fetchGit

builtins.fetchGit

Primop

Docs pulled from | This Revision | 4 days ago

Takes 1 arguments

args

Fetch a path from git. args can be a URL, in which case the HEAD of the repo at that URL is fetched. Otherwise, it can be an attribute with the following attributes (all except url optional):

url

The URL of the repo.
name (default: source)

The name of the directory the repo should be exported to in the store.
rev (default: the tip of ref)

The Git revision to fetch. This is typically a commit hash.
ref (default: HEAD)

The Git reference under which to look for the requested revision. This is often a branch or tag name.

This option has no effect once shallow cloning is enabled.

By default, the ref value is prefixed with refs/heads/. As of 2.3.0, Nix doesn't prefix refs/heads/ if ref starts with refs/.
submodules (default: false)

A Boolean parameter that specifies whether submodules should be checked out.
exportIgnore (default: true)

A Boolean parameter that specifies whether export-ignore from .gitattributes should be applied. This approximates part of the git archive behavior.

Enabling this option is not recommended because it is unknown whether the Git developers commit to the reproducibility of export-ignore in newer Git versions.
shallow (default: false)

Make a shallow clone when fetching the Git tree. When this is enabled, the options ref and allRefs have no effect anymore.
lfs (default: false)

A boolean that when true specifies that Git LFS files should be fetched.
allRefs

Whether to fetch all references (eg. branches and tags) of the repository. With this argument being true, it's possible to load a rev from any ref. (by default only revs from the specified ref are supported).

This option has no effect once shallow cloning is enabled.
verifyCommit (default: true if publicKey or publicKeys are provided, otherwise false)

Whether to check rev for a signature matching publicKey or publicKeys. If verifyCommit is enabled, then fetchGit cannot use a local repository with uncommitted changes. Requires the verified-fetches experimental feature.
publicKey

The public key against which rev is verified if verifyCommit is enabled. Requires the verified-fetches experimental feature.
keytype (default: "ssh-ed25519")

The key type of publicKey. Possible values:
- "ssh-dsa"
- "ssh-ecdsa"
- "ssh-ecdsa-sk"
- "ssh-ed25519"
- "ssh-ed25519-sk"
- "ssh-rsa" Requires the verified-fetches experimental feature.
publicKeys

The public keys against which rev is verified if verifyCommit is enabled. Must be given as a list of attribute sets with the following form:
```
{
  key = "<public key>";
  type = "<key type>"; # optional, default: "ssh-ed25519"
}
```
Requires the verified-fetches experimental feature.

Here are some examples of how to use fetchGit.

To fetch a private repository over SSH:

builtins.fetchGit {
  url = "[email protected]:my-secret/repository.git";
  ref = "master";
  rev = "adab8b916a45068c044658c4158d81878f9ed1c3";
}

To fetch an arbitrary reference:

builtins.fetchGit {
  url = "https://github.com/NixOS/nix.git";
  ref = "refs/heads/0.5-release";
}

If the revision you're looking for is in the default branch of the git repository you don't strictly need to specify the branch name in the ref attribute.

However, if the revision you're looking for is in a future branch for the non-default branch you will need to specify the the ref attribute as well.
```
builtins.fetchGit {
  url = "https://github.com/nixos/nix.git";
  rev = "841fcbd04755c7a2865c51c1e2d3b045976b7452";
  ref = "1.11-maintenance";
}
```
Note

It is nice to always specify the branch which a revision belongs to. Without the branch being specified, the fetcher might fail if the default branch changes. Additionally, it can be confusing to try a commit from a non-default branch and see the fetch fail. If the branch is specified the fault is much more obvious.

If the revision you're looking for is in the default branch of the git repository you may omit the ref attribute.

builtins.fetchGit {
  url = "https://github.com/nixos/nix.git";
  rev = "841fcbd04755c7a2865c51c1e2d3b045976b7452";
}

To fetch a specific tag:

builtins.fetchGit {
  url = "https://github.com/nixos/nix.git";
  ref = "refs/tags/1.9";
}

To fetch the latest version of a remote branch:

builtins.fetchGit {
  url = "ssh://[email protected]/nixos/nix.git";
  ref = "master";
}

To verify the commit signature:

builtins.fetchGit {
  url = "ssh://[email protected]/nixos/nix.git";
  verifyCommit = true;
  publicKeys = [
      {
        type = "ssh-ed25519";
        key = "AAAAC3NzaC1lZDI1NTE5AAAAIArPKULJOid8eS6XETwUjO48/HKBWl7FTCK0Z//fplDi";
      }
  ];
}

Nix refetches the branch according to the tarball-ttl setting.

This behavior is disabled in pure evaluation mode.

To fetch the content of a checked-out work directory:
```
builtins.fetchGit ./work-dir
```

If the URL points to a local directory, and no ref or rev is given, fetchGit uses the current content of the checked-out files, even if they are not committed or added to Git's index. It only considers files added to the Git repository, as listed by git ls-files.

This function is not defined in a .nix file. It is likely a builtins function or an alias of a builtins function. Builtins functions are predefined functions provided by Nix.

Noogle detected

Detected Type

fetchgit :: AttrSet -> AttrSet

Implementation

This function is implemented in c++ and is part of the native nix runtime.