diff options
Diffstat (limited to 'pkgs/build-support')
| -rw-r--r-- | pkgs/build-support/buildenv/default.nix | 5 | ||||
| -rw-r--r-- | pkgs/build-support/docker/default.nix | 15 | ||||
| -rw-r--r-- | pkgs/build-support/docker/examples.nix | 2 | ||||
| -rw-r--r-- | pkgs/build-support/docker/pull.nix | 32 | ||||
| -rw-r--r-- | pkgs/build-support/fetchrepoproject/default.nix | 73 | ||||
| -rw-r--r-- | pkgs/build-support/setup-hooks/autoreconf.sh | 4 |
6 files changed, 51 insertions, 80 deletions
diff --git a/pkgs/build-support/buildenv/default.nix b/pkgs/build-support/buildenv/default.nix index 47e2c1b904c3..41a1e67ef428 100644 --- a/pkgs/build-support/buildenv/default.nix +++ b/pkgs/build-support/buildenv/default.nix @@ -4,7 +4,8 @@ { buildPackages, runCommand, lib }: -{ name +lib.makeOverridable +({ name , # The manifest file (if any). A symlink $out/manifest will be # created to it. @@ -68,4 +69,4 @@ runCommand name '' ${buildPackages.perl}/bin/perl -w ${./builder.pl} eval "$postBuild" - '' + '') diff --git a/pkgs/build-support/docker/default.nix b/pkgs/build-support/docker/default.nix index 17d7f2da035c..8a7b362bd5ed 100644 --- a/pkgs/build-support/docker/default.nix +++ b/pkgs/build-support/docker/default.nix @@ -30,7 +30,20 @@ rec { inherit pkgs buildImage pullImage shadowSetup; }; - pullImage = callPackage ./pull.nix {}; + pullImage = + let + nameReplace = name: builtins.replaceStrings ["/" ":"] ["-" "-"] name; + in + # For simplicity we only support sha256. + { imageName, imageTag ? "latest", imageId ? "${imageName}:${imageTag}" + , sha256, name ? (nameReplace "docker-image-${imageName}-${imageTag}.tar") }: + runCommand name { + impureEnvVars=pkgs.stdenv.lib.fetchers.proxyImpureEnvVars; + outputHashMode="flat"; + outputHashAlgo="sha256"; + outputHash=sha256; + } + "${pkgs.skopeo}/bin/skopeo copy docker://${imageId} docker-archive://$out:${imageId}"; # We need to sum layer.tar, not a directory, hence tarsum instead of nix-hash. # And we cannot untar it, because then we cannot preserve permissions ecc. diff --git a/pkgs/build-support/docker/examples.nix b/pkgs/build-support/docker/examples.nix index 49cbb7a98175..aead53f6f7d1 100644 --- a/pkgs/build-support/docker/examples.nix +++ b/pkgs/build-support/docker/examples.nix @@ -87,7 +87,7 @@ rec { imageName = "nixos/nix"; imageTag = "1.11"; # this hash will need change if the tag is updated at docker hub - sha256 = "1gk4bq05vl3rj3mh4mlbl4iicgndmimlv8jvkhdk4hrv0r44bwr3"; + sha256 = "18xvcnl0yvj9kfi5bkimrhhjaa8xhm3jhshh2xd7c0sbfrmfqzvi"; }; # 5. example of multiple contents, emacs and vi happily coexisting diff --git a/pkgs/build-support/docker/pull.nix b/pkgs/build-support/docker/pull.nix deleted file mode 100644 index 5ccd0a41c5e4..000000000000 --- a/pkgs/build-support/docker/pull.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ stdenv, lib, docker, vmTools, utillinux, curl, kmod, dhcp, cacert, e2fsprogs }: -let - nameReplace = name: builtins.replaceStrings ["/" ":"] ["-" "-"] name; -in -# For simplicity we only support sha256. -{ imageName, imageTag ? "latest", imageId ? "${imageName}:${imageTag}" -, sha256, name ? (nameReplace "docker-image-${imageName}-${imageTag}.tar") }: -let - pullImage = vmTools.runInLinuxVM ( - stdenv.mkDerivation { - inherit name imageId; - - certs = "${cacert}/etc/ssl/certs/ca-bundle.crt"; - - builder = ./pull.sh; - - buildInputs = [ curl utillinux docker kmod dhcp cacert e2fsprogs ]; - - outputHashAlgo = "sha256"; - outputHash = sha256; - - impureEnvVars = lib.fetchers.proxyImpureEnvVars; - - preVM = vmTools.createEmptyImage { - size = 2048; - fullName = "${name}-disk"; - }; - - QEMU_OPTS = "-netdev user,id=net0 -device virtio-net-pci,netdev=net0"; - }); -in - pullImage diff --git a/pkgs/build-support/fetchrepoproject/default.nix b/pkgs/build-support/fetchrepoproject/default.nix index 8c55db5372d9..2e5fbe794353 100644 --- a/pkgs/build-support/fetchrepoproject/default.nix +++ b/pkgs/build-support/fetchrepoproject/default.nix @@ -1,6 +1,7 @@ -{ stdenv, git, gitRepo, gnupg ? null, cacert, copyPathsToStore }: +{ stdenv, gitRepo, cacert, copyPathsToStore }: -{ name, manifest, rev ? "HEAD", sha256, repoRepoURL ? "", repoRepoRev ? "", referenceDir ? "" +{ name, manifest, rev ? "HEAD", sha256 +, repoRepoURL ? "", repoRepoRev ? "", referenceDir ? "" , localManifests ? [], createMirror ? false, useArchive ? !createMirror }: @@ -10,64 +11,56 @@ assert createMirror -> !useArchive; with stdenv.lib; let + extraRepoInitFlags = [ + (optionalString (repoRepoURL != "") "--repo-url=${repoRepoURL}") + (optionalString (repoRepoRev != "") "--repo-branch=${repoRepoRev}") + (optionalString (referenceDir != "") "--reference=${referenceDir}") + ]; + repoInitFlags = [ "--manifest-url=${manifest}" "--manifest-branch=${rev}" "--depth=1" - #TODO: fetching clone.bundle seems to fail spectacularly inside a sandbox. - "--no-clone-bundle" (optionalString createMirror "--mirror") (optionalString useArchive "--archive") - (optionalString (repoRepoURL != "") "--repo-url=${repoRepoURL}") - (optionalString (repoRepoRev != "") "--repo-branch=${repoRepoRev}") - (optionalString (referenceDir != "") "--reference=${referenceDir}") - ]; + ] ++ extraRepoInitFlags; local_manifests = copyPathsToStore localManifests; -in +in stdenv.mkDerivation { + inherit name; -with stdenv.lib; + inherit cacert manifest rev repoRepoURL repoRepoRev referenceDir; # TODO -let - extraRepoInitFlags = [ - (optionalString (repoRepoURL != "") "--repo-url=${repoRepoURL}") - (optionalString (repoRepoRev != "") "--repo-branch=${repoRepoRev}") - (optionalString (referenceDir != "") "--reference=${referenceDir}") + outputHashAlgo = "sha256"; + outputHashMode = "recursive"; + outputHash = sha256; + + preferLocalBuild = true; + enableParallelBuilding = true; + + impureEnvVars = fetchers.proxyImpureEnvVars ++ [ + "GIT_PROXY_COMMAND" "SOCKS_SERVER" ]; -in -stdenv.mkDerivation { + buildInputs = [ gitRepo cacert ]; + + GIT_SSL_CAINFO = "${cacert}/etc/ssl/certs/ca-bundle.crt"; + buildCommand = '' + # Path must be absolute (e.g. for GnuPG: ~/.repoconfig/gnupg/pubring.kbx) + export HOME="$(pwd)" + mkdir .repo ${optionalString (local_manifests != []) '' - mkdir ./.repo/local_manifests - for local_manifest in ${concatMapStringsSep " " toString local_manifests} - - do - cp $local_manifest ./.repo/local_manifests/$(stripHash $local_manifest; echo $strippedName) - done + mkdir .repo/local_manifests + for local_manifest in ${concatMapStringsSep " " toString local_manifests}; do + cp $local_manifest .repo/local_manifests/$(stripHash $local_manifest; echo $strippedName) + done ''} - export HOME=.repo repo init ${concatStringsSep " " repoInitFlags} - repo sync --jobs=$NIX_BUILD_CORES --current-branch ${optionalString (!createMirror) "rm -rf $out/.repo"} ''; - - GIT_SSL_CAINFO = "${cacert}/etc/ssl/certs/ca-bundle.crt"; - - impureEnvVars = stdenv.lib.fetchers.proxyImpureEnvVars ++ [ - "GIT_PROXY_COMMAND" "SOCKS_SERVER" - ]; - - buildInputs = [git gitRepo cacert] ++ optional (gnupg != null) [gnupg] ; - outputHashAlgo = "sha256"; - outputHashMode = "recursive"; - outputHash = sha256; - - preferLocalBuild = true; - enableParallelBuilding = true; - inherit name cacert manifest rev repoRepoURL repoRepoRev referenceDir; } diff --git a/pkgs/build-support/setup-hooks/autoreconf.sh b/pkgs/build-support/setup-hooks/autoreconf.sh index 441d6b43baa2..c08cab158688 100644 --- a/pkgs/build-support/setup-hooks/autoreconf.sh +++ b/pkgs/build-support/setup-hooks/autoreconf.sh @@ -1,9 +1,5 @@ preConfigurePhases+=" autoreconfPhase" -for i in @autoconf@ @automake@ @libtool@ @gettext@; do - findInputs $i nativePkgs propagated-native-build-inputs -done - autoreconfPhase() { runHook preAutoreconf autoreconf ${autoreconfFlags:---install --force --verbose} |