fetchgit: add support for netrc file through impure NIX_GIT_SSL_CAINFO env
This commit is contained in:
parent
e3b5143614
commit
6f53c06748
@ -21,6 +21,11 @@ in
|
||||
postFetch ? ""
|
||||
, preferLocalBuild ? true
|
||||
, fetchLFS ? false
|
||||
, # Shell code to build a netrc file for BASIC auth
|
||||
netrcPhase ? null
|
||||
, # Impure env vars (https://nixos.org/nix/manual/#sec-advanced-attributes)
|
||||
# needed for netrcPhase
|
||||
netrcImpureEnvVars ? []
|
||||
}:
|
||||
|
||||
/* NOTE:
|
||||
@ -64,10 +69,17 @@ stdenvNoCC.mkDerivation {
|
||||
|
||||
inherit url rev leaveDotGit fetchLFS fetchSubmodules deepClone branchName postFetch;
|
||||
|
||||
postHook = if netrcPhase == null then null else ''
|
||||
${netrcPhase}
|
||||
# required that git uses the netrc file
|
||||
mv {,.}netrc
|
||||
export HOME=$PWD
|
||||
'';
|
||||
|
||||
GIT_SSL_CAINFO = "${cacert}/etc/ssl/certs/ca-bundle.crt";
|
||||
|
||||
impureEnvVars = lib.fetchers.proxyImpureEnvVars ++ [
|
||||
"GIT_PROXY_COMMAND" "SOCKS_SERVER"
|
||||
impureEnvVars = lib.fetchers.proxyImpureEnvVars ++ netrcImpureEnvVars ++ [
|
||||
"GIT_PROXY_COMMAND" "NIX_GIT_SSL_CAINFO" "SOCKS_SERVER"
|
||||
];
|
||||
|
||||
inherit preferLocalBuild;
|
||||
|
@ -17,6 +17,10 @@ branchName=$NIX_PREFETCH_GIT_BRANCH_NAME
|
||||
out=${out:-}
|
||||
http_proxy=${http_proxy:-}
|
||||
|
||||
# allow overwritting cacert's ca-bundle.crt with a custom one
|
||||
# this can be done by setting NIX_GIT_SSL_CAINFO and NIX_SSL_CERT_FILE enviroment variables for the nix-daemon
|
||||
GIT_SSL_CAINFO=${NIX_GIT_SSL_CAINFO:-$GIT_SSL_CAINFO}
|
||||
|
||||
# populated by clone_user_rev()
|
||||
fullRev=
|
||||
humanReadableRev=
|
||||
|
Loading…
Reference in New Issue
Block a user