diff options
| author | adisbladis <adisbladis@gmail.com> | 2019-11-14 16:06:30 +0000 |
|---|---|---|
| committer | Jon <jonringer@users.noreply.github.com> | 2019-11-14 09:34:12 -0800 |
| commit | e578b8499f9e49441d9761875659381f95975fee (patch) | |
| tree | 79388d550713fdf50043ced631ac1fdeca3c3662 /pkgs | |
| parent | 65e7d9c8c94d934c494ab4486992112db6237dc5 (diff) | |
fetchgitPrivate: Remove fetcher
Since Nix 2.0 we have `builtins.fetchGit` which is a much better option since it runs in the evaluator and has access to the regular users ssh keys.
Diffstat (limited to 'pkgs')
| -rw-r--r-- | pkgs/build-support/fetchgit/private.nix | 26 | ||||
| -rw-r--r-- | pkgs/top-level/all-packages.nix | 2 |
2 files changed, 0 insertions, 28 deletions
diff --git a/pkgs/build-support/fetchgit/private.nix b/pkgs/build-support/fetchgit/private.nix deleted file mode 100644 index 6731cf87fbd1c..0000000000000 --- a/pkgs/build-support/fetchgit/private.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ fetchgit, runCommand, makeWrapper, openssh }: args: derivation ((fetchgit args).drvAttrs // { - SSH_AUTH_SOCK = if (builtins.tryEval <ssh-auth-sock>).success - then builtins.toString <ssh-auth-sock> - else null; - - GIT_SSH = let - config = let - sshConfigFile = if (builtins.tryEval <ssh-config-file>).success - then <ssh-config-file> - else builtins.trace '' - Please set your nix-path such that ssh-config-file points to a file that will allow ssh to access private repositories. The builder will not be able to see any running ssh agent sessions unless ssh-auth-sock is also set in the nix-path. - - Note that the config file and any keys it points to must be readable by the build user, which depending on your nix configuration means making it readable by the build-users-group, the user of the running nix-daemon, or the user calling the nix command which started the build. Similarly, if using an ssh agent ssh-auth-sock must point to a socket the build user can access. - - You may need StrictHostKeyChecking=no in the config file. Since ssh will refuse to use a group-readable private key, if using build-users you will likely want to use something like IdentityFile /some/directory/%u/key and have a directory for each build user accessible to that user. - '' "/var/lib/empty/config"; - in builtins.toString sshConfigFile; - - ssh-wrapped = runCommand "fetchgit-ssh" { - nativeBuildInputs = [ makeWrapper ]; - } '' - mkdir -p $out/bin - makeWrapper ${openssh}/bin/ssh $out/bin/ssh --prefix PATH : "$out/bin" --add-flags "-F ${config}" "$@" - ''; - in "${ssh-wrapped}/bin/ssh"; -}) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index cb53dcdb5c35b..97a9a6809389a 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -250,8 +250,6 @@ in cacert = buildPackages.cacert; }; - fetchgitPrivate = callPackage ../build-support/fetchgit/private.nix { }; - fetchgitLocal = callPackage ../build-support/fetchgitlocal { }; fetchmtn = callPackage ../build-support/fetchmtn (config.fetchmtn or {}); |