diff options
author | figsoda <figsoda@pm.me> | 2023-01-12 12:22:07 -0500 |
---|---|---|
committer | figsoda <figsoda@pm.me> | 2023-01-12 12:22:59 -0500 |
commit | b9259df616359f2badec2ab315c88989eacc0ac5 (patch) | |
tree | 0af969f159d08295a437897fa513ab542b091512 /pkgs/development/compilers/rust | |
parent | a113c6f06fa49e7a50c2477f13ed5167e11d28fc (diff) | |
download | nixlib-b9259df616359f2badec2ab315c88989eacc0ac5.tar nixlib-b9259df616359f2badec2ab315c88989eacc0ac5.tar.gz nixlib-b9259df616359f2badec2ab315c88989eacc0ac5.tar.bz2 nixlib-b9259df616359f2badec2ab315c88989eacc0ac5.tar.lz nixlib-b9259df616359f2badec2ab315c88989eacc0ac5.tar.xz nixlib-b9259df616359f2badec2ab315c88989eacc0ac5.tar.zst nixlib-b9259df616359f2badec2ab315c88989eacc0ac5.zip |
rustPlatform.buildRustPackage: fix cross compiling auditable packages
Diffstat (limited to 'pkgs/development/compilers/rust')
4 files changed, 62 insertions, 2 deletions
diff --git a/pkgs/development/compilers/rust/cargo-auditable-cargo-wrapper.nix b/pkgs/development/compilers/rust/cargo-auditable-cargo-wrapper.nix new file mode 100644 index 000000000000..3afa59739a37 --- /dev/null +++ b/pkgs/development/compilers/rust/cargo-auditable-cargo-wrapper.nix @@ -0,0 +1,13 @@ +{ lib, writeShellApplication, cargo, cargo-auditable }: + +(writeShellApplication { + name = "cargo"; + runtimeInputs = [ cargo cargo-auditable ]; + text = '' + CARGO_AUDITABLE_IGNORE_UNSUPPORTED=1 cargo auditable "$@" + ''; +}) // { + meta = cargo-auditable.meta // { + mainProgram = "cargo"; + }; +} diff --git a/pkgs/development/compilers/rust/cargo-auditable.nix b/pkgs/development/compilers/rust/cargo-auditable.nix new file mode 100644 index 000000000000..1c621276021a --- /dev/null +++ b/pkgs/development/compilers/rust/cargo-auditable.nix @@ -0,0 +1,40 @@ +{ lib, fetchFromGitHub, makeRustPlatform, rustc, cargo }: + +let + args = rec { + pname = "cargo-auditable"; + version = "0.6.0"; + + src = fetchFromGitHub { + owner = "rust-secure-code"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-mSiEC+9QtRjWmywJnGgUqp+q8fhY0qUYrgjrAVaY114="; + }; + + cargoSha256 = "sha256-Wz5My/QxPpZVsPBUe3KHT3ttD6CTU8NCY8rhFEC+UlA="; + + meta = with lib; { + description = "A tool to make production Rust binaries auditable"; + homepage = "https://github.com/rust-secure-code/cargo-auditable"; + changelog = "https://github.com/rust-secure-code/cargo-auditable/blob/v${version}/cargo-auditable/CHANGELOG.md"; + license = with licenses; [ mit /* or */ asl20 ]; + maintainers = with maintainers; [ figsoda ]; + }; + }; + + rustPlatform = makeRustPlatform { + inherit rustc; + cargo = cargo.override { + auditable = false; + }; + }; + + bootstrap = rustPlatform.buildRustPackage (args // { + auditable = false; + }); +in + +rustPlatform.buildRustPackage.override { cargo-auditable = bootstrap; } (args // { + auditable = true; # TODO: remove when this is the default +}) diff --git a/pkgs/development/compilers/rust/default.nix b/pkgs/development/compilers/rust/default.nix index 7a100f7ec911..42ca74c7164d 100644 --- a/pkgs/development/compilers/rust/default.nix +++ b/pkgs/development/compilers/rust/default.nix @@ -81,6 +81,8 @@ in rustPlatform = bootRustPlatform; inherit CoreFoundation Security; }; + cargo-auditable = self.callPackage ./cargo-auditable.nix { }; + cargo-auditable-cargo-wrapper = self.callPackage ./cargo-auditable-cargo-wrapper.nix { }; clippy = self.callPackage ./clippy.nix { inherit Security; }; }); }; diff --git a/pkgs/development/compilers/rust/make-rust-platform.nix b/pkgs/development/compilers/rust/make-rust-platform.nix index fcfd02dcf6cd..25a692565db3 100644 --- a/pkgs/development/compilers/rust/make-rust-platform.nix +++ b/pkgs/development/compilers/rust/make-rust-platform.nix @@ -1,6 +1,11 @@ { buildPackages, callPackage, stdenv, runCommand }@prev: -{ rustc, cargo, stdenv ? prev.stdenv, ... }: +{ rustc +, cargo +, cargo-auditable ? null +, stdenv ? prev.stdenv +, ... +}: rec { rust = { @@ -14,7 +19,7 @@ rec { buildRustPackage = callPackage ../../../build-support/rust/build-rust-package { inherit stdenv cargoBuildHook cargoCheckHook cargoInstallHook cargoNextestHook cargoSetupHook - fetchCargoTarball importCargoLock rustc; + fetchCargoTarball importCargoLock rustc cargo cargo-auditable; }; importCargoLock = buildPackages.callPackage ../../../build-support/rust/import-cargo-lock.nix { inherit cargo; }; |