Nix 包管理器和 GitLab 的问题

Problem with Nix package manager and GitLab

我在 OSX Mojave 上使用 Nix 包管理器。

我的同事正在使用 OSX 的早期版本。不确定这是否是他们没有遇到此问题的原因。

我无法连接到我明确有权访问的特定私有 gitlab 存储库。我可以直接克隆它,但是当我构建它所属的项目时我无法构建它。

这是我的 default.nix 文件的相关摘录。我被告知 fetchgitPrivate 已被弃用。我尝试在这个文件中用 fetchGit 替换它,但它不起作用。

      my-private-gitlab-repo = self.callCabal2nix "my-private-gitlab-repo" (pkgs.fetchgitPrivate {
        url = "git@gitlab.com/namehere/my-private-gitlab-repo.git";
        rev = "...";
        sha256 = "...";
      }) {};

这是我遇到的错误:

reallymemorables-MacBook-Pro:localclone reallymemorable$ ./scripts/ghci-backend
building '/nix/store/kljskajsdljkdgfhj-cabal2nix-my-private-gitlab-repo.drv'...
exporting ssh://git@gitlab.com/namehere/my-private-gitlab-repo.git (rev kjsdjfksdjklfsjkldjfksjdfskldf) into /nix/store/kljskajsdljkdgfhj-cabal2nix-my-private-gitlab-repo-asddfs
Initialized empty Git repository in /nix/store/kljskajsdljkdgfhj-cabal2nix-my-private-gitlab-repo-asddfs/.git/
git@gitlab.com: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
git@gitlab.com: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
Unable to checkout khjsdfkhdsjhklsdjhfksdhfjksdh from ssh://git@gitlab.com/namehere/my-private-gitlab-repo.git.
builder for '/nix/store/kljskajsdljkdgfhj-cabal2nix-my-private-gitlab-repo-asdffdsgfd.drv' failed with exit code 1
cannot build derivation '/nix/store/kljskajsdljkdgfhj-cabal2nix-my-private-gitlab-repo.drv': 1 dependencies couldn't be built
error: build of '/nix/store/kljskajsdljkdgfhj-cabal2nix-my-private-gitlab-repo.drv' failed
(use '--show-trace' to show detailed location information)

我完全不知道如何继续。我已经尝试将我的 ssh 密钥放在共享和我的普通 OSX 用户中。我已经尝试了一百万个权限排列。

与 Nix 2.x 一起使用的正确方法是 builtins.fetchGit -- 但它不是直接的替代:您需要删除 sha256 参数。因为 builtins.fetchGit 在您自己的用户帐户 下运行 ,而不是作为 Nix 构建器,它完全解决了权限问题:您可以自己访问的任何内容(密钥环、YubiKey 或智能卡,或者只是你的 ~/.ssh 目录)可以通过 builtins.fetchGit.

调用的 git 的副本访问

因此:

my-private-gitlab-repo = self.callCabal2nix "my-private-gitlab-repo" (builtins.fetchGit {
  url = "git@gitlab.com/namehere/my-private-gitlab-repo.git";
  rev = "...";
}) {};