terraform-providers: switch to hash/vendorHash
This commit is contained in:
parent
48f449716d
commit
d1abee2262
3 changed files with 309 additions and 308 deletions
|
@ -17,17 +17,18 @@ let
|
||||||
, repo
|
, repo
|
||||||
, rev
|
, rev
|
||||||
, version
|
, version
|
||||||
, sha256
|
, hash ? throw "use hash instead of sha256" # added 2202/09
|
||||||
, vendorSha256
|
, vendorHash ? throw "use vendorHash instead of vendorSha256" # added 2202/09
|
||||||
, deleteVendor ? false
|
, deleteVendor ? false
|
||||||
, proxyVendor ? false
|
, proxyVendor ? false
|
||||||
, mkProviderGoModule ? buildGoModule
|
, mkProviderGoModule ? buildGoModule
|
||||||
, # Looks like "registry.terraform.io/vancluever/acme"
|
# Looks like "registry.terraform.io/vancluever/acme"
|
||||||
provider-source-address
|
, provider-source-address
|
||||||
|
, ...
|
||||||
}@attrs:
|
}@attrs:
|
||||||
mkProviderGoModule {
|
mkProviderGoModule {
|
||||||
pname = repo;
|
pname = repo;
|
||||||
inherit vendorSha256 version deleteVendor proxyVendor;
|
inherit vendorHash version deleteVendor proxyVendor;
|
||||||
subPackages = [ "." ];
|
subPackages = [ "." ];
|
||||||
doCheck = false;
|
doCheck = false;
|
||||||
# https://github.com/hashicorp/terraform-provider-scaffolding/blob/a8ac8375a7082befe55b71c8cbb048493dd220c2/.goreleaser.yml
|
# https://github.com/hashicorp/terraform-provider-scaffolding/blob/a8ac8375a7082befe55b71c8cbb048493dd220c2/.goreleaser.yml
|
||||||
|
@ -36,7 +37,7 @@ let
|
||||||
ldflags = [ "-s" "-w" "-X main.version=${version}" "-X main.commit=${rev}" ];
|
ldflags = [ "-s" "-w" "-X main.version=${version}" "-X main.commit=${rev}" ];
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
name = "source-${rev}";
|
name = "source-${rev}";
|
||||||
inherit owner repo rev sha256;
|
inherit owner repo rev hash;
|
||||||
};
|
};
|
||||||
|
|
||||||
# Move the provider to libexec
|
# Move the provider to libexec
|
||||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -28,14 +28,14 @@ Options:
|
||||||
|
|
||||||
* --force: Force the update even if the version matches.
|
* --force: Force the update even if the version matches.
|
||||||
* --no-build: Don't build provider
|
* --no-build: Don't build provider
|
||||||
* --vendor-sha256 <sha256>: Override the SHA256 or "null".
|
* --vendor-hash <SRI-hash>: Override the SHA256 or "null".
|
||||||
DOC
|
DOC
|
||||||
}
|
}
|
||||||
|
|
||||||
force=
|
force=
|
||||||
provider=
|
provider=
|
||||||
build=1
|
build=1
|
||||||
vendorSha256=
|
vendorHash=
|
||||||
|
|
||||||
while [[ $# -gt 0 ]]; do
|
while [[ $# -gt 0 ]]; do
|
||||||
case "$1" in
|
case "$1" in
|
||||||
|
@ -51,9 +51,9 @@ while [[ $# -gt 0 ]]; do
|
||||||
build=0
|
build=0
|
||||||
shift
|
shift
|
||||||
;;
|
;;
|
||||||
--vendor-sha256)
|
--vendor-hash)
|
||||||
force=1
|
force=1
|
||||||
vendorSha256=$2
|
vendorHash=$2
|
||||||
shift 2
|
shift 2
|
||||||
;;
|
;;
|
||||||
*)
|
*)
|
||||||
|
@ -93,14 +93,14 @@ repo_root=$(git rev-parse --show-toplevel)
|
||||||
|
|
||||||
generate_hash() {
|
generate_hash() {
|
||||||
nix-prefetch -I nixpkgs="${repo_root}" \
|
nix-prefetch -I nixpkgs="${repo_root}" \
|
||||||
"{ sha256 }: (import ${repo_root} {}).terraform-providers.${provider}.$1.overrideAttrs (_: { $2 = sha256; })"
|
"{ sha256 }: (import ${repo_root} {}).terraform-providers.${provider}.$1.overrideAttrs (_: { inherit sha256; })"
|
||||||
}
|
}
|
||||||
|
|
||||||
echo_provider() {
|
echo_provider() {
|
||||||
echo "== terraform-providers.${provider}: $* =="
|
echo "== terraform-providers.${provider}: $* =="
|
||||||
}
|
}
|
||||||
|
|
||||||
pushd "$(dirname "$0")"
|
pushd "$(dirname "$0")" >/dev/null
|
||||||
|
|
||||||
if [[ ${provider} =~ ^[^/]+/[^/]+$ ]]; then
|
if [[ ${provider} =~ ^[^/]+/[^/]+$ ]]; then
|
||||||
echo_provider "init"
|
echo_provider "init"
|
||||||
|
@ -109,13 +109,13 @@ if [[ ${provider} =~ ^[^/]+/[^/]+$ ]]; then
|
||||||
update_attr "provider-source-address" "${source_address}"
|
update_attr "provider-source-address" "${source_address}"
|
||||||
update_attr version "0"
|
update_attr version "0"
|
||||||
# create empty stings so nix-prefetch works
|
# create empty stings so nix-prefetch works
|
||||||
update_attr sha256 ""
|
update_attr hash ""
|
||||||
update_attr vendorSha256 ""
|
update_attr vendorHash ""
|
||||||
else
|
else
|
||||||
source_address="$(read_attr provider-source-address)"
|
source_address="$(read_attr provider-source-address)"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
old_vendor_sha256=$(read_attr vendorSha256)
|
old_vendor_hash=$(read_attr vendorHash)
|
||||||
old_version=$(read_attr version)
|
old_version=$(read_attr version)
|
||||||
|
|
||||||
# The provider source address (used inside Terraform `required_providers` block) is
|
# The provider source address (used inside Terraform `required_providers` block) is
|
||||||
|
@ -127,7 +127,7 @@ old_version=$(read_attr version)
|
||||||
registry_response=$(curl -s https://"${source_address/\///v1/providers/}")
|
registry_response=$(curl -s https://"${source_address/\///v1/providers/}")
|
||||||
|
|
||||||
version="$(jq -r '.version' <<<"${registry_response}")"
|
version="$(jq -r '.version' <<<"${registry_response}")"
|
||||||
if [[ ${old_version} == "${version}" && ${force} != 1 && -z ${vendorSha256} && ${old_vendor_sha256} != "${vendorSha256}" ]]; then
|
if [[ ${old_version} == "${version}" && ${force} != 1 && -z ${vendorHash} && ${old_vendor_hash} != "${vendorHash}" ]]; then
|
||||||
echo_provider "already at version ${version}"
|
echo_provider "already at version ${version}"
|
||||||
exit
|
exit
|
||||||
fi
|
fi
|
||||||
|
@ -146,20 +146,20 @@ repo="$(echo "${provider_source_url}" | cut -d '/' -f 5)"
|
||||||
update_attr repo "${repo}"
|
update_attr repo "${repo}"
|
||||||
rev="$(jq -r '.tag' <<<"${registry_response}")"
|
rev="$(jq -r '.tag' <<<"${registry_response}")"
|
||||||
update_attr rev "${rev}"
|
update_attr rev "${rev}"
|
||||||
echo_provider "calculating sha256"
|
echo_provider "calculating hash"
|
||||||
sha256=$(generate_hash src outputHash)
|
hash=$(generate_hash src)
|
||||||
update_attr sha256 "${sha256}"
|
update_attr hash "${hash}"
|
||||||
|
|
||||||
if [[ -z ${vendorSha256} ]]; then
|
if [[ -z ${vendorHash} ]]; then
|
||||||
if [[ ${old_vendor_sha256} == null ]]; then
|
if [[ ${old_vendor_hash} == null ]]; then
|
||||||
vendorSha256=null
|
vendorHash=null
|
||||||
else
|
else
|
||||||
echo_provider "calculating vendorSha256"
|
echo_provider "calculating vendorHash"
|
||||||
vendorSha256=$(generate_hash go-modules vendorSha256)
|
vendorHash=$(generate_hash go-modules)
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
update_attr vendorSha256 "${vendorSha256}"
|
update_attr vendorHash "${vendorHash}"
|
||||||
|
|
||||||
# Check that the provider builds
|
# Check that the provider builds
|
||||||
if [[ ${build} == 1 ]]; then
|
if [[ ${build} == 1 ]]; then
|
||||||
|
@ -167,4 +167,4 @@ if [[ ${build} == 1 ]]; then
|
||||||
nix-build --no-out-link "${repo_root}" -A "terraform-providers.${provider}"
|
nix-build --no-out-link "${repo_root}" -A "terraform-providers.${provider}"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
popd
|
popd >/dev/null
|
||||||
|
|
Loading…
Reference in a new issue