Add vendor fetch

This commit is contained in:
muon 2026-03-20 14:44:24 +00:00
parent bf93912b39
commit 2d02ac206f
10 changed files with 360 additions and 46 deletions

View file

@ -1,9 +1,9 @@
{
"freetube": {
"mender-cli": {
"cargoLock": null,
"date": "2026-03-18",
"date": null,
"extract": null,
"name": "freetube",
"name": "mender-cli",
"passthru": null,
"pinned": false,
"src": {
@ -11,13 +11,14 @@
"fetchSubmodules": false,
"leaveDotGit": false,
"name": null,
"rev": "d5cf1d713ba9348b13d94c122ba0fb72694e51d3",
"sha256": "sha256-g9bMYIxHXcL8+apBD682sZHeifLfyVhI5oTNoPPNs5o=",
"owner": "mendersoftware",
"repo": "mender-cli",
"rev": "2.0.0",
"sha256": "sha256-jFWC1g/ebgMIqgBFgotBDwPcGNmAK3VsvfjiuRCN1ws=",
"sparseCheckout": [],
"type": "git",
"url": "https://github.com/ddogfoodd/nixpkgs.git"
"type": "github"
},
"version": "d5cf1d713ba9348b13d94c122ba0fb72694e51d3"
"version": "2.0.0"
},
"valheim.aaacrafting": {
"cargoLock": null,

View file

@ -6,19 +6,17 @@
dockerTools,
}:
{
freetube = {
pname = "freetube";
version = "d5cf1d713ba9348b13d94c122ba0fb72694e51d3";
src = fetchgit {
url = "https://github.com/ddogfoodd/nixpkgs.git";
rev = "d5cf1d713ba9348b13d94c122ba0fb72694e51d3";
mender-cli = {
pname = "mender-cli";
version = "2.0.0";
vendorHash = "sha256-vlcq9HGezJsorwsaVwvIKxi1pSoo4wTPmc6qCCVDdfI=";
src = fetchFromGitHub {
owner = "mendersoftware";
repo = "mender-cli";
rev = "2.0.0";
fetchSubmodules = false;
deepClone = false;
leaveDotGit = false;
sparseCheckout = [ ];
sha256 = "sha256-g9bMYIxHXcL8+apBD682sZHeifLfyVhI5oTNoPPNs5o=";
sha256 = "sha256-jFWC1g/ebgMIqgBFgotBDwPcGNmAK3VsvfjiuRCN1ws=";
};
date = "2026-03-18";
};
"valheim.aaacrafting" = {
pname = "valheim.aaacrafting";

View file

@ -46,7 +46,6 @@ in {
go
rainfrog
tealdeer
(callPackage ./packages/mender-cli.nix {})
]
# Non-free </3
++ [google-cloud-sdk google-cloud-sql-proxy];

View file

@ -8,12 +8,11 @@
vesktop-nogain = pkgs.vesktop.overrideAttrs (previousAttrs: {
patches = previousAttrs.patches ++ [sources."vesktop.micfix".src];
});
freetube-custom =
(import sources.freetube.src {
inherit (pkgs) system;
config = pkgs.config;
}).freetube;
# freetube-custom =
# (import sources.freetube.src {
# inherit (pkgs) system;
# config = pkgs.config;
# }).freetube;
in {
options.mods.social.enable =
lib.mkEnableOption "enables social media clients";
@ -29,7 +28,8 @@ in {
jami
# Video
freetube-custom
# freetube-custom
freetube
# Security
gcr

View file

@ -2,6 +2,7 @@
pkgs,
lib,
config,
sources,
...
}: let
cfg = config.mods.terminal;
@ -12,6 +13,10 @@ in {
options.mods.terminal.hr.enable = lib.mkEnableOption "Hefring (Work Tooling)";
config = lib.mkIf cfg.hr.enable {
home.packages = [
(pkgs.callPackage ./mender-cli.nix {inherit sources;})
];
programs.nushell = lib.mkIf cfg.nushell.enable {
extraConfig = ''
$env.PROJECT_ID = if ($env | get -o PROJECT_ID | is-empty) { "mk2-test" } else { $env.PROJECT_ID }

View file

@ -2,31 +2,28 @@
lib,
stdenv,
buildGoModule,
fetchFromGitHub,
sources,
makeWrapper,
installShellFiles,
pkg-config,
openssl,
xz,
go,
}:
buildGoModule rec {
pname = "mender-cli";
version = "1.12.0";
src = fetchFromGitHub {
owner = "mendersoftware";
repo = "mender-cli";
rev = version;
sha256 = "sha256-Pf87wTHXcFlnYsgx7ieiIJ9PWJFPUkFJYTkKJKmMFEQ=";
};
vendorHash = "sha256-MqyBa+wsbuXqtM4DL/QGBUWuEYlG8BRxIXq7O1LJUyM=";
let
src = sources.mender-cli;
in
buildGoModule {
inherit (src) pname version src vendorHash;
nativeBuildInputs = [
makeWrapper
installShellFiles
pkg-config
];
buildInputs = [
openssl
xz
];
@ -48,7 +45,7 @@ buildGoModule rec {
description = "Mender CLI tool to simplify integration between the Mender server and cloud services like continuous integration (CI)/build automation";
mainProgram = "mender-cli";
homepage = "https://github.com/mendersoftware/mender-cli/";
changelog = "https://github.com/mendersoftware/mender-cli/releases/tag/${version}";
changelog = "https://github.com/mendersoftware/mender-cli/releases/tag/${src.version}";
license = lib.licenses.asl20;
};
}

View file

@ -1,7 +1,7 @@
["freetube"]
src.git = "https://github.com/ddogfoodd/nixpkgs.git"
src.branch = "update-freetube"
fetch.git = "https://github.com/ddogfoodd/nixpkgs.git"
# ["freetube"]
# src.git = "https://github.com/ddogfoodd/nixpkgs.git"
# src.branch = "update-freetube"
# fetch.git = "https://github.com/ddogfoodd/nixpkgs.git"
["vesktop.micfix"]
src.manual = "1.0.2"
@ -157,3 +157,7 @@ src.webpage = "https://thunderstore.io/c/valheim/p/BentoG/MissingPieces/"
src.regex = "v(\\d+\\.\\d+\\.\\d+)"
fetch.tarball = "https://thunderstore.io/package/download/BentoG/MissingPieces/$ver/"
["mender-cli"]
src.github = "mendersoftware/mender-cli"
fetch.github = "mendersoftware/mender-cli"

55
pkgs/nvft/README.md Normal file
View file

@ -0,0 +1,55 @@
# nvft (nvfetcher + tools)
A Nix package that combines nvfetcher source updates with automatic Go vendor hash calculation.
## Usage
```bash
# Enter the nix-shell (makes nvft available)
nix-shell
# Run the updater
nvft
```
This will:
1. Save existing vendorHash and source hashes
2. Run `nvfetcher` to update all source versions and hashes in `_sources/generated.nix`
3. Restore saved vendorHash values
4. Check if source hash changed - if yes, recalculate vendorHash; if no, skip (fast!)
5. Update `vendorHash` in `_sources/generated.nix` only if needed
## Configuration
Go packages that need vendor hash updates are configured in the `GO_PACKAGES` array within the script.
Currently configured packages:
- `mender-cli` -> `modules/home/terminal/hr/mender-cli.nix`
To add more Go packages, edit `pkgs/nvft/default.nix` and add entries to the `GO_PACKAGES` array.
## How it Works
For each Go package:
1. Compares old vs new source hash to detect updates
2. If source unchanged, keeps existing vendorHash (fast)
3. If source changed, creates a temporary build with `lib.fakeHash`
4. Attempts to build, which fails with the correct hash
5. Extracts the correct hash from the error message
6. Updates `vendorHash` directly in `_sources/generated.nix` alongside the source information
## Package Usage
Go packages read vendorHash from the sources:
```nix
let
src = sources.mender-cli;
in
buildGoModule {
inherit (src) pname version src vendorHash;
# ... rest of package
}
```
The vendorHash is stored in `_sources/generated.nix` alongside the version and source hash, keeping all auto-generated values in one place.

250
pkgs/nvft/default.nix Normal file
View file

@ -0,0 +1,250 @@
{
lib,
writeShellApplication,
nvfetcher,
nix,
gnused,
coreutils,
}:
writeShellApplication {
name = "nvft";
runtimeInputs = [
nvfetcher
nix
gnused
coreutils
];
text = ''
set -euo pipefail
# Determine the config directory
if [[ -n "''${NVFETCHER_CONFIG_DIR:-}" ]]; then
CONFIG_DIR="$NVFETCHER_CONFIG_DIR"
elif [[ -f "nvfetcher.toml" ]]; then
CONFIG_DIR="$(pwd)"
else
CONFIG_DIR="''${HOME}/.config/home"
fi
if [[ ! -f "$CONFIG_DIR/nvfetcher.toml" ]]; then
echo " Error: nvfetcher.toml not found in $CONFIG_DIR"
exit 1
fi
echo "🚀 Updating sources in $CONFIG_DIR"
echo ""
SOURCES_FILE="$CONFIG_DIR/_sources/generated.nix"
# Read Go packages from nvfetcher.toml that need vendorHash updates
declare -A GO_PACKAGES
# For now, hardcode the known Go packages
# TODO: Could parse nvfetcher.toml to auto-detect these
GO_PACKAGES["mender-cli"]="modules/home/terminal/hr/mender-cli.nix"
# Step 0: Save existing hashes before nvfetcher wipes them
echo "💾 Saving existing hashes..."
declare -A SAVED_VENDOR_HASHES
declare -A SAVED_SOURCE_HASHES
if [[ -f "$SOURCES_FILE" ]]; then
for source_name in "''${!GO_PACKAGES[@]}"; do
# Save vendorHash
saved_vendor=$(grep -A20 "^ $source_name = " "$SOURCES_FILE" | grep -oP 'vendorHash = "\K[^"]+' || echo "")
if [[ -n "$saved_vendor" ]]; then
SAVED_VENDOR_HASHES["$source_name"]="$saved_vendor"
echo " Saved $source_name vendorHash: $saved_vendor"
fi
# Save source sha256 to detect if source changed
saved_source=$(grep -A20 "^ $source_name = " "$SOURCES_FILE" | grep -oP 'sha256 = "\K[^"]+' || echo "")
if [[ -n "$saved_source" ]]; then
SAVED_SOURCE_HASHES["$source_name"]="$saved_source"
echo " Saved $source_name sourceHash: $saved_source"
fi
done
fi
echo ""
# Step 1: Run nvfetcher
echo "📦 Step 1: Running nvfetcher..."
cd "$CONFIG_DIR"
if nvfetcher; then
echo ""
echo " nvfetcher completed"
echo ""
else
echo ""
echo " nvfetcher had some errors, but continuing with vendor hash updates..."
echo ""
fi
# Step 2: Restore saved vendorHash values
echo "📦 Step 2: Restoring saved vendorHash values..."
for source_name in "''${!SAVED_VENDOR_HASHES[@]}"; do
saved_hash="''${SAVED_VENDOR_HASHES[$source_name]}"
echo " Restoring $source_name: $saved_hash"
# Add vendorHash back after version line using awk
awk -v source="$source_name" -v hash="$saved_hash" '
/^ / && $0 ~ source" = " {in_block=1}
in_block && /version = / {print; print " vendorHash = \"" hash "\";"; next}
in_block && /^ };/ {in_block=0}
{print}
' "$SOURCES_FILE" > "$SOURCES_FILE.tmp" && mv "$SOURCES_FILE.tmp" "$SOURCES_FILE"
done
echo ""
# Step 3: Update Go vendor hashes
echo "📦 Step 3: Checking for Go packages that need vendor hash updates..."
if [[ ! -f "$SOURCES_FILE" ]]; then
echo " Error: Generated sources file not found at $SOURCES_FILE"
exit 1
fi
if [[ ''${#GO_PACKAGES[@]} -eq 0 ]]; then
echo " No Go packages configured for vendor hash updates"
echo ""
echo "🎉 All updates complete!"
exit 0
fi
for source_name in "''${!GO_PACKAGES[@]}"; do
package_path="''${GO_PACKAGES[$source_name]}"
full_path="$CONFIG_DIR/$package_path"
if [[ ! -f "$full_path" ]]; then
echo " Package file not found: $full_path"
continue
fi
echo ""
echo "📦 Processing $source_name..."
# Check if vendorHash already exists in generated.nix
current_vendor=$(grep -A20 "^ $source_name = " "$SOURCES_FILE" | grep -oP 'vendorHash = "\K[^"]+' || echo "")
if [[ -n "$current_vendor" ]]; then
echo " Current vendorHash: $current_vendor"
else
echo " No vendorHash found"
fi
# Check if source hash changed (indicates version/source update)
new_source_hash=$(grep -A20 "^ $source_name = " "$SOURCES_FILE" | grep -oP 'sha256 = "\K[^"]+' || echo "")
old_source_hash="''${SAVED_SOURCE_HASHES[$source_name]:-}"
if [[ -n "$old_source_hash" ]] && [[ "$old_source_hash" == "$new_source_hash" ]]; then
echo " Source unchanged (hash: ''${new_source_hash:0:16}...)"
echo " Skipping vendorHash recalculation"
continue
elif [[ -n "$old_source_hash" ]]; then
echo " Source changed!"
echo " Old: ''${old_source_hash:0:16}..."
echo " New: ''${new_source_hash:0:16}..."
echo " Need to recalculate vendorHash"
else
echo " New package, calculating vendorHash..."
fi
# Get version from generated sources
new_version=$(nix-instantiate --eval --strict --expr "
let pkgs = import <nixpkgs> {};
sources = pkgs.callPackage $SOURCES_FILE {};
in sources.''${source_name}.version
" 2>/dev/null | tr -d '"' || echo "")
if [[ -z "$new_version" ]]; then
echo " Could not determine version from generated sources"
continue
fi
echo " Version: $new_version"
# Create temporary build directory
temp_build=$(mktemp -d)
trap 'rm -rf "$temp_build"' EXIT
# Copy necessary files
cp -r "$CONFIG_DIR/_sources" "$temp_build/"
cp "$full_path" "$temp_build/package.nix"
# Create build expression
cat > "$temp_build/default.nix" << 'NIXEOF'
{ pkgs ? import <nixpkgs> {} }:
let
sources = pkgs.callPackage ./_sources/generated.nix {};
in
pkgs.callPackage ./package.nix { inherit sources; }
NIXEOF
# Temporarily replace hash with fakeHash
# Replace both inherited vendorHash and explicit vendorHash assignments
sed -i 's|inherit (src) pname version src vendorHash|inherit (src) pname version src;\n vendorHash = lib.fakeHash|g' "$temp_build/package.nix"
sed -i 's|vendorHash = "[^"]*";|vendorHash = lib.fakeHash;|g' "$temp_build/package.nix"
echo " Calculating correct vendor hash..."
# Build and extract the correct hash from error message
vendor_hash=$(nix-build "$temp_build/default.nix" 2>&1 | \
grep -oP 'got:\s+\K(sha256-[A-Za-z0-9+/=]+)' | \
head -1 || echo "")
if [[ -z "$vendor_hash" ]]; then
echo " Could not calculate vendor hash"
echo " The package may have built successfully (current hash is correct)"
echo " Or there may be a build error unrelated to vendorHash"
continue
fi
echo " New hash: $vendor_hash"
# Update the generated.nix file to include vendorHash
# Find the entry and add/update vendorHash after version
if grep -q "^ $source_name = " "$SOURCES_FILE"; then
# Check if vendorHash already exists
if grep -A20 "^ $source_name = " "$SOURCES_FILE" | grep -q "vendorHash"; then
# Update existing vendorHash using awk for better multiline handling
awk -v source="$source_name" -v hash="$vendor_hash" '
/^ / && $0 ~ source" = " {in_block=1}
in_block && /vendorHash = / {sub(/vendorHash = "[^"]*"/, "vendorHash = \"" hash "\"")}
in_block && /^ };/ {in_block=0}
{print}
' "$SOURCES_FILE" > "$SOURCES_FILE.tmp" && mv "$SOURCES_FILE.tmp" "$SOURCES_FILE"
echo " Updated vendorHash in generated.nix"
else
# Add vendorHash after version line using awk
awk -v source="$source_name" -v hash="$vendor_hash" '
/^ / && $0 ~ source" = " {in_block=1}
in_block && /version = / {print; print " vendorHash = \"" hash "\";"; next}
in_block && /^ };/ {in_block=0}
{print}
' "$SOURCES_FILE" > "$SOURCES_FILE.tmp" && mv "$SOURCES_FILE.tmp" "$SOURCES_FILE"
echo " Added vendorHash to generated.nix"
fi
else
echo " Could not find $source_name entry in generated.nix"
fi
done
echo ""
echo "🎉 All updates complete!"
echo ""
echo "Summary:"
echo " - Source versions and hashes updated by nvfetcher"
echo " - Go vendor hashes recalculated and updated"
echo ""
echo "Next steps:"
echo " - Review changes: git diff"
echo " - Test build: home-manager switch or similar"
echo " - Commit if everything works"
'';
meta = {
description = "Update nvfetcher sources and Go vendor hashes";
mainProgram = "nvft";
};
}

View file

@ -1,4 +1,8 @@
{pkgs ? import <nixpkgs> {}, ...}: {
{pkgs ? import <nixpkgs> {}, ...}:
let
nvft = pkgs.callPackage ./pkgs/nvft {};
in
{
default = pkgs.mkShell {
NIX_CONFIG = "extra-experimental-features = nix-command flakes ca-derivations";
nativeBuildInputs = with pkgs; [
@ -8,6 +12,7 @@
sops
age
nvfetcher
nvft
];
};
}