From ce21e97a1f20dee15da85c084f9d1148d84f853b Mon Sep 17 00:00:00 2001 From: Anderson Torres Date: Tue, 24 Sep 2024 21:45:45 -0300 Subject: [PATCH] fetchurl: nixfmt-rfc-style --- pkgs/build-support/fetchurl/boot.nix | 29 ++- pkgs/build-support/fetchurl/default.nix | 299 +++++++++++++++--------- pkgs/build-support/fetchurl/mirrors.nix | 2 +- pkgs/build-support/fetchurl/tests.nix | 20 +- 4 files changed, 225 insertions(+), 125 deletions(-) diff --git a/pkgs/build-support/fetchurl/boot.nix b/pkgs/build-support/fetchurl/boot.nix index 8f8c78b7a454..4aa76094a843 100644 --- a/pkgs/build-support/fetchurl/boot.nix +++ b/pkgs/build-support/fetchurl/boot.nix @@ -1,12 +1,15 @@ -let mirrors = import ./mirrors.nix; in +let + mirrors = import ./mirrors.nix; +in { system }: -{ url ? builtins.head urls -, urls ? [] -, sha256 ? "" -, hash ? "" -, name ? baseNameOf (toString url) +{ + url ? builtins.head urls, + urls ? [ ], + sha256 ? "", + hash ? "", + name ? baseNameOf (toString url), }: # assert exactly one hash is set @@ -14,12 +17,18 @@ assert hash != "" || sha256 != ""; assert hash != "" -> sha256 == ""; import { - inherit system hash sha256 name; + inherit + system + hash + sha256 + name + ; url = # Handle mirror:// URIs. Since currently # supports only one URI, use the first listed mirror. - let m = builtins.match "mirror://([a-z]+)/(.*)" url; in - if m == null then url - else builtins.head (mirrors.${builtins.elemAt m 0}) + (builtins.elemAt m 1); + let + m = builtins.match "mirror://([a-z]+)/(.*)" url; + in + if m == null then url else builtins.head (mirrors.${builtins.elemAt m 0}) + (builtins.elemAt m 1); } diff --git a/pkgs/build-support/fetchurl/default.nix b/pkgs/build-support/fetchurl/default.nix index d7dabe6ceee5..e4a70743334b 100644 --- a/pkgs/build-support/fetchurl/default.nix +++ b/pkgs/build-support/fetchurl/default.nix @@ -1,6 +1,12 @@ -{ lib, buildPackages ? { inherit stdenvNoCC; }, stdenvNoCC -, curl # Note that `curl' may be `null', in case of the native stdenvNoCC. -, cacert ? null }: +{ + lib, + buildPackages ? { + inherit stdenvNoCC; + }, + stdenvNoCC, + curl, # Note that `curl' may be `null', in case of the native stdenvNoCC. + cacert ? null, +}: let @@ -11,182 +17,255 @@ let # fetchurl instantiations via environment variables. This makes the # resulting store derivations (.drv files) much smaller, which in # turn makes nix-env/nix-instantiate faster. - mirrorsFile = - buildPackages.stdenvNoCC.mkDerivation ({ + mirrorsFile = buildPackages.stdenvNoCC.mkDerivation ( + { name = "mirrors-list"; strictDeps = true; builder = ./write-mirror-list.sh; preferLocalBuild = true; - } // mirrors); + } + // mirrors + ); # Names of the master sites that are mirrored (i.e., "sourceforge", # "gnu", etc.). sites = builtins.attrNames mirrors; - impureEnvVars = lib.fetchers.proxyImpureEnvVars ++ [ - # This variable allows the user to pass additional options to curl - "NIX_CURL_FLAGS" + impureEnvVars = + lib.fetchers.proxyImpureEnvVars + ++ [ + # This variable allows the user to pass additional options to curl + "NIX_CURL_FLAGS" - # This variable allows the user to override hashedMirrors from the - # command-line. - "NIX_HASHED_MIRRORS" + # This variable allows the user to override hashedMirrors from the + # command-line. + "NIX_HASHED_MIRRORS" - # This variable allows overriding the timeout for connecting to - # the hashed mirrors. - "NIX_CONNECT_TIMEOUT" - ] ++ (map (site: "NIX_MIRRORS_${site}") sites); + # This variable allows overriding the timeout for connecting to + # the hashed mirrors. + "NIX_CONNECT_TIMEOUT" + ] + ++ (map (site: "NIX_MIRRORS_${site}") sites); in -{ # URL to fetch. - url ? "" +{ + # URL to fetch. + url ? "", -, # Alternatively, a list of URLs specifying alternative download + # Alternatively, a list of URLs specifying alternative download # locations. They are tried in order. - urls ? [] + urls ? [ ], -, # Additional curl options needed for the download to succeed. + # Additional curl options needed for the download to succeed. # Warning: Each space (no matter the escaping) will start a new argument. # If you wish to pass arguments with spaces, use `curlOptsList` - curlOpts ? "" + curlOpts ? "", -, # Additional curl options needed for the download to succeed. - curlOptsList ? [] + # Additional curl options needed for the download to succeed. + curlOptsList ? [ ], -, # Name of the file. If empty, use the basename of `url' (or of the + # Name of the file. If empty, use the basename of `url' (or of the # first element of `urls'). - name ? "" + name ? "", # for versioned downloads optionally take pname + version. -, pname ? "" -, version ? "" + pname ? "", + version ? "", -, # SRI hash. - hash ? "" + # SRI hash. + hash ? "", -, # Legacy ways of specifying the hash. - outputHash ? "" -, outputHashAlgo ? "" -, sha1 ? "" -, sha256 ? "" -, sha512 ? "" + # Legacy ways of specifying the hash. + outputHash ? "", + outputHashAlgo ? "", + sha1 ? "", + sha256 ? "", + sha512 ? "", -, recursiveHash ? false + recursiveHash ? false, -, # Shell code to build a netrc file for BASIC auth - netrcPhase ? null + # Shell code to build a netrc file for BASIC auth + netrcPhase ? null, -, # Impure env vars (https://nixos.org/nix/manual/#sec-advanced-attributes) + # Impure env vars (https://nixos.org/nix/manual/#sec-advanced-attributes) # needed for netrcPhase - netrcImpureEnvVars ? [] + netrcImpureEnvVars ? [ ], -, # Shell code executed after the file has been fetched + # Shell code executed after the file has been fetched # successfully. This can do things like check or transform the file. - postFetch ? "" + postFetch ? "", -, # Whether to download to a temporary path rather than $out. Useful + # Whether to download to a temporary path rather than $out. Useful # in conjunction with postFetch. The location of the temporary file # is communicated to postFetch via $downloadedFile. - downloadToTemp ? false + downloadToTemp ? false, -, # If true, set executable bit on downloaded file - executable ? false + # If true, set executable bit on downloaded file + executable ? false, -, # If set, don't download the file, but write a list of all possible + # If set, don't download the file, but write a list of all possible # URLs (resulting from resolving mirror:// URLs) to $out. - showURLs ? false + showURLs ? false, -, # Meta information, if any. - meta ? {} + # Meta information, if any. + meta ? { }, # Passthru information, if any. -, passthru ? {} + passthru ? { }, # Doing the download on a remote machine just duplicates network # traffic, so don't do that by default -, preferLocalBuild ? true + preferLocalBuild ? true, # Additional packages needed as part of a fetch -, nativeBuildInputs ? [ ] + nativeBuildInputs ? [ ], }: let urls_ = - if urls != [] && url == "" then - (if lib.isList urls then urls - else throw "`urls` is not a list") - else if urls == [] && url != "" then - (if lib.isString url then [url] - else throw "`url` is not a string") - else throw "fetchurl requires either `url` or `urls` to be set"; + if urls != [ ] && url == "" then + (if lib.isList urls then urls else throw "`urls` is not a list") + else if urls == [ ] && url != "" then + (if lib.isString url then [ url ] else throw "`url` is not a string") + else + throw "fetchurl requires either `url` or `urls` to be set"; hash_ = - if with lib.lists; length (filter (s: s != "") [ hash outputHash sha1 sha256 sha512 ]) > 1 - then throw "multiple hashes passed to fetchurl" else + if + with lib.lists; + length ( + filter (s: s != "") [ + hash + outputHash + sha1 + sha256 + sha512 + ] + ) > 1 + then + throw "multiple hashes passed to fetchurl" + else - if hash != "" then { outputHashAlgo = null; outputHash = hash; } + if hash != "" then + { + outputHashAlgo = null; + outputHash = hash; + } else if outputHash != "" then - if outputHashAlgo != "" then { inherit outputHashAlgo outputHash; } - else throw "fetchurl was passed outputHash without outputHashAlgo" - else if sha512 != "" then { outputHashAlgo = "sha512"; outputHash = sha512; } - else if sha256 != "" then { outputHashAlgo = "sha256"; outputHash = sha256; } - else if sha1 != "" then { outputHashAlgo = "sha1"; outputHash = sha1; } - else if cacert != null then { outputHashAlgo = "sha256"; outputHash = ""; } - else throw "fetchurl requires a hash for fixed-output derivation: ${lib.concatStringsSep ", " urls_}"; + if outputHashAlgo != "" then + { inherit outputHashAlgo outputHash; } + else + throw "fetchurl was passed outputHash without outputHashAlgo" + else if sha512 != "" then + { + outputHashAlgo = "sha512"; + outputHash = sha512; + } + else if sha256 != "" then + { + outputHashAlgo = "sha256"; + outputHash = sha256; + } + else if sha1 != "" then + { + outputHashAlgo = "sha1"; + outputHash = sha1; + } + else if cacert != null then + { + outputHashAlgo = "sha256"; + outputHash = ""; + } + else + throw "fetchurl requires a hash for fixed-output derivation: ${lib.concatStringsSep ", " urls_}"; in -assert (lib.isList curlOpts) -> lib.warn '' - fetchurl for ${toString (builtins.head urls_)}: curlOpts is a list (${lib.generators.toPretty { multiline = false; } curlOpts}), which is not supported anymore. +assert + (lib.isList curlOpts) + -> lib.warn '' + fetchurl for ${toString (builtins.head urls_)}: curlOpts is a list (${ + lib.generators.toPretty { multiline = false; } curlOpts + }), which is not supported anymore. - If you wish to get the same effect as before, for elements with spaces (even if escaped) to expand to multiple curl arguments, use a string argument instead: curlOpts = ${lib.strings.escapeNixString (toString curlOpts)}; - If you wish for each list element to be passed as a separate curl argument, allowing arguments to contain spaces, use curlOptsList instead: curlOptsList = [ ${lib.concatMapStringsSep " " lib.strings.escapeNixString curlOpts} ];'' true; -stdenvNoCC.mkDerivation (( - if (pname != "" && version != "") then - { inherit pname version; } - else - { name = - if showURLs then "urls" - else if name != "" then name - else baseNameOf (toString (builtins.head urls_)); - } -) // { - builder = ./builder.sh; +stdenvNoCC.mkDerivation ( + ( + if (pname != "" && version != "") then + { inherit pname version; } + else + { + name = + if showURLs then + "urls" + else if name != "" then + name + else + baseNameOf (toString (builtins.head urls_)); + } + ) + // { + builder = ./builder.sh; - nativeBuildInputs = [ curl ] ++ nativeBuildInputs; + nativeBuildInputs = [ curl ] ++ nativeBuildInputs; - urls = urls_; + urls = urls_; - # If set, prefer the content-addressable mirrors - # (http://tarballs.nixos.org) over the original URLs. - preferHashedMirrors = true; + # If set, prefer the content-addressable mirrors + # (http://tarballs.nixos.org) over the original URLs. + preferHashedMirrors = true; - # New-style output content requirements. - inherit (hash_) outputHashAlgo outputHash; + # New-style output content requirements. + inherit (hash_) outputHashAlgo outputHash; - # Disable TLS verification only when we know the hash and no credentials are - # needed to access the resource - SSL_CERT_FILE = if (hash_.outputHash == "" || hash_.outputHash == lib.fakeSha256 || hash_.outputHash == lib.fakeSha512 || hash_.outputHash == lib.fakeHash || netrcPhase != null) - then "${cacert}/etc/ssl/certs/ca-bundle.crt" - else "/no-cert-file.crt"; + # Disable TLS verification only when we know the hash and no credentials are + # needed to access the resource + SSL_CERT_FILE = + if + ( + hash_.outputHash == "" + || hash_.outputHash == lib.fakeSha256 + || hash_.outputHash == lib.fakeSha512 + || hash_.outputHash == lib.fakeHash + || netrcPhase != null + ) + then + "${cacert}/etc/ssl/certs/ca-bundle.crt" + else + "/no-cert-file.crt"; - outputHashMode = if (recursiveHash || executable) then "recursive" else "flat"; + outputHashMode = if (recursiveHash || executable) then "recursive" else "flat"; - inherit curlOpts; - curlOptsList = lib.escapeShellArgs curlOptsList; - inherit showURLs mirrorsFile postFetch downloadToTemp executable; + inherit curlOpts; + curlOptsList = lib.escapeShellArgs curlOptsList; + inherit + showURLs + mirrorsFile + postFetch + downloadToTemp + executable + ; - impureEnvVars = impureEnvVars ++ netrcImpureEnvVars; + impureEnvVars = impureEnvVars ++ netrcImpureEnvVars; - nixpkgsVersion = lib.trivial.release; + nixpkgsVersion = lib.trivial.release; - inherit preferLocalBuild; + inherit preferLocalBuild; - postHook = if netrcPhase == null then null else '' - ${netrcPhase} - curlOpts="$curlOpts --netrc-file $PWD/netrc" - ''; + postHook = + if netrcPhase == null then + null + else + '' + ${netrcPhase} + curlOpts="$curlOpts --netrc-file $PWD/netrc" + ''; - inherit meta; - passthru = { inherit url; } // passthru; -}) + inherit meta; + passthru = { + inherit url; + } // passthru; + } +) diff --git a/pkgs/build-support/fetchurl/mirrors.nix b/pkgs/build-support/fetchurl/mirrors.nix index e192c650a4dd..abc4813da11d 100644 --- a/pkgs/build-support/fetchurl/mirrors.nix +++ b/pkgs/build-support/fetchurl/mirrors.nix @@ -309,7 +309,7 @@ "https://cpan.metacpan.org/" "https://cpan.perl.org/" "https://mirrors.kernel.org/CPAN/" - "https://backpan.perl.org/" # for old releases + "https://backpan.perl.org/" # for old releases ]; # D DUB diff --git a/pkgs/build-support/fetchurl/tests.nix b/pkgs/build-support/fetchurl/tests.nix index e348d77db0bd..8d9064141f23 100644 --- a/pkgs/build-support/fetchurl/tests.nix +++ b/pkgs/build-support/fetchurl/tests.nix @@ -1,11 +1,23 @@ -{ testers, fetchurl, jq, moreutils, ... }: { +{ + testers, + fetchurl, + jq, + moreutils, + ... +}: +{ # Tests that we can send custom headers with spaces in them header = - let headerValue = "Test '\" <- These are some quotes"; - in testers.invalidateFetcherByDrvHash fetchurl { + let + headerValue = "Test '\" <- These are some quotes"; + in + testers.invalidateFetcherByDrvHash fetchurl { url = "https://httpbin.org/headers"; sha256 = builtins.hashString "sha256" (headerValue + "\n"); - curlOptsList = [ "-H" "Hello: ${headerValue}" ]; + curlOptsList = [ + "-H" + "Hello: ${headerValue}" + ]; postFetch = '' ${jq}/bin/jq -r '.headers.Hello' $out | ${moreutils}/bin/sponge $out '';