New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
git: optionally build gnome-keyring and libsecret credential helpers #43616
Conversation
Success on aarch64-linux (full log) Attempted: git Partial log (click to expand)
|
Success on x86_64-linux (full log) Attempted: git Partial log (click to expand)
|
++ stdenv.lib.optionals stdenv.isDarwin [ darwin.Security ]; | ||
++ stdenv.lib.optionals stdenv.isDarwin [ darwin.Security ] | ||
++ stdenv.lib.optionals withLibsecret [ pkgconfig glib libsecret ] | ||
++ stdenv.lib.optionals withGnomeKeyring [ pkgconfig glib libgnome-keyring ]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
libgnome-keyring
is deprecated in favour of libsecret
, we do not want to use it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
aha, good to know. I was having trouble figuring out which one of those was deprecated in favor of the other; I'll drop the gnome-keyring version.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed.
c981f88
to
f6e4103
Compare
Success on x86_64-linux (full log) Attempted: gitFull Partial log (click to expand)
|
Success on aarch64-linux (full log) Attempted: gitFull Partial log (click to expand)
|
@jtojnar take another look? |
When I install it using nix-env, I see the following: warning: skipping dangling symlink '/nix/store/1kj7d2ch4kg3ym0yy5kz02ilnb2dn1pd-user-environment/bin/lgit-credential-libsecret' |
...except on Darwin, where it won't be useful.
f6e4103
to
e161b00
Compare
Grah, that's because I made a dumb typo. Fixed, sorry. |
Success on aarch64-linux (full log) Attempted: gitFull Partial log (click to expand)
|
Success on x86_64-linux (full log) Attempted: gitFull Partial log (click to expand)
|
thanks for reviewing! |
Are you able to use it? I have the helper set $ git config --system --get credential.helper
libsecret but So does echo "protocol=https
host=example.com
path=foo.git
" | git credential fill and neither action seems to add the key to secret agent. Edit: Hmm, it is only added to keyring after |
Some very minor cleanup of the build/install phase too.
Motivation for this change
Encrypted storage for git secret credentials.
There is no change to the default
git
derivation.This adds ~200mb to the transitive closure of
gitFull
because of the new dependencies on libgnome-keyring and libsecret.Things done
sandbox
innix.conf
on non-NixOS)nix-shell -p nox --run "nox-review wip"
./result/bin/
)nix path-info -S
before and after)