pkgs/fupdate: Split into `fupdate-flake` and `fupdate`

4 files changed, 205 insertions, 267 deletions

diff --git a/pkgs/by-name/fu/fupdate-flake/fupdate-flake.sh b/pkgs/by-name/fu/fupdate-flake/fupdate-flake.sh
new file mode 100755
index 00000000..6d343995
--- /dev/null
+++ b/pkgs/by-name/fu/fupdate-flake/fupdate-flake.sh
@@ -0,0 +1,180 @@
+#! /usr/bin/env sh
+
+UPDATE_SCRIPT_NAME="update.sh"
+
+info() {
+    echo "Info: $1"
+}
+dbg() {
+    [ -n "$DEBUG_ENABLE" ] && echo "Debug: $1"
+}
+die() {
+    echo "Error: $1"
+    exit 1
+}
+
+# Search for a file “upwards”.
+# This will return the relative path from "$1" to the found file.
+#
+# # Type
+# upfind :: Path -> String -> Path
+#
+# # Arguments
+# $1
+# : The directory to use as start of your search.
+#
+# $2
+# : The file to search for.
+#
+# # Example
+# upfind "/home/user1" "/usr"
+# => /usr
+upfind() {
+    starting_directory="$(readlink --canonicalize "$1")"
+    search_string="$2"
+
+    current_directory="$starting_directory"
+
+    while
+        search_result=$(fd "$search_string" "$current_directory/" --max-depth 1)
+        dbg "Debugging upfind - search in $current_directory gives: $search_result"
+        [ -z "$search_result" ] && [ "$current_directory" != "/" ]
+    do current_directory=$(dirname "$current_directory"); done
+
+    realpath --relative-to="$1" "$search_result"
+}
+
+# Construct the storage path for the update script allowed hashes.
+#
+# # Type
+# get_storage_path :: Path -> Path
+#
+# # Arguments
+# $1
+# : The path to the update script
+#
+# # Returns
+# The constructed storage path.
+get_storage_path() {
+    update_script="$(realpath "$1")"
+
+    storage_path="$XDG_DATE_HOME/fupdate-flake/$update_script"
+    echo "$storage_path"
+}
+
+# Checks if a given path to the update script is allowed.
+#
+# # Type
+# is_allowed :: Path -> bool
+#
+# # Arguments
+# $1
+# : The path to the update script to check.
+#
+# # Return exit code
+# 0
+# : If the update script is allowed
+#
+# 1
+# : If it is not.
+is_allowed() {
+    update_script="$(realpath "$1")"
+
+    storage_path="$(get_storage_path "$update_script")"
+
+    # Use this invocation, to also include the path to the `$update_script`
+    update_script_hash="$(sha256sum "$update_script")"
+
+    if [ -f "$storage_path" ]; then
+        if [ "$(cat "$storage_path")" = "$update_script_hash" ]; then
+            return 0
+        else
+            return 1
+        fi
+    else
+        return 1
+    fi
+}
+
+# Asks the user if they want to allow a given script.
+#
+# # Type
+# ask_to_allow_update_script :: Path
+#
+# # Arguments
+# $1
+# : The path to the update script to ask for.
+ask_to_allow_update_script() {
+    update_script="$(realpath "$1")"
+
+    printf "\033[2J" # clear the screen
+    cat "$update_script"
+
+    printf "Do you want to allow this script?[N/y]: "
+    read -r allow
+
+    case "$allow" in
+    [yY])
+        info "Update script allowed."
+
+        storage_path="$(get_storage_path "$update_script")"
+        update_script_hash="$(sha256sum "$update_script")"
+
+        mkdir --parents "$(dirname "$storage_path")"
+        printf "%s" "$update_script_hash" >"$storage_path"
+        ;;
+    *)
+        info "Update script not allowed."
+        ;;
+    esac
+}
+
+# Performs a full update.
+# This consists of running an update script.
+# Additionally, it also checks for duplicated inputs in a `flake.lock` file, if it exists.
+#
+# # Type
+# update :: Path -> Path -> [String]
+#
+# # Arguments
+# $1
+# : The path to the update script to execute.
+#
+# $2
+# : The base directory from which to start the update.
+#
+# $3
+# : Arguments to pass to the update script.
+update() {
+    update_script="$1"
+    base_directory="$2"
+    shift 2
+
+    cd "$base_directory" || die "The provided base directory '$base_directory' cannot be accessed"
+    dbg "Changed directory to: $base_directory"
+
+    dbg "Executing update script ('$update_script') following args: '$*'"
+    "$update_script" "$@"
+
+    if [ -f "flake.lock" ] && grep '[^0-9]_[0-9]' flake.lock --quiet; then
+        batgrep '[^0-9]_[0-9]' flake.lock
+        die "Your flake.nix contains duplicate inputs!"
+    fi
+}
+
+main() {
+    base_directory="$(git rev-parse --show-toplevel)"
+    update_script="$(upfind "$PWD" "$UPDATE_SCRIPT_NAME")"
+    dbg "update_script is: $update_script"
+
+    if [ "$update_script" = "" ]; then
+        die "Failed to find update script."
+    elif is_allowed "$update_script"; then
+        update "$update_script" "$base_directory" "$@"
+    else
+        ask_to_allow_update_script "$update_script"
+        is_allowed "$update_script" && main "$@"
+    fi
+}
+
+# vim: ft=sh
diff --git a/pkgs/by-name/fu/fupdate-flake/package.nix b/pkgs/by-name/fu/fupdate-flake/package.nix
new file mode 100644
index 00000000..d2784169
--- /dev/null
+++ b/pkgs/by-name/fu/fupdate-flake/package.nix
@@ -0,0 +1,25 @@
+{
+  writeShellApplication,
+  # Dependencies
+  coreutils,
+  fd,
+  gnugrep,
+  bat-extras, # For `batgrep`
+  bat, # used by batgrep
+  gnused, # required by batgrep
+}:
+writeShellApplication {
+  name = "fupdate-flake";
+  tetx = builtins.readFile ./fupdate-flake.sh;
+
+  inheritPath = false;
+
+  runtimeInputs = [
+    coreutils
+    fd
+    gnugrep
+    bat-extras # For `batgrep`
+    bat # Used by `batgrep`
+    gnused # Required by `batgrep`
+  ];
+}
diff --git a/pkgs/by-name/fu/fupdate/fupdate.1.md b/pkgs/by-name/fu/fupdate/fupdate.1.md
deleted file mode 100644
index 710e8fb7..00000000
--- a/pkgs/by-name/fu/fupdate/fupdate.1.md
+++ /dev/null
@@ -1,70 +0,0 @@
-% FUPDATE(1) fupdate 1.0.0
-% Soispha
-% May 2023
-
-# NAME
-
-fupdate - updates your flake, while checking for common mistakes
-
-# SYNOPSIS
-
-**fupdate** list of \[*flake*|*\<some word>*|*--help*|*-h*\]
-
-# DESCRIPTION
-
-Argument can be stacked, this makes it possible to specify multiple targets to be updated in succession. See the Examples section for further details.
-
-No argument or *flake*
-: **fupdate**, when executed without arguments or with *flake*, will update your *flake.lock*, check for duplicate flake inputs, i.e., an input has an input declared, which you have also declared as input, and will run a script called *update.sh*, if you allow it.
-The allowance for the script is asked, when you run **fupdate** and the found script is not yet allowed. Furthermore, the allowance is based on the concrete sha256 hash of the script, so any changes will require another allowance.
-
-**\<some word>** as argument
-: If the executable **update-\<some word>** is reachable thought the PATH variable, than this is run. Otherwise, the program will exit.
-
-# OPTIONS
-
-**--help**, **-h**
-: Displays a help message and exit.
-
-**--version**, **-v**
-: Displays the software version and exit.
-
-# EXAMPLES
-
-**fupdate** or **fupdate flake**
-: Updates your *flake.lock*. See the Description section for further details.
-
-**fupdate sys**
-: Run the executable **update-sys**, if it exists. See the Description section for further details.
-
-**fupdate flake sys docs**
-: First updates your flake, then, if the command succeeded, runs **update-sys**, afterweich **update-docs** is run.
-
-# FILES
-
-*update.sh*
-: This is supposed to be a shell script located in your flake base directory, i.e., the directory which contains both a *flake.nix* and a *flake.lock* file.
-
-*~/.local/share/flake-update/*
-: **fupdate** will store the hashes to the allowed *update.sh* files here.
-
-# BUGS
-
-Report bugs to <https://codeberg.org/soispha/flake_update/issues>.
-
-# COPYRIGHT
-
-Copyright (C) 2023  Soispha
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation, either version 3 of the License, or
-(at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program.  If not, see <https://www.gnu.org/licenses/>.
diff --git a/pkgs/by-name/fu/fupdate/fupdate.sh b/pkgs/by-name/fu/fupdate/fupdate.sh
deleted file mode 100755
index 4322610a..00000000
--- a/pkgs/by-name/fu/fupdate/fupdate.sh
+++ /dev/null
@@ -1,197 +0,0 @@
-#! /usr/bin/env dash
-
-# shellcheck source=/dev/null
-SHELL_LIBRARY_VERSION="2.1.2" . %SHELL_LIBRARY_PATH
-
-UPDATE_SCRIPT_NAME="update.sh"
-CONFIG_DIRECTORY_PATH="$HOME/.local/share/flake-update"
-
-# Both are used in version()
-# shellcheck disable=SC2034
-AUTHORS="Soispha"
-# shellcheck disable=SC2034
-YEARS="2023"
-
-UPDATE_SCRIPT_NOT_WANTED=false
-
-# Searches upward for a `UPDATE_SCRIPT_NAME` script
-# Returns a path to the script if it exists, otherwise nothing is returned
-check_for_update_script() {
-    dirname="$(search_upward_files "$UPDATE_SCRIPT_NAME")"
-    if [ "$dirname" ]; then
-        printf "%s/%s" "$dirname" "$UPDATE_SCRIPT_NAME"
-    fi
-}
-
-# Checks if a given path to the update script is allowed.
-# Takes the path as input
-# Return 0, if allowed, 1 if not.
-check_for_allowed_update_script() {
-    update_script="$1"
-    config_path="${CONFIG_DIRECTORY_PATH}${update_script}"
-    update_script_hash="$(sha256sum "$update_script")"
-    if [ -f "$config_path" ]; then
-        if [ "$(cat "$config_path")" = "$update_script_hash" ]; then
-            dbg "Recorded hash matches"
-            return 0
-        else
-            dbg "Recorded hash \'$(cat "$config_path")\' does not match real hash \'$update_script_hash\', assuming not allowed"
-            return 1
-        fi
-    else
-        dbg "Path \'$config_path\' does not exist, assuming not allowed"
-        return 1
-    fi
-}
-
-# Asks the user if they want to allow a given script.
-# Takes the path as input
-ask_to_allow_update_script() {
-    update_script="$1"
-    config_path="${CONFIG_DIRECTORY_PATH}${update_script}"
-    update_script_hash="$(sha256sum "$update_script")"
-    println "\033[2J" # clear the screen
-    cat "$update_script"
-    readp "Do you want to allow this script?[N/y]: " allow
-    # shellcheck disable=SC2154
-    dbg "allow is: $allow"
-    case "$allow" in
-    [yY])
-        dbg "allowed script"
-        dbg "storing contents in: $config_path"
-        mkdir --parents "$(dirname "$config_path")"
-        print "$update_script_hash" >"$config_path"
-        ;;
-    *)
-        UPDATE_SCRIPT_NOT_ALLOWED=true
-        ;;
-    esac
-}
-
-# Runs the provided script and continues to update the nix flake
-# Takes the path to the script and the directory to the flake as arguments
-# If the path to the update script is empty, it will be ignored
-update() {
-    update_script="$1"
-    flake_base_dir="$2"
-    shift 2
-    dbg "Provided following args to update script: '$*'"
-
-    cd "$flake_base_dir" || die "Provided dir \'$flake_base_dir\' can not be accessed"
-    dbg "changed directory to: $flake_base_dir"
-
-    nix flake update
-
-    if ! [ "$update_script" = "" ] && ! [ "$UPDATE_SCRIPT_NOT_WANTED" = "true" ]; then
-        "$update_script" "$@"
-    fi
-
-    if grep '[^0-9]_[0-9]' flake.lock >/dev/null; then
-        batgrep '[^0-9]_[0-9]' flake.lock
-        die "Your flake.nix contains duplicate inputs!"
-    fi
-}
-
-help() {
-    cat <<EOF
-This is a Nix flake update manager.
-
-USAGE:
-    $NAME [--help | --version] [flake [--no-script] | <some other command>]
-
-OPTIONS:
-    --help   | -h
-                            Display this help and exit.
-
-    --version   | -v
-                            Display version and copyright information and exit.
-
-    --no-script
-                            Avoid running the 'update.sh' script
-COMMANDS:
-    flake
-                            update the flake project
-
-    <some other command>
-                            runs a executable called "update-<some other command>", if it exists
-EOF
-}
-
-main() {
-    if ! [ "$UPDATE_SCRIPT_NOT_ALLOWED" = true ]; then
-        update_script="$(check_for_update_script)"
-        flake_base_dir="$(search_flake_base_dir)" # Assume, that the update script is in the base dir
-        dbg "update_script is: $update_script"
-        dbg "flake_base_dir is: $flake_base_dir"
-
-        if [ "$update_script" = "" ]; then
-            update "" "$flake_base_dir" "$@"
-        elif check_for_allowed_update_script "$update_script" && ! [ "$update_script" = "" ]; then
-            update "$update_script" "$flake_base_dir" "$@"
-        else
-            ask_to_allow_update_script "$update_script"
-            main "$@"
-        fi
-    fi
-}
-
-if [ "$#" -eq 0 ]; then
-    main
-    exit 0
-fi
-
-for input in "$@"; do
-    case "$input" in
-    "--help" | "-h")
-        help
-        exit 0
-        ;;
-    "--version" | "-v")
-        version
-        exit 0
-        ;;
-    "--no-script" | "-n")
-        UPDATE_SCRIPT_NOT_WANTED=true
-        ;;
-    "--")
-        end_of_cli_options=true
-
-        # Stop processing args after that marker.
-        break
-        ;;
-    esac
-    [ "$end_of_cli_options" = "true" ] && break
-done
-
-case "$1" in
-"flake")
-    shift 1
-
-    # Filter out fupdate specific flags
-    while [ "$1" != "--" ]; do
-        # FIXME: This check allows to add a flag multiple times, but this should probably
-        # not be allowed <2024-03-29>
-        case "$1" in
-        "--no-script" | "-n")
-            shift 1
-            ;;
-        *)
-            break
-            ;;
-        esac
-    done
-
-    [ "$1" = "--" ] && shift 1
-    main "$@"
-    ;;
-*)
-    command="$1"
-    shift 1
-    [ "$1" = "--" ] && shift 1
-    if which update-"$command" >/dev/null 2>&1; then
-        update-"$command" "$@"
-    else
-        die "command \"update-$command\" is not executable, or does not exist"
-    fi
-    ;;
-esac