nix-bitcoin/pkgs/spark-wallet/generate.sh
Erik Arvstedt af115d746b
internal scripts: use pinned, cached pkgs
Instead of setting up the script PATH via nix-shell, use
`nix shell` with inputs from the nix-bitcoin flake.
Advantages:
- Uses the nixpkgs version from the nix-bitcoin flake instead of
  `<nixpkgs>` from the user env (NIX_PATH), so the script runtime
  env is reproducible.
- The pkg derivations for the runtime env are cached, which greatly
  increases script startup speed.

This commit was generated by running the following script inside the
repo root dir:

def transform(path, src)
  if src =~ /#! *nix-shell +-i +bash +-p +(.*)/
    pkgs = $1
    if src =~ /^.*?(set -e.*?pipefail)\n/
      set_statement = $1
      src.sub!($&, '')
    end
    src.sub!(/\A.*?#! *nix-shell.*?\n/m, '')

    parents = ([ '..' ] * (path.split('/').count - 1)).join('/')

    [
      '#!/usr/bin/env bash',
      *set_statement,
      %(. "${BASH_SOURCE[0]%/*}/#{parents}/helper/run-in-nix-env" "#{pkgs}" "$@"),
      nil,
      src
    ].join("\n")
  end
end

Dir['**/*.sh'].each do |f|
  src = File.read(f)
  if new_src = transform(f, src)
    puts "Changed file #{f}"
    File.write(f, new_src)
  end
end
2022-08-28 23:49:12 +02:00

59 lines
1.8 KiB
Bash
Executable File

#!/usr/bin/env bash
set -euo pipefail
. "${BASH_SOURCE[0]%/*}/../../helper/run-in-nix-env" "nodePackages.node2nix gnupg wget jq moreutils gnused" "$@"
TMPDIR=$(mktemp -d -p /tmp)
trap 'rm -rf $TMPDIR' EXIT
version="0.3.1"
repo=https://github.com/shesek/spark-wallet
# Fetch and verify source tarball
file=spark-wallet-${version}-npm.tgz
url=$repo/releases/download/v${version}/$file
export GNUPGHOME=$TMPDIR
gpg --keyserver hkps://keyserver.ubuntu.com --recv-key FCF19B67866562F08A43AAD681F6104CD0F150FC
wget -P "$TMPDIR" "$url"
wget -P "$TMPDIR" "$repo/releases/download/v${version}/SHA256SUMS.asc"
gpg --verify "$TMPDIR/SHA256SUMS.asc"
(cd "$TMPDIR"; sha256sum --check --ignore-missing SHA256SUMS.asc)
hash=$(nix hash file "$TMPDIR/$file")
# Extract source
src=$TMPDIR/src
mkdir "$src"
tar xvf "$TMPDIR/$file" -C "$src" --strip-components 1 >/dev/null
# Make qrcode-terminal a strict dependency so that node2nix includes it in the package derivation.
jq '.dependencies["qrcode-terminal"] = .optionalDependencies["qrcode-terminal"]' "$src/package.json" | sponge "$src/package.json"
node2nix \
--nodejs-14 \
--input "$src/package.json" \
--lock "$src/npm-shrinkwrap.json" \
--composition composition.nix \
--no-copy-node-env
# Use node-env.nix from nixpkgs
# shellcheck disable=SC2016
nodeEnvImport='import "${toString pkgs.path}/pkgs/development/node-packages/node-env.nix"'
sed -i "s|import ./node-env.nix|$nodeEnvImport|" composition.nix
# Use the verified package src
read -rd '' fetchurl <<EOF || :
fetchurl {
url = "$url";
hash = "$hash";
};
EOF
sed -i "
# Use the verified package src
s|src = .*/src;|src = ${fetchurl//$'\n'/\\n}|
# github: use HTTPS instead of SSH, which requires user authentication
s|git+ssh://git@|https://|
s|ssh://git@|https://|
s|\.git#|#|
" node-packages.nix