Commit | Line | Data |
---|---|---|
6b7b3ca9 MO |
1 | ;;; GNU Guix --- Functional package management for GNU |
2 | ;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com> | |
60cbc6a8 | 3 | ;;; Copyright © 2018, 2019 Ludovic Courtès <ludo@gnu.org> |
6b7b3ca9 MO |
4 | ;;; |
5 | ;;; This file is part of GNU Guix. | |
6 | ;;; | |
7 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
8 | ;;; under the terms of the GNU General Public License as published by | |
9 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
10 | ;;; your option) any later version. | |
11 | ;;; | |
12 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
13 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
14 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
15 | ;;; GNU General Public License for more details. | |
16 | ;;; | |
17 | ;;; You should have received a copy of the GNU General Public License | |
18 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
19 | ||
20 | (define-module (guix git) | |
21 | #:use-module (git) | |
22 | #:use-module (git object) | |
a3d77c51 | 23 | #:use-module (guix i18n) |
6b7b3ca9 | 24 | #:use-module (guix base32) |
ca719424 | 25 | #:use-module (gcrypt hash) |
0ad5f809 | 26 | #:use-module ((guix build utils) #:select (mkdir-p)) |
6b7b3ca9 MO |
27 | #:use-module (guix store) |
28 | #:use-module (guix utils) | |
49ae3f6d LC |
29 | #:use-module (guix records) |
30 | #:use-module (guix gexp) | |
6b7b3ca9 MO |
31 | #:use-module (rnrs bytevectors) |
32 | #:use-module (ice-9 match) | |
33 | #:use-module (srfi srfi-1) | |
91881986 | 34 | #:use-module (srfi srfi-11) |
95bd9f65 LC |
35 | #:use-module (srfi srfi-34) |
36 | #:use-module (srfi srfi-35) | |
6b7b3ca9 | 37 | #:export (%repository-cache-directory |
bc041b3e LC |
38 | honor-system-x509-certificates! |
39 | ||
91881986 | 40 | update-cached-checkout |
49ae3f6d LC |
41 | latest-repository-commit |
42 | ||
43 | git-checkout | |
44 | git-checkout? | |
45 | git-checkout-url | |
46 | git-checkout-branch)) | |
6b7b3ca9 | 47 | |
60cbc6a8 LC |
48 | ;; XXX: Use this hack instead of #:autoload to avoid compilation errors. |
49 | ;; See <http://bugs.gnu.org/12202>. | |
50 | (module-autoload! (current-module) | |
51 | '(git submodule) '(repository-submodules)) | |
52 | ||
6b7b3ca9 | 53 | (define %repository-cache-directory |
e83b2b0f LC |
54 | (make-parameter (string-append (cache-directory #:ensure? #f) |
55 | "/checkouts"))) | |
6b7b3ca9 | 56 | |
bc041b3e LC |
57 | (define (honor-system-x509-certificates!) |
58 | "Use the system's X.509 certificates for Git checkouts over HTTPS. Honor | |
59 | the 'SSL_CERT_FILE' and 'SSL_CERT_DIR' environment variables." | |
60 | ;; On distros such as CentOS 7, /etc/ssl/certs contains only a couple of | |
61 | ;; files (instead of all the certificates) among which "ca-bundle.crt". On | |
62 | ;; other distros /etc/ssl/certs usually contains the whole set of | |
63 | ;; certificates along with "ca-certificates.crt". Try to choose the right | |
64 | ;; one. | |
65 | (let ((file (letrec-syntax ((choose | |
66 | (syntax-rules () | |
67 | ((_ file rest ...) | |
68 | (let ((f file)) | |
69 | (if (and f (file-exists? f)) | |
70 | f | |
71 | (choose rest ...)))) | |
72 | ((_) | |
73 | #f)))) | |
74 | (choose (getenv "SSL_CERT_FILE") | |
75 | "/etc/ssl/certs/ca-certificates.crt" | |
76 | "/etc/ssl/certs/ca-bundle.crt"))) | |
77 | (directory (or (getenv "SSL_CERT_DIR") "/etc/ssl/certs"))) | |
78 | (and (or file | |
79 | (and=> (stat directory #f) | |
80 | (lambda (st) | |
81 | (> (stat:nlink st) 2)))) | |
82 | (begin | |
83 | (set-tls-certificate-locations! directory file) | |
84 | #t)))) | |
85 | ||
86 | (define %certificates-initialized? | |
87 | ;; Whether 'honor-system-x509-certificates!' has already been called. | |
88 | #f) | |
89 | ||
6b7b3ca9 | 90 | (define-syntax-rule (with-libgit2 thunk ...) |
b02469d2 MO |
91 | (begin |
92 | ;; XXX: The right thing to do would be to call (libgit2-shutdown) here, | |
93 | ;; but pointer finalizers used in guile-git may be called after shutdown, | |
94 | ;; resulting in a segfault. Hence, let's skip shutdown call for now. | |
95 | (libgit2-init!) | |
bc041b3e LC |
96 | (unless %certificates-initialized? |
97 | (honor-system-x509-certificates!) | |
98 | (set! %certificates-initialized? #t)) | |
b02469d2 | 99 | thunk ...)) |
6b7b3ca9 MO |
100 | |
101 | (define* (url-cache-directory url | |
102 | #:optional (cache-directory | |
60cbc6a8 LC |
103 | (%repository-cache-directory)) |
104 | #:key recursive?) | |
6b7b3ca9 MO |
105 | "Return the directory associated to URL in %repository-cache-directory." |
106 | (string-append | |
107 | cache-directory "/" | |
60cbc6a8 LC |
108 | (bytevector->base32-string |
109 | (sha256 (string->utf8 (if recursive? | |
110 | (string-append "R:" url) | |
111 | url)))))) | |
6b7b3ca9 MO |
112 | |
113 | (define (clone* url directory) | |
114 | "Clone git repository at URL into DIRECTORY. Upon failure, | |
115 | make sure no empty directory is left behind." | |
116 | (with-throw-handler #t | |
117 | (lambda () | |
118 | (mkdir-p directory) | |
195f0d05 LC |
119 | |
120 | ;; Note: Explicitly pass options to work around the invalid default | |
121 | ;; value in Guile-Git: <https://bugs.gnu.org/29238>. | |
b1488c76 LC |
122 | (if (module-defined? (resolve-interface '(git)) |
123 | 'clone-init-options) | |
124 | (clone url directory (clone-init-options)) | |
125 | (clone url directory))) | |
6b7b3ca9 MO |
126 | (lambda _ |
127 | (false-if-exception (rmdir directory))))) | |
128 | ||
6b7b3ca9 MO |
129 | (define (url+commit->name url sha1) |
130 | "Return the string \"<REPO-NAME>-<SHA1:7>\" where REPO-NAME is the name of | |
131 | the git repository, extracted from URL and SHA1:7 the seven first digits | |
132 | of SHA1 string." | |
133 | (string-append | |
134 | (string-replace-substring | |
135 | (last (string-split url #\/)) ".git" "") | |
136 | "-" (string-take sha1 7))) | |
137 | ||
6b7b3ca9 | 138 | (define (switch-to-ref repository ref) |
91881986 LC |
139 | "Switch to REPOSITORY's branch, commit or tag specified by REF. Return the |
140 | OID (roughly the commit hash) corresponding to REF." | |
95bd9f65 | 141 | (define obj |
c4c2449f LC |
142 | (let resolve ((ref ref)) |
143 | (match ref | |
144 | (('branch . branch) | |
145 | (let ((oid (reference-target | |
146 | (branch-lookup repository branch BRANCH-REMOTE)))) | |
147 | (object-lookup repository oid))) | |
148 | (('commit . commit) | |
149 | (let ((len (string-length commit))) | |
150 | ;; 'object-lookup-prefix' appeared in Guile-Git in Mar. 2018, so we | |
151 | ;; can't be sure it's available. Furthermore, 'string->oid' used to | |
152 | ;; read out-of-bounds when passed a string shorter than 40 chars, | |
153 | ;; which is why we delay calls to it below. | |
154 | (if (< len 40) | |
155 | (if (module-defined? (resolve-interface '(git object)) | |
156 | 'object-lookup-prefix) | |
157 | (object-lookup-prefix repository (string->oid commit) len) | |
158 | (raise (condition | |
159 | (&message | |
160 | (message "long Git object ID is required"))))) | |
161 | (object-lookup repository (string->oid commit))))) | |
162 | (('tag-or-commit . str) | |
163 | (if (or (> (string-length str) 40) | |
164 | (not (string-every char-set:hex-digit str))) | |
165 | (resolve `(tag . ,str)) ;definitely a tag | |
166 | (catch 'git-error | |
167 | (lambda () | |
168 | (resolve `(tag . ,str))) | |
169 | (lambda _ | |
170 | ;; There's no such tag, so it must be a commit ID. | |
171 | (resolve `(commit . ,str)))))) | |
172 | (('tag . tag) | |
173 | (let ((oid (reference-name->oid repository | |
174 | (string-append "refs/tags/" tag)))) | |
10a8c2bb LC |
175 | ;; Get the commit that the tag at OID refers to. This is not |
176 | ;; strictly needed, but it's more consistent to always return the | |
177 | ;; OID of a commit. | |
178 | (object-lookup repository | |
179 | (tag-target-id (tag-lookup repository oid)))))))) | |
95bd9f65 | 180 | |
91881986 LC |
181 | (reset repository obj RESET_HARD) |
182 | (object-id obj)) | |
183 | ||
60cbc6a8 LC |
184 | (define (call-with-repository directory proc) |
185 | (let ((repository #f)) | |
186 | (dynamic-wind | |
187 | (lambda () | |
188 | (set! repository (repository-open directory))) | |
189 | (lambda () | |
190 | (proc repository)) | |
191 | (lambda () | |
192 | (repository-close! repository))))) | |
193 | ||
194 | (define-syntax-rule (with-repository directory repository exp ...) | |
195 | "Open the repository at DIRECTORY and bind REPOSITORY to it within the | |
196 | dynamic extent of EXP." | |
197 | (call-with-repository directory | |
198 | (lambda (repository) exp ...))) | |
199 | ||
200 | (define* (update-submodules repository | |
201 | #:key (log-port (current-error-port))) | |
202 | "Update the submodules of REPOSITORY, a Git repository object." | |
203 | ;; Guile-Git < 0.2.0 did not have (git submodule). | |
204 | (if (false-if-exception (resolve-interface '(git submodule))) | |
205 | (for-each (lambda (name) | |
206 | (let ((submodule (submodule-lookup repository name))) | |
207 | (format log-port (G_ "updating submodule '~a'...~%") | |
208 | name) | |
209 | (submodule-update submodule) | |
210 | ||
211 | ;; Recurse in SUBMODULE. | |
212 | (let ((directory (string-append | |
213 | (repository-working-directory repository) | |
214 | "/" (submodule-path submodule)))) | |
215 | (with-repository directory repository | |
216 | (update-submodules repository | |
217 | #:log-port log-port))))) | |
218 | (repository-submodules repository)) | |
219 | (format (current-error-port) | |
220 | (G_ "Support for submodules is missing; \ | |
221 | please upgrade Guile-Git.~%")))) | |
222 | ||
a78dcb3d LC |
223 | (define (reference-available? repository ref) |
224 | "Return true if REF, a reference such as '(commit . \"cabba9e\"), is | |
225 | definitely available in REPOSITORY, false otherwise." | |
226 | (match ref | |
227 | (('commit . commit) | |
228 | (catch 'git-error | |
229 | (lambda () | |
230 | (->bool (commit-lookup repository (string->oid commit)))) | |
231 | (lambda (key error . rest) | |
232 | (if (= GIT_ENOTFOUND (git-error-code error)) | |
233 | #f | |
234 | (apply throw key error rest))))) | |
235 | (_ | |
236 | #f))) | |
237 | ||
91881986 LC |
238 | (define* (update-cached-checkout url |
239 | #:key | |
37a6cdbf | 240 | (ref '(branch . "master")) |
60cbc6a8 LC |
241 | recursive? |
242 | (log-port (%make-void-port "w")) | |
91881986 | 243 | (cache-directory |
ffc3fcad | 244 | (url-cache-directory |
60cbc6a8 LC |
245 | url (%repository-cache-directory) |
246 | #:recursive? recursive?))) | |
91881986 LC |
247 | "Update the cached checkout of URL to REF in CACHE-DIRECTORY. Return two |
248 | values: the cache directory name, and the SHA1 commit (a string) corresponding | |
249 | to REF. | |
250 | ||
c4c2449f LC |
251 | REF is pair whose key is [branch | commit | tag | tag-or-commit ] and value |
252 | the associated data: [<branch name> | <sha1> | <tag name> | <string>]. | |
60cbc6a8 LC |
253 | |
254 | When RECURSIVE? is true, check out submodules as well, if any." | |
37a6cdbf LC |
255 | (define canonical-ref |
256 | ;; We used to require callers to specify "origin/" for each branch, which | |
257 | ;; made little sense since the cache should be transparent to them. So | |
258 | ;; here we append "origin/" if it's missing and otherwise keep it. | |
259 | (match ref | |
260 | (('branch . branch) | |
261 | `(branch . ,(if (string-prefix? "origin/" branch) | |
262 | branch | |
263 | (string-append "origin/" branch)))) | |
264 | (_ ref))) | |
265 | ||
91881986 | 266 | (with-libgit2 |
ffc3fcad | 267 | (let* ((cache-exists? (openable-repository? cache-directory)) |
91881986 | 268 | (repository (if cache-exists? |
ffc3fcad OP |
269 | (repository-open cache-directory) |
270 | (clone* url cache-directory)))) | |
91881986 | 271 | ;; Only fetch remote if it has not been cloned just before. |
a78dcb3d LC |
272 | (when (and cache-exists? |
273 | (not (reference-available? repository ref))) | |
91881986 | 274 | (remote-fetch (remote-lookup repository "origin"))) |
60cbc6a8 LC |
275 | (when recursive? |
276 | (update-submodules repository #:log-port log-port)) | |
37a6cdbf | 277 | (let ((oid (switch-to-ref repository canonical-ref))) |
91881986 LC |
278 | |
279 | ;; Reclaim file descriptors and memory mappings associated with | |
280 | ;; REPOSITORY as soon as possible. | |
281 | (when (module-defined? (resolve-interface '(git repository)) | |
282 | 'repository-close!) | |
283 | (repository-close! repository)) | |
284 | ||
ffc3fcad | 285 | (values cache-directory (oid->string oid)))))) |
6b7b3ca9 MO |
286 | |
287 | (define* (latest-repository-commit store url | |
288 | #:key | |
60cbc6a8 | 289 | recursive? |
35cb37ea | 290 | (log-port (%make-void-port "w")) |
6b7b3ca9 MO |
291 | (cache-directory |
292 | (%repository-cache-directory)) | |
37a6cdbf | 293 | (ref '(branch . "master"))) |
6b7b3ca9 MO |
294 | "Return two values: the content of the git repository at URL copied into a |
295 | store directory and the sha1 of the top level commit in this directory. The | |
296 | reference to be checkout, once the repository is fetched, is specified by REF. | |
297 | REF is pair whose key is [branch | commit | tag] and value the associated | |
298 | data, respectively [<branch name> | <sha1> | <tag name>]. | |
299 | ||
60cbc6a8 LC |
300 | When RECURSIVE? is true, check out submodules as well, if any. |
301 | ||
6b7b3ca9 | 302 | Git repositories are kept in the cache directory specified by |
35cb37ea LC |
303 | %repository-cache-directory parameter. |
304 | ||
305 | Log progress and checkout info to LOG-PORT." | |
91881986 LC |
306 | (define (dot-git? file stat) |
307 | (and (string=? (basename file) ".git") | |
60cbc6a8 LC |
308 | (or (eq? 'directory (stat:type stat)) |
309 | ||
310 | ;; Submodule checkouts end up with a '.git' regular file that | |
311 | ;; contains metadata about where their actual '.git' directory | |
312 | ;; lives. | |
313 | (and recursive? | |
314 | (eq? 'regular (stat:type stat)))))) | |
dfca2418 | 315 | |
35cb37ea | 316 | (format log-port "updating checkout of '~a'...~%" url) |
ffc3fcad OP |
317 | (let*-values |
318 | (((checkout commit) | |
319 | (update-cached-checkout url | |
60cbc6a8 | 320 | #:recursive? recursive? |
ffc3fcad OP |
321 | #:ref ref |
322 | #:cache-directory | |
60cbc6a8 LC |
323 | (url-cache-directory url cache-directory |
324 | #:recursive? | |
325 | recursive?) | |
326 | #:log-port log-port)) | |
ffc3fcad OP |
327 | ((name) |
328 | (url+commit->name url commit))) | |
35cb37ea | 329 | (format log-port "retrieved commit ~a~%" commit) |
91881986 LC |
330 | (values (add-to-store store name #t "sha256" checkout |
331 | #:select? (negate dot-git?)) | |
332 | commit))) | |
49ae3f6d | 333 | |
1d8b10d0 LC |
334 | (define (print-git-error port key args default-printer) |
335 | (match args | |
336 | (((? git-error? error) . _) | |
337 | (format port (G_ "Git error: ~a~%") | |
338 | (git-error-message error))))) | |
339 | ||
340 | (set-exception-printer! 'git-error print-git-error) | |
341 | ||
49ae3f6d LC |
342 | \f |
343 | ;;; | |
344 | ;;; Checkouts. | |
345 | ;;; | |
346 | ||
b18f7234 | 347 | ;; Representation of the "latest" checkout of a branch or a specific commit. |
49ae3f6d LC |
348 | (define-record-type* <git-checkout> |
349 | git-checkout make-git-checkout | |
350 | git-checkout? | |
351 | (url git-checkout-url) | |
b18f7234 | 352 | (branch git-checkout-branch (default "master")) |
177fecb5 | 353 | (commit git-checkout-commit (default #f)) ;#f | tag | commit |
06fff484 | 354 | (recursive? git-checkout-recursive? (default #f))) |
49ae3f6d | 355 | |
06fff484 | 356 | (define* (latest-repository-commit* url #:key ref recursive? log-port) |
a3d77c51 LC |
357 | ;; Monadic variant of 'latest-repository-commit'. |
358 | (lambda (store) | |
359 | ;; The caller--e.g., (guix scripts build)--may not handle 'git-error' so | |
360 | ;; translate it into '&message' conditions that we know will be properly | |
361 | ;; handled. | |
362 | (catch 'git-error | |
363 | (lambda () | |
364 | (values (latest-repository-commit store url | |
06fff484 LC |
365 | #:ref ref |
366 | #:recursive? recursive? | |
367 | #:log-port log-port) | |
a3d77c51 LC |
368 | store)) |
369 | (lambda (key error . _) | |
370 | (raise (condition | |
371 | (&message | |
372 | (message | |
373 | (match ref | |
374 | (('commit . commit) | |
375 | (format #f (G_ "cannot fetch commit ~a from ~a: ~a") | |
376 | commit url (git-error-message error))) | |
377 | (('branch . branch) | |
378 | (format #f (G_ "cannot fetch branch '~a' from ~a: ~a") | |
379 | branch url (git-error-message error))) | |
380 | (_ | |
381 | (format #f (G_ "Git failure while fetching ~a: ~a") | |
382 | url (git-error-message error)))))))))))) | |
49ae3f6d LC |
383 | |
384 | (define-gexp-compiler (git-checkout-compiler (checkout <git-checkout>) | |
385 | system target) | |
386 | ;; "Compile" CHECKOUT by updating the local checkout and adding it to the | |
387 | ;; store. | |
388 | (match checkout | |
06fff484 | 389 | (($ <git-checkout> url branch commit recursive?) |
49ae3f6d | 390 | (latest-repository-commit* url |
b18f7234 | 391 | #:ref (if commit |
177fecb5 | 392 | `(tag-or-commit . ,commit) |
b18f7234 | 393 | `(branch . ,branch)) |
06fff484 | 394 | #:recursive? recursive? |
49ae3f6d | 395 | #:log-port (current-error-port))))) |
60cbc6a8 LC |
396 | |
397 | ;; Local Variables: | |
398 | ;; eval: (put 'with-repository 'scheme-indent-function 2) | |
399 | ;; End: |