diff options
author | Matthew Bauer <mjbauer95@gmail.com> | 2019-02-18 20:36:48 -0500 |
---|---|---|
committer | Matthew Bauer <mjbauer95@gmail.com> | 2019-02-18 20:36:48 -0500 |
commit | b1bbd94bb680dbcb1c7b55128d129d5cdd3f81c3 (patch) | |
tree | d6eaa4102b8caf97fd924395114f4d9df5d3b4ef /pkgs/build-support | |
parent | a808baa5e50e83c64b00f772d0070e5989f6afb9 (diff) | |
parent | 266315c91d5e4a6d7b8465eb44d4f6af30d90b30 (diff) | |
download | nixlib-b1bbd94bb680dbcb1c7b55128d129d5cdd3f81c3.tar nixlib-b1bbd94bb680dbcb1c7b55128d129d5cdd3f81c3.tar.gz nixlib-b1bbd94bb680dbcb1c7b55128d129d5cdd3f81c3.tar.bz2 nixlib-b1bbd94bb680dbcb1c7b55128d129d5cdd3f81c3.tar.lz nixlib-b1bbd94bb680dbcb1c7b55128d129d5cdd3f81c3.tar.xz nixlib-b1bbd94bb680dbcb1c7b55128d129d5cdd3f81c3.tar.zst nixlib-b1bbd94bb680dbcb1c7b55128d129d5cdd3f81c3.zip |
Merge remote-tracking branch 'NixOS/master' into staging
Diffstat (limited to 'pkgs/build-support')
-rw-r--r-- | pkgs/build-support/build-bazel-package/default.nix | 4 | ||||
-rw-r--r-- | pkgs/build-support/docker/default.nix | 2 | ||||
-rw-r--r-- | pkgs/build-support/fetchurl/mirrors.nix | 2 | ||||
-rw-r--r-- | pkgs/build-support/nix-gitignore/default.nix | 178 | ||||
-rw-r--r-- | pkgs/build-support/singularity-tools/default.nix | 17 |
5 files changed, 190 insertions, 13 deletions
diff --git a/pkgs/build-support/build-bazel-package/default.nix b/pkgs/build-support/build-bazel-package/default.nix index 28247bac1021..931b68c6329f 100644 --- a/pkgs/build-support/build-bazel-package/default.nix +++ b/pkgs/build-support/build-bazel-package/default.nix @@ -1,4 +1,4 @@ -{ stdenv, bazel, enableNixHacks ? true }: +{ stdenv, bazel, cacert, enableNixHacks ? true }: args@{ name, bazelFlags ? [], bazelTarget, buildAttrs, fetchAttrs, ... }: @@ -20,6 +20,8 @@ in stdenv.mkDerivation (fBuildAttrs // { export bazelOut="$(echo ''${NIX_BUILD_TOP}/output | sed -e 's,//,/,g')" export bazelUserRoot="$(echo ''${NIX_BUILD_TOP}/tmp | sed -e 's,//,/,g')" export HOME="$NIX_BUILD_TOP" + # This is needed for git_repository with https remotes + export GIT_SSL_CAINFO="${cacert}/etc/ssl/certs/ca-bundle.crt" ''; buildPhase = fFetchAttrs.buildPhase or '' diff --git a/pkgs/build-support/docker/default.nix b/pkgs/build-support/docker/default.nix index 372c567a7e75..ef17a3f4e58a 100644 --- a/pkgs/build-support/docker/default.nix +++ b/pkgs/build-support/docker/default.nix @@ -783,7 +783,7 @@ rec { imageJson=$(cat ${baseJson} | jq ". + {\"rootfs\": {\"diff_ids\": [], \"type\": \"layers\"}}") manifestJson=$(jq -n "[{\"RepoTags\":[\"$imageName:$imageTag\"]}]") - for layerTar in $(cat ./layer-list); do + for layerTar in $(tac ./layer-list); do layerChecksum=$(sha256sum image/$layerTar | cut -d ' ' -f1) imageJson=$(echo "$imageJson" | jq ".history |= [{\"created\": \"$(jq -r .created ${baseJson})\"}] + .") imageJson=$(echo "$imageJson" | jq ".rootfs.diff_ids |= [\"sha256:$layerChecksum\"] + .") diff --git a/pkgs/build-support/fetchurl/mirrors.nix b/pkgs/build-support/fetchurl/mirrors.nix index eccfe1964acf..404c744eea2a 100644 --- a/pkgs/build-support/fetchurl/mirrors.nix +++ b/pkgs/build-support/fetchurl/mirrors.nix @@ -44,6 +44,8 @@ rec { # GCC. gcc = [ + https://bigsearcher.com/mirrors/gcc/ + http://mirror.koddos.net/gcc/ ftp://ftp.nluug.nl/mirror/languages/gcc/ ftp://ftp.fu-berlin.de/unix/languages/gcc/ ftp://ftp.irisa.fr/pub/mirrors/gcc.gnu.org/gcc/ diff --git a/pkgs/build-support/nix-gitignore/default.nix b/pkgs/build-support/nix-gitignore/default.nix new file mode 100644 index 000000000000..28ee6bad5540 --- /dev/null +++ b/pkgs/build-support/nix-gitignore/default.nix @@ -0,0 +1,178 @@ +# https://github.com/siers/nix-gitignore/ + +{ lib, runCommand }: + +# An interesting bit from the gitignore(5): +# - A slash followed by two consecutive asterisks then a slash matches +# - zero or more directories. For example, "a/**/b" matches "a/b", +# - "a/x/b", "a/x/y/b" and so on. + +with builtins; + +let + debug = a: trace a a; + last = l: elemAt l ((length l) - 1); + + throwIfOldNix = let required = "2.0"; in + if compareVersions nixVersion required == -1 + then throw "nix (v${nixVersion} =< v${required}) is too old for nix-gitignore" + else true; +in rec { + # [["good/relative/source/file" true] ["bad.tmpfile" false]] -> root -> path + filterPattern = patterns: root: + (name: _type: + let + relPath = lib.removePrefix ((toString root) + "/") name; + matches = pair: (match (head pair) relPath) != null; + matched = map (pair: [(matches pair) (last pair)]) patterns; + in + last (last ([[true true]] ++ (filter head matched))) + ); + + # string -> [[regex bool]] + gitignoreToPatterns = gitignore: + assert throwIfOldNix; + let + # ignore -> bool + isComment = i: (match "^(#.*|$)" i) != null; + + # ignore -> [ignore bool] + computeNegation = l: + let split = match "^(!?)(.*)" l; + in [(elemAt split 1) (head split == "!")]; + + # ignore -> regex + substWildcards = + let + special = "^$.+{}()"; + escs = "\\*?"; + splitString = + let recurse = str : [(substring 0 1 str)] ++ + (if str == "" then [] else (recurse (substring 1 (stringLength(str)) str) )); + in str : recurse str; + chars = s: filter (c: c != "" && !isList c) (splitString s); + escape = s: map (c: "\\" + c) (chars s); + in + replaceStrings + ((chars special) ++ (escape escs) ++ ["**/" "**" "*" "?"]) + ((escape special) ++ (escape escs) ++ ["(.*/)?" ".*" "[^/]*" "[^/]"]); + + # (regex -> regex) -> regex -> regex + mapAroundCharclass = f: r: # rl = regex or list + let slightFix = replaceStrings ["\\]"] ["]"]; + in + concatStringsSep "" + (map (rl: if isList rl then slightFix (elemAt rl 0) else f rl) + (split "(\\[([^\\\\]|\\\\.)+])" r)); + + # regex -> regex + handleSlashPrefix = l: + let + split = (match "^(/?)(.*)" l); + findSlash = l: if (match ".+/.+" l) != null then "" else l; + hasSlash = mapAroundCharclass findSlash l != l; + in + (if (elemAt split 0) == "/" || hasSlash + then "^" + else "(^|.*/)" + ) + (elemAt split 1); + + # regex -> regex + handleSlashSuffix = l: + let split = (match "^(.*)/$" l); + in if split != null then (elemAt split 0) + "($|/.*)" else l; + + # (regex -> regex) -> [regex, bool] -> [regex, bool] + mapPat = f: l: [(f (head l)) (last l)]; + in + map (l: # `l' for "line" + mapPat (l: handleSlashSuffix (handleSlashPrefix (mapAroundCharclass substWildcards l))) + (computeNegation l)) + (filter (l: !isList l && !isComment l) + (split "\n" gitignore)); + + gitignoreFilter = ign: root: filterPattern (gitignoreToPatterns ign) root; + + # string|[string|file] (→ [string|file] → [string]) -> string + gitignoreCompileIgnore = file_str_patterns: root: + let + onPath = f: a: if typeOf a == "path" then f a else a; + str_patterns = map (onPath readFile) (lib.toList file_str_patterns); + in concatStringsSep "\n" str_patterns; + + gitignoreFilterPure = filter: patterns: root: name: type: + gitignoreFilter (gitignoreCompileIgnore patterns root) root name type + && filter name type; + + # This is a very hacky way of programming this! + # A better way would be to reuse existing filtering by making multiple gitignore functions per each root. + # Then for each file find the set of roots with gitignores (and functions). + # This would make gitignoreFilterSource very different from gitignoreFilterPure. + # rootPath → gitignoresConcatenated + compileRecursiveGitignore = root: + let + dirOrIgnore = file: type: baseNameOf file == ".gitignore" || type == "directory"; + ignores = builtins.filterSource dirOrIgnore root; + in readFile ( + runCommand "${baseNameOf root}-recursive-gitignore" {} '' + cd ${ignores} + + find -type f -exec sh -c ' + rel="$(realpath --relative-to=. "$(dirname "$1")")/" + if [ "$rel" = "./" ]; then rel=""; fi + + awk -v prefix="$rel" -v root="$1" -v top="$(test -z "$rel" && echo 1)" " + BEGIN { print \"# \"root } + + /^!?[^\\/]+\/?$/ { + match(\$0, /^!?/, negation) + sub(/^!?/, \"\") + + if (top) { middle = \"\" } else { middle = \"**/\" } + + print negation[0] prefix middle \$0 + } + + /^!?(\\/|.*\\/.+$)/ { + match(\$0, /^!?/, negation) + sub(/^!?/, \"\") + + if (!top) sub(/^\//, \"\") + + print negation[0] prefix \$0 + } + + END { print \"\" } + " "$1" + ' sh {} \; > $out + ''); + + withGitignoreFile = patterns: root: + lib.toList patterns ++ [(root + "/.gitignore")]; + + withRecursiveGitignoreFile = patterns: root: + lib.toList patterns ++ [(compileRecursiveGitignore root)]; + + # filterSource derivatives + + gitignoreFilterSourcePure = filter: patterns: root: + filterSource (gitignoreFilterPure filter patterns root) root; + + gitignoreFilterSource = filter: patterns: root: + gitignoreFilterSourcePure filter (withGitignoreFile patterns root) root; + + gitignoreFilterRecursiveSource = filter: patterns: root: + gitignoreFilterSourcePure filter (withRecursiveGitignoreFile patterns root) root; + + # "Filter"-less alternatives + + gitignoreSourcePure = gitignoreFilterSourcePure (_: _: true); + gitignoreSource = patterns: let type = typeOf patterns; in + if (type == "string" && pathExists patterns) || type == "path" + then throw + "type error in gitignoreSource(patterns -> source -> path), " + "use [] or \"\" if there are no additional patterns" + else gitignoreFilterSource (_: _: true) patterns; + + gitignoreRecursiveSource = gitignoreFilterSourcePure (_: _: true); +} diff --git a/pkgs/build-support/singularity-tools/default.nix b/pkgs/build-support/singularity-tools/default.nix index f9b4c8a7fd35..4206b0f33ff9 100644 --- a/pkgs/build-support/singularity-tools/default.nix +++ b/pkgs/build-support/singularity-tools/default.nix @@ -87,19 +87,14 @@ rec { # Create runScript ln -s ${runScriptFile} singularity - # Size calculation - cd .. - umount disk - size=$(resize2fs -P /dev/${vmTools.hd} | awk '{print $NF}') - mount /dev/${vmTools.hd} disk - cd disk + # Fill out .singularity.d + mkdir -p .singularity.d/env + touch .singularity.d/env/94-appsbase.sh - export PATH=$PATH:${e2fsprogs}/bin/ - echo creating - singularity image.create -s $((1 + size * 4 / 1024 + ${toString extraSpace})) $out - echo importing + cd .. mkdir -p /var/singularity/mnt/{container,final,overlay,session,source} - tar -c . | singularity image.import $out + echo "root:x:0:0:System administrator:/root:/bin/sh" > /etc/passwd + singularity build $out ./disk ''); in result; |