2012-07-26 21:13:14 +00:00
|
|
|
|
source common.sh
|
|
|
|
|
|
2022-03-22 22:19:21 +00:00
|
|
|
|
needLocalStore "'--no-require-sigs' can’t be used with the daemon"
|
2021-07-26 04:54:55 +00:00
|
|
|
|
|
2020-12-20 19:55:21 +00:00
|
|
|
|
# We can produce drvs directly into the binary cache
|
2012-07-26 21:13:14 +00:00
|
|
|
|
clearStore
|
2020-12-20 19:55:21 +00:00
|
|
|
|
clearCacheCache
|
|
|
|
|
nix-instantiate --store "file://$cacheDir" dependencies.nix
|
2012-07-26 21:13:14 +00:00
|
|
|
|
|
2012-07-27 18:15:03 +00:00
|
|
|
|
# Create the binary cache.
|
2020-12-20 19:55:21 +00:00
|
|
|
|
clearStore
|
|
|
|
|
clearCache
|
2012-07-26 21:13:14 +00:00
|
|
|
|
outPath=$(nix-build dependencies.nix --no-out-link)
|
|
|
|
|
|
2017-10-03 03:41:29 +00:00
|
|
|
|
nix copy --to file://$cacheDir $outPath
|
2012-07-26 21:13:14 +00:00
|
|
|
|
|
2024-04-05 14:09:20 +00:00
|
|
|
|
readarray -t paths < <(nix path-info --all --json --store file://$cacheDir | jq 'keys|sort|.[]' -r)
|
|
|
|
|
[[ "${#paths[@]}" -eq 3 ]]
|
|
|
|
|
for path in "${paths[@]}"; do
|
|
|
|
|
[[ "$path" =~ -dependencies-input-0$ ]] \
|
|
|
|
|
|| [[ "$path" =~ -dependencies-input-2$ ]] \
|
|
|
|
|
|| [[ "$path" =~ -dependencies-top$ ]]
|
|
|
|
|
done
|
|
|
|
|
|
2022-01-18 16:30:50 +00:00
|
|
|
|
# Test copying build logs to the binary cache.
|
2021-12-09 15:26:46 +00:00
|
|
|
|
expect 1 nix log --store file://$cacheDir $outPath 2>&1 | grep 'is not available'
|
2022-01-18 16:30:50 +00:00
|
|
|
|
nix store copy-log --to file://$cacheDir $outPath
|
|
|
|
|
nix log --store file://$cacheDir $outPath | grep FOO
|
|
|
|
|
rm -rf $TEST_ROOT/var/log/nix
|
2021-12-09 15:26:46 +00:00
|
|
|
|
expect 1 nix log $outPath 2>&1 | grep 'is not available'
|
2022-01-18 16:30:50 +00:00
|
|
|
|
nix log --substituters file://$cacheDir $outPath | grep FOO
|
|
|
|
|
|
|
|
|
|
# Test copying build logs from the binary cache.
|
Get rid of `.drv` special-casing for store path installables
The release notes document the change in behavior, I don't include it
here so there is no risk to it getting out of sync.
> Motivation
>> Plumbing CLI should be simple
Store derivation installations are intended as "plumbing": very simple
utilities for advanced users and scripts, and not what regular users
interact with. (Similarly, regular Git users will use branch and tag
names not explicit hashes for most things.)
The plumbing CLI should prize simplicity over convenience; that is its
raison d'etre. If the user provides a path, we should treat it the same
way not caring what sort of path it is.
>> Scripting
This is especially important for the scripting use-case. when arbitrary
paths are sent to e.g. `nix copy` and the script author wants consistent
behavior regardless of what those store paths are. Otherwise the script
author needs to be careful to filter out `.drv` ones, and then run `nix
copy` again with those paths and `--derivation`. That is not good!
>> Surprisingly low impact
Only two lines in the tests need changing, showing that the impact of
this is pretty light.
Many command, like `nix log` will continue to work with just the
derivation passed as before. This because we used to:
- Special case the drv path and replace it with it's outputs (what this
gets rid of).
- Turn those output path *back* into the original drv path.
Now we just skip that entire round trip!
> Context
Issue #7261 lays out a broader vision for getting rid of `--derivation`,
and has this as one of its dependencies. But we can do this with or
without that.
`Installable::toDerivations` is changed to handle the case of a
`DerivedPath::Opaque` ending in `.drv`, which is new: it simply doesn't
need to do any extra work in that case. On this basis, commands like
`nix {show-derivation,log} /nix/store/...-foo.drv` still work as before,
as described above.
When testing older daemons, the post-build-hook will be run against the
old CLI, so we need the old version of the post-build-hook to support
that use-case.
Co-authored-by: Travis A. Everett <travis.a.everett@gmail.com>
Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
2022-12-16 03:44:14 +00:00
|
|
|
|
nix store copy-log --from file://$cacheDir $(nix-store -qd $outPath)^'*'
|
2022-01-18 16:30:50 +00:00
|
|
|
|
nix log $outPath | grep FOO
|
2012-07-27 22:16:05 +00:00
|
|
|
|
|
2020-12-20 19:55:21 +00:00
|
|
|
|
basicDownloadTests() {
|
|
|
|
|
# No uploading tests bcause upload with force HTTP doesn't work.
|
2012-07-26 21:13:14 +00:00
|
|
|
|
|
2016-06-01 13:15:21 +00:00
|
|
|
|
# By default, a binary cache doesn't support "nix-env -qas", but does
|
|
|
|
|
# support installation.
|
|
|
|
|
clearStore
|
|
|
|
|
clearCacheCache
|
2013-04-23 10:43:28 +00:00
|
|
|
|
|
2017-11-20 16:50:49 +00:00
|
|
|
|
nix-env --substituters "file://$cacheDir" -f dependencies.nix -qas \* | grep -- "---"
|
2012-07-27 22:16:05 +00:00
|
|
|
|
|
2017-11-20 16:50:49 +00:00
|
|
|
|
nix-store --substituters "file://$cacheDir" --no-require-sigs -r $outPath
|
2012-07-27 22:16:05 +00:00
|
|
|
|
|
2016-06-01 13:15:21 +00:00
|
|
|
|
[ -x $outPath/program ]
|
2014-02-26 17:59:01 +00:00
|
|
|
|
|
2012-07-27 22:16:05 +00:00
|
|
|
|
|
2016-06-01 13:15:21 +00:00
|
|
|
|
# But with the right configuration, "nix-env -qas" should also work.
|
|
|
|
|
clearStore
|
|
|
|
|
clearCacheCache
|
|
|
|
|
echo "WantMassQuery: 1" >> $cacheDir/nix-cache-info
|
|
|
|
|
|
2017-11-20 16:50:49 +00:00
|
|
|
|
nix-env --substituters "file://$cacheDir" -f dependencies.nix -qas \* | grep -- "--S"
|
|
|
|
|
nix-env --substituters "file://$cacheDir" -f dependencies.nix -qas \* | grep -- "--S"
|
2016-06-01 13:15:21 +00:00
|
|
|
|
|
|
|
|
|
x=$(nix-env -f dependencies.nix -qas \* --prebuilt-only)
|
|
|
|
|
[ -z "$x" ]
|
|
|
|
|
|
2017-11-20 16:50:49 +00:00
|
|
|
|
nix-store --substituters "file://$cacheDir" --no-require-sigs -r $outPath
|
2016-06-01 13:15:21 +00:00
|
|
|
|
|
|
|
|
|
nix-store --check-validity $outPath
|
|
|
|
|
nix-store -qR $outPath | grep input-2
|
|
|
|
|
|
|
|
|
|
echo "WantMassQuery: 0" >> $cacheDir/nix-cache-info
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Test LocalBinaryCacheStore.
|
2020-12-20 19:55:21 +00:00
|
|
|
|
basicDownloadTests
|
2012-07-27 22:16:05 +00:00
|
|
|
|
|
2012-07-27 18:15:03 +00:00
|
|
|
|
|
2016-06-01 13:15:21 +00:00
|
|
|
|
# Test HttpBinaryCacheStore.
|
2020-03-24 13:26:13 +00:00
|
|
|
|
export _NIX_FORCE_HTTP=1
|
2020-12-20 19:55:21 +00:00
|
|
|
|
basicDownloadTests
|
2012-12-03 20:02:06 +00:00
|
|
|
|
|
2012-07-26 21:13:14 +00:00
|
|
|
|
|
2014-01-08 16:56:30 +00:00
|
|
|
|
# Test whether Nix notices if the NAR doesn't match the hash in the NAR info.
|
|
|
|
|
clearStore
|
|
|
|
|
|
2021-02-09 17:26:41 +00:00
|
|
|
|
nar=$(ls $cacheDir/nar/*.nar.xz | head -n1)
|
2014-01-08 16:56:30 +00:00
|
|
|
|
mv $nar $nar.good
|
|
|
|
|
mkdir -p $TEST_ROOT/empty
|
|
|
|
|
nix-store --dump $TEST_ROOT/empty | xz > $nar
|
|
|
|
|
|
2021-12-09 15:26:46 +00:00
|
|
|
|
expect 1 nix-build --substituters "file://$cacheDir" --no-require-sigs dependencies.nix -o $TEST_ROOT/result 2>&1 | tee $TEST_ROOT/log
|
|
|
|
|
grepQuiet "hash mismatch" $TEST_ROOT/log
|
2014-01-08 16:56:30 +00:00
|
|
|
|
|
|
|
|
|
mv $nar.good $nar
|
|
|
|
|
|
|
|
|
|
|
Support cryptographically signed binary caches
NAR info files in binary caches can now have a cryptographic signature
that Nix will verify before using the corresponding NAR file.
To create a private/public key pair for signing and verifying a binary
cache, do:
$ openssl genrsa -out ./cache-key.sec 2048
$ openssl rsa -in ./cache-key.sec -pubout > ./cache-key.pub
You should also come up with a symbolic name for the key, such as
"cache.example.org-1". This will be used by clients to look up the
public key. (It's a good idea to number keys, in case you ever need
to revoke/replace one.)
To create a binary cache signed with the private key:
$ nix-push --dest /path/to/binary-cache --key ./cache-key.sec --key-name cache.example.org-1
The public key (cache-key.pub) should be distributed to the clients.
They should have a nix.conf should contain something like:
signed-binary-caches = *
binary-cache-public-key-cache.example.org-1 = /path/to/cache-key.pub
If all works well, then if Nix fetches something from the signed
binary cache, you will see a message like:
*** Downloading ‘http://cache.example.org/nar/7dppcj5sc1nda7l54rjc0g5l1hamj09j-subversion-1.7.11’ (signed by ‘cache.example.org-1’) to ‘/nix/store/7dppcj5sc1nda7l54rjc0g5l1hamj09j-subversion-1.7.11’...
On the other hand, if the signature is wrong, you get a message like
NAR info file `http://cache.example.org/7dppcj5sc1nda7l54rjc0g5l1hamj09j.narinfo' has an invalid signature; ignoring
Signatures are implemented as a single line appended to the NAR info
file, which looks like this:
Signature: 1;cache.example.org-1;HQ9Xzyanq9iV...muQ==
Thus the signature has 3 fields: a version (currently "1"), the ID of
key, and the base64-encoded signature of the SHA-256 hash of the
contents of the NAR info file up to but not including the Signature
line.
Issue #75.
2014-01-08 14:23:41 +00:00
|
|
|
|
# Test whether this unsigned cache is rejected if the user requires signed caches.
|
|
|
|
|
clearStore
|
2016-05-30 12:53:57 +00:00
|
|
|
|
clearCacheCache
|
Support cryptographically signed binary caches
NAR info files in binary caches can now have a cryptographic signature
that Nix will verify before using the corresponding NAR file.
To create a private/public key pair for signing and verifying a binary
cache, do:
$ openssl genrsa -out ./cache-key.sec 2048
$ openssl rsa -in ./cache-key.sec -pubout > ./cache-key.pub
You should also come up with a symbolic name for the key, such as
"cache.example.org-1". This will be used by clients to look up the
public key. (It's a good idea to number keys, in case you ever need
to revoke/replace one.)
To create a binary cache signed with the private key:
$ nix-push --dest /path/to/binary-cache --key ./cache-key.sec --key-name cache.example.org-1
The public key (cache-key.pub) should be distributed to the clients.
They should have a nix.conf should contain something like:
signed-binary-caches = *
binary-cache-public-key-cache.example.org-1 = /path/to/cache-key.pub
If all works well, then if Nix fetches something from the signed
binary cache, you will see a message like:
*** Downloading ‘http://cache.example.org/nar/7dppcj5sc1nda7l54rjc0g5l1hamj09j-subversion-1.7.11’ (signed by ‘cache.example.org-1’) to ‘/nix/store/7dppcj5sc1nda7l54rjc0g5l1hamj09j-subversion-1.7.11’...
On the other hand, if the signature is wrong, you get a message like
NAR info file `http://cache.example.org/7dppcj5sc1nda7l54rjc0g5l1hamj09j.narinfo' has an invalid signature; ignoring
Signatures are implemented as a single line appended to the NAR info
file, which looks like this:
Signature: 1;cache.example.org-1;HQ9Xzyanq9iV...muQ==
Thus the signature has 3 fields: a version (currently "1"), the ID of
key, and the base64-encoded signature of the SHA-256 hash of the
contents of the NAR info file up to but not including the Signature
line.
Issue #75.
2014-01-08 14:23:41 +00:00
|
|
|
|
|
2017-11-20 16:50:49 +00:00
|
|
|
|
if nix-store --substituters "file://$cacheDir" -r $outPath; then
|
2014-01-08 16:56:58 +00:00
|
|
|
|
echo "unsigned binary cache incorrectly accepted"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
Support cryptographically signed binary caches
NAR info files in binary caches can now have a cryptographic signature
that Nix will verify before using the corresponding NAR file.
To create a private/public key pair for signing and verifying a binary
cache, do:
$ openssl genrsa -out ./cache-key.sec 2048
$ openssl rsa -in ./cache-key.sec -pubout > ./cache-key.pub
You should also come up with a symbolic name for the key, such as
"cache.example.org-1". This will be used by clients to look up the
public key. (It's a good idea to number keys, in case you ever need
to revoke/replace one.)
To create a binary cache signed with the private key:
$ nix-push --dest /path/to/binary-cache --key ./cache-key.sec --key-name cache.example.org-1
The public key (cache-key.pub) should be distributed to the clients.
They should have a nix.conf should contain something like:
signed-binary-caches = *
binary-cache-public-key-cache.example.org-1 = /path/to/cache-key.pub
If all works well, then if Nix fetches something from the signed
binary cache, you will see a message like:
*** Downloading ‘http://cache.example.org/nar/7dppcj5sc1nda7l54rjc0g5l1hamj09j-subversion-1.7.11’ (signed by ‘cache.example.org-1’) to ‘/nix/store/7dppcj5sc1nda7l54rjc0g5l1hamj09j-subversion-1.7.11’...
On the other hand, if the signature is wrong, you get a message like
NAR info file `http://cache.example.org/7dppcj5sc1nda7l54rjc0g5l1hamj09j.narinfo' has an invalid signature; ignoring
Signatures are implemented as a single line appended to the NAR info
file, which looks like this:
Signature: 1;cache.example.org-1;HQ9Xzyanq9iV...muQ==
Thus the signature has 3 fields: a version (currently "1"), the ID of
key, and the base64-encoded signature of the SHA-256 hash of the
contents of the NAR info file up to but not including the Signature
line.
Issue #75.
2014-01-08 14:23:41 +00:00
|
|
|
|
|
|
|
|
|
|
2018-06-05 14:04:41 +00:00
|
|
|
|
# Test whether fallback works if a NAR has disappeared. This does not require --fallback.
|
2013-04-23 10:44:01 +00:00
|
|
|
|
clearStore
|
|
|
|
|
|
2018-06-05 14:04:41 +00:00
|
|
|
|
mv $cacheDir/nar $cacheDir/nar2
|
|
|
|
|
|
|
|
|
|
nix-build --substituters "file://$cacheDir" --no-require-sigs dependencies.nix -o $TEST_ROOT/result
|
|
|
|
|
|
|
|
|
|
mv $cacheDir/nar2 $cacheDir/nar
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Test whether fallback works if a NAR is corrupted. This does require --fallback.
|
|
|
|
|
clearStore
|
2013-04-23 10:44:01 +00:00
|
|
|
|
|
2018-06-05 12:44:26 +00:00
|
|
|
|
mv $cacheDir/nar $cacheDir/nar2
|
2018-06-05 14:04:41 +00:00
|
|
|
|
mkdir $cacheDir/nar
|
|
|
|
|
for i in $(cd $cacheDir/nar2 && echo *); do touch $cacheDir/nar/$i; done
|
2013-04-23 10:44:01 +00:00
|
|
|
|
|
2018-06-05 12:44:26 +00:00
|
|
|
|
(! nix-build --substituters "file://$cacheDir" --no-require-sigs dependencies.nix -o $TEST_ROOT/result)
|
2013-04-23 10:44:01 +00:00
|
|
|
|
|
2018-06-05 12:44:26 +00:00
|
|
|
|
nix-build --substituters "file://$cacheDir" --no-require-sigs dependencies.nix -o $TEST_ROOT/result --fallback
|
|
|
|
|
|
2018-06-05 14:04:41 +00:00
|
|
|
|
rm -rf $cacheDir/nar
|
2018-06-05 12:44:26 +00:00
|
|
|
|
mv $cacheDir/nar2 $cacheDir/nar
|
2013-04-23 10:44:01 +00:00
|
|
|
|
|
|
|
|
|
|
2013-01-02 10:45:23 +00:00
|
|
|
|
# Test whether building works if the binary cache contains an
|
|
|
|
|
# incomplete closure.
|
|
|
|
|
clearStore
|
|
|
|
|
|
2020-05-12 11:49:55 +00:00
|
|
|
|
rm -v $(grep -l "StorePath:.*dependencies-input-2" $cacheDir/*.narinfo)
|
2013-01-02 10:45:23 +00:00
|
|
|
|
|
2017-11-20 16:50:49 +00:00
|
|
|
|
nix-build --substituters "file://$cacheDir" --no-require-sigs dependencies.nix -o $TEST_ROOT/result 2>&1 | tee $TEST_ROOT/log
|
2021-12-09 15:26:46 +00:00
|
|
|
|
grepQuiet "copying path.*input-0" $TEST_ROOT/log
|
|
|
|
|
grepQuiet "copying path.*input-2" $TEST_ROOT/log
|
|
|
|
|
grepQuiet "copying path.*top" $TEST_ROOT/log
|
2020-05-12 11:49:55 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Idem, but without cached .narinfo.
|
|
|
|
|
clearStore
|
|
|
|
|
clearCacheCache
|
|
|
|
|
|
|
|
|
|
nix-build --substituters "file://$cacheDir" --no-require-sigs dependencies.nix -o $TEST_ROOT/result 2>&1 | tee $TEST_ROOT/log
|
2021-12-09 15:26:46 +00:00
|
|
|
|
grepQuiet "don't know how to build" $TEST_ROOT/log
|
|
|
|
|
grepQuiet "building.*input-1" $TEST_ROOT/log
|
|
|
|
|
grepQuiet "building.*input-2" $TEST_ROOT/log
|
|
|
|
|
grepQuiet "copying path.*input-0" $TEST_ROOT/log
|
|
|
|
|
grepQuiet "copying path.*top" $TEST_ROOT/log
|
2015-02-04 15:43:32 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Create a signed binary cache.
|
|
|
|
|
clearCache
|
2018-06-05 12:44:26 +00:00
|
|
|
|
clearCacheCache
|
2015-02-04 15:43:32 +00:00
|
|
|
|
|
2021-01-06 16:41:16 +00:00
|
|
|
|
nix key generate-secret --key-name test.nixos.org-1 > $TEST_ROOT/sk1
|
|
|
|
|
publicKey=$(nix key convert-secret-to-public < $TEST_ROOT/sk1)
|
2015-02-04 15:43:32 +00:00
|
|
|
|
|
2021-01-06 16:41:16 +00:00
|
|
|
|
nix key generate-secret --key-name test.nixos.org-1 > $TEST_ROOT/sk2
|
|
|
|
|
badKey=$(nix key convert-secret-to-public < $TEST_ROOT/sk2)
|
2015-02-04 15:43:32 +00:00
|
|
|
|
|
2021-01-06 16:41:16 +00:00
|
|
|
|
nix key generate-secret --key-name foo.nixos.org-1 > $TEST_ROOT/sk3
|
|
|
|
|
otherKey=$(nix key convert-secret-to-public < $TEST_ROOT/sk3)
|
2015-02-04 15:43:32 +00:00
|
|
|
|
|
2020-03-24 13:26:13 +00:00
|
|
|
|
_NIX_FORCE_HTTP= nix copy --to file://$cacheDir?secret-key=$TEST_ROOT/sk1 $outPath
|
2015-02-04 15:43:32 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Downloading should fail if we don't provide a key.
|
|
|
|
|
clearStore
|
2016-05-30 12:53:57 +00:00
|
|
|
|
clearCacheCache
|
2015-02-04 15:43:32 +00:00
|
|
|
|
|
2017-11-20 16:50:49 +00:00
|
|
|
|
(! nix-store -r $outPath --substituters "file://$cacheDir")
|
2015-02-04 15:43:32 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# And it should fail if we provide an incorrect key.
|
|
|
|
|
clearStore
|
2016-05-30 12:53:57 +00:00
|
|
|
|
clearCacheCache
|
2015-02-04 15:43:32 +00:00
|
|
|
|
|
2017-11-20 16:50:49 +00:00
|
|
|
|
(! nix-store -r $outPath --substituters "file://$cacheDir" --trusted-public-keys "$badKey")
|
2015-02-04 15:43:32 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# It should succeed if we provide the correct key.
|
2017-11-20 16:50:49 +00:00
|
|
|
|
nix-store -r $outPath --substituters "file://$cacheDir" --trusted-public-keys "$otherKey $publicKey"
|
2015-02-04 15:43:32 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# It should fail if we corrupt the .narinfo.
|
|
|
|
|
clearStore
|
|
|
|
|
|
2016-05-30 13:03:04 +00:00
|
|
|
|
cacheDir2=$TEST_ROOT/binary-cache-2
|
|
|
|
|
rm -rf $cacheDir2
|
|
|
|
|
cp -r $cacheDir $cacheDir2
|
|
|
|
|
|
|
|
|
|
for i in $cacheDir2/*.narinfo; do
|
2015-02-04 15:43:32 +00:00
|
|
|
|
grep -v References $i > $i.tmp
|
|
|
|
|
mv $i.tmp $i
|
|
|
|
|
done
|
|
|
|
|
|
2016-05-30 12:53:57 +00:00
|
|
|
|
clearCacheCache
|
2015-02-04 15:43:32 +00:00
|
|
|
|
|
2017-11-20 16:50:49 +00:00
|
|
|
|
(! nix-store -r $outPath --substituters "file://$cacheDir2" --trusted-public-keys "$publicKey")
|
2016-05-30 13:03:04 +00:00
|
|
|
|
|
|
|
|
|
# If we provide a bad and a good binary cache, it should succeed.
|
|
|
|
|
|
2017-11-20 16:50:49 +00:00
|
|
|
|
nix-store -r $outPath --substituters "file://$cacheDir2 file://$cacheDir" --trusted-public-keys "$publicKey"
|
2015-02-10 10:54:06 +00:00
|
|
|
|
|
2020-07-13 11:32:33 +00:00
|
|
|
|
|
|
|
|
|
unset _NIX_FORCE_HTTP
|
|
|
|
|
|
|
|
|
|
|
2020-07-13 12:35:01 +00:00
|
|
|
|
# Test 'nix verify --all' on a binary cache.
|
2020-07-24 18:38:56 +00:00
|
|
|
|
nix store verify -vvvvv --all --store file://$cacheDir --no-trust
|
2020-07-13 12:35:01 +00:00
|
|
|
|
|
|
|
|
|
|
2020-07-13 14:01:00 +00:00
|
|
|
|
# Test local NAR caching.
|
|
|
|
|
narCache=$TEST_ROOT/nar-cache
|
|
|
|
|
rm -rf $narCache
|
|
|
|
|
mkdir $narCache
|
|
|
|
|
|
2020-07-24 18:42:24 +00:00
|
|
|
|
[[ $(nix store cat --store "file://$cacheDir?local-nar-cache=$narCache" $outPath/foobar) = FOOBAR ]]
|
2020-07-13 14:01:00 +00:00
|
|
|
|
|
|
|
|
|
rm -rfv "$cacheDir/nar"
|
|
|
|
|
|
2020-07-24 18:42:24 +00:00
|
|
|
|
[[ $(nix store cat --store "file://$cacheDir?local-nar-cache=$narCache" $outPath/foobar) = FOOBAR ]]
|
2020-07-13 14:01:00 +00:00
|
|
|
|
|
2020-07-24 18:42:24 +00:00
|
|
|
|
(! nix store cat --store file://$cacheDir $outPath/foobar)
|
2020-07-13 14:01:00 +00:00
|
|
|
|
|
|
|
|
|
|
2020-07-13 11:32:33 +00:00
|
|
|
|
# Test NAR listing generation.
|
|
|
|
|
clearCache
|
|
|
|
|
|
|
|
|
|
outPath=$(nix-build --no-out-link -E '
|
|
|
|
|
with import ./config.nix;
|
|
|
|
|
mkDerivation {
|
|
|
|
|
name = "nar-listing";
|
|
|
|
|
buildCommand = "mkdir $out; echo foo > $out/bar; ln -s xyzzy $out/link";
|
|
|
|
|
}
|
|
|
|
|
')
|
|
|
|
|
|
|
|
|
|
nix copy --to file://$cacheDir?write-nar-listing=1 $outPath
|
|
|
|
|
|
2020-08-04 01:09:52 +00:00
|
|
|
|
diff -u \
|
2020-08-07 19:18:29 +00:00
|
|
|
|
<(jq -S < $cacheDir/$(basename $outPath | cut -c1-32).ls) \
|
2020-08-04 01:09:52 +00:00
|
|
|
|
<(echo '{"version":1,"root":{"type":"directory","entries":{"bar":{"type":"regular","size":4,"narOffset":232},"link":{"type":"symlink","target":"xyzzy"}}}}' | jq -S)
|
2020-07-13 11:37:22 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Test debug info index generation.
|
|
|
|
|
clearCache
|
|
|
|
|
|
|
|
|
|
outPath=$(nix-build --no-out-link -E '
|
|
|
|
|
with import ./config.nix;
|
|
|
|
|
mkDerivation {
|
|
|
|
|
name = "debug-info";
|
|
|
|
|
buildCommand = "mkdir -p $out/lib/debug/.build-id/02; echo foo > $out/lib/debug/.build-id/02/623eda209c26a59b1a8638ff7752f6b945c26b.debug";
|
|
|
|
|
}
|
|
|
|
|
')
|
|
|
|
|
|
|
|
|
|
nix copy --to "file://$cacheDir?index-debug-info=1&compression=none" $outPath
|
|
|
|
|
|
2020-08-04 01:09:52 +00:00
|
|
|
|
diff -u \
|
|
|
|
|
<(cat $cacheDir/debuginfo/02623eda209c26a59b1a8638ff7752f6b945c26b.debug | jq -S) \
|
|
|
|
|
<(echo '{"archive":"../nar/100vxs724qr46phz8m24iswmg9p3785hsyagz0kchf6q6gf06sw6.nar","member":"lib/debug/.build-id/02/623eda209c26a59b1a8638ff7752f6b945c26b.debug"}' | jq -S)
|
2020-10-17 22:43:52 +00:00
|
|
|
|
|
|
|
|
|
# Test against issue https://github.com/NixOS/nix/issues/3964
|
|
|
|
|
#
|
|
|
|
|
expr='
|
|
|
|
|
with import ./config.nix;
|
|
|
|
|
mkDerivation {
|
|
|
|
|
name = "multi-output";
|
|
|
|
|
buildCommand = "mkdir -p $out; echo foo > $doc; echo $doc > $out/docref";
|
|
|
|
|
outputs = ["out" "doc"];
|
|
|
|
|
}
|
|
|
|
|
'
|
|
|
|
|
outPath=$(nix-build --no-out-link -E "$expr")
|
|
|
|
|
docPath=$(nix-store -q --references $outPath)
|
|
|
|
|
|
|
|
|
|
# $ nix-store -q --tree $outPath
|
|
|
|
|
# ...-multi-output
|
|
|
|
|
# +---...-multi-output-doc
|
|
|
|
|
|
|
|
|
|
nix copy --to "file://$cacheDir" $outPath
|
|
|
|
|
|
|
|
|
|
hashpart() {
|
|
|
|
|
basename "$1" | cut -c1-32
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# break the closure of out by removing doc
|
|
|
|
|
rm $cacheDir/$(hashpart $docPath).narinfo
|
|
|
|
|
|
|
|
|
|
nix-store --delete $outPath $docPath
|
|
|
|
|
# -vvv is the level that logs during the loop
|
2020-10-26 16:59:32 +00:00
|
|
|
|
timeout 60 nix-build --no-out-link -E "$expr" --option substituters "file://$cacheDir" \
|
2020-10-17 22:43:52 +00:00
|
|
|
|
--option trusted-binary-caches "file://$cacheDir" --no-require-sigs
|