diff --git a/pkgs/tools/admin/google-cloud-sdk/default.nix b/pkgs/tools/admin/google-cloud-sdk/default.nix index 3abd189d0f97..0b3b5d287271 100644 --- a/pkgs/tools/admin/google-cloud-sdk/default.nix +++ b/pkgs/tools/admin/google-cloud-sdk/default.nix @@ -36,16 +36,18 @@ in stdenv.mkDerivation rec { buildInputs = [ python makeWrapper ]; - phases = [ "installPhase" "fixupPhase" ]; + doBuild = false; + + patches = [ + ./gcloud-path.patch + ]; installPhase = '' - mkdir -p "$out" - tar -xzf "$src" -C "$out" google-cloud-sdk + mkdir -p $out/google-cloud-sdk + cp -R * .install $out/google-cloud-sdk/ - mkdir $out/google-cloud-sdk/lib/surface/alpha + mkdir -p $out/google-cloud-sdk/lib/surface/{alpha,beta} cp ${./alpha__init__.py} $out/google-cloud-sdk/lib/surface/alpha/__init__.py - - mkdir $out/google-cloud-sdk/lib/surface/beta cp ${./beta__init__.py} $out/google-cloud-sdk/lib/surface/beta/__init__.py # create wrappers with correct env @@ -68,8 +70,8 @@ in stdenv.mkDerivation rec { disable_update_check = true" >> $out/google-cloud-sdk/properties # setup bash completion - mkdir -p "$out/etc/bash_completion.d/" - mv "$out/google-cloud-sdk/completion.bash.inc" "$out/etc/bash_completion.d/gcloud.inc" + mkdir -p $out/etc/bash_completion.d + mv $out/google-cloud-sdk/completion.bash.inc $out/etc/bash_completion.d/gcloud.inc # This directory contains compiled mac binaries. We used crcmod from # nixpkgs instead. diff --git a/pkgs/tools/admin/google-cloud-sdk/gcloud-path.patch b/pkgs/tools/admin/google-cloud-sdk/gcloud-path.patch new file mode 100644 index 000000000000..64ec6cdb1b65 --- /dev/null +++ b/pkgs/tools/admin/google-cloud-sdk/gcloud-path.patch @@ -0,0 +1,47 @@ +From b69fee70154a861637c82e98e18be01bbb96423b Mon Sep 17 00:00:00 2001 +From: Florian Klink +Date: Wed, 12 Jun 2019 17:03:09 +0200 +Subject: [PATCH] kubeconfig: don't store absolute path to gcloud binary +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The `gcloud beta container clusters get-credentials $cluster \ +--region $region --project $project` +command can be used to write kubectl config files. + +In that file, normally the absolute path to the `gcloud` binary is +stored. + +This is a bad idea in NixOS. We might eventually garbage-collect that +specific gcloud binary - and in general, would expect a nix-shell +provided gcloud to be used. + +In its current state, token renewal would just start to break with the +following error message: + +Unable to connect to the server: error executing access token command "/nix/store/…/gcloud config config-helper --format=json": err=fork/exec /nix/store/…/gcloud: no such file or directory output= stderr= + +Avoid this by storing just `gcloud` inside `cmd-path`, which causes +kubectl to lookup the gcloud command from $PATH, which is more likely to +keep working. +--- + lib/googlecloudsdk/api_lib/container/kubeconfig.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/googlecloudsdk/api_lib/container/kubeconfig.py b/lib/googlecloudsdk/api_lib/container/kubeconfig.py +index 4330988d6..37424b841 100644 +--- a/lib/googlecloudsdk/api_lib/container/kubeconfig.py ++++ b/lib/googlecloudsdk/api_lib/container/kubeconfig.py +@@ -255,7 +255,7 @@ def _AuthProvider(name='gcp'): + raise Error(SDK_BIN_PATH_NOT_FOUND) + cfg = { + # Command for gcloud credential helper +- 'cmd-path': os.path.join(sdk_bin_path, bin_name), ++ 'cmd-path': bin_name, + # Args for gcloud credential helper + 'cmd-args': 'config config-helper --format=json', + # JSONpath to the field that is the raw access token +-- +2.21.0 +