91
flake.nix
91
flake.nix
@@ -57,55 +57,64 @@
|
|||||||
pkgs.gzip
|
pkgs.gzip
|
||||||
];
|
];
|
||||||
buildCommand = ''
|
buildCommand = ''
|
||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
PAY="$PWD/payload"
|
|
||||||
mkdir -p "$PAY/nix/store"
|
|
||||||
|
|
||||||
# copy closure paths from closureInfo (no nix calls here)
|
PAY="$PWD/payload"
|
||||||
while IFS= read -r p; do
|
mkdir -p "$PAY/nix/store"
|
||||||
cp -a --no-preserve=ownership "$p" "$PAY/nix/store/"
|
|
||||||
done < ${ci}/store-paths
|
|
||||||
|
|
||||||
# pick an app binary
|
# 1) copy closure (no nix calls; uses closureInfo)
|
||||||
APP_BIN=$(find ${appBinGuess} -maxdepth 1 -type f -perm -111 | head -n1)
|
while IFS= read -r p; do
|
||||||
if [ -z "''${APP_BIN:-}" ]; then
|
cp -a --no-preserve=ownership "$p" "$PAY/nix/store/"
|
||||||
echo "no executable found in ${appBinGuess}" >&2
|
done < ${ci}/store-paths
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
APP_REL="/nix/store/$(basename "$(dirname "$APP_BIN")")/$(basename "$APP_BIN")"
|
|
||||||
|
|
||||||
( cd "$PAY" && tar -czf "$PWD/payload.tar.gz" . )
|
# 2) pick app binary and make relative path used by the runner
|
||||||
|
APP_BIN=$(find ${appBinGuess} -maxdepth 1 -type f -perm -111 | head -n1)
|
||||||
|
if [ -z "''${APP_BIN:-}" ]; then
|
||||||
|
echo "no executable found in ${appBinGuess}" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
APP_REL="/nix/store/$(basename "$(dirname "$APP_BIN")")/$(basename "$APP_BIN")"
|
||||||
|
|
||||||
cat > $out <<'SH'
|
# 3) tar the payload OUTSIDE $PAY to avoid self-inclusion
|
||||||
#!/bin/sh
|
_TMP="$(mktemp -d)"
|
||||||
set -euf
|
( cd "$PAY" && tar \
|
||||||
: "''${TMPDIR:=/tmp}"
|
--sort=name \
|
||||||
EXTRACT_DIR="$(mktemp -d "''${TMPDIR%/}/nxbdl.XXXXXX")"
|
--owner=0 --group=0 --numeric-owner \
|
||||||
cleanup() { [ -n "''${KEEP_BUNDLE:-}" ] || rm -rf "$EXTRACT_DIR"; }
|
-czf "$_TMP/payload.tar.gz" . )
|
||||||
trap cleanup EXIT INT TERM
|
|
||||||
|
|
||||||
ARCHIVE_LINE=$(awk '/^__ARCHIVE_BELOW__/ {print NR+1; exit 0}' "$0")
|
# 4) write the self-extracting stub
|
||||||
tail -n +"$ARCHIVE_LINE" "$0" | tar -xzf - -C "$EXTRACT_DIR"
|
cat > "$out" <<'SH'
|
||||||
|
#!/bin/sh
|
||||||
|
set -euf
|
||||||
|
: "''${TMPDIR:=/tmp}"
|
||||||
|
EXTRACT_DIR="$(mktemp -d "''${TMPDIR%/}/nxbdl.XXXXXX")"
|
||||||
|
cleanup() { [ -n "''${KEEP_BUNDLE:-}" ] || rm -rf "$EXTRACT_DIR"; }
|
||||||
|
trap cleanup EXIT INT TERM
|
||||||
|
|
||||||
cd "$EXTRACT_DIR"
|
ARCHIVE_LINE=$(awk '/^__ARCHIVE_BELOW__/ {print NR+1; exit 0}' "$0")
|
||||||
APP_REL='__APP_REL__'
|
tail -n +"$ARCHIVE_LINE" "$0" | tar -xzf - -C "$EXTRACT_DIR"
|
||||||
PROOT_REL='__PROOT_REL__'
|
|
||||||
|
|
||||||
BUNDLE_PWD="''${BUNDLE_PWD:-$PWD}"
|
cd "$EXTRACT_DIR"
|
||||||
exec ".${PROOT_REL}" \
|
APP_REL='__APP_REL__'
|
||||||
-b ./nix:nix \
|
PROOT_REL='__PROOT_REL__'
|
||||||
-R / \
|
|
||||||
-w "$BUNDLE_PWD" \
|
|
||||||
".$APP_REL" "$@"
|
|
||||||
|
|
||||||
__ARCHIVE_BELOW__
|
BUNDLE_PWD="''${BUNDLE_PWD:-$PWD}"
|
||||||
SH
|
exec ".${PROOT_REL}" \
|
||||||
sed -i \
|
-b ./nix:nix \
|
||||||
-e "s|__APP_REL__|$APP_REL|g" \
|
-R / \
|
||||||
-e "s|__PROOT_REL__|${PROOT_REL}|g" \
|
-w "$BUNDLE_PWD" \
|
||||||
$out
|
".$APP_REL" "$@"
|
||||||
chmod +x $out
|
|
||||||
cat payload.tar.gz >> $out
|
__ARCHIVE_BELOW__
|
||||||
|
SH
|
||||||
|
|
||||||
|
# 5) inject paths, chmod, and append payload
|
||||||
|
sed -i \
|
||||||
|
-e "s|__APP_REL__|$APP_REL|g" \
|
||||||
|
-e "s|__PROOT_REL__|${PROOT_REL}|g" \
|
||||||
|
"$out"
|
||||||
|
chmod +x "$out"
|
||||||
|
cat "$_TMP/payload.tar.gz" >> "$out"
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user