Mic92
enable private github installations and netrc usage
At least in the github CI we do have github credentials stored in $GITHUB_TOKEN at hand that could be skipped with pytest if those credentials are not at hand: https://docs.pytest.org/en/stable/how-to/skipping.html
@SuperSandro2000 @Mic92 i'm done here, works for us with our GHES instance (and as a side effect with private repo's on github.com)
I tested this on a GHES instance and got treated with this:
Traceback (most recent call last):
File "/nix/store/fri7brzjjl4ykic6g94rh908mpfbx7rx-nix-update-1.11.0/bin/.nix-update-wrapped", line 9, in <module>
sys.exit(main())
^^^^^^
File "/nix/store/fri7brzjjl4ykic6g94rh908mpfbx7rx-nix-update-1.11.0/lib/python3.12/site-packages/nix_update/__init__.py", line 368, in main
package = update(options)
^^^^^^^^^^^^^^^
File "/nix/store/fri7brzjjl4ykic6g94rh908mpfbx7rx-nix-update-1.11.0/lib/python3.12/site-packages/nix_update/update.py", line 589, in update
update_hash = update_version(
^^^^^^^^^^^^^^^
File "/nix/store/fri7brzjjl4ykic6g94rh908mpfbx7rx-nix-update-1.11.0/lib/python3.12/site-packages/nix_update/update.py", line 449, in update_version
new_version = fetch_latest_version(
^^^^^^^^^^^^^^^^^^^^^
File "/nix/store/fri7brzjjl4ykic6g94rh908mpfbx7rx-nix-update-1.11.0/lib/python3.12/site-packages/nix_update/version/__init__.py", line 147, in fetch_latest_version
raise VersionError(msg)
nix_update.errors.VersionError: Please specify the version. We can only get the latest version from codeberg/crates.io/gitea/github/gitlab/pypi/savannah/sourcehut/rubygems/npm projects right now
The fetcher I am using looks like this:
src = fetchFromGitHub {
githubBase = "github.corp";
owner = "group";
repo = "project";
tag = "v${version}";
private = true;
forceFetchGit = true;
preferLocalBuild = true;
hash = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=";
};
I tested this on a GHES instance and got treated with this:
Traceback (most recent call last): File "/nix/store/fri7brzjjl4ykic6g94rh908mpfbx7rx-nix-update-1.11.0/bin/.nix-update-wrapped", line 9, in <module> sys.exit(main()) ^^^^^^ File "/nix/store/fri7brzjjl4ykic6g94rh908mpfbx7rx-nix-update-1.11.0/lib/python3.12/site-packages/nix_update/__init__.py", line 368, in main package = update(options) ^^^^^^^^^^^^^^^ File "/nix/store/fri7brzjjl4ykic6g94rh908mpfbx7rx-nix-update-1.11.0/lib/python3.12/site-packages/nix_update/update.py", line 589, in update update_hash = update_version( ^^^^^^^^^^^^^^^ File "/nix/store/fri7brzjjl4ykic6g94rh908mpfbx7rx-nix-update-1.11.0/lib/python3.12/site-packages/nix_update/update.py", line 449, in update_version new_version = fetch_latest_version( ^^^^^^^^^^^^^^^^^^^^^ File "/nix/store/fri7brzjjl4ykic6g94rh908mpfbx7rx-nix-update-1.11.0/lib/python3.12/site-packages/nix_update/version/__init__.py", line 147, in fetch_latest_version raise VersionError(msg) nix_update.errors.VersionError: Please specify the version. We can only get the latest version from codeberg/crates.io/gitea/github/gitlab/pypi/savannah/sourcehut/rubygems/npm projects right nowThe fetcher I am using looks like this:
src = fetchFromGitHub { githubBase = "github.corp"; owner = "group"; repo = "project"; tag = "v${version}"; private = true; forceFetchGit = true; preferLocalBuild = true; hash = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="; };
because you use forceFetchGit=true, git != github url, only github url's are matched
We resolved the above issue in a private chat. I had to remove forceFetchGit and override the cacert in fetchurl -> fetchzip -> fetchFromGitHub with out internal CA and then it works as expected.
Only things I noticed is, that instead of displaying errors we show stack traces when no netrc is available or when it cannot be parsed.
077f4cfaa48a97d65ab161cc3253218f69f88c29 seems to have broken certain packages. For example in nixpks master nix-update avalonia will attempt to fetch https://github.com/AvaloniaUI/Avalonia.git/releases.atom instead of https://github.com/AvaloniaUI/Avalonia/releases.atom.
