From 4bc7ea42ca00d53736ec2e25886d3967f62a4c7e Mon Sep 17 00:00:00 2001 From: Alessandro Marrella Date: Sat, 25 Apr 2020 22:00:44 +0100 Subject: [PATCH] Update dhall in shell to version 1.31.1 (#58) * Use niv * Update shell * Update formatting * Update gh action * clean gh action * fix typo --- .github/workflows/cache.yml | 9 +- .github/workflows/ci.yml | 7 +- .../webhook/renderMutatingWebhook.dhall | 39 +++-- .../webhook/renderValidatingWebhook.dhall | 39 +++-- nix/dhall.nix | 12 -- nix/sources.json | 26 ++++ nix/sources.nix | 134 ++++++++++++++++++ shell.nix | 10 +- 8 files changed, 210 insertions(+), 66 deletions(-) delete mode 100644 nix/dhall.nix create mode 100644 nix/sources.json create mode 100644 nix/sources.nix diff --git a/.github/workflows/cache.yml b/.github/workflows/cache.yml index 7f9d440..afbe5a3 100644 --- a/.github/workflows/cache.yml +++ b/.github/workflows/cache.yml @@ -13,14 +13,13 @@ jobs: steps: - uses: actions/checkout@v1 - - name: Download dhall - run: curl -sSL https://github.com/dhall-lang/dhall-haskell/releases/download/1.29.0/dhall-1.29.0-x86_64-linux.tar.bz2 | tar -xj -C . - - name: check code + - uses: dhall-lang/setup-dhall@v4 + with: + version: '1.31.1' + - name: cache run: | export XDG_CACHE_HOME=$PWD/cache bin/dhall <<< ./package.dhall 1> /dev/null - - name: check formatting - run: find . -name '*.dhall' | xargs -n 1 bin/dhall --ascii format --check --inplace - uses: meeDamian/github-release@v1.0.0 with: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1e74f78..c1a015c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -10,10 +10,9 @@ jobs: steps: - uses: actions/checkout@v1 - - name: Download dhall - run: | - curl -sSL https://github.com/dhall-lang/dhall-haskell/releases/download/1.29.0/dhall-1.29.0-x86_64-linux.tar.bz2 | tar -xj -C . - sudo mv bin/dhall /usr/local/bin/dhall + - uses: dhall-lang/setup-dhall@v4 + with: + version: '1.31.1' - name: check code run: dhall <<< ./package.dhall - name: check formatting diff --git a/kubernetes/webhook/renderMutatingWebhook.dhall b/kubernetes/webhook/renderMutatingWebhook.dhall index 570cc84..0f4d654 100644 --- a/kubernetes/webhook/renderMutatingWebhook.dhall +++ b/kubernetes/webhook/renderMutatingWebhook.dhall @@ -103,16 +103,16 @@ let certificate = , issuerRef = { name = webhook.name, kind = (issuer webhook).kind } , commonName = Some "${webhook.name}.${webhook.namespace}.svc" , dnsNames = Some - [ webhook.name - , "${webhook.name}.${webhook.namespace}" - , "${webhook.name}.${webhook.namespace}.svc" - , "${webhook.name}.${webhook.namespace}.svc.cluster.local" - , "${webhook.name}:443" - , "${webhook.name}.${webhook.namespace}:443" - , "${webhook.name}.${webhook.namespace}.svc:443" - , "${webhook.name}.${webhook.namespace}.svc.cluster.local:443" - , "localhost:8080" - ] + [ webhook.name + , "${webhook.name}.${webhook.namespace}" + , "${webhook.name}.${webhook.namespace}.svc" + , "${webhook.name}.${webhook.namespace}.svc.cluster.local" + , "${webhook.name}:443" + , "${webhook.name}.${webhook.namespace}:443" + , "${webhook.name}.${webhook.namespace}.svc:443" + , "${webhook.name}.${webhook.namespace}.svc.cluster.local:443" + , "localhost:8080" + ] , usages = Some [ "any" ] , isCA = Some False } @@ -124,22 +124,21 @@ let mutatingWebhookConfiguration = , metadata = k8s.ObjectMeta::{ , name = webhook.name , labels = labels webhook - , annotations = - toMap - { `cert-manager.io/inject-ca-from` = - "${webhook.namespace}/${webhook.name}" - } + , annotations = toMap + { `cert-manager.io/inject-ca-from` = + "${webhook.namespace}/${webhook.name}" + } } , webhooks = [ k8s.MutatingWebhook::{ , name = "${webhook.name}.${webhook.namespace}.svc" , clientConfig = k8s.WebhookClientConfig::{ , service = Some - { name = webhook.name - , namespace = webhook.namespace - , path = Some webhook.path - , port = Some 443 - } + { name = webhook.name + , namespace = webhook.namespace + , path = Some webhook.path + , port = Some 443 + } } , failurePolicy = webhook.failurePolicy , admissionReviewVersions = [ "v1beta1" ] diff --git a/kubernetes/webhook/renderValidatingWebhook.dhall b/kubernetes/webhook/renderValidatingWebhook.dhall index 5e4cfe9..099cc35 100644 --- a/kubernetes/webhook/renderValidatingWebhook.dhall +++ b/kubernetes/webhook/renderValidatingWebhook.dhall @@ -103,16 +103,16 @@ let certificate = , issuerRef = { name = webhook.name, kind = (issuer webhook).kind } , commonName = Some "${webhook.name}.${webhook.namespace}.svc" , dnsNames = Some - [ webhook.name - , "${webhook.name}.${webhook.namespace}" - , "${webhook.name}.${webhook.namespace}.svc" - , "${webhook.name}.${webhook.namespace}.svc.cluster.local" - , "${webhook.name}:443" - , "${webhook.name}.${webhook.namespace}:443" - , "${webhook.name}.${webhook.namespace}.svc:443" - , "${webhook.name}.${webhook.namespace}.svc.cluster.local:443" - , "localhost:8080" - ] + [ webhook.name + , "${webhook.name}.${webhook.namespace}" + , "${webhook.name}.${webhook.namespace}.svc" + , "${webhook.name}.${webhook.namespace}.svc.cluster.local" + , "${webhook.name}:443" + , "${webhook.name}.${webhook.namespace}:443" + , "${webhook.name}.${webhook.namespace}.svc:443" + , "${webhook.name}.${webhook.namespace}.svc.cluster.local:443" + , "localhost:8080" + ] , usages = Some [ "any" ] , isCA = Some False } @@ -124,22 +124,21 @@ let mutatingWebhookConfiguration = , metadata = k8s.ObjectMeta::{ , name = webhook.name , labels = labels webhook - , annotations = - toMap - { `cert-manager.io/inject-ca-from` = - "${webhook.namespace}/${webhook.name}" - } + , annotations = toMap + { `cert-manager.io/inject-ca-from` = + "${webhook.namespace}/${webhook.name}" + } } , webhooks = [ k8s.ValidatingWebhook::{ , name = "${webhook.name}.${webhook.namespace}.svc" , clientConfig = k8s.WebhookClientConfig::{ , service = Some - { name = webhook.name - , namespace = webhook.namespace - , path = Some webhook.path - , port = Some 443 - } + { name = webhook.name + , namespace = webhook.namespace + , path = Some webhook.path + , port = Some 443 + } } , failurePolicy = webhook.failurePolicy , admissionReviewVersions = [ "v1beta1" ] diff --git a/nix/dhall.nix b/nix/dhall.nix deleted file mode 100644 index a66fd81..0000000 --- a/nix/dhall.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ runCommand }: -runCommand "dhall-1.29.0" { - tarball = builtins.fetchTarball { - name = "dhall-1.29.0-archive"; - url = https://github.com/dhall-lang/dhall-haskell/releases/download/1.29.0/dhall-1.29.0-x86_64-macos.tar.bz2; - sha256 = "0impdrphm7wsm5i17dwyq12i1nrirq78n20kbjz68ahyrf1b8ld7"; - }; -} -'' -mkdir -p $out/bin -cp $tarball/dhall $out/bin -'' \ No newline at end of file diff --git a/nix/sources.json b/nix/sources.json new file mode 100644 index 0000000..f4d6dba --- /dev/null +++ b/nix/sources.json @@ -0,0 +1,26 @@ +{ + "niv": { + "branch": "master", + "description": "Easy dependency management for Nix projects", + "homepage": "https://github.com/nmattia/niv", + "owner": "nmattia", + "repo": "niv", + "rev": "f73bf8d584148677b01859677a63191c31911eae", + "sha256": "0jlmrx633jvqrqlyhlzpvdrnim128gc81q5psz2lpp2af8p8q9qs", + "type": "tarball", + "url": "https://github.com/nmattia/niv/archive/f73bf8d584148677b01859677a63191c31911eae.tar.gz", + "url_template": "https://github.com///archive/.tar.gz" + }, + "nixpkgs": { + "branch": "nixpkgs-unstable", + "description": "A read-only mirror of NixOS/nixpkgs tracking the released channels. Send issues and PRs to", + "homepage": "https://github.com/NixOS/nixpkgs", + "owner": "NixOS", + "repo": "nixpkgs-channels", + "rev": "10100a97c8964e82b30f180fda41ade8e6f69e41", + "sha256": "011f36kr3c1ria7rag7px26bh73d1b0xpqadd149bysf4hg17rln", + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs-channels/archive/10100a97c8964e82b30f180fda41ade8e6f69e41.tar.gz", + "url_template": "https://github.com///archive/.tar.gz" + } +} diff --git a/nix/sources.nix b/nix/sources.nix new file mode 100644 index 0000000..8a725cb --- /dev/null +++ b/nix/sources.nix @@ -0,0 +1,134 @@ +# This file has been generated by Niv. + +let + + # + # The fetchers. fetch_ fetches specs of type . + # + + fetch_file = pkgs: spec: + if spec.builtin or true then + builtins_fetchurl { inherit (spec) url sha256; } + else + pkgs.fetchurl { inherit (spec) url sha256; }; + + fetch_tarball = pkgs: spec: + if spec.builtin or true then + builtins_fetchTarball { inherit (spec) url sha256; } + else + pkgs.fetchzip { inherit (spec) url sha256; }; + + fetch_git = spec: + builtins.fetchGit { url = spec.repo; inherit (spec) rev ref; }; + + fetch_builtin-tarball = spec: + builtins.trace + '' + WARNING: + The niv type "builtin-tarball" will soon be deprecated. You should + instead use `builtin = true`. + + $ niv modify -a type=tarball -a builtin=true + '' + builtins_fetchTarball { inherit (spec) url sha256; }; + + fetch_builtin-url = spec: + builtins.trace + '' + WARNING: + The niv type "builtin-url" will soon be deprecated. You should + instead use `builtin = true`. + + $ niv modify -a type=file -a builtin=true + '' + (builtins_fetchurl { inherit (spec) url sha256; }); + + # + # Various helpers + # + + # The set of packages used when specs are fetched using non-builtins. + mkPkgs = sources: + let + sourcesNixpkgs = + import (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) {}; + hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath; + hasThisAsNixpkgsPath = == ./.; + in + if builtins.hasAttr "nixpkgs" sources + then sourcesNixpkgs + else if hasNixpkgsPath && ! hasThisAsNixpkgsPath then + import {} + else + abort + '' + Please specify either (through -I or NIX_PATH=nixpkgs=...) or + add a package called "nixpkgs" to your sources.json. + ''; + + # The actual fetching function. + fetch = pkgs: name: spec: + + if ! builtins.hasAttr "type" spec then + abort "ERROR: niv spec ${name} does not have a 'type' attribute" + else if spec.type == "file" then fetch_file pkgs spec + else if spec.type == "tarball" then fetch_tarball pkgs spec + else if spec.type == "git" then fetch_git spec + else if spec.type == "builtin-tarball" then fetch_builtin-tarball spec + else if spec.type == "builtin-url" then fetch_builtin-url spec + else + abort "ERROR: niv spec ${name} has unknown type ${builtins.toJSON spec.type}"; + + # Ports of functions for older nix versions + + # a Nix version of mapAttrs if the built-in doesn't exist + mapAttrs = builtins.mapAttrs or ( + f: set: with builtins; + listToAttrs (map (attr: { name = attr; value = f attr set.${attr}; }) (attrNames set)) + ); + + # fetchTarball version that is compatible between all the versions of Nix + builtins_fetchTarball = { url, sha256 }@attrs: + let + inherit (builtins) lessThan nixVersion fetchTarball; + in + if lessThan nixVersion "1.12" then + fetchTarball { inherit url; } + else + fetchTarball attrs; + + # fetchurl version that is compatible between all the versions of Nix + builtins_fetchurl = { url, sha256 }@attrs: + let + inherit (builtins) lessThan nixVersion fetchurl; + in + if lessThan nixVersion "1.12" then + fetchurl { inherit url; } + else + fetchurl attrs; + + # Create the final "sources" from the config + mkSources = config: + mapAttrs ( + name: spec: + if builtins.hasAttr "outPath" spec + then abort + "The values in sources.json should not have an 'outPath' attribute" + else + spec // { outPath = fetch config.pkgs name spec; } + ) config.sources; + + # The "config" used by the fetchers + mkConfig = + { sourcesFile ? ./sources.json + , sources ? builtins.fromJSON (builtins.readFile sourcesFile) + , pkgs ? mkPkgs sources + }: rec { + # The sources, i.e. the attribute set of spec name to spec + inherit sources; + + # The "pkgs" (evaluated nixpkgs) to use for e.g. non-builtin fetchers + inherit pkgs; + }; +in +mkSources (mkConfig {}) // { __functor = _: settings: mkSources (mkConfig settings); } diff --git a/shell.nix b/shell.nix index f7d5b45..6333070 100644 --- a/shell.nix +++ b/shell.nix @@ -1,10 +1,10 @@ -with (import ./nixpkgs {}); -let dhall = (import ./nix/dhall.nix) { inherit (pkgs) runCommand; }; +let + sources = import ./nix/sources.nix {}; + pkgs = import sources.nixpkgs {}; -in -mkShell { +in with pkgs; mkShell { buildInputs = [ - dhall + haskellPackages.dhall_1_31_1 git ]; } \ No newline at end of file