]> git.scottworley.com Git - trustix-integration-tests/blame - lib/prefetchNiv.nix
Fail if the build happens locally
[trustix-integration-tests] / lib / prefetchNiv.nix
CommitLineData
578e32b3
SW
1# Pre-fetch niv-controlled sources so that we can use a niv-using package
2# inside a nixosTest.
3
4{ lib, stdenvNoCC, niv, runCommand, system, }:
5src:
6let
7 inherit (lib) attrNames concatStringsSep filterAttrs hasPrefix mapAttrsToList;
8 nivSources = filterAttrs (name: _: !(hasPrefix "__" name))
9 (import (src + "/nix/sources.nix"));
10in stdenvNoCC.mkDerivation {
11 name = "niv-prefetched-source";
12 inherit src;
13 nativeBuildInputs = [ niv ];
14 buildPhase = ''
15 ${concatStringsSep "\n" (mapAttrsToList (name: info:
16 "niv modify ${name} --attribute url=file://${
17 if info.type == "tarball" then
18 # Because niv
19 # * fetches nixpkgs with builtin.fetchTarball, even with
20 # --attribute builtin=false (it has to, to get fetchzip), and
21 # * only keeps the hash of the unpacked archive,
22 # we have to let niv unpack it and verify the hash, then pack it back
23 # up. :( Unpacking nixpkgs ends up being most of the test's disk space
24 # and I/O. If/when trustix switches from niv to flakes, this can all go
25 # away--the test can just use the host's store paths directly.
26 runCommand "niv-src-tarball-${name}.tar.gz" { } ''
27 cd $(dirname ${info.outPath})
28 tar czf $out --hard-dereference --sort=name $(basename ${info.outPath})
29 ''
30 else
31 info.outPath
32 }") nivSources)}
33 '';
34 installPhase = ''
35 mkdir $out
36 cp -r * $out
37 '';
38}