From 8b0968b2054d3bb8d90b5ac056727f7c2ebeaed3 Mon Sep 17 00:00:00 2001 From: Igor Pashev Date: Tue, 11 Dec 2018 18:10:48 +0300 Subject: (* HUGE *) Use nixpkgs overlays --- pkgs/xinclude2nix/default.nix | 60 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 pkgs/xinclude2nix/default.nix (limited to 'pkgs/xinclude2nix/default.nix') diff --git a/pkgs/xinclude2nix/default.nix b/pkgs/xinclude2nix/default.nix new file mode 100644 index 0000000..09a9ab3 --- /dev/null +++ b/pkgs/xinclude2nix/default.nix @@ -0,0 +1,60 @@ +{ runCommand, haskellPackages }: + +/* + Given a list of XML files, produces a Nix file with a list of files included + with the XInclude mechanism. The file produced can be imported into other + Nix files. This requires read-write mode of evaluation. + + Use case: XML config files with portions of sensitive data (secrets, keys), + merged in runtime. With this package, deployment tools like NixOps can be + taught to extract keys and deploy them automatically. + + + Example of input file (for Jenkins): + + + + true + + hudson.model.Hudson.Read:ip1981 + hudson.model.Item.Build:ip1981 + hudson.model.Item.Cancel:ip1981 + hudson.model.Item.Read:ip1981 + hudson.model.Hudson.Administer:ip1981 + + + XXXXXXXXXXXXXXXXXXX + + read:org,user:email + + + + + Corresponding output file (/nix/store/abc...xyz-xinclude.nix): + + ["/run/keys/github-oauth-XXXXXXXXXXXXXXXXXXX.xml"] + +*/ + +# XXX: either string or list of strings +xmlFiles: + +let + + inherit (builtins) toString; + + xinclude2nix = + let + deps = hpkgs: with hpkgs; [ hxt ]; + ghc = "${haskellPackages.ghcWithPackages deps}/bin/ghc -Wall -static"; + in runCommand "xinclude2nix" {} '' + ${ghc} -o $out ${./xinclude2nix.hs} + ''; + +in runCommand "xinclude.nix" {} '' + echo ${xinclude2nix} ${toString xmlFiles} >&2 + ${xinclude2nix} ${toString xmlFiles} > $out + echo -n "$out: " >&2 + cat "$out" >&2 +'' + -- cgit v1.2.3