yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

rename CLAN_STATIC_PROGRAMS -> CLAN_PROVIDED_PACKAGES

Browse Source
This commit is contained in:
Jörg Thalheim
2025-04-16 20:04:21 +02:00
committed by Mic92
parent 2240a3a533
commit 10cd98e158
6 changed files with 27 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
pkgs/clan-cli/clan_cli/nix/__init__.py
View File

@@ -124,46 +124,48 @@ def nix_shell_legacy(packages: list[str], cmd: list[str]) -> list[str]:
# lazy loads list of allowed and static programs # lazy loads list of allowed and static programs
class Programs: class Packages:
allowed_programs: set[str] | None = None allowed_packages: set[str] | None = None
static_programs: set[str] | None = None static_packages: set[str] | None = None
@classmethod @classmethod
def ensure_allowed(cls: type["Programs"], program: str) -> None: def ensure_allowed(cls: type["Packages"], package: str) -> None:
if cls.allowed_programs is None: if cls.allowed_packages is None:
with (Path(__file__).parent / "allowed-programs.json").open() as f: with (Path(__file__).parent / "allowed-packages.json").open() as f:
cls.allowed_programs = allowed_programs = set(json.load(f)) cls.allowed_packages = allowed_packages = set(json.load(f))
else: else:
allowed_programs = cls.allowed_programs allowed_packages = cls.allowed_packages
if program not in allowed_programs: if package not in allowed_packages:
msg = f"Program not allowed: '{program}', allowed programs are:\n{'\n'.join(allowed_programs)}" msg = f"Package not allowed: '{package}', allowed packages are:\n{'\n'.join(allowed_packages)}"
raise ClanError(msg) raise ClanError(msg)
@classmethod @classmethod
def is_static(cls: type["Programs"], program: str) -> bool: def is_provided(cls: type["Packages"], program: str) -> bool:
""" """
Determines if a program is statically shipped with this clan distribution Determines if a program is shipped with the clan package.
""" """
if cls.static_programs is None: if cls.static_packages is None:
cls.static_programs = set( cls.static_packages = set(
os.environ.get("CLAN_STATIC_PROGRAMS", "").split(":") os.environ.get("CLAN_PROVIDED_PACKAGES", "").split(":")
) )
return program in cls.static_programs return program in cls.static_packages
# Alternative implementation of nix_shell() to replace nix_shell() at some point # Alternative implementation of nix_shell() to replace nix_shell_legacy() at some point
# Features: # Features:
# - allow list for programs (need to be specified in allowed-programs.json) # - allow list for programs (need to be specified in allowed-packages.json)
# - be abe to compute a closure of all deps for testing # - be abe to compute a closure of all deps for testing
# - build clan distributions that ship some or all packages (eg. clan-cli-full) # - build clan distributions that ship some or all packages (eg. clan-cli-full)
def nix_shell(packages: list[str], cmd: list[str]) -> list[str]: def nix_shell(packages: list[str], cmd: list[str]) -> list[str]:
for program in packages: for program in packages:
Programs.ensure_allowed(program) Packages.ensure_allowed(program)
if os.environ.get("IN_NIX_SANDBOX"): if os.environ.get("IN_NIX_SANDBOX"):
return cmd return cmd
missing_packages = [ missing_packages = [
f"nixpkgs#{package}" for package in packages if not Programs.is_static(package) f"nixpkgs#{package}"
for package in packages
if not Packages.is_provided(package)
] ]
if not missing_packages: if not missing_packages:
return cmd return cmd

0
pkgs/clan-cli/clan_cli/nix/allowed-programs.json → pkgs/clan-cli/clan_cli/nix/allowed-packages.json
View File

4
pkgs/clan-cli/default.nix
View File

@@ -37,7 +37,7 @@ let
# load nixpkgs runtime dependencies from a json file # load nixpkgs runtime dependencies from a json file
# This file represents an allow list at the same time that is checked by the run_cmd # This file represents an allow list at the same time that is checked by the run_cmd
# implementation in nix.py # implementation in nix.py
allDependencies = lib.importJSON ./clan_cli/nix/allowed-programs.json; allDependencies = lib.importJSON ./clan_cli/nix/allowed-packages.json;
generateRuntimeDependenciesMap = generateRuntimeDependenciesMap =
deps: deps:
lib.filterAttrs (_: pkg: !pkg.meta.unsupported or false) (lib.genAttrs deps (name: pkgs.${name})); lib.filterAttrs (_: pkg: !pkg.meta.unsupported or false) (lib.genAttrs deps (name: pkgs.${name}));
@@ -109,7 +109,7 @@ pythonRuntime.pkgs.buildPythonApplication {
clan-core-path clan-core-path
"--set" "--set"
"CLAN_STATIC_PROGRAMS" "CLAN_PROVIDED_PACKAGES"
(lib.concatStringsSep ":" (lib.attrNames bundledRuntimeDependenciesMap)) (lib.concatStringsSep ":" (lib.attrNames bundledRuntimeDependenciesMap))
]; ];

2
pkgs/clan-cli/flake-module.nix
View File

@@ -146,7 +146,7 @@
clan-core-path = clanCoreWithVendoredDeps; clan-core-path = clanCoreWithVendoredDeps;
templateDerivation = templateDerivation; templateDerivation = templateDerivation;
pythonRuntime = pkgs.python3; pythonRuntime = pkgs.python3;
includedRuntimeDeps = lib.importJSON ./clan_cli/nix/allowed-programs.json; includedRuntimeDeps = lib.importJSON ./clan_cli/nix/allowed-packages.json;
}; };
clan-cli-docs = pkgs.stdenv.mkDerivation { clan-cli-docs = pkgs.stdenv.mkDerivation {
name = "clan-cli-docs"; name = "clan-cli-docs";

2
pkgs/clan-cli/pyproject.toml
View File

@@ -19,7 +19,7 @@ exclude = ["clan_cli.nixpkgs*", "result"]
[tool.setuptools.package-data] [tool.setuptools.package-data]
clan_cli = [ clan_cli = [
"**/allowed-programs.json", "**/allowed-packages.json",
"py.typed", "py.typed",
"templates/**/*", "templates/**/*",
"vms/mimetypes/**/*", "vms/mimetypes/**/*",

2
pkgs/clan-cli/shell.nix
View File

@@ -25,7 +25,7 @@ mkShell {
inputsFrom = [ self'.devShells.default ]; inputsFrom = [ self'.devShells.default ];
CLAN_STATIC_PROGRAMS = lib.concatStringsSep ":" ( CLAN_PROVIDED_PACKAGES = lib.concatStringsSep ":" (
lib.attrNames clan-cli-full.passthru.runtimeDependenciesMap lib.attrNames clan-cli-full.passthru.runtimeDependenciesMap
); );