f7abcb0752
* fetchs3: add configurable name Change the default from "foo" to the basename of the s3 URL and make it configurable. * fetchs3: fix error on missing credentials.session_token The session token should default to null instead of failing * fetchs3: make use of the region argument Set it to null if you don't want to use it * fetchs3: prefer local build Fetcher-types spend more time on network than CPU
37 lines
977 B
Nix
37 lines
977 B
Nix
{ stdenvNoCC, runCommand, awscli }:
|
|
|
|
{ s3url
|
|
, name ? builtins.baseNameOf s3url
|
|
, sha256
|
|
, region ? "us-east-1"
|
|
, credentials ? null # Default to looking at local EC2 metadata service
|
|
, executable ? false
|
|
, recursiveHash ? false
|
|
, postFetch ? null
|
|
}:
|
|
|
|
let
|
|
mkCredentials = { access_key_id, secret_access_key, session_token ? null }: {
|
|
AWS_ACCESS_KEY_ID = access_key_id;
|
|
AWS_SECRET_ACCESS_KEY = secret_access_key;
|
|
AWS_SESSION_TOKEN = session_token;
|
|
};
|
|
|
|
credentialAttrs = stdenvNoCC.lib.optionalAttrs (credentials != null) (mkCredentials credentials);
|
|
in runCommand name ({
|
|
nativeBuildInputs = [ awscli ];
|
|
|
|
outputHashAlgo = "sha256";
|
|
outputHash = sha256;
|
|
outputHashMode = if recursiveHash then "recursive" else "flat";
|
|
|
|
preferLocalBuild = true;
|
|
|
|
AWS_DEFAULT_REGION = region;
|
|
} // credentialAttrs) (if postFetch != null then ''
|
|
downloadedFile="$(mktemp)"
|
|
aws s3 cp ${s3url} $downloadedFile
|
|
${postFetch}
|
|
'' else ''
|
|
aws s3 cp ${s3url} $out
|
|
'')
|