nix: add support for INFURA_TOKEN var for Android build
Signed-off-by: Jakub Sokołowski <jakub@status.im>
This commit is contained in:
parent
085ae22be1
commit
908b5f723c
|
@ -1,7 +1,6 @@
|
|||
# Helper for verifying an environment variable is set
|
||||
name: ''
|
||||
if [[ -z ''$${name} ]]; then
|
||||
echo 'Not env var set: ${name}' >&2
|
||||
exit 1
|
||||
echo 'WARNING! Env var not set: ${name}' >&2
|
||||
fi
|
||||
''
|
|
@ -4,5 +4,5 @@
|
|||
getConfig = import ./getConfig.nix { inherit lib config; };
|
||||
mkFilter = import ./mkFilter.nix { inherit lib; };
|
||||
mergeSh = import ./mergeSh.nix { inherit lib; };
|
||||
assertEnvVarSet = import ./assertEnvVarSet.nix;
|
||||
checkEnvVarSet = import ./checkEnvVarSet.nix;
|
||||
}
|
||||
|
|
|
@ -47,6 +47,7 @@ stdenv.mkDerivation {
|
|||
# For optional INFURA_TOKEN variable
|
||||
secretsPhase = if (secretsFile != "") then ''
|
||||
source "${secretsFile}"
|
||||
${lib.checkEnvVarSet "INFURA_TOKEN"}
|
||||
'' else ''
|
||||
echo "No secrets provided!"
|
||||
'';
|
||||
|
|
|
@ -17,7 +17,7 @@ assert (lib.stringLength watchmanSockPath) > 0 -> stdenv.isDarwin;
|
|||
let
|
||||
inherit (lib)
|
||||
toLower optionalString stringLength assertMsg
|
||||
getConfig makeLibraryPath assertEnvVarSet elem;
|
||||
getConfig makeLibraryPath checkEnvVarSet elem;
|
||||
|
||||
# Pass secretsFile for INFURA_TOKEN to jsbundle build
|
||||
builtJsBundle = jsbundle { inherit secretsFile; };
|
||||
|
@ -87,8 +87,8 @@ in stdenv.mkDerivation rec {
|
|||
STATUS_GO_ANDROID_LIBDIR = "${status-go}";
|
||||
|
||||
phases = [
|
||||
"unpackPhase" "secretsPhase" "secretsCheckPhase"
|
||||
"keystorePhase" "buildPhase" "checkPhase" "installPhase"
|
||||
"unpackPhase" "secretsPhase" "keystorePhase"
|
||||
"buildPhase" "checkPhase" "installPhase"
|
||||
];
|
||||
|
||||
unpackPhase = ''
|
||||
|
@ -119,6 +119,9 @@ in stdenv.mkDerivation rec {
|
|||
# if secretsFile is not set we use generate keystore
|
||||
secretsPhase = if (secretsFile != "") then ''
|
||||
source "${secretsFile}"
|
||||
${checkEnvVarSet "KEYSTORE_ALIAS"}
|
||||
${checkEnvVarSet "KEYSTORE_PASSWORD"}
|
||||
${checkEnvVarSet "KEYSTORE_KEY_PASSWORD"}
|
||||
'' else keystore.shellHook;
|
||||
|
||||
# if keystorePath is set copy it into build directory
|
||||
|
@ -128,11 +131,6 @@ in stdenv.mkDerivation rec {
|
|||
export KEYSTORE_PATH="$PWD/status-im.keystore"
|
||||
cp -a --no-preserve=ownership "${keystorePath}" "$KEYSTORE_PATH"
|
||||
'';
|
||||
secretsCheckPhase = ''
|
||||
${assertEnvVarSet "KEYSTORE_ALIAS"}
|
||||
${assertEnvVarSet "KEYSTORE_PASSWORD"}
|
||||
${assertEnvVarSet "KEYSTORE_KEY_PASSWORD"}
|
||||
'';
|
||||
buildPhase = let
|
||||
adhocEnvVars = optionalString stdenv.isLinux
|
||||
"LD_LIBRARY_PATH=$LD_LIBRARY_PATH:${makeLibraryPath [ pkgs.zlib ]}";
|
||||
|
|
|
@ -7,20 +7,19 @@ GIT_ROOT=$(cd "${BASH_SOURCE%/*}" && git rev-parse --show-toplevel)
|
|||
source "${GIT_ROOT}/scripts/colors.sh"
|
||||
|
||||
function must_get_env() {
|
||||
declare -n VAR_NAME="$1"
|
||||
if [[ -n "${VAR_NAME}" ]]; then
|
||||
echo "${VAR_NAME}"
|
||||
declare -n VAR_VALUE="$1"
|
||||
if [[ -n "${VAR_VALUE}" ]]; then
|
||||
echo "${VAR_VALUE}"
|
||||
return
|
||||
fi
|
||||
echo -e "${RED}No required env variable:${RST} ${BLD}${!VAR_NAME}${RST}" 1>&2
|
||||
echo -e "${RED}No required env variable:${RST} ${BLD}${!VAR_VALUE}${RST}" 1>&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
function append_env_export() {
|
||||
ENV_VAR_NAME=${1}
|
||||
if [[ -n "${!ENV_VAR_NAME}" ]]; then
|
||||
echo "export ${ENV_VAR_NAME}=\"${!ENV_VAR_NAME}\";" >> "${SECRETS_FILE_PATH}"
|
||||
fi
|
||||
VAR_NAME=${1}
|
||||
VAR_VALUE=$(must_get_env "${VAR_NAME}")
|
||||
echo "export ${VAR_NAME}=\"${VAR_VALUE}\";" >> "${SECRETS_FILE_PATH}"
|
||||
}
|
||||
|
||||
config=''
|
||||
|
@ -38,15 +37,23 @@ config+="status-im.android.abi-split=\"$(must_get_env ANDROID_ABI_SPLIT)\";"
|
|||
config+="status-im.android.abi-include=\"$(must_get_env ANDROID_ABI_INCLUDE)\";"
|
||||
nixOpts=()
|
||||
|
||||
# If no secrets were passed there's no need to pass the 'secretsFile'
|
||||
# We create if now so the trap knows its location
|
||||
export SECRETS_FILE_PATH=$(mktemp)
|
||||
chmod 644 ${SECRETS_FILE_PATH}
|
||||
# If secrets file was created we want to remove it.
|
||||
trap "rm -vf ${SECRETS_FILE_PATH}" EXIT ERR INT QUIT
|
||||
# Secrets like this can't be passed via args or they end up in derivation.
|
||||
if [[ -n "${KEYSTORE_ALIAS}${KEYSTORE_ALIAS}${KEYSTORE_ALIAS}" ]]; then
|
||||
# Secrets like this can't be passed via args or they end up in derivation
|
||||
SECRETS_FILE_PATH=$(mktemp)
|
||||
trap "rm -f ${SECRETS_FILE_PATH}" EXIT ERR INT QUIT
|
||||
chmod 644 ${SECRETS_FILE_PATH}
|
||||
# WARNING: All three have to be set!
|
||||
append_env_export 'KEYSTORE_PASSWORD'
|
||||
append_env_export 'KEYSTORE_ALIAS'
|
||||
append_env_export 'KEYSTORE_KEY_PASSWORD'
|
||||
fi
|
||||
if [[ -n "${INFURA_TOKEN}" ]]; then
|
||||
append_env_export 'INFURA_TOKEN'
|
||||
fi
|
||||
# If no secrets were passed there's no need to pass the 'secretsFile'.
|
||||
if [[ -s "${SECRETS_FILE_PATH}" ]]; then
|
||||
nixOpts+=("--argstr" "secretsFile" "${SECRETS_FILE_PATH}")
|
||||
fi
|
||||
|
||||
|
|
Loading…
Reference in New Issue