Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

gopass: Add passAlias parameter to derivation #85521

Merged
merged 2 commits into from May 5, 2020

Conversation

rvolosatovs
Copy link
Member

Motivation for this change

Add a passAlias to gopass derivation, similarly to how there's viAlias parameter supported by vim/neovim derivations.
Apart from convenience this is also necessary for e.g. making docker-credential-helpers work without patching the latter - the package uses pass executable from PATH https://github.com/docker/docker-credential-helpers/blob/f78081d1f7fef6ad74ad6b79368de6348386e591/pass/pass_linux.go#L67. By setting passAlias to true (e.g. via overlays like so: https://github.com/rvolosatovs/infrastructure/blob/94971f34db9df79b6666e626fa52840eb1fee840/nixpkgs/overlays.nix#L315-L317), secure Docker authentication via gopass "just works"™

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

@rvolosatovs
Copy link
Member Author

cc @andir

@rvolosatovs
Copy link
Member Author

@GrahamcOfBorg build gopass

@andir
Copy link
Member

andir commented May 5, 2020

Looks good to me. Could you please make sure the reasoning you provided in the PR description is also in the commit?

@rvolosatovs
Copy link
Member Author

@andir done, rebased on latest master as well.

@rvolosatovs
Copy link
Member Author

@GrahamcOfBorg build gopass

@@ -1,4 +1,11 @@
{ stdenv, buildGoModule, fetchFromGitHub, git, gnupg, xclip, wl-clipboard, installShellFiles, makeWrapper }:
{ stdenv, makeWrapper
, buildGoPackage, fetchFromGitHub, installShellFiles
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You changed this here to buildGoPackage but further down you are using buildGoModule

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oops, yes, that seems like a rebase artifact - the package was using buildGoPackage before

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed it (and built locally as well this time :P)

Add a `passAlias` to `gopass` derivation, similarly to how there's `viAlias` parameter supported by vim/neovim derivations.
Apart from convenience this is also necessary for e.g. making `docker-credential-helpers` work without patching the latter - the package uses `pass` executable from `PATH` https://github.com/docker/docker-credential-helpers/blob/f78081d1f7fef6ad74ad6b79368de6348386e591/pass/pass_linux.go#L67. By setting `passAlias` to `true` (e.g. via overlays like so: https://github.com/rvolosatovs/infrastructure/blob/94971f34db9df79b6666e626fa52840eb1fee840/nixpkgs/overlays.nix#L315-L317), secure Docker authentication via `gopass` "just works"™
@rvolosatovs
Copy link
Member Author

@GrahamcOfBorg build gopass

@rvolosatovs rvolosatovs requested a review from andir May 5, 2020 18:40
@andir andir merged commit 40e863a into NixOS:master May 5, 2020
@rvolosatovs rvolosatovs deleted the feature/gopass-alias branch May 5, 2020 19:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants