lukegb/depot
1
0
Fork 0
Code Issues 1 Pull requests Projects Packages Activity Actions
depot/ops/maint/update_nixpkgs/default.nix

61 lines
1.4 KiB
Nix
Raw Blame History

{ depot, lib, ... }:
let
inherit (depot) pkgs;
mercurial = (pkgs.mercurial.overridePythonAttrs (origAttrs: {
propagatedBuildInputs = [pkgs.python3Packages.hg-evolve];
}));
updateNixpkgs = pkgs.runCommandNoCC "update_nixpkgs" {
buildInputs = with pkgs; [ makeWrapper ];
} ''
mkdir -p $out/bin
cp ${./update_nixpkgs.sh} $out/bin/update_nixpkgs
chmod +x $out/bin/update_nixpkgs
patchShebangs --host $out/bin
wrapProgram $out/bin/update_nixpkgs \
--prefix PATH : ${pkgs.lib.makeBinPath (with pkgs; [ bashInteractive mercurial openssh coreutils copybara git gnused ])}
'';
in
pkgs.dockerTools.buildImage {
name = "update_nixpkgs";
config = {
Cmd = [ "${updateNixpkgs}/bin/update_nixpkgs" ];
Env = [
"SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
"USER=root"
];
};
contents = [
pkgs.cacert updateNixpkgs
(pkgs.runCommandNoCC "update_nixpkgs_content" {} ''
mkdir $out $out/root $out/root/.ssh $out/etc $out/tmp
chmod 700 $out/root $out/root/.ssh
chmod 1777 $out/tmp
cat <<EOF >$out/etc/passwd
root:x:0:0:System administrator:/root:/run/current-system/sw/bin/bash
EOF
cat <<EOF >$out/root/.ssh/config
Host hg
Hostname hg.lukegb.com
User hg
StrictHostKeyChecking no
IdentityFile /secrets/ssh_id
EOF
cat <<EOF >$out/root/.hgrc
[extensions]
histedit =
rebase =
strip =
remotenames =
amend =
evolve =
topic =
purge =
share =
EOF
'')
];
}
Reference in a new issue View git blame Copy permalink