Merge pull request #255009 from meatballhat/tootcat-update-pr-174202
mastodon: generate and read yarn hash from dependencies dir
This commit is contained in:
commit
962321fcc3
@ -37,7 +37,9 @@ const downloadFileHttps = (fileName, url, expectedHash, hashType = 'sha1') => {
|
|||||||
res.on('end', () => {
|
res.on('end', () => {
|
||||||
file.close()
|
file.close()
|
||||||
const h = hash.read()
|
const h = hash.read()
|
||||||
if (h != expectedHash) return reject(new Error(`hash mismatch, expected ${expectedHash}, got ${h}`))
|
if (expectedHash === undefined){
|
||||||
|
console.log(`Warning: lockfile url ${url} doesn't end in "#<hash>" to validate against. Downloaded file had hash ${h}.`);
|
||||||
|
} else if (h != expectedHash) return reject(new Error(`hash mismatch, expected ${expectedHash}, got ${h}`))
|
||||||
resolve()
|
resolve()
|
||||||
})
|
})
|
||||||
res.on('error', e => reject(e))
|
res.on('error', e => reject(e))
|
||||||
|
@ -7,7 +7,8 @@
|
|||||||
, pname ? "mastodon"
|
, pname ? "mastodon"
|
||||||
, version ? import ./version.nix
|
, version ? import ./version.nix
|
||||||
, srcOverride ? null
|
, srcOverride ? null
|
||||||
, dependenciesDir ? ./. # Should contain gemset.nix, yarn.nix and package.json.
|
, dependenciesDir ? ./. # Expected to contain gemset.nix
|
||||||
|
, yarnHash ? import ./yarn-hash.nix
|
||||||
}:
|
}:
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
@ -43,7 +44,7 @@ stdenv.mkDerivation rec {
|
|||||||
|
|
||||||
yarnOfflineCache = fetchYarnDeps {
|
yarnOfflineCache = fetchYarnDeps {
|
||||||
yarnLock = "${src}/yarn.lock";
|
yarnLock = "${src}/yarn.lock";
|
||||||
sha256 = "sha256-e3rl/WuKXaUdeDEYvo1sSubuIwtBjkbguCYdAijwXOA=";
|
hash = yarnHash;
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = [ fixup_yarn_lock nodejs-slim yarn mastodonGems mastodonGems.wrappedRuby brotli ];
|
nativeBuildInputs = [ fixup_yarn_lock nodejs-slim yarn mastodonGems mastodonGems.wrappedRuby brotli ];
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
#!/usr/bin/env nix-shell
|
#!/usr/bin/env nix-shell
|
||||||
#! nix-shell -i bash -p yarn2nix bundix coreutils diffutils nix-prefetch-github gnused jq
|
#! nix-shell -i bash -p bundix coreutils diffutils nix-prefetch-github gnused jq prefetch-yarn-deps
|
||||||
set -e
|
set -e
|
||||||
|
|
||||||
OWNER=mastodon
|
OWNER=mastodon
|
||||||
@ -77,7 +77,8 @@ trap cleanup EXIT
|
|||||||
|
|
||||||
echo "Fetching source code $REVISION"
|
echo "Fetching source code $REVISION"
|
||||||
JSON=$(nix-prefetch-github "$OWNER" "$REPO" --rev "$REVISION" 2> $WORK_DIR/nix-prefetch-git.out)
|
JSON=$(nix-prefetch-github "$OWNER" "$REPO" --rev "$REVISION" 2> $WORK_DIR/nix-prefetch-git.out)
|
||||||
HASH=$(echo "$JSON" | jq -r .hash)
|
HASH="$(echo "$JSON" | jq -r .sha256)"
|
||||||
|
HASH="$(nix hash to-sri --type sha256 "$HASH")"
|
||||||
|
|
||||||
echo "Creating version.nix"
|
echo "Creating version.nix"
|
||||||
echo "\"$VERSION\"" | sed 's/^"v/"/' > version.nix
|
echo "\"$VERSION\"" | sed 's/^"v/"/' > version.nix
|
||||||
@ -101,3 +102,8 @@ SOURCE_DIR="$(nix-build --no-out-link -E '(import <nixpkgs> {}).callPackage ./so
|
|||||||
echo "Creating gemset.nix"
|
echo "Creating gemset.nix"
|
||||||
bundix --lockfile="$SOURCE_DIR/Gemfile.lock" --gemfile="$SOURCE_DIR/Gemfile"
|
bundix --lockfile="$SOURCE_DIR/Gemfile.lock" --gemfile="$SOURCE_DIR/Gemfile"
|
||||||
echo "" >> gemset.nix # Create trailing newline to please EditorConfig checks
|
echo "" >> gemset.nix # Create trailing newline to please EditorConfig checks
|
||||||
|
|
||||||
|
echo "Creating yarn-hash.nix"
|
||||||
|
YARN_HASH="$(prefetch-yarn-deps "$SOURCE_DIR/yarn.lock")"
|
||||||
|
YARN_HASH="$(nix hash to-sri --type sha256 "$YARN_HASH")"
|
||||||
|
printf '"%s"\n' "$YARN_HASH" > yarn-hash.nix
|
||||||
|
1
pkgs/servers/mastodon/yarn-hash.nix
Normal file
1
pkgs/servers/mastodon/yarn-hash.nix
Normal file
@ -0,0 +1 @@
|
|||||||
|
"sha256-e3rl/WuKXaUdeDEYvo1sSubuIwtBjkbguCYdAijwXOA="
|
Loading…
Reference in New Issue
Block a user