forked from mirrors/nixpkgs
08b791a01b
A bit going on here.
- Updating resholve from 0.5.1 -> 0.6.0
- adding a depdendency, `binlore`, to supply ~intel on executables
that supports new functionality in resholve
- adding a package, `yallback`, which provides rule-based callbacks
for YARA rule matches (depdency of `binlore`).
- automatically generating "lore" for each `input` to a solution in
`resholvePackage`.
- update README
- restructuring some nix components to better support
my local dev and CI workflows.
- moved package tests into passthru/tests.nix (cuts `bats` out of
resholve's immediate dependencies, makes it possible to add my
existing Nix API test).
- move my oil-dev patches out of resholve into a separate repo (no
oil rebuild every time resholve's source changes). Also moving
oil-dev into its own Nix file here, to ~track the default.nix in
its own repo.
108 lines
3.6 KiB
Nix
108 lines
3.6 KiB
Nix
{ stdenv, lib, resholve, binlore }:
|
|
|
|
{ pname
|
|
, src
|
|
, version
|
|
, passthru ? { }
|
|
, solutions
|
|
, ...
|
|
}@attrs:
|
|
let
|
|
inherit stdenv;
|
|
/* These functions break up the work of partially validating the
|
|
'solutions' attrset and massaging it into env/cli args.
|
|
|
|
Note: some of the left-most args do not *have* to be passed as
|
|
deep as they are, but I've done so to provide more error context
|
|
*/
|
|
|
|
# for brevity / line length
|
|
spaces = l: builtins.concatStringsSep " " l;
|
|
semicolons = l: builtins.concatStringsSep ";" l;
|
|
|
|
/* Throw a fit with dotted attr path context */
|
|
nope = path: msg:
|
|
throw "${builtins.concatStringsSep "." path}: ${msg}";
|
|
|
|
/* Special-case directive value representations by type */
|
|
makeDirective = solution: env: name: val:
|
|
if builtins.isInt val then builtins.toString val
|
|
else if builtins.isString val then name
|
|
else if true == val then name
|
|
else if false == val then "" # omit!
|
|
else if null == val then "" # omit!
|
|
else if builtins.isList val then "${name}:${semicolons val}"
|
|
else nope [ solution env name ] "unexpected type: ${builtins.typeOf val}";
|
|
|
|
/* Build fake/fix/keep directives from Nix types */
|
|
makeDirectives = solution: env: val:
|
|
lib.mapAttrsToList (makeDirective solution env) val;
|
|
|
|
/* Special-case value representation by type/name */
|
|
makeEnvVal = solution: env: val:
|
|
if env == "inputs" then lib.makeBinPath val
|
|
else if builtins.isString val then val
|
|
else if builtins.isList val then spaces val
|
|
else if builtins.isAttrs val then spaces (makeDirectives solution env val)
|
|
else nope [ solution env ] "unexpected type: ${builtins.typeOf val}";
|
|
|
|
/* Shell-format each env value */
|
|
shellEnv = solution: env: value:
|
|
lib.escapeShellArg (makeEnvVal solution env value);
|
|
|
|
/* Build a single ENV=val pair */
|
|
makeEnv = solution: env: value:
|
|
"RESHOLVE_${lib.toUpper env}=${shellEnv solution env value}";
|
|
|
|
/* Discard attrs claimed by makeArgs */
|
|
removeCliArgs = value:
|
|
removeAttrs value [ "scripts" "flags" ];
|
|
|
|
/* Verify required arguments are present */
|
|
validateSolution = { scripts, inputs, interpreter, ... }: true;
|
|
|
|
/* Pull out specific solution keys to build ENV=val pairs */
|
|
makeEnvs = solution: value:
|
|
spaces (lib.mapAttrsToList (makeEnv solution) (removeCliArgs value));
|
|
|
|
/* Pull out specific solution keys to build CLI argstring */
|
|
makeArgs = { flags ? [ ], scripts, ... }:
|
|
spaces (flags ++ scripts);
|
|
|
|
/* Build a single resholve invocation */
|
|
makeInvocation = solution: value:
|
|
if validateSolution value then
|
|
# we pass resholve a directory
|
|
"RESHOLVE_LORE=${binlore.collect { drvs = value.inputs; } } ${makeEnvs solution value} resholve --overwrite ${makeArgs value}"
|
|
else throw "invalid solution"; # shouldn't trigger for now
|
|
|
|
/* Build resholve invocation for each solution. */
|
|
makeCommands = solutions:
|
|
lib.mapAttrsToList makeInvocation solutions;
|
|
|
|
self = (stdenv.mkDerivation ((removeAttrs attrs [ "solutions" ])
|
|
// {
|
|
inherit pname version src;
|
|
buildInputs = [ resholve ];
|
|
|
|
# enable below for verbose debug info if needed
|
|
# supports default python.logging levels
|
|
# LOGLEVEL="INFO";
|
|
/*
|
|
subshell/PS4/set -x and : command to output resholve envs
|
|
and invocation. Extra context makes it clearer what the
|
|
Nix API is doing, makes nix-shell debugging easier, etc.
|
|
*/
|
|
preFixup = ''
|
|
(
|
|
cd "$out"
|
|
PS4=$'\x1f'"\033[33m[resholve context]\033[0m "
|
|
set -x
|
|
: changing directory to $PWD
|
|
${builtins.concatStringsSep "\n" (makeCommands solutions)}
|
|
)
|
|
'';
|
|
}));
|
|
in
|
|
lib.extendDerivation true passthru self
|