23
flake.nix
23
flake.nix
@@ -58,15 +58,16 @@
|
||||
];
|
||||
buildCommand = ''
|
||||
set -euo pipefail
|
||||
|
||||
PAY="$PWD/payload"
|
||||
mkdir -p "$PAY/nix/store"
|
||||
|
||||
# copy closure paths from closureInfo (no nix calls here)
|
||||
# 1) copy closure (no nix calls; uses closureInfo)
|
||||
while IFS= read -r p; do
|
||||
cp -a --no-preserve=ownership "$p" "$PAY/nix/store/"
|
||||
done < ${ci}/store-paths
|
||||
|
||||
# pick an app binary
|
||||
# 2) pick app binary and make relative path used by the runner
|
||||
APP_BIN=$(find ${appBinGuess} -maxdepth 1 -type f -perm -111 | head -n1)
|
||||
if [ -z "''${APP_BIN:-}" ]; then
|
||||
echo "no executable found in ${appBinGuess}" >&2
|
||||
@@ -74,9 +75,15 @@
|
||||
fi
|
||||
APP_REL="/nix/store/$(basename "$(dirname "$APP_BIN")")/$(basename "$APP_BIN")"
|
||||
|
||||
( cd "$PAY" && tar -czf "$PWD/payload.tar.gz" . )
|
||||
# 3) tar the payload OUTSIDE $PAY to avoid self-inclusion
|
||||
_TMP="$(mktemp -d)"
|
||||
( cd "$PAY" && tar \
|
||||
--sort=name \
|
||||
--owner=0 --group=0 --numeric-owner \
|
||||
-czf "$_TMP/payload.tar.gz" . )
|
||||
|
||||
cat > $out <<'SH'
|
||||
# 4) write the self-extracting stub
|
||||
cat > "$out" <<'SH'
|
||||
#!/bin/sh
|
||||
set -euf
|
||||
: "''${TMPDIR:=/tmp}"
|
||||
@@ -100,12 +107,14 @@
|
||||
|
||||
__ARCHIVE_BELOW__
|
||||
SH
|
||||
|
||||
# 5) inject paths, chmod, and append payload
|
||||
sed -i \
|
||||
-e "s|__APP_REL__|$APP_REL|g" \
|
||||
-e "s|__PROOT_REL__|${PROOT_REL}|g" \
|
||||
$out
|
||||
chmod +x $out
|
||||
cat payload.tar.gz >> $out
|
||||
"$out"
|
||||
chmod +x "$out"
|
||||
cat "$_TMP/payload.tar.gz" >> "$out"
|
||||
'';
|
||||
};
|
||||
|
||||
|
||||
Reference in New Issue
Block a user