diff options
author | Shea Levy <shea@shealevy.com> | 2017-05-19 15:38:01 -0400 |
---|---|---|
committer | Shea Levy <shea@shealevy.com> | 2017-05-19 15:38:01 -0400 |
commit | b71b7ee62234dbf1863e9595bfeed961e951e491 (patch) | |
tree | ef6b75b62332c6ce01e3002405ae4f0e183ece60 /pkgs | |
parent | 06767b81e03b351c0a00a01eb6d75f58950ddcff (diff) | |
download | nixlib-b71b7ee62234dbf1863e9595bfeed961e951e491.tar nixlib-b71b7ee62234dbf1863e9595bfeed961e951e491.tar.gz nixlib-b71b7ee62234dbf1863e9595bfeed961e951e491.tar.bz2 nixlib-b71b7ee62234dbf1863e9595bfeed961e951e491.tar.lz nixlib-b71b7ee62234dbf1863e9595bfeed961e951e491.tar.xz nixlib-b71b7ee62234dbf1863e9595bfeed961e951e491.tar.zst nixlib-b71b7ee62234dbf1863e9595bfeed961e951e491.zip |
fetchFromGitHub: Allow private repos, hosted githubs
Diffstat (limited to 'pkgs')
-rw-r--r-- | pkgs/build-support/fetchurl/default.nix | 16 | ||||
-rw-r--r-- | pkgs/top-level/all-packages.nix | 23 |
2 files changed, 34 insertions, 5 deletions
diff --git a/pkgs/build-support/fetchurl/default.nix b/pkgs/build-support/fetchurl/default.nix index fea06e22ab46..5811950bf053 100644 --- a/pkgs/build-support/fetchurl/default.nix +++ b/pkgs/build-support/fetchurl/default.nix @@ -59,6 +59,13 @@ in , recursiveHash ? false +, # Shell code to build a netrc file for BASIC auth + netrcPhase ? null + +, # Impure env vars (http://nixos.org/nix/manual/#sec-advanced-attributes) + # needed for netrcPhase + netrcImpureEnvVars ? [] + , # Shell code executed after the file has been fetched # successfully. This can do things like check or transform the file. postFetch ? "" @@ -118,11 +125,18 @@ else stdenv.mkDerivation { outputHashMode = if (recursiveHash || executable) then "recursive" else "flat"; - inherit curlOpts showURLs mirrorsFile impureEnvVars postFetch downloadToTemp executable; + inherit curlOpts showURLs mirrorsFile postFetch downloadToTemp executable; + + impureEnvVars = impureEnvVars ++ netrcImpureEnvVars; # Doing the download on a remote machine just duplicates network # traffic, so don't do that. preferLocalBuild = true; + postHook = if netrcPhase == null then null else '' + ${netrcPhase} + curlOpts="$curlOpts --netrc-file $PWD/netrc" + ''; + inherit meta; } diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 9157573d1e87..cc97682b52cd 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -185,12 +185,14 @@ with pkgs; fetchFromGitHub = { owner, repo, rev, name ? "${repo}-${rev}-src", - fetchSubmodules ? false, + fetchSubmodules ? false, private ? false, + githubBase ? "github.com", varPrefix ? null, ... # For hash agility - }@args: + }@args: assert private -> !fetchSubmodules; let - baseUrl = "https://github.com/${owner}/${repo}"; - passthruAttrs = removeAttrs args [ "owner" "repo" "rev" "fetchSubmodules" ]; + baseUrl = "https://${githubBase}/${owner}/${repo}"; + passthruAttrs = removeAttrs args [ "owner" "repo" "rev" "fetchSubmodules" "private" "githubBase" "varPrefix" ]; + varBase = "NIX${if varPrefix == null then "" else "_${varPrefix}"}_GITHUB_PRIVATE_"; in if fetchSubmodules then fetchgit ({ inherit name rev fetchSubmodules; @@ -203,6 +205,19 @@ with pkgs; inherit name; url = "${baseUrl}/archive/${rev}.tar.gz"; meta.homepage = "${baseUrl}/"; + } // lib.optionalAttrs private { + netrcPhase = '' + if [ -z "''$${varBase}USERNAME" -o -z "''$${varBase}PASSWORD" ]; then + echo "Error: Private fetchFromGitHub requires the nix building process (nix-daemon in multi user mode) to have the ${varBase}USERNAME and ${varBase}PASSWORD env vars set." >&2 + exit 1 + fi + cat > netrc <<EOF + machine ${githubBase} + login ''$${varBase}USERNAME + password ''$${varBase}PASSWORD + EOF + ''; + netrcImpureEnvVars = [ "${varBase}USERNAME" "${varBase}PASSWORD" ]; } // passthruAttrs) // { inherit rev; }; fetchFromBitbucket = { |