mirror of
https://github.com/nmattia/niv.git
synced 2024-10-06 12:27:35 +03:00
Rewrite sources.nix to support several use cases
sources.nix now supports the following use cases: - nixpkgs is not set in the NIX_PATH - nixpkgs is set to ./. - sources.nix is evaluated with the restricted mode (no builtins)
This commit is contained in:
parent
f57c85d05e
commit
d7a25ecef7
82
Main.hs
82
Main.hs
@ -668,10 +668,48 @@ initNixSourcesNixContent :: String
|
||||
initNixSourcesNixContent = [s|
|
||||
# This file has been generated by Niv.
|
||||
|
||||
# A record, from name to path, of the third-party packages
|
||||
# These expressions are in charge of fetching sources defined in the
|
||||
# sources.json file.
|
||||
#
|
||||
# We try to use as much as possilbe fetchers from `nixpkgs` because
|
||||
# - they are supported by the Nix restricted evaluation mode
|
||||
# - they provide error messages cleaner than builtins fetchers.
|
||||
# When nixpkgs can not be found, we fallback to builtins fetchers.
|
||||
#
|
||||
# - If '<nixpkgs>' is defined and not set to the current path,
|
||||
# it is imported and fetchers come from it.
|
||||
# - If '<nixpkgs>' is not defined or set to the current path, we try to
|
||||
# find a `nixpkgs` attribute in `source.json`.
|
||||
# - If the `nixpkgs` attribute exists, it is fetched with `builtins.fetchTarball`
|
||||
# and it is imported. It then provides fetchers for other sources.
|
||||
# - If the `nixpkgs` attribute is not found, we still try to use builtins
|
||||
# fetchers when possible.
|
||||
|
||||
with rec
|
||||
{
|
||||
pkgs = import <nixpkgs> {};
|
||||
nixPathHasNixpkgs = (builtins.tryEval <nixpkgs>).success;
|
||||
# If nixpkgs is defined in sources.json
|
||||
sourcesHasNixpkgs = builtins.hasAttr "nixpkgs" sources;
|
||||
# `<nixpkgs> != ./.` leads to infinite recursion
|
||||
useNixpkgsFromNixPath = nixPathHasNixpkgs && <nixpkgs> != ./.;
|
||||
nixpkgsTypeIsTarball = (
|
||||
# For backward compatibility
|
||||
! builtins.hasAttr "type" sources.nixpkgs
|
||||
|| (builtins.hasAttr "type" sources.nixpkgs && sources.nixpkgs.type == "tarball"));
|
||||
|
||||
pkgs =
|
||||
if useNixpkgsFromNixPath
|
||||
then import <nixpkgs> {}
|
||||
else if sourcesHasNixpkgs
|
||||
then pkgsFromSources
|
||||
else abort "nixpkgs is not found while it is required. You should either set nixpkgs in your NIX_PATH or niv add nixpkgs.";
|
||||
|
||||
# Import nixpkgs from sources.json by using `builtins.fetchTarball`
|
||||
# to fetch it.
|
||||
pkgsFromSources =
|
||||
if nixpkgsTypeIsTarball
|
||||
then import (builtins.fetchTarball { inherit (sources.nixpkgs) url sha256; }) {}
|
||||
else abort "The type of nixpkgs must be either tarball or not specified";
|
||||
|
||||
sources = builtins.fromJSON (builtins.readFile ./sources.json);
|
||||
|
||||
@ -679,28 +717,40 @@ with rec
|
||||
(f: set: with builtins;
|
||||
listToAttrs (map (attr: { name = attr; value = f attr set.${attr}; }) (attrNames set)));
|
||||
|
||||
fetchers = {
|
||||
file =
|
||||
if useNixpkgsFromNixPath || sourcesHasNixpkgs
|
||||
then pkgs.fetchurl
|
||||
else builtins.fetchurl;
|
||||
tarball =
|
||||
if useNixpkgsFromNixPath || sourcesHasNixpkgs
|
||||
then pkgs.fetchzip
|
||||
else builtins.fetchTarball;
|
||||
};
|
||||
|
||||
getFetcher = spec:
|
||||
let fetcherName =
|
||||
if builtins.hasAttr "type" spec
|
||||
then builtins.getAttr "type" spec
|
||||
# For backward compatibility
|
||||
else "tarball";
|
||||
in builtins.getAttr fetcherName {
|
||||
"tarball" = pkgs.fetchzip;
|
||||
"file" = pkgs.fetchurl;
|
||||
"tarball" = fetchers.tarball;
|
||||
"file" = fetchers.file;
|
||||
};
|
||||
|
||||
outPath = spec:
|
||||
if builtins.hasAttr "outPath" spec
|
||||
then abort
|
||||
"The values in sources.json should not have an 'outPath' attribute"
|
||||
else
|
||||
if builtins.hasAttr "url" spec && builtins.hasAttr "sha256" spec
|
||||
then spec //
|
||||
{ outPath = getFetcher spec { inherit (spec) url sha256; } ; }
|
||||
else spec;
|
||||
|
||||
};
|
||||
# NOTE: spec must _not_ have an "outPath" attribute
|
||||
mapAttrs (_: spec:
|
||||
if builtins.hasAttr "outPath" spec
|
||||
then abort
|
||||
"The values in sources.json should not have an 'outPath' attribute"
|
||||
else
|
||||
if builtins.hasAttr "url" spec && builtins.hasAttr "sha256" spec
|
||||
then
|
||||
spec //
|
||||
{ outPath = getFetcher spec { inherit (spec) url sha256; } ; }
|
||||
else spec
|
||||
) sources
|
||||
mapAttrs (_: outPath) sources
|
||||
|]
|
||||
|
||||
-- | @nix/default.nix@
|
||||
|
38
script/test-sources
Executable file
38
script/test-sources
Executable file
@ -0,0 +1,38 @@
|
||||
#!/usr/bin/env nix-shell
|
||||
#!nix-shell -i bash
|
||||
#!nix-shell -I nixpkgs=./nix
|
||||
#!nix-shell -p nix
|
||||
#!nix-shell --pure
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
echo "*** Building Niv"
|
||||
NIV=$(nix-build -A niv)/bin/niv
|
||||
|
||||
echo "*** Running niv init"
|
||||
TEMPDIR=$(mktemp -d)
|
||||
pushd $TEMPDIR
|
||||
$NIV init
|
||||
|
||||
echo "*** Fetching niv sources: classical"
|
||||
echo " - nixpkgs is not in the NIX_PATH"
|
||||
echo " - nixpkgs in sources.json"
|
||||
nix-build nix/sources.nix -A niv
|
||||
|
||||
echo "*** Fetching niv sources: restricted evaluation mode"
|
||||
echo " - nixpkgs is not in the NIX_PATH"
|
||||
echo " - nixpkgs in sources.json"
|
||||
echo " - restrict-eval is true"
|
||||
export NIX_PATH=./
|
||||
nix-build nix/sources.nix -A niv \
|
||||
--option restrict-eval true \
|
||||
--option allowed-uris https://github.com
|
||||
|
||||
echo "*** Fetching niv sources: only builtins"
|
||||
echo " - nixpkgs is not in the NIX_PATH"
|
||||
echo " - nixpkgs not in sources.json"
|
||||
$NIV drop nixpkgs
|
||||
nix-build nix/sources.nix -A niv
|
||||
|
||||
echo "*** Tear down"
|
||||
rm -rf $TEMPDIR
|
Loading…
Reference in New Issue
Block a user