T.putStrLn report
SourceGithub -> do SourceGithub -> do
updates <- T.readFile "packages-to-update.txt" updates <- T.readFile "packages-to-update.txt"
setupNixpkgs token setupNixpkgs $ GH.untagName ghUser
sourceGithubAll (Options False False ghUser token False False False False) updates sourceGithubAll (Options False False ghUser token False False False False) updates
FetchRepology -> Repology.fetch FetchRepology -> Repology.fetch

7
doc/batch-updates.md
View File

@ -7,7 +7,12 @@ subcommand.
1. Setup [hub](https://github.com/github/hub) and give it your GitHub 1. Setup [hub](https://github.com/github/hub) and give it your GitHub
credentials, so it saves an oauth token. This allows nixpkgs-update credentials, so it saves an oauth token. This allows nixpkgs-update
to query the GitHub API. to query the GitHub API. Alternatively, if you prefer not to install
and configure `hub`, you can manually create a GitHub token with
`repo` and `gist` scopes. Provide it to `nixpkgs-update` by
exporting it as the `GITHUB_TOKEN` environment variable
(`nixpkgs-update` reads credentials from the files `hub` uses but
no longer uses `hub` itself).
2. Clone this repository and build `nixpkgs-update`: 2. Clone this repository and build `nixpkgs-update`:
```bash ```bash

5
doc/interactive-updates.md
View File

@ -10,9 +10,8 @@ nixpkgs-update supports interactive, single package updates via the
and configure `hub`, you can manually create a GitHub token with and configure `hub`, you can manually create a GitHub token with
`repo` and `gist` scopes. Provide it to `nixpkgs-update` by `repo` and `gist` scopes. Provide it to `nixpkgs-update` by
exporting it as the `GITHUB_TOKEN` environment variable exporting it as the `GITHUB_TOKEN` environment variable
(`nixpkgs-update` _only_ tries to use `hub` to check out the (`nixpkgs-update` reads credentials from the files `hub` uses but
`nixpkgs` repo into your XDG cache directory, if you run no longer uses `hub` itself).
`nixpkgs-update` outside of a `nixpkgs` checkout directory).
2. Go to your local checkout of nixpkgs, and **make sure the working 2. Go to your local checkout of nixpkgs, and **make sure the working
directory is clean**. Be on a branch you are okay committing to. directory is clean**. Be on a branch you are okay committing to.
3. Run it like: `nixpkgs-update update "postman 7.20.0 7.21.2"` 3. Run it like: `nixpkgs-update update "postman 7.20.0 7.21.2"`

1
pkgs/default.nix
View File

@ -12,7 +12,6 @@ let
drvAttrs = attrs: with pkgs; { drvAttrs = attrs: with pkgs; {
NIX = nix; NIX = nix;
GIT = git; GIT = git;
HUB = gitAndTools.hub;
JQ = jq; JQ = jq;
TREE = tree; TREE = tree;
GIST = gist; GIST = gist;

20
src/Git.hs
View File

@ -34,12 +34,10 @@ import qualified Data.Vector as V
import Language.Haskell.TH.Env (envQ) import Language.Haskell.TH.Env (envQ)
import OurPrelude hiding (throw) import OurPrelude hiding (throw)
import System.Directory (doesDirectoryExist, doesFileExist, getModificationTime, getCurrentDirectory, setCurrentDirectory) import System.Directory (doesDirectoryExist, doesFileExist, getModificationTime, getCurrentDirectory, setCurrentDirectory)
import System.Environment (getEnv)
import System.Environment.XDG.BaseDir (getUserCacheDir) import System.Environment.XDG.BaseDir (getUserCacheDir)
import System.Exit() import System.Exit()
import System.IO.Error (tryIOError) import System.IO.Error (tryIOError)
import System.Posix.Env (setEnv) import System.Posix.Env (setEnv)
import qualified System.Process.Typed
import Utils (Options (..), UpdateEnv (..), branchName, branchPrefix) import Utils (Options (..), UpdateEnv (..), branchName, branchPrefix)
bin :: String bin :: String
@ -48,12 +46,6 @@ bin = fromJust ($$(envQ "GIT") :: Maybe String) <> "/bin/git"
procGit :: [String] -> ProcessConfig () () () procGit :: [String] -> ProcessConfig () () ()
procGit = proc bin procGit = proc bin
hubBin :: String
hubBin = fromJust ($$(envQ "HUB") :: Maybe String) <> "/bin/hub"
procHub :: [String] -> ProcessConfig () () ()
procHub = proc hubBin
clean :: ProcessConfig () () () clean :: ProcessConfig () () ()
clean = silently $ procGit ["clean", "-fdx"] clean = silently $ procGit ["clean", "-fdx"]
@ -156,19 +148,15 @@ nixpkgsDir = do
-- Since we are going to have to fetch, git reset, clean, and commit, we setup a -- Since we are going to have to fetch, git reset, clean, and commit, we setup a
-- cache dir to avoid destroying any uncommitted work the user may have in PWD. -- cache dir to avoid destroying any uncommitted work the user may have in PWD.
setupNixpkgs :: Text -> IO () setupNixpkgs :: Text -> IO ()
setupNixpkgs githubt = do setupNixpkgs ghUser = do
fp <- nixpkgsDir fp <- nixpkgsDir
exists <- doesDirectoryExist fp exists <- doesDirectoryExist fp
unless exists $ do unless exists $ do
path <- getEnv "PATH" procGit ["clone", "--origin", "upstream", "https://github.com/NixOS/nixpkgs.git", fp]
procHub ["clone", "nixpkgs", fp]
& System.Process.Typed.setEnv -- requires that user has forked nixpkgs
[ ("PATH" :: String, path),
("GITHUB_TOKEN" :: String, githubt & T.unpack)
]
& runProcess_ & runProcess_
setCurrentDirectory fp setCurrentDirectory fp
shell (bin <> " remote add upstream https://github.com/NixOS/nixpkgs") procGit ["remote", "add", "origin", "https://github.com/" <> T.unpack ghUser <> "/nixpkgs.git"]
-- requires that user has forked nixpkgs
& runProcess_ & runProcess_
inNixpkgs <- inNixpkgsRepo inNixpkgs <- inNixpkgsRepo
unless inNixpkgs do unless inNixpkgs do

4
src/Utils.hs
View File

@ -297,12 +297,12 @@ hubConfigField field = do
token = T.takeWhile (/= '\n') $ head (drop 1 splits) token = T.takeWhile (/= '\n') $ head (drop 1 splits)
return $ Just token return $ Just token
getGithubToken :: IO Text getGithubToken :: IO (Maybe Text)
getGithubToken = do getGithubToken = do
et <- envToken et <- envToken
lt <- localToken lt <- localToken
ht <- hubConfigField "oauth_token: " ht <- hubConfigField "oauth_token: "
return $ fromJust (et <|> lt <|> ht) return (et <|> lt <|> ht)
getGithubUser :: IO (GH.Name GH.Owner) getGithubUser :: IO (GH.Name GH.Owner)
getGithubUser = do getGithubUser = do