From cdffc37ad95c96870e7f8e6afa78d47d5dabec79 Mon Sep 17 00:00:00 2001 From: WilliButz Date: Thu, 26 Oct 2023 16:33:08 +0200 Subject: [PATCH] update: 2023.8.3 -> 2023.10.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * nixpkgs-23.05 -> nixpkgs-unstable (for nodejs 21) * nodejs_20 -> nodejs_21 * go_1_20 -> go_1_21 * added workaround for poetry2nix to drop python dev-dependencies Flake lock file updates: • Updated input 'authentik-src': 'github:goauthentik/authentik/f885f8c0395df639ccabd762910867bef0f4577c' (2023-09-11) → 'github:goauthentik/authentik/b7c02808c664714144bd7ae6fee4c6402a88f426' (2023-10-26) • Updated input 'flake-compat': 'github:edolstra/flake-compat/35bb57c0c8d8b62bbfd284272c928ceb64ddbde9' (2023-01-17) → 'github:edolstra/flake-compat/0f9255e01c2351cc7d116c072cb317785dd33b33' (2023-10-04) • Updated input 'flake-parts': 'github:hercules-ci/flake-parts/7f53fdb7bdc5bb237da7fefef12d099e4fd611ca' (2023-09-01) → 'github:hercules-ci/flake-parts/c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4' (2023-10-03) • Updated input 'flake-parts/nixpkgs-lib': 'github:NixOS/nixpkgs/3e52e76b70d5508f3cec70b882a29199f4d1ee85?dir=lib' (2023-08-31) → 'github:NixOS/nixpkgs/f5892ddac112a1e9b3612c39af1b72987ee5783a?dir=lib' (2023-09-29) • Updated input 'flake-utils': 'github:numtide/flake-utils/f9e7cf818399d17d347f847525c5a5a8032e4e44' (2023-08-23) → 'github:numtide/flake-utils/ff7b65b44d01cf9ba6a71320833626af21126384' (2023-09-12) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/4c8cf44c5b9481a4f093f1df3b8b7ba997a7c760' (2023-09-10) → 'github:NixOS/nixpkgs/8efd5d1e283604f75a808a20e6cde0ef313d07d4' (2023-10-24) • Updated input 'poetry2nix': 'github:nix-community/poetry2nix/c3d3c4a0396b1bcccd72c82551a319229997f6e4' (2023-09-08) → 'github:nix-community/poetry2nix/8f2c483f9a40db26011f6668559574a4b86ed499' (2023-10-26) • Updated input 'poetry2nix/nix-github-actions': 'github:nix-community/nix-github-actions/165b1650b753316aa7f1787f3005a8d2da0f5301' (2023-07-09) → 'github:nix-community/nix-github-actions/bd5bdbb52350e145c526108f4ef192eb8e554fa0' (2023-09-02) • Added input 'poetry2nix/systems': 'github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e' (2023-04-09) • Added input 'poetry2nix/treefmt-nix': 'github:numtide/treefmt-nix/aae39f64f5ecbe89792d05eacea5cb241891292a' (2023-10-15) • Added input 'poetry2nix/treefmt-nix/nixpkgs': follows 'poetry2nix/nixpkgs' --- flake.lock | 91 +++++++++++++++++++++++---------- flake.nix | 31 ++++++----- poetry2nix-python-overrides.nix | 5 ++ 3 files changed, 88 insertions(+), 39 deletions(-) diff --git a/flake.lock b/flake.lock index bfe9973..22ed4b7 100644 --- a/flake.lock +++ b/flake.lock @@ -3,16 +3,16 @@ "authentik-src": { "flake": false, "locked": { - "lastModified": 1694451308, - "narHash": "sha256-dpGvxhA5NWO8LKrGXzalV9EVn/nUIj6sMy2HdY5tjlM=", + "lastModified": 1698329167, + "narHash": "sha256-diHPyIN9c3klwhlPu5Q0DhjamLyB3UYUe4T58d6fdjQ=", "owner": "goauthentik", "repo": "authentik", - "rev": "f885f8c0395df639ccabd762910867bef0f4577c", + "rev": "b7c02808c664714144bd7ae6fee4c6402a88f426", "type": "github" }, "original": { "owner": "goauthentik", - "ref": "version/2023.8.3", + "ref": "version/2023.10.0", "repo": "authentik", "type": "github" } @@ -20,11 +20,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1673956053, - "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", "owner": "edolstra", "repo": "flake-compat", - "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", "type": "github" }, "original": { @@ -38,11 +38,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1693611461, - "narHash": "sha256-aPODl8vAgGQ0ZYFIRisxYG5MOGSkIczvu2Cd8Gb9+1Y=", + "lastModified": 1696343447, + "narHash": "sha256-B2xAZKLkkeRFG5XcHHSXXcP7To9Xzr59KXeZiRf4vdQ=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "7f53fdb7bdc5bb237da7fefef12d099e4fd611ca", + "rev": "c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4", "type": "github" }, "original": { @@ -56,11 +56,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1692799911, - "narHash": "sha256-3eihraek4qL744EvQXsK1Ha6C3CR7nnT8X2qWap4RNk=", + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", "owner": "numtide", "repo": "flake-utils", - "rev": "f9e7cf818399d17d347f847525c5a5a8032e4e44", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", "type": "github" }, "original": { @@ -100,11 +100,11 @@ ] }, "locked": { - "lastModified": 1688870561, - "narHash": "sha256-4UYkifnPEw1nAzqqPOTL2MvWtm3sNGw1UTYTalkTcGY=", + "lastModified": 1693660503, + "narHash": "sha256-B/g2V4v6gjirFmy+I5mwB2bCYc0l3j5scVfwgl6WOl8=", "owner": "nix-community", "repo": "nix-github-actions", - "rev": "165b1650b753316aa7f1787f3005a8d2da0f5301", + "rev": "bd5bdbb52350e145c526108f4ef192eb8e554fa0", "type": "github" }, "original": { @@ -115,16 +115,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1694304580, - "narHash": "sha256-5tIpNodDpEKT8mM/F5zCzWEAnidOg8eb1/x3SRaaBLs=", + "lastModified": 1698134075, + "narHash": "sha256-foCD+nuKzfh49bIoiCBur4+Fx1nozo+4C/6k8BYk4sg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4c8cf44c5b9481a4f093f1df3b8b7ba997a7c760", + "rev": "8efd5d1e283604f75a808a20e6cde0ef313d07d4", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-23.05", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -132,11 +132,11 @@ "nixpkgs-lib": { "locked": { "dir": "lib", - "lastModified": 1693471703, - "narHash": "sha256-0l03ZBL8P1P6z8MaSDS/MvuU8E75rVxe5eE1N6gxeTo=", + "lastModified": 1696019113, + "narHash": "sha256-X3+DKYWJm93DRSdC5M6K5hLqzSya9BjibtBsuARoPco=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3e52e76b70d5508f3cec70b882a29199f4d1ee85", + "rev": "f5892ddac112a1e9b3612c39af1b72987ee5783a", "type": "github" }, "original": { @@ -155,14 +155,16 @@ "nix-github-actions": "nix-github-actions", "nixpkgs": [ "nixpkgs" - ] + ], + "systems": "systems_2", + "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1694165861, - "narHash": "sha256-FMiPKVcNxb9QWATnQrC68nIL2t8Fm4zBH0XyLz9uqko=", + "lastModified": 1698324369, + "narHash": "sha256-rftG/00dnS+HHun11lDFtL33NNcGUE3XznYI78gU7dY=", "owner": "nix-community", "repo": "poetry2nix", - "rev": "c3d3c4a0396b1bcccd72c82551a319229997f6e4", + "rev": "8f2c483f9a40db26011f6668559574a4b86ed499", "type": "github" }, "original": { @@ -196,6 +198,41 @@ "repo": "default", "type": "github" } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "id": "systems", + "type": "indirect" + } + }, + "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "poetry2nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1697388351, + "narHash": "sha256-63N2eBpKaziIy4R44vjpUu8Nz5fCJY7okKrkixvDQmY=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "aae39f64f5ecbe89792d05eacea5cb241891292a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index b43825f..7352b8a 100644 --- a/flake.nix +++ b/flake.nix @@ -8,7 +8,7 @@ url = "github:edolstra/flake-compat"; flake = false; }; - nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; poetry2nix = { url = "github:nix-community/poetry2nix"; inputs = { @@ -24,7 +24,7 @@ }; }; authentik-src = { # change version string in outputs as well when updating - url = "github:goauthentik/authentik/version/2023.8.3"; + url = "github:goauthentik/authentik/version/2023.10.0"; flake = false; }; }; @@ -43,7 +43,7 @@ { inherit inputs; } ({ inputs, lib, withSystem, ... }: let - authentik-version = "2023.8.3"; # to pass to the drvs of some components + authentik-version = "2023.10.0"; # to pass to the drvs of some components in { systems = [ "x86_64-linux" @@ -58,8 +58,8 @@ ); }; }; - perSystem = { inputs', pkgs, system, ... }: let - inherit (inputs'.poetry2nix.legacyPackages) + perSystem = { pkgs, system, ... }: let + inherit (import inputs.poetry2nix { inherit pkgs; }) mkPoetryEnv defaultPoetryOverrides; in { @@ -79,15 +79,15 @@ mv -v ../website $out ''; }; - frontend = napalm.legacyPackages.${system}.buildPackage "${authentik-src}/web" { + frontend = napalm.legacyPackages.${system}.buildPackage "${authentik-src}/web" rec { version = authentik-version; # 0.0.0 specified upstream in package.json NODE_ENV = "production"; - nodejs = pkgs.nodejs_20; + nodejs = pkgs.nodejs_21; preBuild = '' ln -sv ${docs} ../website ''; npmCommands = [ - "npm install --include=dev --nodedir=${pkgs.nodejs_20}/include/node --loglevel verbose --ignore-scripts" + "npm install --include=dev --nodedir=${nodejs}/include/node --loglevel verbose --ignore-scripts" "npm run build" ]; installPhase = '' @@ -100,9 +100,16 @@ projectDir = authentik-src; python = pkgs.python311; overrides = [ defaultPoetryOverrides ] ++ (import ./poetry2nix-python-overrides.nix pkgs); + # workaround to remove dev-dependencies for the current combination of legacy pyproject.toml format + # used by authentik and poetry2nix's behavior + groups = []; + checkGroups = []; + pyproject = pkgs.runCommandLocal "patched-pyproject.toml" {} '' + sed -e 's,tool.poetry.dev-dependencies,tool.poetry.group.dev.dependencies,' ${authentik-src}/pyproject.toml > $out + ''; }; # server + outposts - gopkgs = pkgs.buildGo120Module { + gopkgs = pkgs.buildGo121Module { pname = "authentik-gopkgs"; version = authentik-version; prePatch = '' @@ -137,7 +144,7 @@ "cmd/proxy" "cmd/radius" ]; - vendorSha256 = "sha256-F3JzzL6Gg9H4qdmp4MbQFupccATYIUIFL05is6xzoZY="; + vendorSha256 = "sha256-JQRGlQ7iYrB5nKli3hoIAJHG9UeGqVD+dMupMUDZ2Zo="; nativeBuildInputs = [ pkgs.makeWrapper ]; postInstall = '' wrapProgram $out/bin/server --prefix PATH : ${pythonEnv}/bin @@ -162,8 +169,8 @@ patchShebangs $out/bin/migrate.py substituteInPlace $out/bin/migrate.py \ --replace \ - 'migration in Path(__file__).parent.absolute().glob("system_migrations/*.py")' \ - 'migration in Path("${staticWorkdirDeps}/lifecycle").glob("system_migrations/*.py")' + 'migration_path in Path(__file__).parent.absolute().glob("system_migrations/*.py")' \ + 'migration_path in Path("${staticWorkdirDeps}/lifecycle").glob("system_migrations/*.py")' wrapProgram $out/bin/migrate.py \ --prefix PATH : ${pythonEnv}/bin \ --prefix PYTHONPATH : ${staticWorkdirDeps} diff --git a/poetry2nix-python-overrides.nix b/poetry2nix-python-overrides.nix index 72b5653..685f669 100644 --- a/poetry2nix-python-overrides.nix +++ b/poetry2nix-python-overrides.nix @@ -73,6 +73,11 @@ pkgs: final.hatch-fancy-pypi-readme ]; }); + django-filter = prev.django-filter.overrideAttrs (oA: { + nativeBuildInputs = oA.nativeBuildInputs ++ [ + final.flit-core + ]; + }); } ) ]