diff options
author | ajs124 <git@ajs124.de> | 2022-07-29 00:46:48 +0200 |
---|---|---|
committer | zowoq <59103226+zowoq@users.noreply.github.com> | 2022-08-02 07:28:13 +1000 |
commit | 0d5c464ad611c9d7b8ba20717591ad435404ebcf (patch) | |
tree | 4281214403e1956a10d5f868dad990dd9a340975 /pkgs/development/go-modules | |
parent | 6f435e54b5fa853027d01f11d88b0c4102970eaf (diff) | |
download | nixpkgs-0d5c464ad611c9d7b8ba20717591ad435404ebcf.tar nixpkgs-0d5c464ad611c9d7b8ba20717591ad435404ebcf.tar.gz nixpkgs-0d5c464ad611c9d7b8ba20717591ad435404ebcf.tar.bz2 nixpkgs-0d5c464ad611c9d7b8ba20717591ad435404ebcf.tar.lz nixpkgs-0d5c464ad611c9d7b8ba20717591ad435404ebcf.tar.xz nixpkgs-0d5c464ad611c9d7b8ba20717591ad435404ebcf.tar.zst nixpkgs-0d5c464ad611c9d7b8ba20717591ad435404ebcf.zip |
buildGoModule: add vendorHash
the _unset hack is kind of ugly, but it needs to default to something and it can't be null, because that already has special meaning
Diffstat (limited to 'pkgs/development/go-modules')
-rw-r--r-- | pkgs/development/go-modules/generic/default.nix | 40 |
1 files changed, 30 insertions, 10 deletions
diff --git a/pkgs/development/go-modules/generic/default.nix b/pkgs/development/go-modules/generic/default.nix index b6af52d0efb..0ca16f80b41 100644 --- a/pkgs/development/go-modules/generic/default.nix +++ b/pkgs/development/go-modules/generic/default.nix @@ -19,17 +19,20 @@ # path to go.mod and go.sum directory , modRoot ? "./" -# vendorSha256 is the sha256 of the vendored dependencies +# vendorHash is the SRI hash of the vendored dependencies # -# if vendorSha256 is null, then we won't fetch any dependencies and +# if vendorHash is null, then we won't fetch any dependencies and # rely on the vendor folder within the source. -, vendorSha256 +, vendorHash ? "_unset" +# same as vendorHash, but outputHashAlgo is hardcoded to sha256 +# so regular base32 sha256 hashes work +, vendorSha256 ? "_unset" # Whether to delete the vendor folder supplied with the source. , deleteVendor ? false # Whether to fetch (go mod download) and proxy the vendor directory. # This is useful if your code depends on c code and go mod tidy does not # include the needed sources to build or if any dependency has case-insensitive -# conflicts which will produce platform dependant `vendorSha256` checksums. +# conflicts which will produce platform dependant `vendorHash` checksums. , proxyVendor ? false # We want parallel builds by default @@ -55,11 +58,23 @@ with builtins; assert goPackagePath != "" -> throw "`goPackagePath` is not needed with `buildGoModule`"; +assert (vendorSha256 == "_unset" && vendorHash == "_unset") -> throw "either `vendorHash` or `vendorSha256` is required"; +assert (vendorSha256 != "_unset" && vendorHash != "_unset") -> throw "both `vendorHash` and `vendorSha256` set. only one can be set."; let - args = removeAttrs args' [ "overrideModAttrs" "vendorSha256" ]; + hasAnyVendorHash = (vendorSha256 != null && vendorSha256 != "_unset") || (vendorHash != null && vendorHash != "_unset"); + vendorHashType = + if hasAnyVendorHash then + if vendorSha256 != null && vendorSha256 != "_unset" then + "sha256" + else + "sri" + else + null; + + args = removeAttrs args' [ "overrideModAttrs" "vendorSha256" "vendorHash" ]; - go-modules = if vendorSha256 != null then stdenv.mkDerivation (let modArgs = { + go-modules = if hasAnyVendorHash then stdenv.mkDerivation (let modArgs = { name = "${name}-go-modules"; @@ -98,7 +113,7 @@ let fi '' + '' if [ -d vendor ]; then - echo "vendor folder exists, please set 'vendorSha256 = null;' in your expression" + echo "vendor folder exists, please set 'vendorHash = null;' or 'vendorSha256 = null;' in your expression" exit 10 fi @@ -134,9 +149,14 @@ let }; in modArgs // ( { outputHashMode = "recursive"; + } // (if (vendorHashType == "sha256") then { outputHashAlgo = "sha256"; outputHash = vendorSha256; - } + } else { + outputHash = vendorHash; + }) // (lib.optionalAttrs (vendorHashType == "sri" && vendorHash == "") { + outputHashAlgo = "sha256"; + }) ) // overrideModAttrs modArgs) else ""; package = stdenv.mkDerivation (args // { @@ -156,7 +176,7 @@ let export GOPROXY=off export GOSUMDB=off cd "$modRoot" - '' + lib.optionalString (vendorSha256 != null) '' + '' + lib.optionalString hasAnyVendorHash '' ${if proxyVendor then '' export GOPROXY=file://${go-modules} '' else '' @@ -274,7 +294,7 @@ let disallowedReferences = lib.optional (!allowGoReference) go; - passthru = passthru // { inherit go go-modules vendorSha256 ; }; + passthru = passthru // { inherit go go-modules vendorSha256 vendorHash; }; enableParallelBuilding = enableParallelBuilding; |