[jackhill/guix/guix.git] / guix / git.scm

;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2017, 2020 Mathieu Othacehe <m.othacehe@gmail.com>
;;; Copyright © 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (guix git)
  #:use-module (git)
  #:use-module (git object)
  #:use-module (guix i18n)
  #:use-module (guix base32)
  #:use-module (gcrypt hash)
  #:use-module ((guix build utils) #:select (mkdir-p))
  #:use-module (guix store)
  #:use-module (guix utils)
  #:use-module (guix records)
  #:use-module (guix gexp)
  #:use-module (guix sets)
  #:use-module (rnrs bytevectors)
  #:use-module (ice-9 match)
  #:use-module (srfi srfi-1)
  #:use-module (srfi srfi-11)
  #:use-module (srfi srfi-34)
  #:use-module (srfi srfi-35)
  #:export (%repository-cache-directory
            honor-system-x509-certificates!

            with-repository
            update-cached-checkout
            url+commit->name
            latest-repository-commit
            commit-difference

            git-checkout
            git-checkout?
            git-checkout-url
            git-checkout-branch
            git-checkout-commit
            git-checkout-recursive?))

(define %repository-cache-directory
  (make-parameter (string-append (cache-directory #:ensure? #f)
                                 "/checkouts")))

(define (honor-system-x509-certificates!)
  "Use the system's X.509 certificates for Git checkouts over HTTPS.  Honor
the 'SSL_CERT_FILE' and 'SSL_CERT_DIR' environment variables."
  ;; On distros such as CentOS 7, /etc/ssl/certs contains only a couple of
  ;; files (instead of all the certificates) among which "ca-bundle.crt".  On
  ;; other distros /etc/ssl/certs usually contains the whole set of
  ;; certificates along with "ca-certificates.crt".  Try to choose the right
  ;; one.
  (let ((file      (letrec-syntax ((choose
                                    (syntax-rules ()
                                      ((_ file rest ...)
                                       (let ((f file))
                                         (if (and f (file-exists? f))
                                             f
                                             (choose rest ...))))
                                      ((_)
                                       #f))))
                     (choose (getenv "SSL_CERT_FILE")
                             "/etc/ssl/certs/ca-certificates.crt"
                             "/etc/ssl/certs/ca-bundle.crt")))
        (directory (or (getenv "SSL_CERT_DIR") "/etc/ssl/certs")))
    (and (or file
             (and=> (stat directory #f)
                    (lambda (st)
                      (> (stat:nlink st) 2))))
         (begin
           (set-tls-certificate-locations! directory file)
           #t))))

(define %certificates-initialized?
  ;; Whether 'honor-system-x509-certificates!' has already been called.
  #f)

(define-syntax-rule (with-libgit2 thunk ...)
  (begin
    ;; XXX: The right thing to do would be to call (libgit2-shutdown) here,
    ;; but pointer finalizers used in guile-git may be called after shutdown,
    ;; resulting in a segfault. Hence, let's skip shutdown call for now.
    (libgit2-init!)
    (unless %certificates-initialized?
      (honor-system-x509-certificates!)
      (set! %certificates-initialized? #t))
    thunk ...))

(define* (url-cache-directory url
                              #:optional (cache-directory
                                          (%repository-cache-directory))
                              #:key recursive?)
  "Return the directory associated to URL in %repository-cache-directory."
  (string-append
   cache-directory "/"
   (bytevector->base32-string
    (sha256 (string->utf8 (if recursive?
                              (string-append "R:" url)
                              url))))))

;; Authentication appeared in Guile-Git 0.3.0, check if it is available.
(define auth-supported?
  (false-if-exception (resolve-interface '(git auth))))

(define (clone* url directory)
  "Clone git repository at URL into DIRECTORY.  Upon failure,
make sure no empty directory is left behind."
  (with-throw-handler #t
    (lambda ()
      (mkdir-p directory)

      ;; Note: Explicitly pass options to work around the invalid default
      ;; value in Guile-Git: <https://bugs.gnu.org/29238>.
      (if (module-defined? (resolve-interface '(git))
                           'clone-init-options)
          (let ((auth-method (and auth-supported?
                                  (%make-auth-ssh-agent))))
            (clone url directory
                   (if auth-supported?
                       (make-clone-options
                        #:fetch-options (make-fetch-options auth-method))
                       (clone-init-options))))
          (clone url directory)))
    (lambda _
      (false-if-exception (rmdir directory)))))

(define (url+commit->name url sha1)
  "Return the string \"<REPO-NAME>-<SHA1:7>\" where REPO-NAME is the name of
the git repository, extracted from URL and SHA1:7 the seven first digits
of SHA1 string."
  (string-append
   (string-replace-substring
    (last (string-split url #\/)) ".git" "")
   "-" (string-take sha1 7)))

(define (switch-to-ref repository ref)
  "Switch to REPOSITORY's branch, commit or tag specified by REF.  Return the
OID (roughly the commit hash) corresponding to REF."
  (define obj
    (let resolve ((ref ref))
      (match ref
        (('branch . branch)
         (let ((oid (reference-target
                     (branch-lookup repository branch BRANCH-REMOTE))))
           (object-lookup repository oid)))
        (('commit . commit)
         (let ((len (string-length commit)))
           ;; 'object-lookup-prefix' appeared in Guile-Git in Mar. 2018, so we
           ;; can't be sure it's available.  Furthermore, 'string->oid' used to
           ;; read out-of-bounds when passed a string shorter than 40 chars,
           ;; which is why we delay calls to it below.
           (if (< len 40)
               (if (module-defined? (resolve-interface '(git object))
                                    'object-lookup-prefix)
                   (object-lookup-prefix repository (string->oid commit) len)
                   (raise (condition
                           (&message
                            (message "long Git object ID is required")))))
               (object-lookup repository (string->oid commit)))))
        (('tag-or-commit . str)
         (if (or (> (string-length str) 40)
                 (not (string-every char-set:hex-digit str)))
             (resolve `(tag . ,str))              ;definitely a tag
             (catch 'git-error
               (lambda ()
                 (resolve `(tag . ,str)))
               (lambda _
                 ;; There's no such tag, so it must be a commit ID.
                 (resolve `(commit . ,str))))))
        (('tag    . tag)
         (let ((oid (reference-name->oid repository
                                         (string-append "refs/tags/" tag))))
           ;; OID may point to a "tag" object, but it can also point directly
           ;; to a "commit" object, as surprising as it may seem.  Return that
           ;; object, whatever that is.
           (object-lookup repository oid))))))

  (reset repository obj RESET_HARD)
  (object-id obj))

(define (call-with-repository directory proc)
  (let ((repository #f))
   (dynamic-wind
     (lambda ()
       (set! repository (repository-open directory)))
     (lambda ()
       (proc repository))
     (lambda ()
       (repository-close! repository)))))

(define-syntax-rule (with-repository directory repository exp ...)
  "Open the repository at DIRECTORY and bind REPOSITORY to it within the
dynamic extent of EXP."
  (call-with-repository directory
                        (lambda (repository) exp ...)))

(define (load-git-submodules)
  "Attempt to load (git submodules), which was missing until Guile-Git 0.2.0.
Return true on success, false on failure."
  (match (false-if-exception (resolve-interface '(git submodule)))
    (#f
     (set! load-git-submodules (const #f))
     #f)
    (iface
     (module-use! (resolve-module '(guix git)) iface)
     (set! load-git-submodules (const #t))
     #t)))

(define* (update-submodules repository
                            #:key (log-port (current-error-port)))
  "Update the submodules of REPOSITORY, a Git repository object."
  ;; Guile-Git < 0.2.0 did not have (git submodule).
  (if (load-git-submodules)
      (for-each (lambda (name)
                  (let ((submodule (submodule-lookup repository name)))
                    (format log-port (G_ "updating submodule '~a'...~%")
                            name)
                    (submodule-update submodule)

                    ;; Recurse in SUBMODULE.
                    (let ((directory (string-append
                                      (repository-working-directory repository)
                                      "/" (submodule-path submodule))))
                      (with-repository directory repository
                        (update-submodules repository
                                           #:log-port log-port)))))
                (repository-submodules repository))
      (format (current-error-port)
              (G_ "Support for submodules is missing; \
please upgrade Guile-Git.~%"))))

(define (reference-available? repository ref)
  "Return true if REF, a reference such as '(commit . \"cabba9e\"), is
definitely available in REPOSITORY, false otherwise."
  (match ref
    (('commit . commit)
     (catch 'git-error
       (lambda ()
         (->bool (commit-lookup repository (string->oid commit))))
       (lambda (key error . rest)
         (if (= GIT_ENOTFOUND (git-error-code error))
             #f
             (apply throw key error rest)))))
    (_
     #f)))

(define* (update-cached-checkout url
                                 #:key
                                 (ref '(branch . "master"))
                                 recursive?
                                 (log-port (%make-void-port "w"))
                                 (cache-directory
                                  (url-cache-directory
                                   url (%repository-cache-directory)
                                   #:recursive? recursive?)))
  "Update the cached checkout of URL to REF in CACHE-DIRECTORY.  Return two
values: the cache directory name, and the SHA1 commit (a string) corresponding
to REF.

REF is pair whose key is [branch | commit | tag | tag-or-commit ] and value
the associated data: [<branch name> | <sha1> | <tag name> | <string>].

When RECURSIVE? is true, check out submodules as well, if any."
  (define canonical-ref
    ;; We used to require callers to specify "origin/" for each branch, which
    ;; made little sense since the cache should be transparent to them.  So
    ;; here we append "origin/" if it's missing and otherwise keep it.
    (match ref
      (('branch . branch)
       `(branch . ,(if (string-prefix? "origin/" branch)
                       branch
                       (string-append "origin/" branch))))
      (_ ref)))

  (with-libgit2
   (let* ((cache-exists? (openable-repository? cache-directory))
          (repository    (if cache-exists?
                             (repository-open cache-directory)
                             (clone* url cache-directory))))
     ;; Only fetch remote if it has not been cloned just before.
     (when (and cache-exists?
                (not (reference-available? repository ref)))
       (if auth-supported?
           (let ((auth-method (and auth-supported?
                                   (%make-auth-ssh-agent))))
             (remote-fetch (remote-lookup repository "origin")
                           #:fetch-options (make-fetch-options auth-method)))
           (remote-fetch (remote-lookup repository "origin"))))
     (when recursive?
       (update-submodules repository #:log-port log-port))
     (let ((oid (switch-to-ref repository canonical-ref)))

       ;; Reclaim file descriptors and memory mappings associated with
       ;; REPOSITORY as soon as possible.
       (when (module-defined? (resolve-interface '(git repository))
                              'repository-close!)
         (repository-close! repository))

       (values cache-directory (oid->string oid))))))

(define* (latest-repository-commit store url
                                   #:key
                                   recursive?
                                   (log-port (%make-void-port "w"))
                                   (cache-directory
                                    (%repository-cache-directory))
                                   (ref '(branch . "master")))
  "Return two values: the content of the git repository at URL copied into a
store directory and the sha1 of the top level commit in this directory.  The
reference to be checkout, once the repository is fetched, is specified by REF.
REF is pair whose key is [branch | commit | tag] and value the associated
data, respectively [<branch name> | <sha1> | <tag name>].

When RECURSIVE? is true, check out submodules as well, if any.

Git repositories are kept in the cache directory specified by
%repository-cache-directory parameter.

Log progress and checkout info to LOG-PORT."
  (define (dot-git? file stat)
    (and (string=? (basename file) ".git")
         (or (eq? 'directory (stat:type stat))

             ;; Submodule checkouts end up with a '.git' regular file that
             ;; contains metadata about where their actual '.git' directory
             ;; lives.
             (and recursive?
                  (eq? 'regular (stat:type stat))))))

  (format log-port "updating checkout of '~a'...~%" url)
  (let*-values
      (((checkout commit)
        (update-cached-checkout url
                                #:recursive? recursive?
                                #:ref ref
                                #:cache-directory
                                (url-cache-directory url cache-directory
                                                     #:recursive?
                                                     recursive?)
                                #:log-port log-port))
       ((name)
        (url+commit->name url commit)))
    (format log-port "retrieved commit ~a~%" commit)
    (values (add-to-store store name #t "sha256" checkout
                          #:select? (negate dot-git?))
            commit)))

(define (print-git-error port key args default-printer)
  (match args
    (((? git-error? error) . _)
     (format port (G_ "Git error: ~a~%")
             (git-error-message error)))))

(set-exception-printer! 'git-error print-git-error)

\f
;;;
;;; Commit difference.
;;;

(define* (commit-closure commit #:optional (visited (setq)))
  "Return the closure of COMMIT as a set.  Skip commits contained in VISITED,
a set, and adjoin VISITED to the result."
  (let loop ((commits (list commit))
             (visited visited))
    (match commits
      (()
       visited)
      ((head . tail)
       (if (set-contains? visited head)
           (loop tail visited)
           (loop (append (commit-parents head) tail)
                 (set-insert head visited)))))))

(define* (commit-difference new old #:optional (excluded '()))
  "Return the list of commits between NEW and OLD, where OLD is assumed to be
an ancestor of NEW.  Exclude all the commits listed in EXCLUDED along with
their ancestors.

Essentially, this computes the set difference between the closure of NEW and
that of OLD."
  (let loop ((commits (list new))
             (result '())
             (visited (commit-closure old (list->setq excluded))))
    (match commits
      (()
       (reverse result))
      ((head . tail)
       (if (set-contains? visited head)
           (loop tail result visited)
           (loop (append (commit-parents head) tail)
                 (cons head result)
                 (set-insert head visited)))))))

\f
;;;
;;; Checkouts.
;;;

;; Representation of the "latest" checkout of a branch or a specific commit.
(define-record-type* <git-checkout>
  git-checkout make-git-checkout
  git-checkout?
  (url     git-checkout-url)
  (branch  git-checkout-branch (default "master"))
  (commit  git-checkout-commit (default #f))      ;#f | tag | commit
  (recursive? git-checkout-recursive? (default #f)))

(define* (latest-repository-commit* url #:key ref recursive? log-port)
  ;; Monadic variant of 'latest-repository-commit'.
  (lambda (store)
    ;; The caller--e.g., (guix scripts build)--may not handle 'git-error' so
    ;; translate it into '&message' conditions that we know will be properly
    ;; handled.
    (catch 'git-error
      (lambda ()
        (values (latest-repository-commit store url
                                          #:ref ref
                                          #:recursive? recursive?
                                          #:log-port log-port)
                store))
      (lambda (key error . _)
        (raise (condition
                (&message
                 (message
                  (match ref
                    (('commit . commit)
                     (format #f (G_ "cannot fetch commit ~a from ~a: ~a")
                             commit url (git-error-message error)))
                    (('branch . branch)
                     (format #f (G_ "cannot fetch branch '~a' from ~a: ~a")
                             branch url (git-error-message error)))
                    (_
                     (format #f (G_ "Git failure while fetching ~a: ~a")
                             url (git-error-message error))))))))))))

(define-gexp-compiler (git-checkout-compiler (checkout <git-checkout>)
                                             system target)
  ;; "Compile" CHECKOUT by updating the local checkout and adding it to the
  ;; store.
  (match checkout
    (($ <git-checkout> url branch commit recursive?)
     (latest-repository-commit* url
                                #:ref (if commit
                                          `(tag-or-commit . ,commit)
                                          `(branch . ,branch))
                                #:recursive? recursive?
                                #:log-port (current-error-port)))))

;; Local Variables:
;; eval: (put 'with-repository 'scheme-indent-function 2)
;; End:
Commit	Line	Data
6b7b3ca9	1	;;; GNU Guix --- Functional package management for GNU
c3574749	2	;;; Copyright © 2017, 2020 Mathieu Othacehe <m.othacehe@gmail.com>
6a7c4636	3	;;; Copyright © 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
6b7b3ca9 MO	4	;;;
	5	;;; This file is part of GNU Guix.
	6	;;;
	7	;;; GNU Guix is free software; you can redistribute it and/or modify it
	8	;;; under the terms of the GNU General Public License as published by
	9	;;; the Free Software Foundation; either version 3 of the License, or (at
	10	;;; your option) any later version.
	11	;;;
	12	;;; GNU Guix is distributed in the hope that it will be useful, but
	13	;;; WITHOUT ANY WARRANTY; without even the implied warranty of
	14	;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	15	;;; GNU General Public License for more details.
	16	;;;
	17	;;; You should have received a copy of the GNU General Public License
	18	;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
	19
	20	(define-module (guix git)
	21	#:use-module (git)
	22	#:use-module (git object)
a3d77c51	23	#:use-module (guix i18n)
6b7b3ca9	24	#:use-module (guix base32)
ca719424	25	#:use-module (gcrypt hash)
0ad5f809	26	#:use-module ((guix build utils) #:select (mkdir-p))
6b7b3ca9 MO	27	#:use-module (guix store)
6b7b3ca9 MO	28	#:use-module (guix utils)
49ae3f6d LC	29	#:use-module (guix records)
49ae3f6d LC	30	#:use-module (guix gexp)
873f6f13	31	#:use-module (guix sets)
6b7b3ca9 MO	32	#:use-module (rnrs bytevectors)
	33	#:use-module (ice-9 match)
	34	#:use-module (srfi srfi-1)
91881986	35	#:use-module (srfi srfi-11)
95bd9f65 LC	36	#:use-module (srfi srfi-34)
95bd9f65 LC	37	#:use-module (srfi srfi-35)
6b7b3ca9	38	#:export (%repository-cache-directory
bc041b3e LC	39	honor-system-x509-certificates!
bc041b3e LC	40
873f6f13	41	with-repository
91881986	42	update-cached-checkout
053b10c3	43	url+commit->name
49ae3f6d	44	latest-repository-commit
873f6f13	45	commit-difference
49ae3f6d LC	46
	47	git-checkout
	48	git-checkout?
	49	git-checkout-url
a063bac6 LC	50	git-checkout-branch
	51	git-checkout-commit
	52	git-checkout-recursive?))
6b7b3ca9 MO	53
6b7b3ca9 MO	54	(define %repository-cache-directory
e83b2b0f LC	55	(make-parameter (string-append (cache-directory #:ensure? #f)
e83b2b0f LC	56	"/checkouts")))
6b7b3ca9	57
bc041b3e LC	58	(define (honor-system-x509-certificates!)
	59	"Use the system's X.509 certificates for Git checkouts over HTTPS. Honor
	60	the 'SSL_CERT_FILE' and 'SSL_CERT_DIR' environment variables."
	61	;; On distros such as CentOS 7, /etc/ssl/certs contains only a couple of
	62	;; files (instead of all the certificates) among which "ca-bundle.crt". On
	63	;; other distros /etc/ssl/certs usually contains the whole set of
	64	;; certificates along with "ca-certificates.crt". Try to choose the right
	65	;; one.
	66	(let ((file (letrec-syntax ((choose
	67	(syntax-rules ()
	68	((_ file rest ...)
	69	(let ((f file))
	70	(if (and f (file-exists? f))
	71	f
	72	(choose rest ...))))
	73	((_)
	74	#f))))
	75	(choose (getenv "SSL_CERT_FILE")
	76	"/etc/ssl/certs/ca-certificates.crt"
	77	"/etc/ssl/certs/ca-bundle.crt")))
	78	(directory (or (getenv "SSL_CERT_DIR") "/etc/ssl/certs")))
	79	(and (or file
	80	(and=> (stat directory #f)
	81	(lambda (st)
	82	(> (stat:nlink st) 2))))
	83	(begin
	84	(set-tls-certificate-locations! directory file)
	85	#t))))
	86
	87	(define %certificates-initialized?
	88	;; Whether 'honor-system-x509-certificates!' has already been called.
	89	#f)
	90
6b7b3ca9	91	(define-syntax-rule (with-libgit2 thunk ...)
b02469d2 MO	92	(begin
	93	;; XXX: The right thing to do would be to call (libgit2-shutdown) here,
	94	;; but pointer finalizers used in guile-git may be called after shutdown,
	95	;; resulting in a segfault. Hence, let's skip shutdown call for now.
	96	(libgit2-init!)
bc041b3e LC	97	(unless %certificates-initialized?
	98	(honor-system-x509-certificates!)
	99	(set! %certificates-initialized? #t))
b02469d2	100	thunk ...))
6b7b3ca9 MO	101
	102	(define* (url-cache-directory url
	103	#:optional (cache-directory
60cbc6a8 LC	104	(%repository-cache-directory))
60cbc6a8 LC	105	#:key recursive?)
6b7b3ca9 MO	106	"Return the directory associated to URL in %repository-cache-directory."
	107	(string-append
	108	cache-directory "/"
60cbc6a8 LC	109	(bytevector->base32-string
	110	(sha256 (string->utf8 (if recursive?
	111	(string-append "R:" url)
	112	url))))))
6b7b3ca9	113
c3574749 MO	114	;; Authentication appeared in Guile-Git 0.3.0, check if it is available.
	115	(define auth-supported?
	116	(false-if-exception (resolve-interface '(git auth))))
	117
6b7b3ca9 MO	118	(define (clone* url directory)
	119	"Clone git repository at URL into DIRECTORY. Upon failure,
	120	make sure no empty directory is left behind."
	121	(with-throw-handler #t
	122	(lambda ()
	123	(mkdir-p directory)
195f0d05 LC	124
	125	;; Note: Explicitly pass options to work around the invalid default
	126	;; value in Guile-Git: <https://bugs.gnu.org/29238>.
b1488c76 LC	127	(if (module-defined? (resolve-interface '(git))
b1488c76 LC	128	'clone-init-options)
c3574749 MO	129	(let ((auth-method (and auth-supported?
	130	(%make-auth-ssh-agent))))
	131	(clone url directory
	132	(if auth-supported?
	133	(make-clone-options
	134	#:fetch-options (make-fetch-options auth-method))
	135	(clone-init-options))))
b1488c76	136	(clone url directory)))
6b7b3ca9 MO	137	(lambda _
	138	(false-if-exception (rmdir directory)))))
	139
6b7b3ca9 MO	140	(define (url+commit->name url sha1)
	141	"Return the string \"<REPO-NAME>-<SHA1:7>\" where REPO-NAME is the name of
	142	the git repository, extracted from URL and SHA1:7 the seven first digits
	143	of SHA1 string."
	144	(string-append
	145	(string-replace-substring
	146	(last (string-split url #\/)) ".git" "")
	147	"-" (string-take sha1 7)))
	148
6b7b3ca9	149	(define (switch-to-ref repository ref)
91881986 LC	150	"Switch to REPOSITORY's branch, commit or tag specified by REF. Return the
91881986 LC	151	OID (roughly the commit hash) corresponding to REF."
95bd9f65	152	(define obj
c4c2449f LC	153	(let resolve ((ref ref))
	154	(match ref
	155	(('branch . branch)
	156	(let ((oid (reference-target
	157	(branch-lookup repository branch BRANCH-REMOTE))))
	158	(object-lookup repository oid)))
	159	(('commit . commit)
	160	(let ((len (string-length commit)))
	161	;; 'object-lookup-prefix' appeared in Guile-Git in Mar. 2018, so we
	162	;; can't be sure it's available. Furthermore, 'string->oid' used to
	163	;; read out-of-bounds when passed a string shorter than 40 chars,
	164	;; which is why we delay calls to it below.
	165	(if (< len 40)
	166	(if (module-defined? (resolve-interface '(git object))
	167	'object-lookup-prefix)
	168	(object-lookup-prefix repository (string->oid commit) len)
	169	(raise (condition
	170	(&message
	171	(message "long Git object ID is required")))))
	172	(object-lookup repository (string->oid commit)))))
	173	(('tag-or-commit . str)
	174	(if (or (> (string-length str) 40)
	175	(not (string-every char-set:hex-digit str)))
	176	(resolve `(tag . ,str)) ;definitely a tag
	177	(catch 'git-error
	178	(lambda ()
	179	(resolve `(tag . ,str)))
	180	(lambda _
	181	;; There's no such tag, so it must be a commit ID.
	182	(resolve `(commit . ,str))))))
	183	(('tag . tag)
	184	(let ((oid (reference-name->oid repository
	185	(string-append "refs/tags/" tag))))
efa578ec LC	186	;; OID may point to a "tag" object, but it can also point directly
	187	;; to a "commit" object, as surprising as it may seem. Return that
	188	;; object, whatever that is.
	189	(object-lookup repository oid))))))
95bd9f65	190
91881986 LC	191	(reset repository obj RESET_HARD)
	192	(object-id obj))
	193
60cbc6a8 LC	194	(define (call-with-repository directory proc)
	195	(let ((repository #f))
	196	(dynamic-wind
	197	(lambda ()
	198	(set! repository (repository-open directory)))
	199	(lambda ()
	200	(proc repository))
	201	(lambda ()
	202	(repository-close! repository)))))
	203
	204	(define-syntax-rule (with-repository directory repository exp ...)
	205	"Open the repository at DIRECTORY and bind REPOSITORY to it within the
	206	dynamic extent of EXP."
	207	(call-with-repository directory
	208	(lambda (repository) exp ...)))
	209
6a7c4636 LC	210	(define (load-git-submodules)
	211	"Attempt to load (git submodules), which was missing until Guile-Git 0.2.0.
	212	Return true on success, false on failure."
	213	(match (false-if-exception (resolve-interface '(git submodule)))
	214	(#f
	215	(set! load-git-submodules (const #f))
	216	#f)
	217	(iface
058d0251	218	(module-use! (resolve-module '(guix git)) iface)
6a7c4636 LC	219	(set! load-git-submodules (const #t))
	220	#t)))
	221
60cbc6a8 LC	222	(define* (update-submodules repository
	223	#:key (log-port (current-error-port)))
	224	"Update the submodules of REPOSITORY, a Git repository object."
	225	;; Guile-Git < 0.2.0 did not have (git submodule).
6a7c4636	226	(if (load-git-submodules)
60cbc6a8 LC	227	(for-each (lambda (name)
	228	(let ((submodule (submodule-lookup repository name)))
	229	(format log-port (G_ "updating submodule '~a'...~%")
	230	name)
	231	(submodule-update submodule)
	232
	233	;; Recurse in SUBMODULE.
	234	(let ((directory (string-append
	235	(repository-working-directory repository)
	236	"/" (submodule-path submodule))))
	237	(with-repository directory repository
	238	(update-submodules repository
	239	#:log-port log-port)))))
	240	(repository-submodules repository))
	241	(format (current-error-port)
	242	(G_ "Support for submodules is missing; \
	243	please upgrade Guile-Git.~%"))))
	244
a78dcb3d LC	245	(define (reference-available? repository ref)
	246	"Return true if REF, a reference such as '(commit . \"cabba9e\"), is
	247	definitely available in REPOSITORY, false otherwise."
	248	(match ref
	249	(('commit . commit)
	250	(catch 'git-error
	251	(lambda ()
	252	(->bool (commit-lookup repository (string->oid commit))))
	253	(lambda (key error . rest)
	254	(if (= GIT_ENOTFOUND (git-error-code error))
	255	#f
	256	(apply throw key error rest)))))
	257	(_
	258	#f)))
	259
91881986 LC	260	(define* (update-cached-checkout url
91881986 LC	261	#:key
37a6cdbf	262	(ref '(branch . "master"))
60cbc6a8 LC	263	recursive?
60cbc6a8 LC	264	(log-port (%make-void-port "w"))
91881986	265	(cache-directory
ffc3fcad	266	(url-cache-directory
60cbc6a8 LC	267	url (%repository-cache-directory)
60cbc6a8 LC	268	#:recursive? recursive?)))
91881986 LC	269	"Update the cached checkout of URL to REF in CACHE-DIRECTORY. Return two
	270	values: the cache directory name, and the SHA1 commit (a string) corresponding
	271	to REF.
	272
c4c2449f LC	273	REF is pair whose key is [branch \| commit \| tag \| tag-or-commit ] and value
c4c2449f LC	274	the associated data: [<branch name> \| <sha1> \| <tag name> \| <string>].
60cbc6a8 LC	275
60cbc6a8 LC	276	When RECURSIVE? is true, check out submodules as well, if any."
37a6cdbf LC	277	(define canonical-ref
	278	;; We used to require callers to specify "origin/" for each branch, which
	279	;; made little sense since the cache should be transparent to them. So
	280	;; here we append "origin/" if it's missing and otherwise keep it.
	281	(match ref
	282	(('branch . branch)
	283	`(branch . ,(if (string-prefix? "origin/" branch)
	284	branch
	285	(string-append "origin/" branch))))
	286	(_ ref)))
	287
91881986	288	(with-libgit2
ffc3fcad	289	(let* ((cache-exists? (openable-repository? cache-directory))
91881986	290	(repository (if cache-exists?
e3e1a7ba	291	(repository-open cache-directory)
ffc3fcad	292	(clone* url cache-directory))))
91881986	293	;; Only fetch remote if it has not been cloned just before.
a78dcb3d LC	294	(when (and cache-exists?
a78dcb3d LC	295	(not (reference-available? repository ref)))
c3574749 MO	296	(if auth-supported?
	297	(let ((auth-method (and auth-supported?
	298	(%make-auth-ssh-agent))))
	299	(remote-fetch (remote-lookup repository "origin")
	300	#:fetch-options (make-fetch-options auth-method)))
	301	(remote-fetch (remote-lookup repository "origin"))))
60cbc6a8 LC	302	(when recursive?
60cbc6a8 LC	303	(update-submodules repository #:log-port log-port))
37a6cdbf	304	(let ((oid (switch-to-ref repository canonical-ref)))
91881986 LC	305
	306	;; Reclaim file descriptors and memory mappings associated with
	307	;; REPOSITORY as soon as possible.
	308	(when (module-defined? (resolve-interface '(git repository))
	309	'repository-close!)
	310	(repository-close! repository))
	311
ffc3fcad	312	(values cache-directory (oid->string oid))))))
6b7b3ca9 MO	313
	314	(define* (latest-repository-commit store url
	315	#:key
60cbc6a8	316	recursive?
35cb37ea	317	(log-port (%make-void-port "w"))
6b7b3ca9 MO	318	(cache-directory
6b7b3ca9 MO	319	(%repository-cache-directory))
37a6cdbf	320	(ref '(branch . "master")))
6b7b3ca9 MO	321	"Return two values: the content of the git repository at URL copied into a
	322	store directory and the sha1 of the top level commit in this directory. The
	323	reference to be checkout, once the repository is fetched, is specified by REF.
	324	REF is pair whose key is [branch \| commit \| tag] and value the associated
	325	data, respectively [<branch name> \| <sha1> \| <tag name>].
	326
60cbc6a8 LC	327	When RECURSIVE? is true, check out submodules as well, if any.
60cbc6a8 LC	328
6b7b3ca9	329	Git repositories are kept in the cache directory specified by
35cb37ea LC	330	%repository-cache-directory parameter.
	331
	332	Log progress and checkout info to LOG-PORT."
91881986 LC	333	(define (dot-git? file stat)
91881986 LC	334	(and (string=? (basename file) ".git")
60cbc6a8 LC	335	(or (eq? 'directory (stat:type stat))
	336
	337	;; Submodule checkouts end up with a '.git' regular file that
	338	;; contains metadata about where their actual '.git' directory
	339	;; lives.
	340	(and recursive?
	341	(eq? 'regular (stat:type stat))))))
dfca2418	342
35cb37ea	343	(format log-port "updating checkout of '~a'...~%" url)
ffc3fcad OP	344	(let*-values
	345	(((checkout commit)
	346	(update-cached-checkout url
60cbc6a8	347	#:recursive? recursive?
ffc3fcad OP	348	#:ref ref
ffc3fcad OP	349	#:cache-directory
60cbc6a8 LC	350	(url-cache-directory url cache-directory
	351	#:recursive?
	352	recursive?)
	353	#:log-port log-port))
ffc3fcad OP	354	((name)
ffc3fcad OP	355	(url+commit->name url commit)))
35cb37ea	356	(format log-port "retrieved commit ~a~%" commit)
91881986 LC	357	(values (add-to-store store name #t "sha256" checkout
	358	#:select? (negate dot-git?))
	359	commit)))
49ae3f6d	360
1d8b10d0 LC	361	(define (print-git-error port key args default-printer)
	362	(match args
	363	(((? git-error? error) . _)
	364	(format port (G_ "Git error: ~a~%")
	365	(git-error-message error)))))
	366
	367	(set-exception-printer! 'git-error print-git-error)
	368
49ae3f6d	369	\f
873f6f13 LC	370	;;;
	371	;;; Commit difference.
	372	;;;
	373
785af04a LC	374	(define* (commit-closure commit #:optional (visited (setq)))
	375	"Return the closure of COMMIT as a set. Skip commits contained in VISITED,
	376	a set, and adjoin VISITED to the result."
873f6f13	377	(let loop ((commits (list commit))
785af04a	378	(visited visited))
873f6f13 LC	379	(match commits
	380	(()
	381	visited)
	382	((head . tail)
	383	(if (set-contains? visited head)
	384	(loop tail visited)
	385	(loop (append (commit-parents head) tail)
	386	(set-insert head visited)))))))
	387
785af04a	388	(define* (commit-difference new old #:optional (excluded '()))
873f6f13	389	"Return the list of commits between NEW and OLD, where OLD is assumed to be
785af04a LC	390	an ancestor of NEW. Exclude all the commits listed in EXCLUDED along with
785af04a LC	391	their ancestors.
873f6f13 LC	392
	393	Essentially, this computes the set difference between the closure of NEW and
	394	that of OLD."
	395	(let loop ((commits (list new))
	396	(result '())
785af04a	397	(visited (commit-closure old (list->setq excluded))))
873f6f13 LC	398	(match commits
	399	(()
	400	(reverse result))
	401	((head . tail)
	402	(if (set-contains? visited head)
	403	(loop tail result visited)
	404	(loop (append (commit-parents head) tail)
	405	(cons head result)
	406	(set-insert head visited)))))))
	407
	408	\f
49ae3f6d LC	409	;;;
	410	;;; Checkouts.
	411	;;;
	412
b18f7234	413	;; Representation of the "latest" checkout of a branch or a specific commit.
49ae3f6d LC	414	(define-record-type* <git-checkout>
	415	git-checkout make-git-checkout
	416	git-checkout?
	417	(url git-checkout-url)
b18f7234	418	(branch git-checkout-branch (default "master"))
177fecb5	419	(commit git-checkout-commit (default #f)) ;#f \| tag \| commit
06fff484	420	(recursive? git-checkout-recursive? (default #f)))
49ae3f6d	421
06fff484	422	(define* (latest-repository-commit* url #:key ref recursive? log-port)
a3d77c51 LC	423	;; Monadic variant of 'latest-repository-commit'.
	424	(lambda (store)
	425	;; The caller--e.g., (guix scripts build)--may not handle 'git-error' so
	426	;; translate it into '&message' conditions that we know will be properly
	427	;; handled.
	428	(catch 'git-error
	429	(lambda ()
	430	(values (latest-repository-commit store url
06fff484 LC	431	#:ref ref
	432	#:recursive? recursive?
	433	#:log-port log-port)
a3d77c51 LC	434	store))
	435	(lambda (key error . _)
	436	(raise (condition
	437	(&message
	438	(message
	439	(match ref
	440	(('commit . commit)
	441	(format #f (G_ "cannot fetch commit ~a from ~a: ~a")
	442	commit url (git-error-message error)))
	443	(('branch . branch)
	444	(format #f (G_ "cannot fetch branch '~a' from ~a: ~a")
	445	branch url (git-error-message error)))
	446	(_
	447	(format #f (G_ "Git failure while fetching ~a: ~a")
	448	url (git-error-message error))))))))))))
49ae3f6d LC	449
	450	(define-gexp-compiler (git-checkout-compiler (checkout <git-checkout>)
	451	system target)
	452	;; "Compile" CHECKOUT by updating the local checkout and adding it to the
	453	;; store.
	454	(match checkout
06fff484	455	(($ <git-checkout> url branch commit recursive?)
49ae3f6d	456	(latest-repository-commit* url
b18f7234	457	#:ref (if commit
177fecb5	458	`(tag-or-commit . ,commit)
b18f7234	459	`(branch . ,branch))
06fff484	460	#:recursive? recursive?
49ae3f6d	461	#:log-port (current-error-port)))))
60cbc6a8 LC	462
	463	;; Local Variables:
	464	;; eval: (put 'with-repository 'scheme-indent-function 2)
	465	;; End: