mirror of
https://github.com/ryantm/nixpkgs-update.git
synced 2024-12-12 00:35:10 +03:00
Drop hub dependency
Also be more permissive when a GitHub token isn't available.
This commit is contained in:
parent
f739d495cd
commit
8e5317cb5e
15
app/Main.hs
15
app/Main.hs
@ -10,6 +10,7 @@ import qualified Data.Text as T
|
||||
import qualified Data.Text.IO as T
|
||||
import DeleteMerged (deleteDone)
|
||||
import Git
|
||||
import qualified GitHub as GH
|
||||
import NVD (withVulnDB)
|
||||
import qualified Nix
|
||||
import qualified Options.Applicative as O
|
||||
@ -134,19 +135,19 @@ main = do
|
||||
hSetBuffering stderr LineBuffering
|
||||
command <- O.execParser programInfo
|
||||
ghUser <- getGithubUser
|
||||
token <- getGithubToken <|> undefined
|
||||
token <- fromMaybe "" <$> getGithubToken
|
||||
P.setEnv "GITHUB_TOKEN" (T.unpack token) True
|
||||
P.setEnv "GITHUB_API_TOKEN" (T.unpack token) True
|
||||
P.setEnv "PAGER" "" True
|
||||
case command of
|
||||
DeleteDone delete -> do
|
||||
Git.setupNixpkgs token
|
||||
setupNixpkgs $ GH.untagName ghUser
|
||||
deleteDone delete token ghUser
|
||||
Update UpdateOptions {pr, cve, nixpkgsReview, outpaths, attrpathOpt} update -> do
|
||||
Git.setupNixpkgs token
|
||||
setupNixpkgs $ GH.untagName ghUser
|
||||
updatePackage (Options pr False ghUser token cve nixpkgsReview outpaths attrpathOpt) update
|
||||
UpdateBatch UpdateOptions {pr, cve, nixpkgsReview, outpaths, attrpathOpt} update -> do
|
||||
Git.setupNixpkgs token
|
||||
setupNixpkgs $ GH.untagName ghUser
|
||||
updatePackage (Options pr True ghUser token cve nixpkgsReview outpaths attrpathOpt) update
|
||||
Version -> do
|
||||
v <- runExceptT Nix.version
|
||||
@ -155,17 +156,17 @@ main = do
|
||||
Right t -> T.putStrLn t
|
||||
UpdateVulnDB -> withVulnDB $ \_conn -> pure ()
|
||||
CheckAllVulnerable -> do
|
||||
setupNixpkgs undefined
|
||||
setupNixpkgs $ GH.untagName ghUser
|
||||
updates <- T.readFile "packages-to-update.txt"
|
||||
cveAll undefined updates
|
||||
CheckVulnerable productID oldVersion newVersion -> do
|
||||
setupNixpkgs undefined
|
||||
setupNixpkgs $ GH.untagName ghUser
|
||||
report <-
|
||||
cveReport
|
||||
(UpdateEnv productID oldVersion newVersion Nothing (Options False False ghUser token False False False False))
|
||||
T.putStrLn report
|
||||
SourceGithub -> do
|
||||
updates <- T.readFile "packages-to-update.txt"
|
||||
setupNixpkgs token
|
||||
setupNixpkgs $ GH.untagName ghUser
|
||||
sourceGithubAll (Options False False ghUser token False False False False) updates
|
||||
FetchRepology -> Repology.fetch
|
||||
|
@ -7,7 +7,12 @@ subcommand.
|
||||
|
||||
1. Setup [hub](https://github.com/github/hub) and give it your GitHub
|
||||
credentials, so it saves an oauth token. This allows nixpkgs-update
|
||||
to query the GitHub API.
|
||||
to query the GitHub API. Alternatively, if you prefer not to install
|
||||
and configure `hub`, you can manually create a GitHub token with
|
||||
`repo` and `gist` scopes. Provide it to `nixpkgs-update` by
|
||||
exporting it as the `GITHUB_TOKEN` environment variable
|
||||
(`nixpkgs-update` reads credentials from the files `hub` uses but
|
||||
no longer uses `hub` itself).
|
||||
|
||||
2. Clone this repository and build `nixpkgs-update`:
|
||||
```bash
|
||||
|
@ -10,9 +10,8 @@ nixpkgs-update supports interactive, single package updates via the
|
||||
and configure `hub`, you can manually create a GitHub token with
|
||||
`repo` and `gist` scopes. Provide it to `nixpkgs-update` by
|
||||
exporting it as the `GITHUB_TOKEN` environment variable
|
||||
(`nixpkgs-update` _only_ tries to use `hub` to check out the
|
||||
`nixpkgs` repo into your XDG cache directory, if you run
|
||||
`nixpkgs-update` outside of a `nixpkgs` checkout directory).
|
||||
(`nixpkgs-update` reads credentials from the files `hub` uses but
|
||||
no longer uses `hub` itself).
|
||||
2. Go to your local checkout of nixpkgs, and **make sure the working
|
||||
directory is clean**. Be on a branch you are okay committing to.
|
||||
3. Run it like: `nixpkgs-update update "postman 7.20.0 7.21.2"`
|
||||
|
@ -12,7 +12,6 @@ let
|
||||
drvAttrs = attrs: with pkgs; {
|
||||
NIX = nix;
|
||||
GIT = git;
|
||||
HUB = gitAndTools.hub;
|
||||
JQ = jq;
|
||||
TREE = tree;
|
||||
GIST = gist;
|
||||
|
20
src/Git.hs
20
src/Git.hs
@ -34,12 +34,10 @@ import qualified Data.Vector as V
|
||||
import Language.Haskell.TH.Env (envQ)
|
||||
import OurPrelude hiding (throw)
|
||||
import System.Directory (doesDirectoryExist, doesFileExist, getModificationTime, getCurrentDirectory, setCurrentDirectory)
|
||||
import System.Environment (getEnv)
|
||||
import System.Environment.XDG.BaseDir (getUserCacheDir)
|
||||
import System.Exit()
|
||||
import System.IO.Error (tryIOError)
|
||||
import System.Posix.Env (setEnv)
|
||||
import qualified System.Process.Typed
|
||||
import Utils (Options (..), UpdateEnv (..), branchName, branchPrefix)
|
||||
|
||||
bin :: String
|
||||
@ -48,12 +46,6 @@ bin = fromJust ($$(envQ "GIT") :: Maybe String) <> "/bin/git"
|
||||
procGit :: [String] -> ProcessConfig () () ()
|
||||
procGit = proc bin
|
||||
|
||||
hubBin :: String
|
||||
hubBin = fromJust ($$(envQ "HUB") :: Maybe String) <> "/bin/hub"
|
||||
|
||||
procHub :: [String] -> ProcessConfig () () ()
|
||||
procHub = proc hubBin
|
||||
|
||||
clean :: ProcessConfig () () ()
|
||||
clean = silently $ procGit ["clean", "-fdx"]
|
||||
|
||||
@ -156,19 +148,15 @@ nixpkgsDir = do
|
||||
-- Since we are going to have to fetch, git reset, clean, and commit, we setup a
|
||||
-- cache dir to avoid destroying any uncommitted work the user may have in PWD.
|
||||
setupNixpkgs :: Text -> IO ()
|
||||
setupNixpkgs githubt = do
|
||||
setupNixpkgs ghUser = do
|
||||
fp <- nixpkgsDir
|
||||
exists <- doesDirectoryExist fp
|
||||
unless exists $ do
|
||||
path <- getEnv "PATH"
|
||||
procHub ["clone", "nixpkgs", fp]
|
||||
& System.Process.Typed.setEnv -- requires that user has forked nixpkgs
|
||||
[ ("PATH" :: String, path),
|
||||
("GITHUB_TOKEN" :: String, githubt & T.unpack)
|
||||
]
|
||||
procGit ["clone", "--origin", "upstream", "https://github.com/NixOS/nixpkgs.git", fp]
|
||||
& runProcess_
|
||||
setCurrentDirectory fp
|
||||
shell (bin <> " remote add upstream https://github.com/NixOS/nixpkgs")
|
||||
procGit ["remote", "add", "origin", "https://github.com/" <> T.unpack ghUser <> "/nixpkgs.git"]
|
||||
-- requires that user has forked nixpkgs
|
||||
& runProcess_
|
||||
inNixpkgs <- inNixpkgsRepo
|
||||
unless inNixpkgs do
|
||||
|
@ -297,12 +297,12 @@ hubConfigField field = do
|
||||
token = T.takeWhile (/= '\n') $ head (drop 1 splits)
|
||||
return $ Just token
|
||||
|
||||
getGithubToken :: IO Text
|
||||
getGithubToken :: IO (Maybe Text)
|
||||
getGithubToken = do
|
||||
et <- envToken
|
||||
lt <- localToken
|
||||
ht <- hubConfigField "oauth_token: "
|
||||
return $ fromJust (et <|> lt <|> ht)
|
||||
return (et <|> lt <|> ht)
|
||||
|
||||
getGithubUser :: IO (GH.Name GH.Owner)
|
||||
getGithubUser = do
|
||||
|
Loading…
Reference in New Issue
Block a user