search

kryptco / kr

DEPRECATED A dev tool for SSH auth + Git commit/tag signing using a key stored in Krypton.
https://krypt.co/developers/
Other
1.59k stars 109 forks source link

install via nix derivation package #298

Open ldeck opened 4 years ago

ldeck commented 4 years ago

I’m looking to install kr via nix.

There isn’t a package / derivation for kr as yet.

My WIP derivation looks like this so far:

/tmp/kr/default.nix

{ stdenv, fetchFromGitHub, go }:

stdenv.mkDerivation rec {
  name = "kr-${version}";
  version = "2.4.15";

  src = fetchFromGitHub {
    owner = "kryptco";
    repo = "kr";
    rev = "1937e31606e4dc0f7263133334d429f956502276";
    sha256 = "13ch85f1y4j2n4dbc6alsxbxfd6xnidwi2clibssk5srkz3mx794";
  };

  buildInputs = [ go ];

  makeFlags = [
    "PREFIX=${placeholder "out"}"
    "GOPATH=${placeholder "out"}/share/go"
    "GOCACHE=${placeholder "TMPDIR"}/go-cache"
  ];

  meta = with stdenv.lib; {
    description = "A dev tool for SSH auth + Git commit/tag signing using a key stored in Krypton.";
    homepage = "https://krypt.co";
    license = licenses.unfreeRedistributable;
    platforms = platforms.linux ++ platforms.darwin;
  };
}

$ nix-build -E 'with import <nixpkgs> { }; callPackage ./default.nix { }’

This fails as follows:

these derivations will be built:
  /nix/store/kz5ahwl1dafgqzh3xj882gqfa5wzhg7g-kr-2.4.15.drv
building '/nix/store/kz5ahwl1dafgqzh3xj882gqfa5wzhg7g-kr-2.4.15.drv'...
unpacking sources
unpacking source archive /nix/store/cqjnksc5ywdhdv2yri0q68aib5irm2vx-source
source root is source
patching sources
configuring
no configure script, doing nothing
building
build flags: SHELL=/nix/store/hyp78grs3a2w5rh9njfz0f0hzkrgjzki-bash-4.4-p23/bin/bash PREFIX=/nix/store/cjagy6wzwjrshgm54zcqlhgqg0zlrj0y-kr-2.4.15 GOPATH=/nix/store/cjagy6wzwjrshgm54zcqlhgqg0zlrj0y-kr-2.4.15/share/go GOCACHE=/1rgha92i72grqijpxd402xxllwrfkbr74dyn01mayz73cjm2glmf
rm -rf bin
mkdir -p bin
go clean -cache || true
cd src; go build -ldflags="-s -w" -o ../bin/kr ./kr
failed to initialize build cache at /1rgha92i72grqijpxd402xxllwrfkbr74dyn01mayz73cjm2glmf: mkdir /1rgha92i72grqijpxd402xxllwrfkbr74dyn01mayz73cjm2glmf: read-only file system
make: *** [Makefile:23: all] Error 1
builder for '/nix/store/kz5ahwl1dafgqzh3xj882gqfa5wzhg7g-kr-2.4.15.drv' failed with exit code 2
error: build of '/nix/store/kz5ahwl1dafgqzh3xj882gqfa5wzhg7g-kr-2.4.15.drv' failed

I’m relatively new to nix, but it’d be great to have kr officially available via it.

Any help in fixing the above derivation?

See also https://discourse.nixos.org/t/help-creating-a-makefile-derivation-for-kryptco-kr-2fa-with-go-modules/6085.

Things I assume need solving / confirmation:

  1. ensuring the GOPATH, GOCACHE directories are set correctly.
  2. ensuring relevant directories can be created
  3. license attribute?
  4. adding meta.maintainers
ldeck commented 4 years ago

As per the above linked discourse discussion, the following two options seem to do the trick:

{ stdenv, fetchFromGitHub, go, lib }:

stdenv.mkDerivation rec {
  name = "kr-${version}";
  version = "2.4.15";

  src = fetchFromGitHub {
    owner = "kryptco";
    repo = "kr";
    rev = "1937e31606e4dc0f7263133334d429f956502276";
    sha256 = "13ch85f1y4j2n4dbc6alsxbxfd6xnidwi2clibssk5srkz3mx794";
  };

  buildInputs = [ go ];

  makeFlags = [
    "PREFIX=$(out)"
    "GOPATH=$(out)/share/go"
    "GOCACHE=$(TMPDIR)/go-cache"
  ];

  preInstall = ''
    mkdir -p $out/share/go
  '';

  meta = with lib; {
    description = "A dev tool for SSH auth + Git commit/tag signing using a key stored in Krypton.";
    homepage = "https://krypt.co";
    license = licenses.unfreeRedistributable;
    platforms = platforms.linux ++ platforms.darwin;
  };
}

The other option, was to use vgo2nix from the src directory to generate a deps.nix file.

The recommended approach for go modules is to use the buildGoModule function with the given nix dependencies deps.nix.

{ buildGoModule, fetchFromGitHub, lib }:

buildGoModule rec {
  name = "kr-${version}";
  version = "2.4.15";

  src = fetchFromGitHub {
      owner = "kryptco";
      repo = "kr";
      rev = "1937e31606e4dc0f7263133334d429f956502276";
      sha256 = "13ch85f1y4j2n4dbc6alsxbxfd6xnidwi2clibssk5srkz3mx794";
  };

  modRoot = "./src";
  goDeps = ./deps.nix;
  modSha256 = "1q6vhdwz26qkpzmsnk6d9j6hjgliwkgma50mq7w2rl6rkwashvay";

  meta = with lib; {
    description = "A dev tool for SSH auth + Git commit/tag signing using a key stored in Krypton.";
    homepage = "https://krypt.co";
    license = licenses.unfreeRedistributable;
    platforms = platforms.linux ++ platforms.darwin;
  };
}
ldeck commented 4 years ago

Does kryptco have interest in maintaining/contributing a derivation to nixpkgs for kr?

The one question worth answering is with respect to the license.

agrinman commented 4 years ago

Hi @ldeck, thank you! We're not currently interested in maintaining a nix package for kr but we're open to third party maintainers and can help with feedback/technical information about how kr works.