Our goal is to provide a proof of concept for writing a guix package defintion where the source is stored in a private github repository.
There are several reasons you may want to do this:
- Your opensource software is experimental and not fit for public consumption.
- You workplace produces propietary software, but you would like your workflow to benefit from all the guix goodness.
In this tutorial you will repackage the GNU Hello example from the guix-cookbook tutorial.
- I have no guix or guile experience and this tutorial may not follow best practices.
- If you see any mistakes or have any suggestions, please let me know.
- I intend to expand on this document as I learn more about guix.
- This tutorial was produced using the following references:
You will need a git server with ssh authentication: I used the public github and a github enterprise hosted by my workplace.
We need some software to package. We’ll fork GNU Hello as is described in the guix-cookbook.
Here’s a link to an FTP mirror: GNU Hello Source Mirror
At the time of writing, I used hello-2.12.1.tar.gz.
Perform the following steps:
- Download the GNU Hello Source
- Create a new private repository on github called
hello. - Copy the contents of the GNU hello tarball to your new repo and check them in to your
helloprivate repository and push to github.
Here’s a link to a github tutorial: Generating a new SSH key and adding it to the ssh-agent
I am not privy to the underlying mechanics, but guix will not be able to authenticate using your key when invoked.
Run ssh-agent followed by ssh-add to remedy this.
Guix should now be able to utilize your ssh keys when authenticating with github.
I previously had a set of RSA keys setup on github. Github complained about something regarding my RSA with SHA-1 key: Improving Git protocol security on GitHub when running guix. A little strange, since I just these keys to work on another repository, but no problem: I rotate my SSH keys often and was due for another one.
I deleted my old key and created a new Ed25519 key. I killed ssh-agent and restarted it, exporting the environment variables is prints out. I ran ssh-add and was later able to have guix succesfully authenticate and clone my private repository.
The code block below defines hello.scm, which is almost identical to what is described in the guix-cookbook.
In our case, we will build the source stored in our private repository.
I have moved the variables that you need to modify into the let expression.
Modify commit, source, url (your private repository).
Next, we included #:use-module (guix git) which defines git-checkout. We will use git-checkout as an input to source instead of origin.
I couldn’t find any documentation on this and had to go spelunking in the guix source for it.
(define-module (my-packages hello)
#:use-module (guix licenses)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix git)
#:use-module (guix git-download)
#:use-module (guix utils)
#:use-module (guix build-system gnu)
#:use-module (gnu packages))
(define-public hello
(let ((commit "befa293e029a5bf695fdd9314c40008d3a15941c")
(version "2.12.1")
(url "git@github.com:Mejiro-McQueen/hello.git"))
(package
(name "hello")
(version version)
(source
(git-checkout
(url url)
(commit commit)))
(build-system gnu-build-system)
(synopsis "Hello, GNU world: An example GNU package")
(description
"GNU Hello prints the message \"Hello, world!\" and then exits. It
serves as an example of standard GNU coding practices. As such, it supports
command-line arguments, multiple languages, and so on.")
(home-page "https://www.gnu.org/software/hello/")
(license gpl3+))))
helloThat’s it!
Build the package with guix build -f hello.scm.
It looks like you can also provide a branch and recursive checkout which may be useful for your workflow.
We can now add our package definition to a second private github repository which will function as a private guix channel.
This is better documented and there are several decent tutorials out there. If I run into an interesting problem I’ll post it here.