git.scottworley.com Git - trustix-integration-tests/blob - lib/prefetchNiv.nix

   1 # Pre-fetch niv-controlled sources so that we can use a niv-using package
   2 # inside a nixosTest.
   3
   4 { lib, stdenvNoCC, niv, runCommand, system, }:
   5 src:
   6 let
   7   inherit (lib) attrNames concatStringsSep filterAttrs hasPrefix mapAttrsToList;
   8   nivSources = filterAttrs (name: _: !(hasPrefix "__" name))
   9     (import (src + "/nix/sources.nix"));
  10 in stdenvNoCC.mkDerivation {
  11   name = "niv-prefetched-source";
  12   inherit src;
  13   nativeBuildInputs = [ niv ];
  14   buildPhase = ''
  15     ${concatStringsSep "\n" (mapAttrsToList (name: info:
  16       "niv modify ${name} --attribute url=file://${
  17         if info.type == "tarball" then
  18         # Because niv
  19         #  * fetches nixpkgs with builtin.fetchTarball, even with
  20         #    --attribute builtin=false (it has to, to get fetchzip), and
  21         #  * only keeps the hash of the unpacked archive,
  22         # we have to let niv unpack it and verify the hash, then pack it back
  23         # up.  :(  Unpacking nixpkgs ends up being most of the test's disk space
  24         # and I/O.  If/when trustix switches from niv to flakes, this can all go
  25         # away--the test can just use the host's store paths directly.
  26           runCommand "niv-src-tarball-${name}.tar.gz" { } ''
  27             cd $(dirname ${info.outPath})
  28             tar czf $out --hard-dereference --sort=name $(basename ${info.outPath})
  29           ''
  30         else
  31           info.outPath
  32       }") nivSources)}
  33   '';
  34   installPhase = ''
  35     mkdir $out
  36     cp -r * $out
  37   '';
  38 }