From 6f53c067482743fd68a5beceeb1205fab0ebe4c4 Mon Sep 17 00:00:00 2001
From: Sandro Jäckel <sandro.jaeckel@sap.com>
Date: Wed, 15 Sep 2021 16:17:05 +0200
Subject: fetchgit: add support for netrc file through impure
 NIX_GIT_SSL_CAINFO env

---
 pkgs/build-support/fetchgit/default.nix | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

(limited to 'pkgs/build-support/fetchgit/default.nix')

diff --git a/pkgs/build-support/fetchgit/default.nix b/pkgs/build-support/fetchgit/default.nix
index 3222866dc78..c139030ea97 100644
--- a/pkgs/build-support/fetchgit/default.nix
+++ b/pkgs/build-support/fetchgit/default.nix
@@ -21,6 +21,11 @@ in
   postFetch ? ""
 , preferLocalBuild ? true
 , fetchLFS ? false
+, # Shell code to build a netrc file for BASIC auth
+  netrcPhase ? null
+, # Impure env vars (https://nixos.org/nix/manual/#sec-advanced-attributes)
+  # needed for netrcPhase
+  netrcImpureEnvVars ? []
 }:
 
 /* NOTE:
@@ -64,10 +69,17 @@ stdenvNoCC.mkDerivation {
 
   inherit url rev leaveDotGit fetchLFS fetchSubmodules deepClone branchName postFetch;
 
+  postHook = if netrcPhase == null then null else ''
+    ${netrcPhase}
+    # required that git uses the netrc file
+    mv {,.}netrc
+    export HOME=$PWD
+  '';
+
   GIT_SSL_CAINFO = "${cacert}/etc/ssl/certs/ca-bundle.crt";
 
-  impureEnvVars = lib.fetchers.proxyImpureEnvVars ++ [
-    "GIT_PROXY_COMMAND" "SOCKS_SERVER"
+  impureEnvVars = lib.fetchers.proxyImpureEnvVars ++ netrcImpureEnvVars ++ [
+    "GIT_PROXY_COMMAND" "NIX_GIT_SSL_CAINFO" "SOCKS_SERVER"
   ];
 
   inherit preferLocalBuild;
-- 
cgit 1.4.1