pyrox.dev / nixpkgs
lol
fork atom

_1password-gui: Refactor update.sh to decrease manual work burden (#387535)

authored by Austin Horstman and committed by GitHub 0c41d9b6 78623fca

+119 -82
unified split
+4 -39
pkgs/applications/misc/1password-gui/default.nix
··· 10 11 let 12 pname = "1password"; 13 - version = if channel == "stable" then "8.10.60" else "8.10.68-12.BETA"; 14 15 - sources = { 16 - stable = { 17 - x86_64-linux = { 18 - url = "https://downloads.1password.com/linux/tar/stable/x86_64/1password-${version}.x64.tar.gz"; 19 - hash = "sha256-QCoV66LvGo6vA5fjuE3fG+LwehKVMPmgaDghh9YEvmA="; 20 - }; 21 - aarch64-linux = { 22 - url = "https://downloads.1password.com/linux/tar/stable/aarch64/1password-${version}.arm64.tar.gz"; 23 - hash = "sha256-E5TniXur9ATJ3ER/zTFc6EiBrH/kbNvIao0ADLyBZZE="; 24 - }; 25 - x86_64-darwin = { 26 - url = "https://downloads.1password.com/mac/1Password-${version}-x86_64.zip"; 27 - hash = "sha256-2Nv4CHKLgCFbU1TeJQhIq8YdkJSQJXtUw2S17B8cS4s="; 28 - }; 29 - aarch64-darwin = { 30 - url = "https://downloads.1password.com/mac/1Password-${version}-aarch64.zip"; 31 - hash = "sha256-drJiM8EiUM3M54+KPQdLvAmSfBH5YPqQk14yjHzoBtM="; 32 - }; 33 - }; 34 - beta = { 35 - x86_64-linux = { 36 - url = "https://downloads.1password.com/linux/tar/beta/x86_64/1password-${version}.x64.tar.gz"; 37 - hash = "sha256-/0Y1qnCI/gXGKTHk9EIaUVbHTwRkOvwOOiMif6sRkqw="; 38 - }; 39 - aarch64-linux = { 40 - url = "https://downloads.1password.com/linux/tar/beta/aarch64/1password-${version}.arm64.tar.gz"; 41 - hash = "sha256-4J6a10r5n8ffqC5Y2pjO/GJLXY5AQDkQWmFNLYeK/Xw="; 42 - }; 43 - x86_64-darwin = { 44 - url = "https://downloads.1password.com/mac/1Password-${version}-x86_64.zip"; 45 - hash = "sha256-XvflRqqUI59ekuSiQXyACzS94VIrl8wJjemi0xAznZU="; 46 - }; 47 - aarch64-darwin = { 48 - url = "https://downloads.1password.com/mac/1Password-${version}-aarch64.zip"; 49 - hash = "sha256-UErp3pcSXz/C5s3JraLoBN89tL8ghgJ3XLpg7KtU8Sc="; 50 - }; 51 - }; 52 - }; 53 54 src = fetchurl { 55 inherit
··· 10 11 let 12 pname = "1password"; 13 14 + versions = builtins.fromJSON (builtins.readFile ./versions.json); 15 + inherit (versions.${channel} or (throw "unknown channel ${channel}")) version; 16 + 17 + sources = builtins.fromJSON (builtins.readFile ./sources.json); 18 19 src = fetchurl { 20 inherit
+38
pkgs/applications/misc/1password-gui/sources.json
···
··· 1 + { 2 + "stable": { 3 + "x86_64-linux": { 4 + "url": "https://downloads.1password.com/linux/tar/stable/x86_64/1password-8.10.60.x64.tar.gz", 5 + "hash": "sha256-QCoV66LvGo6vA5fjuE3fG+LwehKVMPmgaDghh9YEvmA=" 6 + }, 7 + "aarch64-linux": { 8 + "url": "https://downloads.1password.com/linux/tar/stable/aarch64/1password-8.10.60.arm64.tar.gz", 9 + "hash": "sha256-E5TniXur9ATJ3ER/zTFc6EiBrH/kbNvIao0ADLyBZZE=" 10 + }, 11 + "x86_64-darwin": { 12 + "url": "https://downloads.1password.com/mac/1Password-8.10.60-x86_64.zip", 13 + "hash": "sha256-2Nv4CHKLgCFbU1TeJQhIq8YdkJSQJXtUw2S17B8cS4s=" 14 + }, 15 + "aarch64-darwin": { 16 + "url": "https://downloads.1password.com/mac/1Password-8.10.60-aarch64.zip", 17 + "hash": "sha256-drJiM8EiUM3M54+KPQdLvAmSfBH5YPqQk14yjHzoBtM=" 18 + } 19 + }, 20 + "beta": { 21 + "x86_64-linux": { 22 + "url": "https://downloads.1password.com/linux/tar/beta/x86_64/1password-8.10.68-12.BETA.x64.tar.gz", 23 + "hash": "sha256-/0Y1qnCI/gXGKTHk9EIaUVbHTwRkOvwOOiMif6sRkqw=" 24 + }, 25 + "aarch64-linux": { 26 + "url": "https://downloads.1password.com/linux/tar/beta/aarch64/1password-8.10.68-12.BETA.arm64.tar.gz", 27 + "hash": "sha256-4J6a10r5n8ffqC5Y2pjO/GJLXY5AQDkQWmFNLYeK/Xw=" 28 + }, 29 + "x86_64-darwin": { 30 + "url": "https://downloads.1password.com/mac/1Password-8.10.68-12.BETA-x86_64.zip", 31 + "hash": "sha256-XvflRqqUI59ekuSiQXyACzS94VIrl8wJjemi0xAznZU=" 32 + }, 33 + "aarch64-darwin": { 34 + "url": "https://downloads.1password.com/mac/1Password-8.10.68-12.BETA-aarch64.zip", 35 + "hash": "sha256-UErp3pcSXz/C5s3JraLoBN89tL8ghgJ3XLpg7KtU8Sc=" 36 + } 37 + } 38 + }
+68 -43
pkgs/applications/misc/1password-gui/update.sh
··· 1 #!/usr/bin/env nix-shell 2 - #!nix-shell -i bash -p jq 3 #shellcheck shell=bash 4 5 - CURRENT_HASH="" 6 7 - print_hash() { 8 - OS="$1" 9 - CHANNEL="$2" 10 - ARCH="$3" 11 - VERSION="$4" 12 13 - if [[ "$OS" == "linux" ]]; then 14 - if [[ "$ARCH" == "x86_64" ]]; then 15 - EXT="x64.tar.gz" 16 - else 17 - EXT="arm64.tar.gz" 18 - fi 19 - URL="https://downloads.1password.com/${OS}/tar/${CHANNEL}/${ARCH}/1password-${VERSION}.${EXT}" 20 else 21 - EXT="$ARCH.zip" 22 - URL="https://downloads.1password.com/${OS}/1Password-${VERSION}-${EXT}" 23 fi 24 25 - CURRENT_HASH=$(nix store prefetch-file "$URL" --json | jq -r '.hash') 26 27 - echo "$CHANNEL ${ARCH}-${OS}: $CURRENT_HASH" 28 } 29 30 - if [[ -z "$STABLE_VER" && -n "$1" ]]; then 31 - STABLE_VER="$1" 32 - fi 33 34 - if [[ -z "$BETA_VER" && -n "$2" ]]; then 35 - BETA_VER="$2" 36 - fi 37 38 - if [[ "${BETA_VER: -4}" != "BETA" ]]; then 39 - BETA_VER="$BETA_VER.BETA" 40 - fi 41 42 - if [[ -z "$STABLE_VER" ]]; then 43 - echo "No 'STABLE_VER' environment variable provided, skipping" 44 - else 45 - print_hash "linux" "stable" "x86_64" "$STABLE_VER" 46 - print_hash "linux" "stable" "aarch64" "$STABLE_VER" 47 - print_hash "mac" "stable" "x86_64" "$STABLE_VER" 48 - print_hash "mac" "stable" "aarch64" "$STABLE_VER" 49 - fi 50 51 - if [[ -z "$BETA_VER" ]]; then 52 - echo "No 'BETA_VER' environment variable provided, skipping" 53 - else 54 - print_hash "linux" "beta" "x86_64" "$BETA_VER" 55 - print_hash "linux" "beta" "aarch64" "$BETA_VER" 56 - print_hash "mac" "beta" "x86_64" "$BETA_VER" 57 - print_hash "mac" "beta" "aarch64" "$BETA_VER" 58 - fi
··· 1 #!/usr/bin/env nix-shell 2 + #!nix-shell -i bash -p jq gnupg 3 #shellcheck shell=bash 4 5 + set -euo pipefail 6 7 + cd -- "$(dirname "${BASH_SOURCE[0]}")" 8 9 + mk_url() { 10 + local \ 11 + base_url="https://downloads.1password.com" \ 12 + os="$1" \ 13 + channel="$2" \ 14 + arch="$3" \ 15 + version="$4" 16 + 17 + if [[ ${os} == "linux" ]]; then 18 + if [[ ${arch} == "x86_64" ]]; then 19 + ext="x64.tar.gz" 20 else 21 + ext="arm64.tar.gz" 22 fi 23 + url="${base_url}/${os}/tar/${channel}/${arch}/1password-${version}.${ext}" 24 + else 25 + ext="${arch}.zip" 26 + url="${base_url}/mac/1Password-${version}-${ext}" 27 + fi 28 29 + echo "${url}" 30 + } 31 32 + cleanup() { 33 + if [[ -f ${GPG_KEYRING-} ]]; then 34 + rm "${GPG_KEYRING}" 35 + fi 36 + 37 + if [[ -f ${JSON_HEAP-} ]]; then 38 + rm "${JSON_HEAP}" 39 + fi 40 } 41 42 + trap cleanup EXIT 43 + 44 + # Get channel versions from versions.json 45 + declare -A version=( 46 + ["stable"]=$(jq -r '.stable.version' versions.json) 47 + ["beta"]=$(jq -r '.beta.version' versions.json) 48 + ) 49 50 + # 51 + GPG_KEYRING=$(mktemp -t 1password.kbx.XXXXXX) 52 + gpg --no-default-keyring --keyring "${GPG_KEYRING}" \ 53 + --keyserver keyserver.ubuntu.com \ 54 + --receive-keys 3FEF9748469ADBE15DA7CA80AC2D62742012EA22 55 56 + JSON_HEAP=$(mktemp -t 1password-gui.jsonheap.XXXXXX) 57 + for channel in stable beta; do 58 + for os in linux darwin; do 59 + for arch in x86_64 aarch64; do 60 + url=$(mk_url ${os} ${channel} ${arch} "${version[${channel}]}") 61 + nix store prefetch-file --json "${url}" | jq " 62 + { 63 + \"${channel}\": { 64 + \"${arch}-${os}\": { 65 + \"url\": \"${url}\", 66 + \"hash\": .hash, 67 + \"storePath\": .storePath 68 + } 69 + } 70 + }" >> "${JSON_HEAP}" 71 72 + # For some reason 1Password PGP signs only Linux binaries. 73 + if [[ ${os} == "linux" ]]; then 74 + gpgv --keyring "${GPG_KEYRING}" \ 75 + $(nix store prefetch-file --json "${url}.sig" | jq -r .storePath) \ 76 + $(jq -r --slurp ".[-1].[].[].storePath" "${JSON_HEAP}") 77 + fi 78 + done 79 + done 80 + done 81 82 + # Combine heap of hash+url objects into a single JSON object. 83 + jq --slurp 'reduce .[] as $x ({}; . * $x) | del (.[].[].storePath)' "${JSON_HEAP}" > sources.json
+9
pkgs/applications/misc/1password-gui/versions.json
···
··· 1 + { 2 + "stable": { 3 + "version": "8.10.60" 4 + }, 5 + 6 + "beta": { 7 + "version": "8.10.68-12.BETA" 8 + } 9 + }