johanels/akvorado
1
0
Fork 0
mirror of https://github.com/akvorado/akvorado.git synced 2025-12-12 06:24:10 +01:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

build: move update scripts to passthru, use files to put hashes

Browse Source
This commit is contained in:
Vincent Bernat
2023-05-19 18:15:46 +02:00
parent d283317ca1
commit a6139b4e59
6 changed files with 32 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/update-flake.yml vendored
View File

@@ -25,5 +25,5 @@ jobs:
run: |
git config --local user.name "github-actions[bot]"
git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
git add flake.nix flake.lock
git add flake.lock nix
! git commit -m "build: update flake.nix" || git push

1
.gitignore vendored
View File

@@ -10,3 +10,4 @@ mock_*.go
*~
/.go-cache
/.npm-cache
/result

4
Makefile
View File

@@ -68,10 +68,6 @@ $(BIN)/pigeon: PACKAGE=github.com/mna/pigeon@v1.1.0
WWHRD = $(BIN)/wwhrd
$(BIN)/wwhrd: PACKAGE=github.com/frapposelli/wwhrd@latest
.PHONY: nix-update
nix-update: ; $(info $(M) update Nix hashes) @ ## Update nix hashes
$Q nix run ".#update"
# Generated files
.DELETE_ON_ERROR:

51
flake.nix
View File

@@ -18,7 +18,7 @@
frontend = pkgs.buildNpmPackage.override { inherit nodejs; } {
name = "akvorado-frontend";
src = ./console/frontend;
npmDepsHash = "sha256-xs2WHPrQFPtcjYEpB2Fb/gegP6Mf9ZD0VK/DcPg1zS8=";
npmDepsHash = builtins.readFile nix/npmDepsHash.txt;
installPhase = ''
mkdir $out
cp -r node_modules $out/node_modules
@@ -29,7 +29,7 @@
doCheck = false;
name = "akvorado";
src = ./.;
vendorHash = "sha256-cxL3WuvSKpsutVS3k5kduEDdAvk1ZM2XVU6YjcT+OTk=";
vendorHash = builtins.readFile nix/vendorHash.txt;
buildPhase = ''
cp ${asn2org}/asns.csv orchestrator/clickhouse/data/asns.csv
cp -r ${frontend}/node_modules console/frontend/node_modules
@@ -46,7 +46,7 @@
'';
# We do not use a wrapper to set SSL_CERT_FILE because, either a
# binary or a shell wrapper, it would pull the libc (~30M).
installPhase= ''
installPhase = ''
mkdir -p $out/bin $out/share/ca-certificates
cp bin/akvorado $out/bin/.
cp ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt $out/share/ca-certificates/.
@@ -55,26 +55,31 @@
in
rec {
apps = {
update = let
script = pkgs.writeShellScriptBin "nix-update-akvorado" ''
# go
sha256=$(2>&1 nix build --no-link .#backend.go-modules \
| ${pkgs.gnused}/bin/sed -nE "s/\s+got:\s+(sha256-.*)/\1/p")
[[ -z "$sha256" ]] || \
${pkgs.gnused}/bin/sed -Ei "s,^(\s+[v]endorHash =).*,\1 \"''${sha256}\";," flake.nix
# npm
sha256=$(2>&1 nix build --no-link .#frontend.npmDeps \
| ${pkgs.gnused}/bin/sed -nE "s/\s+got:\s+(sha256-.*)/\1/p")
[[ -z "$sha256" ]] || \
${pkgs.gnused}/bin/sed -Ei "s,^(\s+[n]pmDepsHash =).*,\1 \"''${sha256}\";," flake.nix
# asn2org
nix flake lock --update-input asn2org
'';
in {
type = "app";
program = "${script}/bin/nix-update-akvorado";
passthru = pkgs.lib.attrsets.mapAttrs
(name: value:
let
script = pkgs.writeShellScriptBin name value;
in
{
type = "app";
program = "${script}/bin/${name}";
})
rec {
update-vendorHash = ''
sha256=$(2>&1 nix build --no-link .#backend.go-modules \
| ${pkgs.gnused}/bin/sed -nE "s/\s+got:\s+(sha256-.*)/\1/p")
[[ -z "$sha256" ]] || echo $sha256 > nix/vendorHash.txt
'';
update-npmDepsHash = ''
sha256=$(2>&1 nix build --no-link .#frontend.npmDeps \
| ${pkgs.gnused}/bin/sed -nE "s/\s+got:\s+(sha256-.*)/\1/p")
[[ -z "$sha256" ]] || echo $sha256 > nix/npmDepsHash.txt
'';
update = ''
${update-vendorHash}
${update-npmDepsHash}
nix flake lock --update-input asn2org
'';
};
};

1
nix/npmDepsHash.txt Normal file
View File

@@ -0,0 +1 @@
sha256-xs2WHPrQFPtcjYEpB2Fb/gegP6Mf9ZD0VK/DcPg1zS8=

1
nix/vendorHash.txt Normal file
View File

@@ -0,0 +1 @@
sha256-0IO+mWdMTTPKgn1sisiRjT6uKXtxYOta8Uk9csi1604=