forked from mirrors/gomod2nix
Create in-sandbox builder for env
This commit is contained in:
parent
869ea9a6b2
commit
2034c858bd
3 changed files with 125 additions and 21 deletions
39
default.nix
39
default.nix
|
@ -14,6 +14,7 @@ let
|
||||||
buildGoApplication =
|
buildGoApplication =
|
||||||
{
|
{
|
||||||
modules
|
modules
|
||||||
|
, src
|
||||||
, CGO_ENABLED ? "0"
|
, CGO_ENABLED ? "0"
|
||||||
, nativeBuildInputs ? []
|
, nativeBuildInputs ? []
|
||||||
, allowGoReference ? false
|
, allowGoReference ? false
|
||||||
|
@ -23,34 +24,29 @@ let
|
||||||
}@attrs: let
|
}@attrs: let
|
||||||
modulesStruct = builtins.fromTOML (builtins.readFile modules);
|
modulesStruct = builtins.fromTOML (builtins.readFile modules);
|
||||||
|
|
||||||
# TODO: This is a giant inefficient hack
|
vendorEnv = runCommand "vendor-env" {
|
||||||
# Replace this with something that's _like_ buildEnv but doesn't need a
|
nativeBuildInputs = [ pkgs.go ];
|
||||||
# runCommand per input
|
json = builtins.toJSON modulesStruct;
|
||||||
vendorEnv = buildEnv {
|
|
||||||
# Better method for this?
|
|
||||||
ignoreCollisions = true;
|
|
||||||
|
|
||||||
# nativeBuildInputs = [ go ];
|
sources = builtins.toJSON (lib.mapAttrs (goPackagePath: meta: let
|
||||||
|
|
||||||
name = "vendor-env";
|
|
||||||
paths = lib.mapAttrsToList (goPackagePath: meta: let
|
|
||||||
src = fetchgit {
|
src = fetchgit {
|
||||||
inherit (meta.fetch) url sha256 rev;
|
inherit (meta.fetch) url sha256 rev;
|
||||||
fetchSubmodules = true;
|
fetchSubmodules = true;
|
||||||
};
|
};
|
||||||
path = goPackagePath;
|
|
||||||
srcPath = "${src}/${meta.relPath or ""}";
|
srcPath = "${src}/${meta.relPath or ""}";
|
||||||
mkCommand = outpath: ''
|
in srcPath) modulesStruct);
|
||||||
mkdir -p $out/$(dirname ${outpath})
|
|
||||||
ln -s ${srcPath} $out/${outpath}
|
|
||||||
'';
|
|
||||||
|
|
||||||
in runCommand "${src.name}-env" {} ''
|
passAsFile = [ "json" "sources" ];
|
||||||
${mkCommand goPackagePath}
|
} (''
|
||||||
${if lib.hasAttr "vendorPath" meta then (mkCommand meta.vendorPath) else ""}
|
mkdir vendor
|
||||||
'') modulesStruct;
|
|
||||||
|
|
||||||
};
|
export GOCACHE=$TMPDIR/go-cache
|
||||||
|
export GOPATH="$TMPDIR/go"
|
||||||
|
|
||||||
|
go run ${./symlink.go}
|
||||||
|
|
||||||
|
mv vendor $out
|
||||||
|
'');
|
||||||
|
|
||||||
removeReferences = [ ] ++ lib.optional (!allowGoReference) go;
|
removeReferences = [ ] ++ lib.optional (!allowGoReference) go;
|
||||||
|
|
||||||
|
@ -58,7 +54,6 @@ let
|
||||||
nativeBuildInputs = [ removeReferencesTo go ] ++ nativeBuildInputs;
|
nativeBuildInputs = [ removeReferencesTo go ] ++ nativeBuildInputs;
|
||||||
|
|
||||||
inherit (go) GOOS GOARCH;
|
inherit (go) GOOS GOARCH;
|
||||||
|
|
||||||
inherit CGO_ENABLED;
|
inherit CGO_ENABLED;
|
||||||
|
|
||||||
GO_NO_VENDOR_CHECKS = "1";
|
GO_NO_VENDOR_CHECKS = "1";
|
||||||
|
@ -187,6 +182,8 @@ in buildGoApplication {
|
||||||
pname = "dummyapp";
|
pname = "dummyapp";
|
||||||
version = "0.1";
|
version = "0.1";
|
||||||
|
|
||||||
|
CGO_ENABLED = "1";
|
||||||
|
|
||||||
src = ./testdata/vuls;
|
src = ./testdata/vuls;
|
||||||
modules = ./testdata/vuls/gomod2nix.toml;
|
modules = ./testdata/vuls/gomod2nix.toml;
|
||||||
|
|
||||||
|
|
13
go_no_vendor_checks.patch
Normal file
13
go_no_vendor_checks.patch
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
diff --git a/src/cmd/go/internal/modload/vendor.go b/src/cmd/go/internal/modload/vendor.go
|
||||||
|
index 71f68efbcc..3c566d04dd 100644
|
||||||
|
--- a/src/cmd/go/internal/modload/vendor.go
|
||||||
|
+++ b/src/cmd/go/internal/modload/vendor.go
|
||||||
|
@@ -133,7 +133,7 @@ func checkVendorConsistency() {
|
||||||
|
readVendorList()
|
||||||
|
|
||||||
|
pre114 := false
|
||||||
|
- if modFile.Go == nil || semver.Compare("v"+modFile.Go.Version, "v1.14") < 0 {
|
||||||
|
+ if modFile.Go == nil || semver.Compare("v"+modFile.Go.Version, "v1.14") < 0 || (os.Getenv("GO_NO_VENDOR_CHECKS") == "1" && len(vendorMeta) == 0) {
|
||||||
|
// Go versions before 1.14 did not include enough information in
|
||||||
|
// vendor/modules.txt to check for consistency.
|
||||||
|
// If we know that we're on an earlier version, relax the consistency check.
|
94
symlink.go
Normal file
94
symlink.go
Normal file
|
@ -0,0 +1,94 @@
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"encoding/json"
|
||||||
|
"io/ioutil"
|
||||||
|
"os"
|
||||||
|
"path/filepath"
|
||||||
|
"sort"
|
||||||
|
)
|
||||||
|
|
||||||
|
type fetchInfo struct {
|
||||||
|
Type string `toml:"type"`
|
||||||
|
URL string `toml:"url"`
|
||||||
|
Rev string `toml:"rev"`
|
||||||
|
Sha256 string `toml:"sha256"`
|
||||||
|
}
|
||||||
|
|
||||||
|
type packageT struct {
|
||||||
|
SumVersion string `toml:"sumVersion"`
|
||||||
|
RelPath string `toml:"relPath,omitempty"`
|
||||||
|
VendorPath string `toml:"vendorPath,omitempty"`
|
||||||
|
Fetch *fetchInfo `toml:"fetch"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func main() {
|
||||||
|
|
||||||
|
pkgs := make(map[string]*packageT)
|
||||||
|
sources := make(map[string]string)
|
||||||
|
|
||||||
|
b, err := ioutil.ReadFile(os.Getenv("sourcesPath"))
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
err = json.Unmarshal(b, &sources)
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
b, err = ioutil.ReadFile(os.Getenv("jsonPath"))
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
err = json.Unmarshal(b, &pkgs)
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
keys := make([]string, 0, len(pkgs))
|
||||||
|
for key := range pkgs {
|
||||||
|
keys = append(keys, key)
|
||||||
|
}
|
||||||
|
sort.Strings(keys)
|
||||||
|
|
||||||
|
// Iterate, in reverse order
|
||||||
|
for i := len(keys) - 1; i >= 0; i-- {
|
||||||
|
key := keys[i]
|
||||||
|
src := sources[key]
|
||||||
|
pkg := pkgs[key]
|
||||||
|
|
||||||
|
paths := []string{key}
|
||||||
|
if pkg.VendorPath != "" {
|
||||||
|
paths = append(paths, pkg.VendorPath)
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, path := range paths {
|
||||||
|
|
||||||
|
vendorDir := filepath.Join("vendor", filepath.Dir(path))
|
||||||
|
os.MkdirAll(vendorDir, 0755)
|
||||||
|
|
||||||
|
if _, err := os.Stat(filepath.Join("vendor", path)); err == nil {
|
||||||
|
files, err := ioutil.ReadDir(src)
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, f := range files {
|
||||||
|
os.Symlink(filepath.Join(src, f.Name()), filepath.Join("vendor", path, f.Name()))
|
||||||
|
}
|
||||||
|
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
// If the file doesn't already exist, just create a simple symlink
|
||||||
|
err := os.Symlink(src, filepath.Join("vendor", path))
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
Loading…
Reference in a new issue