From 435627d8548b7050db7da6c63b9ffcaaf350d125 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 16 Apr 2025 20:04:21 +0200 Subject: [PATCH] rename CLAN_STATIC_PROGRAMS -> CLAN_PROVIDED_PACKAGES --- pkgs/clan-cli/clan_cli/nix/__init__.py | 42 ++++++++++--------- ...ed-programs.json => allowed-packages.json} | 0 pkgs/clan-cli/default.nix | 4 +- pkgs/clan-cli/flake-module.nix | 2 +- pkgs/clan-cli/pyproject.toml | 2 +- pkgs/clan-cli/shell.nix | 2 +- 6 files changed, 27 insertions(+), 25 deletions(-) rename pkgs/clan-cli/clan_cli/nix/{allowed-programs.json => allowed-packages.json} (100%) diff --git a/pkgs/clan-cli/clan_cli/nix/__init__.py b/pkgs/clan-cli/clan_cli/nix/__init__.py index e50681106..72e63b4d4 100644 --- a/pkgs/clan-cli/clan_cli/nix/__init__.py +++ b/pkgs/clan-cli/clan_cli/nix/__init__.py @@ -124,46 +124,48 @@ def nix_shell_legacy(packages: list[str], cmd: list[str]) -> list[str]: # lazy loads list of allowed and static programs -class Programs: - allowed_programs: set[str] | None = None - static_programs: set[str] | None = None +class Packages: + allowed_packages: set[str] | None = None + static_packages: set[str] | None = None @classmethod - def ensure_allowed(cls: type["Programs"], program: str) -> None: - if cls.allowed_programs is None: - with (Path(__file__).parent / "allowed-programs.json").open() as f: - cls.allowed_programs = allowed_programs = set(json.load(f)) + def ensure_allowed(cls: type["Packages"], package: str) -> None: + if cls.allowed_packages is None: + with (Path(__file__).parent / "allowed-packages.json").open() as f: + cls.allowed_packages = allowed_packages = set(json.load(f)) else: - allowed_programs = cls.allowed_programs + allowed_packages = cls.allowed_packages - if program not in allowed_programs: - msg = f"Program not allowed: '{program}', allowed programs are:\n{'\n'.join(allowed_programs)}" + if package not in allowed_packages: + msg = f"Package not allowed: '{package}', allowed packages are:\n{'\n'.join(allowed_packages)}" raise ClanError(msg) @classmethod - def is_static(cls: type["Programs"], program: str) -> bool: + def is_provided(cls: type["Packages"], program: str) -> bool: """ - Determines if a program is statically shipped with this clan distribution + Determines if a program is shipped with the clan package. """ - if cls.static_programs is None: - cls.static_programs = set( - os.environ.get("CLAN_STATIC_PROGRAMS", "").split(":") + if cls.static_packages is None: + cls.static_packages = set( + os.environ.get("CLAN_PROVIDED_PACKAGES", "").split(":") ) - return program in cls.static_programs + return program in cls.static_packages -# Alternative implementation of nix_shell() to replace nix_shell() at some point +# Alternative implementation of nix_shell() to replace nix_shell_legacy() at some point # Features: -# - allow list for programs (need to be specified in allowed-programs.json) +# - allow list for programs (need to be specified in allowed-packages.json) # - be abe to compute a closure of all deps for testing # - build clan distributions that ship some or all packages (eg. clan-cli-full) def nix_shell(packages: list[str], cmd: list[str]) -> list[str]: for program in packages: - Programs.ensure_allowed(program) + Packages.ensure_allowed(program) if os.environ.get("IN_NIX_SANDBOX"): return cmd missing_packages = [ - f"nixpkgs#{package}" for package in packages if not Programs.is_static(package) + f"nixpkgs#{package}" + for package in packages + if not Packages.is_provided(package) ] if not missing_packages: return cmd diff --git a/pkgs/clan-cli/clan_cli/nix/allowed-programs.json b/pkgs/clan-cli/clan_cli/nix/allowed-packages.json similarity index 100% rename from pkgs/clan-cli/clan_cli/nix/allowed-programs.json rename to pkgs/clan-cli/clan_cli/nix/allowed-packages.json diff --git a/pkgs/clan-cli/default.nix b/pkgs/clan-cli/default.nix index 042a23a90..0d80f1bdc 100644 --- a/pkgs/clan-cli/default.nix +++ b/pkgs/clan-cli/default.nix @@ -37,7 +37,7 @@ let # load nixpkgs runtime dependencies from a json file # This file represents an allow list at the same time that is checked by the run_cmd # implementation in nix.py - allDependencies = lib.importJSON ./clan_cli/nix/allowed-programs.json; + allDependencies = lib.importJSON ./clan_cli/nix/allowed-packages.json; generateRuntimeDependenciesMap = deps: lib.filterAttrs (_: pkg: !pkg.meta.unsupported or false) (lib.genAttrs deps (name: pkgs.${name})); @@ -109,7 +109,7 @@ pythonRuntime.pkgs.buildPythonApplication { clan-core-path "--set" - "CLAN_STATIC_PROGRAMS" + "CLAN_PROVIDED_PACKAGES" (lib.concatStringsSep ":" (lib.attrNames bundledRuntimeDependenciesMap)) ]; diff --git a/pkgs/clan-cli/flake-module.nix b/pkgs/clan-cli/flake-module.nix index cdd96d95b..f7bd869a9 100644 --- a/pkgs/clan-cli/flake-module.nix +++ b/pkgs/clan-cli/flake-module.nix @@ -146,7 +146,7 @@ clan-core-path = clanCoreWithVendoredDeps; templateDerivation = templateDerivation; pythonRuntime = pkgs.python3; - includedRuntimeDeps = lib.importJSON ./clan_cli/nix/allowed-programs.json; + includedRuntimeDeps = lib.importJSON ./clan_cli/nix/allowed-packages.json; }; clan-cli-docs = pkgs.stdenv.mkDerivation { name = "clan-cli-docs"; diff --git a/pkgs/clan-cli/pyproject.toml b/pkgs/clan-cli/pyproject.toml index 8e6492587..1fcfaf7fd 100644 --- a/pkgs/clan-cli/pyproject.toml +++ b/pkgs/clan-cli/pyproject.toml @@ -19,7 +19,7 @@ exclude = ["clan_cli.nixpkgs*", "result"] [tool.setuptools.package-data] clan_cli = [ - "**/allowed-programs.json", + "**/allowed-packages.json", "py.typed", "templates/**/*", "vms/mimetypes/**/*", diff --git a/pkgs/clan-cli/shell.nix b/pkgs/clan-cli/shell.nix index 15696a254..4f3a5dc82 100644 --- a/pkgs/clan-cli/shell.nix +++ b/pkgs/clan-cli/shell.nix @@ -25,7 +25,7 @@ mkShell { inputsFrom = [ self'.devShells.default ]; - CLAN_STATIC_PROGRAMS = lib.concatStringsSep ":" ( + CLAN_PROVIDED_PACKAGES = lib.concatStringsSep ":" ( lib.attrNames clan-cli-full.passthru.runtimeDependenciesMap );