From e6a04bc9eff50e196a94f527d5869369bb3400b5 Mon Sep 17 00:00:00 2001 From: IndeedNotJames Date: Wed, 19 Apr 2023 08:04:46 +0200 Subject: [PATCH 1/2] forgejo: build from source instead of relying on the release tarballs published with each release. This does however add two additional hashes (`vendorHash` and `npmDepsHash`), making it a total of 3 hashes that need to be updated each time. The old `updateScript` is no longer useful as of this change. It was originally added because we weren't aware that gitea/forgejo/codeberg have "predictable URLs" for the needed release tarball. Fixed in 0dd0b2103a25d2068462895faa852d535666a977 --- .../version-management/forgejo/default.nix | 87 ++++++++----------- .../package-json-npm-build-frontend.patch | 14 +++ 2 files changed, 52 insertions(+), 49 deletions(-) create mode 100644 pkgs/applications/version-management/forgejo/package-json-npm-build-frontend.patch diff --git a/pkgs/applications/version-management/forgejo/default.nix b/pkgs/applications/version-management/forgejo/default.nix index 0ba9c073e1fc..d8fbbab47404 100644 --- a/pkgs/applications/version-management/forgejo/default.nix +++ b/pkgs/applications/version-management/forgejo/default.nix @@ -1,17 +1,11 @@ { bash , brotli , buildGoModule -, common-updater-scripts -, coreutils -, curl -, fetchurl , forgejo , git , gzip -, jq , lib , makeWrapper -, nix , nixosTests , openssh , pam @@ -20,19 +14,42 @@ , xorg , runCommand , stdenv +, fetchFromGitea +, buildNpmPackage , writeShellApplication }: +let + frontend = buildNpmPackage rec { + pname = "forgejo-frontend"; + inherit (forgejo) src version; + + npmDepsHash = "sha256-dB/uBuS0kgaTwsPYnqklT450ejLHcPAqBdDs3JT8Uxg="; + + patches = [ + ./package-json-npm-build-frontend.patch + ]; + + # override npmInstallHook + installPhase = '' + mkdir $out + cp -R ./public $out/ + ''; + }; +in buildGoModule rec { pname = "forgejo"; version = "1.19.1-0"; - src = fetchurl { - url = "https://codeberg.org/forgejo/forgejo/releases/download/v${version}/forgejo-src-${version}.tar.gz"; - hash = "sha256-zoYEkUmJx7lt++2Rmjx/jgyZ2Y9uJH4k8VpD++My7mU="; + src = fetchFromGitea { + domain = "codeberg.org"; + owner = "forgejo"; + repo = "forgejo"; + rev = "v${version}"; + hash = "sha256-0FmqLxQvr3bbgdzKFeAhRMvJp/xdRPW40WLH6eKNY9s="; }; - vendorHash = null; + vendorHash = "sha256-g8QJSewQFfyE/34A2JxrVnwk5vmiIRSbwrVE9LqYJrM="; subPackages = [ "." ]; @@ -59,15 +76,25 @@ buildGoModule rec { "-X 'main.Tags=${lib.concatStringsSep " " tags}'" ]; + preBuild = '' + go run build/merge-forgejo-locales.go + ''; + postInstall = '' mkdir $data - cp -R ./{public,templates,options} $data + cp -R ./{templates,options} ${frontend}/public $data mkdir -p $out cp -R ./options/locale $out/locale wrapProgram $out/bin/gitea \ --prefix PATH : ${lib.makeBinPath [ bash git gzip openssh ]} ''; + # $data is not available in go-modules.drv and preBuild isn't needed + overrideModAttrs = (_: { + postPatch = null; + preBuild = null; + }); + passthru = { data-compressed = runCommand "forgejo-data-compressed" { nativeBuildInputs = [ brotli xorg.lndir ]; @@ -82,44 +109,6 @@ buildGoModule rec { ''; tests = nixosTests.forgejo; - - updateScript = lib.getExe (writeShellApplication { - name = "update-forgejo"; - runtimeInputs = [ - common-updater-scripts - coreutils - curl - jq - nix - ]; - text = '' - releases=$(curl "https://codeberg.org/api/v1/repos/forgejo/forgejo/releases?draft=false&pre-release=false&limit=1" \ - --silent \ - --header "accept: application/json") - - stable=$(jq '.[0] - | .tag_name[1:] as $version - | ("forgejo-src-\($version).tar.gz") as $filename - | { $version, html_url } + (.assets | map(select(.name | startswith($filename)) | {(.name | split(".") | last): .browser_download_url}) | add)' \ - <<< "$releases") - - checksum_url=$(jq -r .sha256 <<< "$stable") - release_url=$(jq -r .html_url <<< "$stable") - version=$(jq -r .version <<< "$stable") - - if [[ "${version}" = "$version" ]]; then - echo "No new version found (already at $version)" - exit 0 - fi - - echo "Release: $release_url" - - sha256=$(curl "$checksum_url" --silent | cut --delimiter " " --fields 1) - sri_hash=$(nix hash to-sri --type sha256 "$sha256") - - update-source-version "${pname}" "$version" "$sri_hash" - ''; - }); }; meta = with lib; { diff --git a/pkgs/applications/version-management/forgejo/package-json-npm-build-frontend.patch b/pkgs/applications/version-management/forgejo/package-json-npm-build-frontend.patch new file mode 100644 index 000000000000..57e2b7ec6965 --- /dev/null +++ b/pkgs/applications/version-management/forgejo/package-json-npm-build-frontend.patch @@ -0,0 +1,14 @@ +diff --git a/package.json b/package.json +index 57dcfc2f7..c9f23dbf7 100644 +--- a/package.json ++++ b/package.json +@@ -79,5 +79,8 @@ + "defaults", + "not ie > 0", + "not ie_mob > 0" +- ] ++ ], ++ "scripts": { ++ "build": "node_modules/.bin/webpack" ++ } + } From 254180d5089523bfe9011b510df13981b263296e Mon Sep 17 00:00:00 2001 From: IndeedNotJames Date: Wed, 19 Apr 2023 09:11:00 +0200 Subject: [PATCH 2/2] nixosTests.gitea: fix sshd race condition --- nixos/tests/gitea.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/tests/gitea.nix b/nixos/tests/gitea.nix index 86d4fce37929..c38aad1f44ec 100644 --- a/nixos/tests/gitea.nix +++ b/nixos/tests/gitea.nix @@ -72,6 +72,7 @@ let server.wait_for_unit("gitea.service") server.wait_for_open_port(3000) + server.wait_for_open_port(22) server.succeed("curl --fail http://localhost:3000/") server.succeed(