2018-01-10 00:38:19 +01:00
|
|
|
{ stdenvNoCC, runCommand, awscli }:
|
2017-04-26 04:01:18 +02:00
|
|
|
|
|
|
|
{ s3url
|
|
|
|
, sha256
|
|
|
|
, region ? "us-east-1"
|
|
|
|
, credentials ? null # Default to looking at local EC2 metadata service
|
|
|
|
, executable ? false
|
|
|
|
, recursiveHash ? false
|
|
|
|
, postFetch ? null
|
|
|
|
}:
|
|
|
|
|
|
|
|
let
|
2018-01-10 00:38:19 +01:00
|
|
|
credentialAttrs = stdenvNoCC.lib.optionalAttrs (credentials != null) {
|
2017-04-26 04:01:18 +02:00
|
|
|
AWS_ACCESS_KEY_ID = credentials.access_key_id;
|
|
|
|
AWS_SECRET_ACCESS_KEY = credentials.secret_access_key;
|
|
|
|
AWS_SESSION_TOKEN = credentials.session_token ? null;
|
|
|
|
};
|
|
|
|
in runCommand "foo" ({
|
2018-01-09 21:36:14 +01:00
|
|
|
nativeBuildInputs = [ awscli ];
|
2017-04-26 04:01:18 +02:00
|
|
|
outputHashAlgo = "sha256";
|
|
|
|
outputHash = sha256;
|
|
|
|
outputHashMode = if recursiveHash then "recursive" else "flat";
|
|
|
|
} // credentialAttrs) (if postFetch != null then ''
|
|
|
|
downloadedFile="$(mktemp)"
|
|
|
|
aws s3 cp ${s3url} $downloadedFile
|
|
|
|
${postFetch}
|
|
|
|
'' else ''
|
|
|
|
aws s3 cp ${s3url} $out
|
|
|
|
'')
|