1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
|
{ lib
, stdenv
, buildGoModule
, buildGo121Module
, fetchFromGitHub
, fetchFromGitLab
, callPackage
, config
, writeShellScript
, cdrtools # libvirt
}:
let
# Our generic constructor to build new providers.
#
# Is designed to combine with the terraform.withPlugins implementation.
mkProvider = lib.makeOverridable
({ owner
, repo
, rev
, spdx ? "UNSET"
, version ? lib.removePrefix "v" rev
, hash
, vendorHash
, deleteVendor ? false
, proxyVendor ? false
, mkProviderFetcher ? fetchFromGitHub
, mkProviderGoModule ? buildGoModule
# "https://registry.terraform.io/providers/vancluever/acme"
, homepage ? ""
# "registry.terraform.io/vancluever/acme"
, provider-source-address ? lib.replaceStrings [ "https://registry" ".io/providers" ] [ "registry" ".io" ] homepage
, ...
}@attrs:
assert lib.stringLength provider-source-address > 0;
mkProviderGoModule {
pname = repo;
inherit vendorHash version deleteVendor proxyVendor;
subPackages = [ "." ];
doCheck = false;
# https://github.com/hashicorp/terraform-provider-scaffolding/blob/a8ac8375a7082befe55b71c8cbb048493dd220c2/.goreleaser.yml
# goreleaser (used for builds distributed via terraform registry) requires that CGO is disabled
CGO_ENABLED = 0;
ldflags = [ "-s" "-w" "-X main.version=${version}" "-X main.commit=${rev}" ];
src = mkProviderFetcher {
name = "source-${rev}";
inherit owner repo rev hash;
};
# nixpkgs-update: no auto update
# easier to update all providers together
meta = {
inherit homepage;
license = lib.getLicenseFromSpdxId spdx;
};
# Move the provider to libexec
postInstall = ''
dir=$out/libexec/terraform-providers/${provider-source-address}/${version}/''${GOOS}_''${GOARCH}
mkdir -p "$dir"
mv $out/bin/* "$dir/terraform-provider-$(basename ${provider-source-address})_${version}"
rmdir $out/bin
'';
# Keep the attributes around for later consumption
passthru = attrs // {
inherit provider-source-address;
updateScript = writeShellScript "update" ''
provider="$(basename ${provider-source-address})"
./pkgs/applications/networking/cluster/terraform-providers/update-provider "$provider"
'';
};
});
list = lib.importJSON ./providers.json;
# These providers are managed with the ./update-all script
automated-providers = lib.mapAttrs (_: attrs: mkProvider attrs) list;
# These are the providers that don't fall in line with the default model
special-providers =
{
# github api seems to be broken, doesn't just fail to recognize the license, it's ignored entirely.
checkly = automated-providers.checkly.override { spdx = "MIT"; };
gitlab = automated-providers.gitlab.override { mkProviderFetcher = fetchFromGitLab; owner = "gitlab-org"; };
# actions update always fails but can't reproduce the failure.
heroku = automated-providers.heroku.override { spdx = "MPL-2.0"; };
# mkisofs needed to create ISOs holding cloud-init data and wrapped to terraform via deecb4c1aab780047d79978c636eeb879dd68630
libvirt = automated-providers.libvirt.overrideAttrs (_: { propagatedBuildInputs = [ cdrtools ]; });
tailscale = automated-providers.tailscale.override { mkProviderGoModule = buildGo121Module; };
};
# Put all the providers we not longer support in this list.
removed-providers =
let
archived = name: date: throw "the ${name} terraform provider has been archived by upstream on ${date}";
removed = name: date: throw "the ${name} terraform provider removed from nixpkgs on ${date}";
in
lib.optionalAttrs config.allowAliases {
fly = archived "fly" "2023/10";
ksyun = removed "ksyun" "2023/04";
};
# excluding aliases, used by terraform-full
actualProviders = automated-providers // special-providers;
in
actualProviders // removed-providers // { inherit actualProviders mkProvider; }
|