From b37a5b9a45b1293406a86ab53662210b9133175c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Mon, 1 Feb 2021 09:25:52 +0100 Subject: [PATCH 1/3] update nixpkgs --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 7a0afa2..1739dd0 100644 --- a/flake.lock +++ b/flake.lock @@ -2,11 +2,11 @@ "nodes": { "nixpkgs": { "locked": { - "lastModified": 1609214493, - "narHash": "sha256-lz8ROoxchhjoBd5phaM8t6EFAmRf+dU6clod2mdHOAg=", + "lastModified": 1612101959, + "narHash": "sha256-7IsEL/6wpr1fI/XyIw26Rz+KjRCoJvoozIcTRpCFfMQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ea3638a3fb262d3634be7e4c2aa3d4e9474ae157", + "rev": "1b77b735ea70c3dfbdab3eaa79aee48d75d3e162", "type": "github" }, "original": { From d665aecd88708faec1c7ff044b5446b381131d98 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Mon, 1 Feb 2021 09:25:59 +0100 Subject: [PATCH 2/3] fix 32-bit build --- default.nix | 12 ++++++++++++ pkgs/sops-install-secrets/main.go | 4 ++-- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/default.nix b/default.nix index c474d5f..7d3ae1c 100644 --- a/default.nix +++ b/default.nix @@ -40,5 +40,17 @@ in rec { fixupPhase = ":"; }); + cross-build = sops-install-secrets.overrideAttrs (old: { + name = "cross-build"; + nativeBuildInputs = old.nativeBuildInputs ++ [ pkgs.gox ]; + buildPhase = '' + (cd pkgs/sops-install-secrets && gox -os linux) + ''; + installPhase = '' + touch $out + ''; + fixupPhase = ":"; + }); + # integration tests } // pkgs.lib.optionalAttrs (pkgs.stdenv.isLinux) sops-install-secrets.tests diff --git a/pkgs/sops-install-secrets/main.go b/pkgs/sops-install-secrets/main.go index 1e99827..1d683c2 100644 --- a/pkgs/sops-install-secrets/main.go +++ b/pkgs/sops-install-secrets/main.go @@ -251,7 +251,7 @@ func decryptSecrets(secrets []secret) error { return nil } -const RAMFS_MAGIC = 0x858458f6 +const RAMFS_MAGIC int32 = -2054924042 func mountSecretFs(mountpoint string, keysGid int) error { if err := os.MkdirAll(mountpoint, 0750); err != nil { @@ -262,7 +262,7 @@ func mountSecretFs(mountpoint string, keysGid int) error { if err := unix.Statfs(mountpoint, &buf); err != nil { return fmt.Errorf("Cannot get statfs for directory '%s': %w", mountpoint, err) } - if buf.Type != RAMFS_MAGIC { + if int32(buf.Type) != RAMFS_MAGIC { if err := unix.Mount("none", mountpoint, "ramfs", unix.MS_NODEV|unix.MS_NOSUID, "mode=0750"); err != nil { return fmt.Errorf("Cannot mount: %s", err) } From afee6a053b80cd2e317f83f794bb621e83520adc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Mon, 1 Feb 2021 13:23:17 +0100 Subject: [PATCH 3/3] golangci-lint: fix build --- .github/workflows/test.yml | 2 ++ default.nix | 4 +++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index af68354..7715ca8 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -26,6 +26,8 @@ jobs: - name: Add keys group (needed for go tests) run: sudo groupadd keys if: matrix.os == 'ubuntu-latest' + - name: Run lint + run: nix-build --no-out-link default.nix -A lint - name: Build nix packages run: nix-build --no-out-link release.nix - name: Run unit tests diff --git a/default.nix b/default.nix index 7d3ae1c..55963df 100644 --- a/default.nix +++ b/default.nix @@ -34,6 +34,7 @@ in rec { buildPhase = '' HOME=$TMPDIR golangci-lint run ''; + doCheck = false; installPhase = '' touch $out ''; @@ -46,8 +47,9 @@ in rec { buildPhase = '' (cd pkgs/sops-install-secrets && gox -os linux) ''; + doCheck = false; installPhase = '' - touch $out + touch $out $unittest ''; fixupPhase = ":"; });