diff options
Diffstat (limited to 'pkgs/by-name/fu')
-rw-r--r-- | pkgs/by-name/fu/fupdate/fupdate.1.md | 70 | ||||
-rwxr-xr-x | pkgs/by-name/fu/fupdate/fupdate.sh | 197 | ||||
-rw-r--r-- | pkgs/by-name/fu/fupdate/package.nix | 29 |
3 files changed, 296 insertions, 0 deletions
diff --git a/pkgs/by-name/fu/fupdate/fupdate.1.md b/pkgs/by-name/fu/fupdate/fupdate.1.md new file mode 100644 index 00000000..710e8fb7 --- /dev/null +++ b/pkgs/by-name/fu/fupdate/fupdate.1.md @@ -0,0 +1,70 @@ +% FUPDATE(1) fupdate 1.0.0 +% Soispha +% May 2023 + +# NAME + +fupdate - updates your flake, while checking for common mistakes + +# SYNOPSIS + +**fupdate** list of \[*flake*|*\<some word>*|*--help*|*-h*\] + +# DESCRIPTION + +Argument can be stacked, this makes it possible to specify multiple targets to be updated in succession. See the Examples section for further details. + +No argument or *flake* +: **fupdate**, when executed without arguments or with *flake*, will update your *flake.lock*, check for duplicate flake inputs, i.e., an input has an input declared, which you have also declared as input, and will run a script called *update.sh*, if you allow it. +The allowance for the script is asked, when you run **fupdate** and the found script is not yet allowed. Furthermore, the allowance is based on the concrete sha256 hash of the script, so any changes will require another allowance. + +**\<some word>** as argument +: If the executable **update-\<some word>** is reachable thought the PATH variable, than this is run. Otherwise, the program will exit. + +# OPTIONS + +**--help**, **-h** +: Displays a help message and exit. + +**--version**, **-v** +: Displays the software version and exit. + +# EXAMPLES + +**fupdate** or **fupdate flake** +: Updates your *flake.lock*. See the Description section for further details. + +**fupdate sys** +: Run the executable **update-sys**, if it exists. See the Description section for further details. + +**fupdate flake sys docs** +: First updates your flake, then, if the command succeeded, runs **update-sys**, afterweich **update-docs** is run. + +# FILES + +*update.sh* +: This is supposed to be a shell script located in your flake base directory, i.e., the directory which contains both a *flake.nix* and a *flake.lock* file. + +*~/.local/share/flake-update/* +: **fupdate** will store the hashes to the allowed *update.sh* files here. + +# BUGS + +Report bugs to <https://codeberg.org/soispha/flake_update/issues>. + +# COPYRIGHT + +Copyright (C) 2023 Soispha + +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program. If not, see <https://www.gnu.org/licenses/>. diff --git a/pkgs/by-name/fu/fupdate/fupdate.sh b/pkgs/by-name/fu/fupdate/fupdate.sh new file mode 100755 index 00000000..4322610a --- /dev/null +++ b/pkgs/by-name/fu/fupdate/fupdate.sh @@ -0,0 +1,197 @@ +#! /usr/bin/env dash + +# shellcheck source=/dev/null +SHELL_LIBRARY_VERSION="2.1.2" . %SHELL_LIBRARY_PATH + +UPDATE_SCRIPT_NAME="update.sh" +CONFIG_DIRECTORY_PATH="$HOME/.local/share/flake-update" + +# Both are used in version() +# shellcheck disable=SC2034 +AUTHORS="Soispha" +# shellcheck disable=SC2034 +YEARS="2023" + +UPDATE_SCRIPT_NOT_WANTED=false + +# Searches upward for a `UPDATE_SCRIPT_NAME` script +# Returns a path to the script if it exists, otherwise nothing is returned +check_for_update_script() { + dirname="$(search_upward_files "$UPDATE_SCRIPT_NAME")" + if [ "$dirname" ]; then + printf "%s/%s" "$dirname" "$UPDATE_SCRIPT_NAME" + fi +} + +# Checks if a given path to the update script is allowed. +# Takes the path as input +# Return 0, if allowed, 1 if not. +check_for_allowed_update_script() { + update_script="$1" + config_path="${CONFIG_DIRECTORY_PATH}${update_script}" + update_script_hash="$(sha256sum "$update_script")" + if [ -f "$config_path" ]; then + if [ "$(cat "$config_path")" = "$update_script_hash" ]; then + dbg "Recorded hash matches" + return 0 + else + dbg "Recorded hash \'$(cat "$config_path")\' does not match real hash \'$update_script_hash\', assuming not allowed" + return 1 + fi + else + dbg "Path \'$config_path\' does not exist, assuming not allowed" + return 1 + fi +} + +# Asks the user if they want to allow a given script. +# Takes the path as input +ask_to_allow_update_script() { + update_script="$1" + config_path="${CONFIG_DIRECTORY_PATH}${update_script}" + update_script_hash="$(sha256sum "$update_script")" + println "\033[2J" # clear the screen + cat "$update_script" + readp "Do you want to allow this script?[N/y]: " allow + # shellcheck disable=SC2154 + dbg "allow is: $allow" + case "$allow" in + [yY]) + dbg "allowed script" + dbg "storing contents in: $config_path" + mkdir --parents "$(dirname "$config_path")" + print "$update_script_hash" >"$config_path" + ;; + *) + UPDATE_SCRIPT_NOT_ALLOWED=true + ;; + esac +} + +# Runs the provided script and continues to update the nix flake +# Takes the path to the script and the directory to the flake as arguments +# If the path to the update script is empty, it will be ignored +update() { + update_script="$1" + flake_base_dir="$2" + shift 2 + dbg "Provided following args to update script: '$*'" + + cd "$flake_base_dir" || die "Provided dir \'$flake_base_dir\' can not be accessed" + dbg "changed directory to: $flake_base_dir" + + nix flake update + + if ! [ "$update_script" = "" ] && ! [ "$UPDATE_SCRIPT_NOT_WANTED" = "true" ]; then + "$update_script" "$@" + fi + + if grep '[^0-9]_[0-9]' flake.lock >/dev/null; then + batgrep '[^0-9]_[0-9]' flake.lock + die "Your flake.nix contains duplicate inputs!" + fi +} + +help() { + cat <<EOF +This is a Nix flake update manager. + +USAGE: + $NAME [--help | --version] [flake [--no-script] | <some other command>] + +OPTIONS: + --help | -h + Display this help and exit. + + --version | -v + Display version and copyright information and exit. + + --no-script + Avoid running the 'update.sh' script +COMMANDS: + flake + update the flake project + + <some other command> + runs a executable called "update-<some other command>", if it exists +EOF +} + +main() { + if ! [ "$UPDATE_SCRIPT_NOT_ALLOWED" = true ]; then + update_script="$(check_for_update_script)" + flake_base_dir="$(search_flake_base_dir)" # Assume, that the update script is in the base dir + dbg "update_script is: $update_script" + dbg "flake_base_dir is: $flake_base_dir" + + if [ "$update_script" = "" ]; then + update "" "$flake_base_dir" "$@" + elif check_for_allowed_update_script "$update_script" && ! [ "$update_script" = "" ]; then + update "$update_script" "$flake_base_dir" "$@" + else + ask_to_allow_update_script "$update_script" + main "$@" + fi + fi +} + +if [ "$#" -eq 0 ]; then + main + exit 0 +fi + +for input in "$@"; do + case "$input" in + "--help" | "-h") + help + exit 0 + ;; + "--version" | "-v") + version + exit 0 + ;; + "--no-script" | "-n") + UPDATE_SCRIPT_NOT_WANTED=true + ;; + "--") + end_of_cli_options=true + + # Stop processing args after that marker. + break + ;; + esac + [ "$end_of_cli_options" = "true" ] && break +done + +case "$1" in +"flake") + shift 1 + + # Filter out fupdate specific flags + while [ "$1" != "--" ]; do + # FIXME: This check allows to add a flag multiple times, but this should probably + # not be allowed <2024-03-29> + case "$1" in + "--no-script" | "-n") + shift 1 + ;; + *) + break + ;; + esac + done + + [ "$1" = "--" ] && shift 1 + main "$@" + ;; +*) + command="$1" + shift 1 + [ "$1" = "--" ] && shift 1 + if which update-"$command" >/dev/null 2>&1; then + update-"$command" "$@" + else + die "command \"update-$command\" is not executable, or does not exist" + fi + ;; +esac diff --git a/pkgs/by-name/fu/fupdate/package.nix b/pkgs/by-name/fu/fupdate/package.nix new file mode 100644 index 00000000..259d1c03 --- /dev/null +++ b/pkgs/by-name/fu/fupdate/package.nix @@ -0,0 +1,29 @@ +{ + sysLib, + dash, + nix, + gnugrep, + fd, + coreutils, + bat, # used by batgrep + bat-extras, + gnused, # required by batgrep + git, # needed to fetch through git +}: +sysLib.writeShellScript { + name = "fupdate"; + src = ./fupdate.sh; + generateCompletions = true; + keepPath = true; + dependencies = [ + dash + nix + gnugrep + fd + coreutils + bat # used by batgrep + bat-extras.batgrep + gnused # required by batgrep + git # needed to fetch through git + ]; +} |