tamipes/authentik-nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
authentik-nix/components/docs.nix
WilliButz a1630aaf9f
update: 2024.6.4 -> 2024.8.1 
Release notes: https://docs.goauthentik.io/docs/releases/2024.8

Still includes the same hacky workaround for one of the dependencies
that was introduced in the 2024.6.1 update. See components/docs.nix for
more information.

Also, as upstream package-lock.json files do not include source hashes
and urls for a lot of dependencies, building authentik from source is
only possible after they've been resolved. This makes it kind of a
gamble to try and reproduce a build with the same set of dependencies
that the devs use. This is why the two relevant lock files are vendored
here now. See upstream issues for more information:
- https://github.com/goauthentik/authentik/issues/6180
- https://github.com/goauthentik/authentik/issues/11169
and the npm issue for the underlying reason:
https://github.com/npm/cli/issues/4263

Flake lock file updates:

• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/8471fe90ad337a8074e957b69ca4d0089218391d' (2024-08-01)
  → 'github:hercules-ci/flake-parts/567b938d64d4b4112ee253b9274472dc3a346eb6' (2024-09-01)
• Updated input 'flake-parts/nixpkgs-lib':
    'https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz?narHash=sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q%3D' (2024-08-01)
  → 'https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz?narHash=sha256-Ss8QWLXdr2JCBPcYChJhz4xJm%2Bh/xjl4G0c0XlP6a74%3D' (2024-09-01)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/c374d94f1536013ca8e92341b540eba4c22f9c62' (2024-08-21)
  → 'github:NixOS/nixpkgs/574d1eac1c200690e27b8eb4e24887f8df7ac27c' (2024-09-06)
• Updated input 'poetry2nix':
    'github:nix-community/poetry2nix/884b66152b0c625b8220b570a31dc7acc36749a3' (2024-08-21)
  → 'github:nix-community/poetry2nix/a313fd7169ae43ecd1a2ea2f1e4899fe3edba4d2' (2024-09-05)
2024-09-07 22:07:37 +02:00

68 lines
2.5 KiB
Nix
Raw Blame History

{ authentik-src
, authentik-version
, buildNapalmPackage
, nodejs_22
}:
buildNapalmPackage "${authentik-src}/website" {
version = authentik-version; # 0.0.0 specified upstream in package.json
NODE_ENV = "production";
nodejs = nodejs_22;
npmCommands = [
"cp -v ${authentik-src}/SECURITY.md ../SECURITY.md"
"cp -vr ${authentik-src}/blueprints ../blueprints"
"cp -v ${authentik-src}/schema.yml ../schema.yml"
"npm install --include=dev"
"npm run build-bundled"
];
installPhase = ''
rm -r ../website/node_modules/.cache
mv -v ../website $out
'';
# upstream doesn't provide a fully resolved lock file
# see issues:
# - https://github.com/goauthentik/authentik/issues/6180
# - https://github.com/goauthentik/authentik/issues/11169
#
# see npm issue for the underlying issue:
# https://github.com/npm/cli/issues/4263
packageLock = ./docs-manually-resolved-package-lock.json;
# These are lockfiles with extra deps that are required to successfully build
# the module `paloaltonetworks/postman-code-generators`, that is getting
# pulled in by `docusaurus-theme-openapi-doc`.
#
# (see the repo at https://github.com/PaloAltoNetworks/postman-code-generators)
#
# The vendored $name-package-lock.json files here are just the package-lock or
# npm-shrinkwrap files of each subdirectory in the `/codegens` directory of
# the above repo at npm version "1.1.15-patch.2".
#
# Note that the dependency on that postman-code-generators repo is no longer
# present on authentik's main, but unfortunately still included in the
# 2024.6 releases.
#
# (╯°□°)╯︵ ┻━┻)
#
# ---
# update 2024.8.0:
#
# The issue remains. However, now another package source is used, namely
# https://github.com/postmanlabs/postman-code-generators at version v1.10.1
#
# Note:
# Alternatively it would be possible to drop this problematic dependency
# entirely, as is done in nixpkgs for the authentik build:
# https://github.com/NixOS/nixpkgs/blob/0037d6fe7143674afdfb35d1aad315605d883973/pkgs/by-name/au/authentik/package.nix#L53
# But this would differ from the upstream build and it's unclear what the impact is:
# https://github.com/goauthentik/authentik/blob/version/2024.8.1/Dockerfile#L20
additionalPackageLocks =
let
files = builtins.readDir ./docs-extra-package-locks;
in
builtins.concatMap (f:
if files.${f} == "regular"
then [ (./docs-extra-package-locks + "/${f}") ] else []
) (builtins.attrNames files);
}
Reference in a new issue View git blame Copy permalink