pkgs/tools/package-management/nixops/default.nix at netboot-syslinux-multiplatform · tjh.dev/nixpkgs

tjh.dev / nixpkgs

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)

nixpkgs / pkgs / tools / package-management / nixops / default.nix

at netboot-syslinux-multiplatform 90 lines 2.6 kB view raw

 1{ lib, python2, poetry2nix, docbook_xsl_ns, openssh, cacert, nixopsAzurePackages ? []
 2, fetchurl, fetchpatch
 3}:
 4
 5let
 6  inherit (poetry2nix.mkPoetryPackages {
 7    projectDir = ./python-env;
 8    python = python2;
 9    overrides = [
10      poetry2nix.defaultPoetryOverrides
11      (self: super: {
12        certifi = super.certifi.overridePythonAttrs (old: {
13          meta = old.meta // {
14            knownVulnerabilities = [ "CVE-2022-23491" ];
15          };
16        });
17        pyjwt = super.pyjwt.overridePythonAttrs (old: {
18          meta = old.meta // {
19            knownVulnerabilities = lib.optionals (lib.versionOlder old.version "2.4.0") [
20              "CVE-2022-29217"
21            ];
22          };
23        });
24      })
25    ];
26  }) python;
27  pythonPackages = python.pkgs;
28
29in pythonPackages.buildPythonApplication rec {
30  pname = "nixops";
31  version = "1.7";
32
33  src = fetchurl {
34    url = "https://nixos.org/releases/nixops/nixops-${version}/nixops-${version}.tar.bz2";
35    sha256 = "091c0b5bca57d4aa20be20e826ec161efe3aec9c788fbbcf3806a734a517f0f3";
36  };
37
38  patches = [
39    (fetchpatch {
40      url = "https://github.com/NixOS/nixops/commit/fb6d4665e8efd858a215bbaaf079ec3f5ebc49b8.patch";
41      sha256 = "1hbhykl811zsqlaj3y5m9d8lfsal6ps6n5p16ah6lqy2s18ap9d0";
42    })
43    ./optional-virtd.patch
44  ];
45
46  buildInputs = [ pythonPackages.libxslt ];
47
48  pythonPath = (with pythonPackages;
49    [ prettytable
50      boto
51      boto3
52      hetzner
53      apache-libcloud
54      adal
55      # Go back to sqlite once Python 2.7.13 is released
56      pysqlite
57      datadog
58      python-digitalocean
59      ]
60      ++ lib.optional (!libvirt.passthru.libvirt.meta.insecure or true) libvirt
61      ++ nixopsAzurePackages);
62
63  checkPhase =
64  # Ensure, that there are no (python) import errors
65  ''
66    SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt \
67    HOME=$(pwd) \
68      $out/bin/nixops --version
69  '';
70
71  postInstall = ''
72    make -C doc/manual install nixops.1 docbookxsl=${docbook_xsl_ns}/xml/xsl/docbook \
73      docdir=$out/share/doc/nixops mandir=$out/share/man
74
75    mkdir -p $out/share/nix/nixops
76    cp -av "nix/"* $out/share/nix/nixops
77
78    # Add openssh to nixops' PATH. On some platforms, e.g. CentOS and RHEL
79    # the version of openssh is causing errors when have big networks (40+)
80    wrapProgram $out/bin/nixops --prefix PATH : "${openssh}/bin"
81  '';
82
83  meta = {
84    homepage = "https://github.com/NixOS/nixops";
85    description = "NixOS cloud provisioning and deployment tool";
86    maintainers = with lib.maintainers; [ aminechikhaoui eelco rob ];
87    platforms = lib.platforms.unix;
88    license = lib.licenses.lgpl3;
89  };
90}