Winter
a19cd4ffb1
This reverts commit65a333600d. This wasn't tested for correctness with something like fodwatch [0], and should not have been (self-)merged so quickly, especially without further review. It also resulted in the breakage of at least one package [1] (and that's the one we know of and was caught). A few packages that were updated in between this commit and this revert were not reverted back to using `rev`, but other than that, this is a 1:1 revert. [0]: https://codeberg.org/raphaelr/fodwatch [1]: https://github.com/NixOS/nixpkgs/pull/396904 /758551e458
76 lines
2.0 KiB
Nix
76 lines
2.0 KiB
Nix
{
|
|
lib,
|
|
stdenv,
|
|
buildGoModule,
|
|
fetchFromGitHub,
|
|
git,
|
|
Cocoa,
|
|
Virtualization,
|
|
sigtool,
|
|
testers,
|
|
linuxkit,
|
|
}:
|
|
|
|
buildGoModule rec {
|
|
pname = "linuxkit";
|
|
version = "1.5.3";
|
|
|
|
src = fetchFromGitHub {
|
|
owner = "linuxkit";
|
|
repo = "linuxkit";
|
|
rev = "v${version}";
|
|
sha256 = "sha256-dCRTBy2Nbl5KP8dxXt+1ww1BF/gWm3PfLtSBAaVcBvw=";
|
|
};
|
|
|
|
vendorHash = null;
|
|
|
|
modRoot = "./src/cmd/linuxkit";
|
|
|
|
patches = [
|
|
./darwin-os-version.patch
|
|
./support-apple-11-sdk.patch
|
|
];
|
|
|
|
# - On macOS, an executable must be signed with the right entitlement(s) to be
|
|
# able to use the Virtualization framework at runtime.
|
|
# - sigtool is allows us to validly sign such executables with a dummy
|
|
# authority.
|
|
nativeBuildInputs = lib.optionals stdenv.hostPlatform.isDarwin [ sigtool ];
|
|
buildInputs = lib.optionals stdenv.hostPlatform.isDarwin [
|
|
Cocoa
|
|
Virtualization
|
|
];
|
|
|
|
ldflags = [
|
|
"-s"
|
|
"-w"
|
|
"-X github.com/linuxkit/linuxkit/src/cmd/linuxkit/version.Version=${version}"
|
|
];
|
|
|
|
nativeCheckInputs = [ git ];
|
|
|
|
# - Because this package definition doesn't build using the source's Makefile,
|
|
# we must manually call the sign target.
|
|
# - The binary stripping that nixpkgs does by default in the
|
|
# fixup phase removes such signing and entitlements, so we have to sign
|
|
# after stripping.
|
|
# - Finally, at the start of the fixup phase, the working directory is
|
|
# $sourceRoot/src/cmd/linuxkit, so it's simpler to use the sign target from
|
|
# the Makefile in that directory rather than $sourceRoot/Makefile.
|
|
postFixup = lib.optionalString stdenv.hostPlatform.isDarwin ''
|
|
make sign LOCAL_TARGET=$out/bin/linuxkit
|
|
'';
|
|
passthru.tests.version = testers.testVersion {
|
|
package = linuxkit;
|
|
command = "linuxkit version";
|
|
};
|
|
|
|
meta = with lib; {
|
|
description = "Toolkit for building secure, portable and lean operating systems for containers";
|
|
mainProgram = "linuxkit";
|
|
license = licenses.asl20;
|
|
homepage = "https://github.com/linuxkit/linuxkit";
|
|
maintainers = with maintainers; [ nicknovitski ];
|
|
};
|
|
}
|