How should I build a go package from local source?

I want to create a Flake for a go package that will build the current state of the repository.
My based on this post is that self points to the currently checked out source code. But it appears I cannot use either buildGoPackage or buildGoModule because:

  • buildGoModule - Because it requires vendorSha256 that would change as developer changes things.
  • buildGoPackage - Because it requires goDeps which has the same problem as above.

Does this effectively mean I cannot use either of those to build self in a flake.nix and I have to do it in a more “manual” way using mkDerivation?

Because it requires vendorSha256 that would change as developer changes things.

venderSha256 would change only for go.mod/go.sum, not for changing the go files.


Right, but if project has a lot of dependencies and dev work often involves updating these dependencies that adds an annoying manual step of having to update the vendorSha256 every time they bump a dependency. That’s not feasible as far as I can tell.

Thanks for answering, I’ll just go with a custom mkDerivation, possibly based off of buildGoModule. Or maybe I can modify buildGoModule itself to not check the vendorSha256 when a vendorSha256Disabled is true. That would be optimal.

Have you considered using tools like gomod2nix?

1 Like

You can set it to null then it uses the vendor directory.

1 Like

That’s interesting, thanks for linking this. I’ll try it out.

Yes, but that works only if you do have a vendor directory.

That shouldn’t be that hard to generate from local sources. You don’t need to commit it though

Well, if I could have a script or a Makefile target that would update the vendorSha256 for the developer that would be quite sensible. But I don’t know of any command I could use to generate that vendorSha256 without trying to build given derivation.

You need to partly build the package to get the hash. There is no way around this.

I extracted the following from nix-update which can generate the vendor hash. You just need to change jellycli to the attr

nix-prefetch '{ sha256 }: (import ./. (if (builtins.hasAttr "config" (builtins.functionArgs (import ./.))) then { config.checkMeta = false; overlays = []; } else { })).jellycli.go-modules.overrideAttrs (_: { vendorSha256 = sha256; })'

That’s pretty cool, thanks. Might work out as a script or make target to make dev lives easier.


1 Like

I actually revisited this today, after abandoning this work for a while as not essential, and it appears nix-prefetch doesn’t actually support flakes:

And when I try to do something like this:

nix-prefetch '{ sha256 }: (builtins.getFlake (toString ./.)).packages.x86_64-linux.node.go-modules.overrideAttrs (_: { vendorSha256 = sha256; })'

Nothing happens. Which is a shame, because developers will almost never updated the vendor hash themslevs, so it has to be automated. Which makes flakes not adequate for team development.