From c2c0917a25ff360793fc47196ade23ac51e8ebc4 Mon Sep 17 00:00:00 2001 From: Nikita Wootten Date: Wed, 27 Dec 2023 11:04:30 -0500 Subject: [PATCH] Move build to support, extract version from go.mod --- flake.nix | 4 +- support/buildCommon.nix | 36 +++++++++++++++++ .../buildCoreDnsWithPlugin.nix | 39 +++++++------------ .../buildFirewallController.nix | 14 +++---- 4 files changed, 57 insertions(+), 36 deletions(-) create mode 100644 support/buildCommon.nix rename buildCoreDnsWithPlugin.nix => support/buildCoreDnsWithPlugin.nix (82%) rename buildFirewallController.nix => support/buildFirewallController.nix (51%) diff --git a/flake.nix b/flake.nix index 86559b5..e354cc7 100644 --- a/flake.nix +++ b/flake.nix @@ -13,8 +13,8 @@ packages = forEachSystem (system: let pkgs = nixpkgs.legacyPackages.${system}; in { - coredns = import ./buildCoreDnsWithPlugin.nix { inherit pkgs; }; - firewall-controller = import ./buildFirewallController.nix { inherit pkgs; }; + coredns = import ./support/buildCoreDnsWithPlugin.nix { inherit pkgs; }; + firewall-controller = import ./support/buildFirewallController.nix { inherit pkgs; }; }); devShells = forEachSystem (system: let pkgs = nixpkgs.legacyPackages.${system}; diff --git a/support/buildCommon.nix b/support/buildCommon.nix new file mode 100644 index 0000000..b971bbd --- /dev/null +++ b/support/buildCommon.nix @@ -0,0 +1,36 @@ +{ pkgs, ... }: +let + gomod = builtins.readFile ../go.mod; + gomod-lines = pkgs.lib.strings.splitString "\n" gomod; +in +{ + version = "0.0.1"; + src = pkgs.lib.fileset.toSource { + root=../.; + fileset = pkgs.lib.fileset.unions [ + ../src + ../go.mod + ../go.sum + ]; + }; + # Extract repository name from go.mod + repo = let + module-line = pkgs.lib.lists.findFirst + (line: pkgs.lib.strings.hasPrefix "module " line) + null + gomod-lines; + in pkgs.lib.lists.last + (pkgs.lib.strings.splitString " " module-line); + # Extract coredns version from go.mod + coredns-version = let + coredns-line = pkgs.lib.lists.findFirst + (line: pkgs.lib.strings.hasInfix "github.com/coredns/coredns " line) + null + gomod-lines; + # github.com/... vX.X.X -> vX.X.X + raw-version = pkgs.lib.lists.last + (pkgs.lib.strings.splitString " " coredns-line); + in if (pkgs.lib.strings.hasPrefix "v" raw-version) + then (builtins.substring 1 (-1) raw-version) + else raw-version; +} diff --git a/buildCoreDnsWithPlugin.nix b/support/buildCoreDnsWithPlugin.nix similarity index 82% rename from buildCoreDnsWithPlugin.nix rename to support/buildCoreDnsWithPlugin.nix index 02e9a45..309f52b 100644 --- a/buildCoreDnsWithPlugin.nix +++ b/support/buildCoreDnsWithPlugin.nix @@ -1,29 +1,18 @@ { pkgs, ... }: let - pname = "coredns"; - version = "1.11.1"; - repo = "github.com/nikitawootten/dns-firewall-controller"; - plugin = "${repo}/src/coredns_plugin"; + common = import ./buildCommon.nix { inherit pkgs; }; + plugin-path = "${common.repo}/src/coredns_plugin"; plugin-name = "squawker"; - coredns-src = pkgs.fetchFromGitHub { +in +pkgs.buildGoModule { + pname = "coredns"; + version = common.coredns-version; + src = pkgs.fetchFromGitHub { owner = "coredns"; repo = "coredns"; - rev = "v${version}"; + rev = "v${common.coredns-version}"; sha256 = "sha256-XZoRN907PXNKV2iMn51H/lt8yPxhPupNfJ49Pymdm9Y="; }; - plugin-src = pkgs.lib.fileset.toSource { - root=./.; - fileset = pkgs.lib.fileset.unions [ - ./src - ./go.mod - ./go.sum - ]; - }; -in -pkgs.buildGoModule { - inherit pname version; - - src = coredns-src; outputs = [ "out" "man" ]; @@ -35,10 +24,10 @@ pkgs.buildGoModule { # VERY hacky way to add a plugin to the coredns build modBuildPhase = '' # Add our plugin to the go.mod file using the replace directive - go mod edit -replace '${repo}=${plugin-src}' - go get ${plugin} + go mod edit -replace '${common.repo}=${common.src}' + go get ${plugin-path} # In CoreDNS, plugin order matters. Add our plugin near the top, before the bind plugin. - sed -i '30i ${plugin-name}:${plugin}' plugin.cfg + sed -i '30i ${plugin-name}:${plugin-path}' plugin.cfg GOOS= GOARCH= go generate go mod vendor @@ -46,7 +35,7 @@ pkgs.buildGoModule { # This is a problem because go.mod and modules.txt still reference the Nix store, and Nix gets very upset at random references to the Nix store # After vendoring we need to surgically remove all unused references to the Nix store - go mod edit -dropreplace '${repo}' + go mod edit -dropreplace '${common.repo}' sed -i 's/ => \/nix\/store.*//g' vendor/modules.txt ''; @@ -89,13 +78,13 @@ pkgs.buildGoModule { # Sanity check: was the plugin included at all? $GOPATH/bin/coredns -plugins | grep dns.${plugin-name} || { echo "Plugin not registered in output binary"; exit 1;} - pushd vendor/${repo} + pushd vendor/${common.repo} # Sanity check all vendored plugin files against the source derivation # Currently we must update the vendor hash every time a go file changes find . -type f -name '*.go' -print0 | while IFS= read -r -d $'\0' file; do vendorSum=$(sha256sum "$file" | cut -d' ' -f1) - srcSum=$(sha256sum "${plugin-src}/$file" | cut -d' ' -f1) + srcSum=$(sha256sum "${common.src}/$file" | cut -d' ' -f1) if [ "$vendorSum" != "$srcSum" ]; then echo "File $file does not match source derivation" exit 1 diff --git a/buildFirewallController.nix b/support/buildFirewallController.nix similarity index 51% rename from buildFirewallController.nix rename to support/buildFirewallController.nix index 377480a..13f003d 100644 --- a/buildFirewallController.nix +++ b/support/buildFirewallController.nix @@ -1,15 +1,11 @@ { pkgs, ... }: +let + common = import ./buildCommon.nix { inherit pkgs; }; +in pkgs.buildGoModule { pname = "firewall-controller"; - version = "0.0.1"; - src = pkgs.lib.fileset.toSource { - root=./.; - fileset = pkgs.lib.fileset.unions [ - ./src - ./go.mod - ./go.sum - ]; - }; + version = common.version; + src = common.src; vendorHash = "sha256-sF8RFUEIy3mip/EyJDn0+mRfFbeBbn18rqsWtfsAOqo="; # vendorHash = pkgs.lib.fakeHash; }