Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

amazon-init: run userdata as a script if it starts with #! #67345

Draft
wants to merge 2 commits into
base: master
Choose a base branch
from
Draft

amazon-init: run userdata as a script if it starts with #! #67345

wants to merge 2 commits into from
+18 −5

Conversation

thefloweringash
Copy link
Member

Motivation for this change

I want to boot an ec2 instance with the nix configuration in a git repository. My userdata is a short script that looks like:

#!/usr/bin/env nix-shell
#!nix-shell -p git -i bash

git clone ...
nixos-rebuild switch

I don't see another "escape hatch" that lets me do this. I did consider making a Nix userdata that configures a systemd unit that causes a second reconfiguration, but that's much more verbose. Considering the way userdata finds its way into cloudformation templates and similar, I wanted to keep it as short as possible.

The implementation is isScript was lifted from patch-shebangs.sh.

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nix-review --run "nix-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.
Notify maintainers

cc @

Sorry, something went wrong.

@ofborg ofborg bot added 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: module (update) This PR changes an existing module in `nixos/` 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux labels Aug 23, 2019
@stale
Copy link

stale bot commented Jun 1, 2020

Thank you for your contributions.
This has been automatically marked as stale because it has had no activity for 180 days.
If this is still important to you, we ask that you leave a comment below. Your comment can be as simple as "still important to me". This lets people see that at least one person still cares about this. Someone will have to do this at most twice a year if there is no other activity.
Here are suggestions that might help resolve this more quickly:

  1. Search for maintainers and people that previously touched the
    related code and @ mention them in a comment.
  2. Ask on the NixOS Discourse. 3. Ask on the #nixos channel on
    irc.freenode.net.

@stale stale bot added the 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md label Jun 1, 2020
@thefloweringash
Copy link
Member Author

This still seems like a nice-to-have feature.

@stale stale bot removed the 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md label Jun 2, 2020
@stale
Copy link

stale bot commented Nov 29, 2020

I marked this as stale due to inactivity. → More info

@stale stale bot added the 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md label Nov 29, 2020
@thefloweringash
Copy link
Member Author

This still seems like a nice-to-have feature.

@stale stale bot removed the 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md label Nov 29, 2020
thiagokokada
thiagokokada reviewed Dec 30, 2020
View reviewed changes
nixos/modules/virtualisation/amazon-init.nix
Comment on lines +29 to +30
chmod a+x "$userData"
exec "$userData"
Copy link
Contributor

@thiagokokada thiagokokada Dec 30, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any reason you can't do something like:

exec $SHELL "$userData"

Avoiding the chmod step.

BTW, is this exec intentional? It seems it will skip the rest of the script.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Now looking at the rest of the module, it kinda makes more sense. But I don't know if I like this "magic" behavior. I would much prefer a explicit approach (like having an option with an enum that you could pass a indicating if userData is a bash script, user expression, etc).

thiagokokada
thiagokokada reviewed Dec 30, 2020
View reviewed changes
Copy link
Contributor

@thiagokokada thiagokokada left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have zero context about it, probably someone that uses amazon-init could help more with?

@thefloweringash thefloweringash mentioned this pull request Feb 12, 2021
Closed
@tomberek
Copy link
Contributor

Performs as expected. This is a good escape hatch, also helpful with flakes.

SuperSandro2000
SuperSandro2000 reviewed Feb 27, 2021
View reviewed changes
nixos/modules/virtualisation/amazon-init.nix Outdated
exec {fd}< "$fn"
read -r -n 2 -u "$fd" magic
exec {fd}<&-
if [[ "$magic" =~ \#! ]]; then return 0; else return 1; fi
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
if [[ "$magic" =~ \#! ]]; then return 0; else return 1; fi
if [[ "$magic" =~ \#! ]]; then
return 0
else
return 1
fi

@thefloweringash @SuperSandro2000 @tomberek
amazon-init: simplify implementation of isScript

Partially verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
We cannot verify signatures from co-authors, and some of the co-authors attributed to this commit require their commits to be signed.
Loading
Loading status checks…
9366c4c 
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
Co-authored-by: tomberek <tomberek@users.noreply.github.com>
@thefloweringash
Copy link
Member Author

The proposed changes all look sensible to me. I took the implementation from elsewhere in nixpkgs (currently in stdenv) without checking the details. I've committed the suggested changes here through github.

@tomberek
Copy link
Contributor

Still thinking this would be helpful. re-base,re-review, and merge?

@stale
Copy link

stale bot commented Sep 10, 2021

I marked this as stale due to inactivity. → More info

@stale stale bot added the 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md label Sep 10, 2021
@wegank wegank added the 2.status: merge conflict This PR has merge conflicts with the target branch label Mar 20, 2024
@stale stale bot removed the 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md label Mar 20, 2024
@wegank wegank marked this pull request as draft March 20, 2024 22:23
@wegank wegank added the 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md label Jul 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tomberek tomberek

@thiagokokada thiagokokada

@SuperSandro2000 SuperSandro2000

Assignees
No one assigned
Labels
2.status: merge conflict This PR has merge conflicts with the target branch 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: module (update) This PR changes an existing module in `nixos/` 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@thefloweringash @tomberek @thiagokokada @SuperSandro2000 @wegank