mirror of
https://github.com/ivabus/pantry
synced 2024-11-14 04:25:08 +03:00
curl-ca-certs (#121)
This commit is contained in:
parent
f92b037388
commit
5a3069888c
5 changed files with 86 additions and 8 deletions
|
@ -14,8 +14,13 @@ build:
|
||||||
tea.xyz/gx/cc: c99
|
tea.xyz/gx/cc: c99
|
||||||
tea.xyz/gx/make: '*'
|
tea.xyz/gx/make: '*'
|
||||||
script: |
|
script: |
|
||||||
./configure --prefix={{prefix}} --with-openssl
|
./configure $ARGS
|
||||||
make --jobs {{ hw.concurrency }} install
|
make --jobs {{ hw.concurrency }} install
|
||||||
|
env:
|
||||||
|
ARGS:
|
||||||
|
- --prefix={{prefix}}
|
||||||
|
- --with-openssl
|
||||||
|
- --with-ca-fallback # uses openssl’s certs (which we control)
|
||||||
test:
|
test:
|
||||||
make test
|
make test
|
||||||
|
|
||||||
|
|
|
@ -17,15 +17,21 @@ build:
|
||||||
tea.xyz/gx/cc: c99
|
tea.xyz/gx/cc: c99
|
||||||
tea.xyz/gx/make: '*'
|
tea.xyz/gx/make: '*'
|
||||||
perl.org: 5
|
perl.org: 5
|
||||||
curl.se: '*'
|
curl.se: '*' # to download ca-certs on linux
|
||||||
script: |
|
script: |
|
||||||
./Configure --prefix={{ prefix }} $ARCH no-tests
|
./Configure --prefix={{ prefix }} $ARCH no-tests
|
||||||
make --jobs {{ hw.concurrency }}
|
make --jobs {{ hw.concurrency }}
|
||||||
make install_sw # `_sw` avoids installing docs
|
make install_sw # `_sw` avoids installing docs
|
||||||
|
|
||||||
#TODO needs to be a curl.se/pkg that gets updates
|
if test {{hw.platform}} = darwin; then
|
||||||
mkdir -p "$CERTDIR"
|
# use Apple’s certs ∵ they are very incentivized to get this right
|
||||||
curl https://curl.se/ca/cacert-2022-07-19.pem -o "$CERTDIR"/cert.pem
|
rm -f "$CERTDIR" # for building over the top FIXME DESTDIR for all
|
||||||
|
ln -sf /etc/ssl "$CERTDIR"
|
||||||
|
else
|
||||||
|
#FIXME needs to be a curl.se/ca-certs that gets updates
|
||||||
|
mkdir -p "$CERTDIR"
|
||||||
|
curl https://curl.se/ca/cacert-2022-07-19.pem -o "$CERTDIR"/cert.pem
|
||||||
|
fi
|
||||||
env:
|
env:
|
||||||
CERTDIR: ${{prefix}}/ssl
|
CERTDIR: ${{prefix}}/ssl
|
||||||
darwin/aarch64: {ARCH: 'darwin64-arm64-cc'}
|
darwin/aarch64: {ARCH: 'darwin64-arm64-cc'}
|
||||||
|
|
47
scripts/deps.ts
Executable file
47
scripts/deps.ts
Executable file
|
@ -0,0 +1,47 @@
|
||||||
|
#!/usr/bin/env -S tea -E
|
||||||
|
|
||||||
|
/*---
|
||||||
|
args:
|
||||||
|
- deno
|
||||||
|
- run
|
||||||
|
- --allow-read
|
||||||
|
- --allow-env
|
||||||
|
- --import-map={{ srcroot }}/import-map.json
|
||||||
|
---*/
|
||||||
|
|
||||||
|
import { PackageRequirement, parsePackageRequirement } from "types"
|
||||||
|
import usePantry from "hooks/usePantry.ts"
|
||||||
|
import useFlags from "hooks/useFlags.ts"
|
||||||
|
import hydrate from "prefab/hydrate.ts"
|
||||||
|
|
||||||
|
const pantry = usePantry()
|
||||||
|
|
||||||
|
useFlags()
|
||||||
|
|
||||||
|
const mode: 'build' | 'install' = Deno.args.includes("-b") ? 'build' : 'install'
|
||||||
|
const get_deps = async (pkg: PackageRequirement) => {
|
||||||
|
const deps = await pantry.getDeps(pkg)
|
||||||
|
switch (mode) {
|
||||||
|
case 'build':
|
||||||
|
return [...deps.build, ...deps.runtime]
|
||||||
|
case 'install':
|
||||||
|
return deps.runtime
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
const dry = Deno.args.compactMap(arg => !arg.startsWith('-') && parsePackageRequirement(arg))
|
||||||
|
const explicit = new Set(dry.map(x=>x.project))
|
||||||
|
const wet = await hydrate(dry, get_deps)
|
||||||
|
const gas = wet.pkgs.compactMap(({project}) => {
|
||||||
|
if (Deno.args.includes('-i')) {
|
||||||
|
return project
|
||||||
|
} else {
|
||||||
|
return explicit.has(project) || project
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
||||||
|
if (Deno.env.get("GITHUB_ACTIONS")) {
|
||||||
|
console.log(`::set-output name=pkgs::${gas.join(" ")}\n`)
|
||||||
|
} else {
|
||||||
|
console.log(gas.join("\n"))
|
||||||
|
}
|
|
@ -4,10 +4,7 @@
|
||||||
args:
|
args:
|
||||||
- deno
|
- deno
|
||||||
- run
|
- run
|
||||||
- --allow-net
|
|
||||||
- --allow-run
|
|
||||||
- --allow-read
|
- --allow-read
|
||||||
- --allow-write
|
|
||||||
- --allow-env
|
- --allow-env
|
||||||
- --import-map={{ srcroot }}/import-map.json
|
- --import-map={{ srcroot }}/import-map.json
|
||||||
---*/
|
---*/
|
||||||
|
|
23
scripts/repair.ts
Executable file
23
scripts/repair.ts
Executable file
|
@ -0,0 +1,23 @@
|
||||||
|
#!/usr/bin/env -S tea -E
|
||||||
|
|
||||||
|
/*
|
||||||
|
---
|
||||||
|
args:
|
||||||
|
- deno
|
||||||
|
- run
|
||||||
|
- --allow-net
|
||||||
|
- --allow-read=/opt
|
||||||
|
- --allow-write=/opt
|
||||||
|
- --allow-run # uses `/bin/ln`
|
||||||
|
- --import-map={{ srcroot }}/import-map.json
|
||||||
|
---
|
||||||
|
*/
|
||||||
|
|
||||||
|
import repairLinks from "prefab/repair-links.ts"
|
||||||
|
import { print } from "utils"
|
||||||
|
|
||||||
|
print("this because otherwise console.verbose is not defined lol")
|
||||||
|
|
||||||
|
for (const project of Deno.args) {
|
||||||
|
await repairLinks(project)
|
||||||
|
}
|
Loading…
Reference in a new issue