tjh.dev
1{ lib, fetchgit, fetchzip }:
2
3{ owner, repo, rev, name ? "source"
4, fetchSubmodules ? false, private ? false
5, githubBase ? "github.com", varPrefix ? null
6, ... # For hash agility
7}@args: assert private -> !fetchSubmodules;
8let
9 baseUrl = "https://${githubBase}/${owner}/${repo}";
10 passthruAttrs = removeAttrs args [ "owner" "repo" "rev" "fetchSubmodules" "private" "githubBase" "varPrefix" ];
11 varBase = "NIX${if varPrefix == null then "" else "_${varPrefix}"}_GITHUB_PRIVATE_";
12 # We prefer fetchzip in cases we don't need submodules as the hash
13 # is more stable in that case.
14 fetcher = if fetchSubmodules then fetchgit else fetchzip;
15 privateAttrs = lib.optionalAttrs private {
16 netrcPhase = ''
17 if [ -z "''$${varBase}USERNAME" -o -z "''$${varBase}PASSWORD" ]; then
18 echo "Error: Private fetchFromGitHub requires the nix building process (nix-daemon in multi user mode) to have the ${varBase}USERNAME and ${varBase}PASSWORD env vars set." >&2
19 exit 1
20 fi
21 cat > netrc <<EOF
22 machine ${githubBase}
23 login ''$${varBase}USERNAME
24 password ''$${varBase}PASSWORD
25 EOF
26 '';
27 netrcImpureEnvVars = [ "${varBase}USERNAME" "${varBase}PASSWORD" ];
28 };
29 fetcherArgs = (if fetchSubmodules
30 then { inherit rev fetchSubmodules; url = "${baseUrl}.git"; }
31 else ({ url = "${baseUrl}/archive/${rev}.tar.gz"; } // privateAttrs)
32 ) // passthruAttrs // { inherit name; };
33in fetcher fetcherArgs // { meta.homepage = baseUrl; inherit rev; }