How should I build a go package from local source?

jakubgs · June 3, 2022, 4:50pm

I want to create a Flake for a go package that will build the current state of the repository.
My based on this post is that self points to the currently checked out source code. But it appears I cannot use either buildGoPackage or buildGoModule because:

buildGoModule - Because it requires vendorSha256 that would change as developer changes things.
buildGoPackage - Because it requires goDeps which has the same problem as above.

Does this effectively mean I cannot use either of those to build self in a flake.nix and I have to do it in a more “manual” way using mkDerivation?

rgoulter · June 4, 2022, 5:47am

Because it requires vendorSha256 that would change as developer changes things.

venderSha256 would change only for go.mod/go.sum, not for changing the go files.

jakubgs · June 4, 2022, 9:53am

Right, but if project has a lot of dependencies and dev work often involves updating these dependencies that adds an annoying manual step of having to update the vendorSha256 every time they bump a dependency. That’s not feasible as far as I can tell.

Thanks for answering, I’ll just go with a custom mkDerivation, possibly based off of buildGoModule. Or maybe I can modify buildGoModule itself to not check the vendorSha256 when a vendorSha256Disabled is true. That would be optimal.

NobbZ · June 4, 2022, 11:27am

Have you considered using tools like gomod2nix?

Sandro · June 4, 2022, 4:06pm

You can set it to null then it uses the vendor directory.

jakubgs · June 4, 2022, 10:07pm

That’s interesting, thanks for linking this. I’ll try it out.

jakubgs · June 4, 2022, 10:07pm

Yes, but that works only if you do have a vendor directory.

Sandro · June 5, 2022, 4:41pm

That shouldn’t be that hard to generate from local sources. You don’t need to commit it though

jakubgs · June 6, 2022, 8:40am

Well, if I could have a script or a Makefile target that would update the vendorSha256 for the developer that would be quite sensible. But I don’t know of any command I could use to generate that vendorSha256 without trying to build given derivation.

Sandro · June 6, 2022, 10:13pm

You need to partly build the package to get the hash. There is no way around this.

I extracted the following from nix-update which can generate the vendor hash. You just need to change jellycli to the attr

nix-prefetch '{ sha256 }: (import ./. (if (builtins.hasAttr "config" (builtins.functionArgs (import ./.))) then { config.checkMeta = false; overlays = []; } else { })).jellycli.go-modules.overrideAttrs (_: { vendorSha256 = sha256; })'

jakubgs · June 7, 2022, 11:55am

That’s pretty cool, thanks. Might work out as a script or make target to make dev lives easier.

Thanks.

jakubgs · November 8, 2023, 6:52am

I actually revisited this today, after abandoning this work for a while as not essential, and it appears nix-prefetch doesn’t actually support flakes:

Add flake support · Issue #35 · msteen/nix-prefetch · GitHub
src/main.sh: Add --experimental-features and --extra-experimental-features support by ShamrockLee · Pull Request #34 · msteen/nix-prefetch · GitHub

And when I try to do something like this:

nix-prefetch '{ sha256 }: (builtins.getFlake (toString ./.)).packages.x86_64-linux.node.go-modules.overrideAttrs (_: { vendorSha256 = sha256; })'

Nothing happens. Which is a shame, because developers will almost never updated the vendor hash themslevs, so it has to be automated. Which makes flakes not adequate for team development.