Commit Graph

2958 Commits

Author SHA1 Message Date
Sarah Brofeldt
4874ce1701 dockerTools.tarsum: Fix upstream import 2018-03-26 18:47:31 +02:00
Eelco Dolstra
7b539c0629
Fix typo 2018-03-22 13:57:41 +01:00
lewo
ea6f55f83b
Merge pull request #36906 from nlewo/pr/docker-reproducible
Improve Docker image build reproducibility
2018-03-21 08:13:26 +01:00
Tuomas Tynkkynen
ef64208eba Merge commit '3ab2949' from staging into master
Conflicts:
	pkgs/development/compilers/llvm/6/llvm.nix
	pkgs/servers/home-assistant/component-packages.nix
2018-03-15 22:30:56 +02:00
lewo
65e5bc713b
Merge pull request #36845 from jbedo/singularity
singularity: 2.4 -> 2.4.2
2018-03-14 10:19:10 +01:00
Tuomas Tynkkynen
2fec9c6e29 Merge remote-tracking branch 'upstream/master' into staging
Conflicts:
	pkgs/development/tools/build-managers/conan/default.nix
2018-03-13 23:04:18 +02:00
Franz Pletz
4f17851fb2
fetchurl: remove broken samba mirror 2018-03-13 17:15:33 +01:00
Antoine Eiche
ac0c491836 dockerTools: add --sort=name options on all tar calls
This is to go to a reproducible image build.
Note without this options image are identical from the Docker point of
view but generated docker archives could have different hashes.
2018-03-13 13:46:47 +01:00
Antoine Eiche
346996ceec dockerTools: dereference hard links in tar archives
This is to improve image creation reproducibility. Since the nar
format doesn't support hard link, the tar stream of a layer can be
different if a dependency of a layer has been built locally or if it
has been fetched from a binary cache.

If the dependency has been build locally, it can contain hard links
which are encoded in the tar stream. If the dependency has been
fetched from a binary cache, the tar stream doesn't contain any hard
link. So even if the content is the same, tar streams are different.
2018-03-13 13:46:41 +01:00
Antoine Eiche
e8f452f110 dockerTools: add an onTopOfPulledImage example
This allows to test if a pulled image can be updated by using our
Docker tools.
2018-03-13 11:59:22 +01:00
Justin Bedo
5c1e42276d
singularity: 2.4 -> 2.4.2 2018-03-12 15:13:31 +11:00
Nikolay Amiantov
9db2a3e638 buildFHSEnv: export TZDIR
This is needed since NixOS keeps tzdata in non-standard /etc/zoneinfo path.
2018-03-11 02:14:49 +03:00
Nikolay Amiantov
94f0ef6628 buildFHSEnv: fix compiler search paths
Fixes OpenWrt compilation.
2018-03-10 23:57:12 +03:00
Jan Malakhovski
7079e744d4 Merge branch 'master' into staging
Resolved the following conflicts (by carefully applying patches from the both
branches since the fork point):

   pkgs/development/libraries/epoxy/default.nix
   pkgs/development/libraries/gtk+/3.x.nix
   pkgs/development/python-modules/asgiref/default.nix
   pkgs/development/python-modules/daphne/default.nix
   pkgs/os-specific/linux/systemd/default.nix
2018-03-10 20:38:13 +00:00
Shea Levy
c46cd6cefe
Merge branch 'patch-10' of git://github.com/matthewbauer/nixpkgs 2018-03-08 18:31:55 -05:00
Shea Levy
c69d8bf5e6
treewide: Remove gnat support.
See discussion in 6ac7b19c97.
2018-03-08 13:56:36 -05:00
Charles Strahan
806edaa0a2
hardening: ld wrapper changes, setup-hook, etc 2018-03-06 19:21:10 -05:00
Charles Strahan
634c748050
hardening: initial cross support 2018-03-06 18:03:13 -05:00
Charles Strahan
fc46895e86
hardening: allow user supplied flags to override
Put hardening flags before user supplied flags.
2018-03-06 00:30:09 -05:00
Charles Strahan
cc7ce57f86
hardening: clarify the whitelist logic
Per @Ericson2314's suggestion [1], make it more clear that the active
hardenings are decided via whitelist; the blacklist is merely for the
debug messages.

1: 36d5ce41d4 (r133279731)
2018-03-06 00:30:09 -05:00
Charles Strahan
9920923cde
hardening: fix careless bugs
I got a substitution backwards (used '+' instead of '-').

Also, this now works under `set -u` (had to fix a couple unbound
variable references).
2018-03-06 00:30:08 -05:00
Charles Strahan
0937df463f
hardening: fix bug/typo 2018-03-06 00:30:08 -05:00
Charles Strahan
9fe17b2153
hardening: fix #18995 2018-03-06 00:30:00 -05:00
Vladimír Čunát
a373fe8322
makeInitrd: explain why we don't use closureInfo
/cc #36268.
2018-03-05 13:04:55 +01:00
Eelco Dolstra
165b32d386
Revert "makeInitrd: Use closureInfo"
This reverts commit 776a5e6ebf.

Fixes #36268.
2018-03-05 12:49:59 +01:00
Franz Pletz
0f78afdf25
Merge pull request #32248 from awakesecurity/parnell/fetchdocker
Support fetching docker images from V2 registries
2018-03-04 17:10:27 +00:00
Vladimír Čunát
b70c93f211
Merge branch 'master' into nix-2.0 2018-03-03 18:02:35 +01:00
Shea Levy
95579af5ec
Merge remote-tracking branch 'origin/staging' into cross-nixos 2018-03-01 14:56:58 -05:00
Tuomas Tynkkynen
b8b2225f6b Merge remote-tracking branch 'upstream/master' into staging 2018-03-01 06:09:20 +02:00
Shea Levy
6a32291523
makeModulesClosure: Fix cross-compilation 2018-02-28 15:01:32 -05:00
Shea Levy
7f623cfa45
callCabal2nix: Fix filtering for non-cleanSourceable sources.
What was here before wasn't correct anyway, and now it works in
restricted mode.

Fixes #35207
2018-02-28 14:22:19 -05:00
Tuomas Tynkkynen
34f95d92a2 Merge remote-tracking branch 'upstream/master' into staging
Conflicts:
	pkgs/applications/misc/pytrainer/default.nix
	pkgs/development/tools/pew/default.nix
	pkgs/tools/misc/you-get/default.nix
2018-02-28 20:52:49 +02:00
Will Dietz
f14ff86ec9 bintools-wrapper: fix breakage on aarch64, where "isArm" is false
Unintentionally changed in #35247
2018-02-28 09:42:13 -06:00
John Ericson
dfc5d7835d
Merge pull request #35247 from telent/mips32
lib, treewide: Add missing MIPS arches, and fix existing usage
2018-02-27 14:01:15 -05:00
Eelco Dolstra
0d00215880
Cleanup 2018-02-27 19:59:26 +01:00
John Ericson
4a29081a94
Merge pull request #35071 from oxij/stdenv/infopages
stdenv, bash: fixing info pages and stuff
2018-02-26 18:06:11 -05:00
Jan Malakhovski
f1074211ce cc-wrapper: allow building without documentation, propagate info pages 2018-02-26 22:42:33 +00:00
Jan Malakhovski
0ab1067d12 bintools-wrapper: allow building without documentation 2018-02-26 22:42:32 +00:00
Vladimír Čunát
f5ce8f86df
Revert "Merge staging at '8d490ca9934d0' into master"
This reverts commit fc23242220, reversing
changes made to 754816b84b.
We don't have many binaries yet.  Comment on the original merge commit.
2018-02-26 22:53:18 +01:00
Frederik Rietdijk
fc23242220 Merge staging at '8d490ca9934d0c01e1e9ade455657e54e2e843c0' into master 2018-02-26 13:05:32 +01:00
Frederik Rietdijk
4f08b0fbac Merge remote-tracking branch 'upstream/master' into HEAD 2018-02-26 10:50:18 +01:00
Jan Tojnar
a31d98f312
tree-wide: autorename gnome packages to use dashes 2018-02-25 17:41:16 +01:00
Jörg Thalheim
de87c0348c
Merge pull request #35176 from abbradar/update-vm
vmTools: update distributions
2018-02-24 10:08:17 +00:00
Daniel Barlow
9c50ae6898 lib, treewide: Add missing MIPS arches, and fix existing usage
Existing "mips64el" should be "mipsel".

This is just the barest minimum so that nixpkgs can recognize them as
systems - although required for building individual derivations onto
MIPS boards, it is not sufficient if you want to actually build nixos on
those targets
2018-02-23 20:43:42 -05:00
Mario Rodas
bdf031dd4f buildRustCrate: Set target_os to "macos" on darwin
The rust compiler uses "macos" as "target_os" conditional on Mac OS[1]

[1] 8e7a609e63/src/librustc_back/target/x86_64_apple_darwin.rs (L29)
2018-02-23 18:00:39 -05:00
Eelco Dolstra
8c6f9223d0
Merge pull request #35402 from shlevy/closure-info-total-size
closureInfo: Report the total closure size.
2018-02-23 17:02:33 +01:00
Shea Levy
adf8074abe
closureInfo: Report the total closure size.
This can be useful for e.g. preallocating disk image sizes.
2018-02-23 10:52:37 -05:00
Nikolay Amiantov
a984be41ab Merge branch 'master' into staging 2018-02-23 18:51:08 +03:00
Eelco Dolstra
776a5e6ebf
makeInitrd: Use closureInfo 2018-02-23 16:41:31 +01:00
Yurii Rashkovskii
e1aecec4cd
build-support/rust: make use of abandoned cargoUpdateHook
Previously, cargoUpdateHook was meaningful as it was used
in
[`cargo-fetch-deps`](19d3cf81d3/pkgs/build-support/rust/fetch-cargo-deps (L71)).

However, this entire file was removed in
5f8cf0048e. As far as I can
tell, nothing in the code is using it, but it is still
being passed around:
https://github.com/NixOS/nixpkgs/search?q=cargoUpdateHook&type=Code&utf8=%E2%9C%93

There are, however, legitimate use cases for it. For example,
in some software, some dependencies are not locked in Cargo.toml
and this causes Cargo to try fetching another version of them.
This doesn't work well with vendoring crates.

This hook allows to inject patching or whatever necessary workarounds
in the crate vendoring process. I suppose that's what it was for
in there in the first place.

This patch restores this hook and makes it usable again.
2018-02-23 11:17:03 +07:00
Eelco Dolstra
d12c9911df
Merge remote-tracking branch 'origin/master' into nix-2.0 2018-02-22 17:28:51 +01:00
John Ericson
e42e6d2f0e
Merge pull request #35266 from abbradar/cc-bools
cc-wrapper: fix bool handling for empty and zero values
2018-02-21 17:00:42 -05:00
Nikolay Amiantov
9a9c2e6579 cc-wrapper: fix bool handling for empty and zero values
Before the code would fail silently for zero values and with some output for
empties. We now currently handle both via defaulting value to zero and making
`let` return success error code when there's no syntax error.
2018-02-21 23:54:31 +03:00
Nikolay Amiantov
c811c35b9c vmTools: update distributions
Drop currently unsupported releases.
Add Fedora 26 and 27.
Update CentOS.
Add Debian 9.
Add Ubuntu 17.10.
2018-02-21 15:41:46 +03:00
Nikolay Amiantov
430e0f4a80 buildBazelPackage: init
A separate function for building Bazel-bazed packages. Internally it splits the
build into two phases, fetching and building.

Users are expected to provide `fetchArgs.sha256` -- checksum of fetched
dependencies. Local dependencies should be removed in `fetchArgs.preInstall`.
Overall `fetchArgs` and `buildArgs` can be used to add specific steps to fetch
and build.
2018-02-20 20:39:49 +03:00
Jörg Thalheim
c7aa4fd65b
Merge pull request #35177 from abbradar/fix-debbuild
debBuild: install all packages at once to avoid dependency management
2018-02-20 11:07:44 +00:00
Jörg Thalheim
f61e8d98ff
rust: 1.22.1 -> 1.24.0 2018-02-20 09:59:26 +00:00
Pierre-Etienne Meunier
8e5ab6e7ac BuildRustCrate: more general overrides, and handling the "dylib" crate type (#35171)
* buildRustCrate: adding a symlink from libblah-xxxxx.so to libblah.so
* BuildRustCrate: overriding phases
* Carnix: 0.6.5 -> 0.6.6
* Fixing symlink_dependencies --buildDep
* Shorter symlink_dependencies
* running `runHook postBuild` *after* the build
2018-02-20 08:55:04 +01:00
Nikolay Amiantov
c55b2fa7cd debBuild: install all packages at once to avoid dependency management 2018-02-19 16:07:40 +03:00
Jan Malakhovski
a89899ce4e fetchurl: cleanup, better errors
Also fix what seems like bugs in uncommon `stdenv`s.
2018-02-18 14:24:53 +00:00
Vladimír Čunát
b5aaaf87a7
Merge staging and PR #35021
It's the last staging commit (mostly) built on Hydra,
and a minimal fix for Darwin regression in pysqlite.
2018-02-16 09:13:12 +01:00
Matthew Justin Bauer
a5e28a554e
nix-buffer: make eshell-path-env be inherited 2018-02-15 17:30:59 -06:00
Nikolay Amiantov
56e0943b08 makeModulesClosure: support firmware
Link it in stage 1.
2018-02-16 00:11:07 +02:00
Frederik Rietdijk
672bb6b4ab Merge remote-tracking branch 'upstream/master' into HEAD 2018-02-14 21:30:08 +01:00
Timo Kaufmann
dc53518dc3 buildRustPackage: Restrict find to files
`find -executable` finds everything with the executable bit set,
including directories. Thats not harmful in this scenario as `cp` won't
copy those directories, but it does result in a few warning messages.
2018-02-14 17:27:03 +01:00
Antoine Eiche
ce838e52b9 dockerTools.buildImage: do not add /nix/store in the tar stream
Since the /nix/store directory is not immutable, tar can fails if it
has to push it into the layer archive.

Fixes #34137.
2018-02-14 06:40:41 +01:00
Parnell Springmeyer
0a603ee165
Merge remote-tracking branch 'upstream/master' into parnell/fetchdocker 2018-02-13 17:28:45 -06:00
Stewart Mackenzie
a5cabdb6b1 buildRustCrate: add a postInstall phase (#34906) 2018-02-13 17:28:32 +01:00
Will Dietz
d5916a84cf bintools-wrapper: teach about musl dynamic linkers 2018-02-13 09:44:33 -06:00
Shea Levy
038b893338
Merge branch 'patch-9' of git://github.com/matthewbauer/nixpkgs 2018-02-12 09:33:25 -05:00
Peter Hoeg
8016f9b4c9
Merge pull request #34611 from peterhoeg/p/descent
descent 1 & 2: use assets from gog.com with the dxx-rebirth project
2018-02-12 22:31:41 +08:00
Peter Hoeg
126cc690ac build-support gogUnpackHook: support for unpacking games from gog.com 2018-02-12 22:28:06 +08:00
Matthew Justin Bauer
5b59084e00
Filter nix-buffer packages
Null packages cause an error
2018-02-11 21:52:16 -06:00
pe@pijul.org
113591c803 defaultCrateOverrides: add pq-sys
fixes #34228
2018-02-10 06:59:56 -06:00
pe@pijul.org
508bf1b318 defaultCrateOverrides: add thrussh-libsodium 2018-02-10 06:59:56 -06:00
aszlig
1cba74dfc1
setup-hooks: Add autoPatchelfHook
I originally wrote this for packaging proprietary games in Vuizvui[1]
but I thought it would be generally useful as we have a fair amount of
proprietary software lurking around in nixpkgs, which are a bit tedious
to maintain, especially when the library dependencies change after an
update.

So this setup hook searches for all ELF executables and libraries in the
resulting output paths after install phase and uses patchelf to set the
RPATH and interpreter according to what dependencies are available
inside the builder.

For example consider something like this:

stdenv.mkDerivation {
  ...
  nativeBuildInputs = [ autoPatchelfHook ];
  buildInputs = [ mesa zlib ];
  ...
}

Whenever for example an executable requires mesa or zlib, the RPATH will
automatically be set to the lib dir of the corresponding dependency.

If the library dependency is required at runtime, an attribute called
runtimeDependencies can be used to list dependencies that are added to
all executables that are discovered unconditionally.

Beside this, it also makes initial packaging of proprietary software
easier, because one no longer has to manually figure out the
dependencies in the first place.

[1]: https://github.com/openlab-aux/vuizvui

Signed-off-by: aszlig <aszlig@nix.build>
Closes: #34506
2018-02-10 00:27:24 +05:30
Eelco Dolstra
5193807750
VM tests: Initialize the Nix database with correct NAR hashes/sizes 2018-02-07 15:49:02 +01:00
gnidorah
810a19bab3 way-cooler: 0.6.2 -> 0.8.0 2018-02-04 05:17:53 +03:00
Jörg Thalheim
2a2c8eab26 rust: fix evaluation 2018-02-04 00:09:00 +00:00
Jörg Thalheim
6580b18d3f cargo-vendor: move to all-packages 2018-02-03 22:35:27 +00:00
pe@pijul.org
8f20e7ce3a carnix: 0.6.0 -> 0.6.5 2018-02-03 22:31:54 +00:00
Jörg Thalheim
8ee54334e9
Merge pull request #33980 from thefloweringash/cargo-vendor-carnix
cargo-vendor: Build from source using carnix
2018-02-03 10:28:57 +00:00
Tuomas Tynkkynen
10c8e6d0c5 Merge remote-tracking branch 'upstream/master' into staging 2018-02-03 02:50:21 +02:00
Vladimír Čunát
2fb4606f38
Merge branch 'master' into staging
Haskell rebuild.
Hydra: ?compare=1430378
2018-02-01 09:36:23 +01:00
Shea Levy
943592f698
Add setFunctionArgs lib function.
Among other things, this will allow *2nix tools to output plain data
while still being composable with the traditional
callPackage/.override interfaces.
2018-01-31 14:02:19 -05:00
Tuomas Tynkkynen
71631a922b runInLinuxVM: Use QEMU command line that works on other architectures
... by moving the existing definition to qemu-flags.nix and reusing
that.
2018-01-30 16:57:27 +02:00
Tuomas Tynkkynen
8c4f8c51a6 runInLinuxVM: Don't hardcode x86-specific serial device 2018-01-30 16:57:27 +02:00
Vladimír Čunát
2d2dbe083f
Merge branch 'master' into staging
Hydra: ?compare=1429281
2018-01-27 09:14:22 +01:00
John Ericson
57b01b1bcf lib, openssl: Get rid of openssl.system
We compute it on the fly, careful to avoid any mass rebuilds for now.
2018-01-26 21:22:00 -05:00
Pierre-Etienne Meunier
6fbaa05dd1 Carnix 0.6 (#34238) 2018-01-26 10:53:18 +00:00
Will Dietz
0e95bed017 nix-prefetch-git: fix extraction of submodule hashes on latest git
Summary:

According to git-submodule manpage,
"git submodule status" prefixes the hash with a '-' if it is not
initialized, and other chars in other circumstances.
(this is consistent on the various git versions tested)

nix-prefetch-git runs "git submodule init" which does you'd think,
but apparently despite this earlier versions of git before 2.16
would still give the hash the '-' suffix.
In particular this is the behavior when using 2.15 and 2.14.1
from the nixos-17.09 and nixos-17.03 channels respectively.

The script then used awk to drop the first char of the first field
which does the wrong thing when there is no prefix emitted:
while there is a space character before the hash, this is not
part of the field and so we ended up eating the first character
of the hash.

To fix this in a way that also works with the previous behavior,
this commit instead uses awk to grab the hash field
and uses tr to delete any '-' chars should they be present.

This seems to work in my testing, and for example can now
successfully fetch the source for "nginxModules.brotli"
where previously it would generate an error:

fatal: '22564a95d9ab58865a096b8d9f7324ea5f2e03e' is not a commit and a branch 'fetchgit' cannot be created from it

(we dropped a '2' from the beginning of the hash)
2018-01-24 20:18:59 +02:00
Frederik Rietdijk
6b0873440b Merge remote-tracking branch 'upstream/master' into HEAD 2018-01-22 16:09:11 +01:00
Tuomas Tynkkynen
95880aaf06 nixos/initrd: Don't include some x86-specific modules unconditionally 2018-01-22 12:53:33 +02:00
Tuomas Tynkkynen
44326993f4 build-support/vm: Autodetect kernel filename
It's 'Image' on AArch64.
2018-01-22 12:53:24 +02:00
Yegor Timoshenko
4b1b6ee6d1
patchShebangs: preserve times, resolves #33084
Close #33281.  Edits by vcunat:
 - use Eelco's idea: empty file instead of full copy
 - use longer name suffix to decrease the likelihood of collision
2018-01-21 12:09:07 +01:00
John Ericson
5708396f47
Merge pull request #34018 from obsidiansystems/fetchpatch
fetchpatch: Add support for an arbitrary extra prefix
2018-01-18 12:39:39 -05:00
John Ericson
9bd437d4b4 fetchpatch: Add support for an arbitrary extra prefix
We still ensure the old and new ones start, respectfully, with `a/` and
`b/`. Use with `stripLen` to ensure tha the old `a/` and `/b` are gone
if a new prefix is added.
2018-01-18 12:19:49 -05:00
Andrew Childs
be797f7e1c cargo-vendor: Build from source using carnix
Removes a binary bootstrap, and enables cargo-vendor on aarch64.
2018-01-18 20:44:42 +09:00
Andrew Childs
62dcb3d5d0 buildRustCrate: Allow arbitrary attributes in crateOverrides 2018-01-18 20:42:00 +09:00
Tuomas Tynkkynen
6ed0fe7e45 Merge remote-tracking branch 'upstream/master' into staging
Conflicts:
	pkgs/build-support/fetchbower/default.nix
	pkgs/build-support/fetchdarcs/default.nix
	pkgs/build-support/fetchgx/default.nix
	pkgs/development/python-modules/botocore/default.nix
	pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix
	pkgs/tools/admin/awscli/default.nix
2018-01-14 21:18:27 +02:00
Shea Levy
4e78aeb441
callCabal2nix: Fix calling with a path in the store. 2018-01-11 10:17:56 -05:00
John Ericson
e017a027d5
Merge pull request #33681 from obsidiansystems/fixed-output-deps
Fixed output deps
2018-01-10 14:28:10 -05:00
Parnell Springmeyer
e4ec980e9c
Merge remote-tracking branch 'upstream/master' into parnell/fetchdocker 2018-01-10 10:13:49 -08:00
John Ericson
888404f11b treewide: Fix deps in a few other fixed output derivations 2018-01-10 11:18:44 -05:00
John Ericson
940c4fa3f5 treewide: Fetchers should use stdenvNoCC. 2018-01-10 11:18:44 -05:00
John Ericson
3d59b4d285 treewide: Fixed output fetch* derivations should use nativeBuildInputs 2018-01-09 20:14:46 -05:00
Robin Gloster
7c5430c27c
Revert "rust: store the cargo-vendor config"
This reverts commit 0af2c5891b.

See 0af2c5891b (commitcomment-26737983)
This breaks the cargoSha256 hashes.
2018-01-09 15:03:03 +01:00
Will Dietz
9721ed22e8 schedulingPriority should be an int, fix check-meta type and in-tree use 2018-01-09 07:25:24 -06:00
zimbatm
0af2c5891b rust: store the cargo-vendor config
cargo-vendor generates almost the right cargo config. Store it with the
vendored files and patch it on use.

This allows to re-use the generated config when using git dependencies.
2018-01-09 03:37:53 +01:00
Vladimír Čunát
5837d1a070
Merge branch 'master' into staging 2018-01-08 17:33:31 +01:00
Will Dietz
21f7b2b3f2 vmTools: omit '-drive ...' entirely instead of using /dev/null
Fixes #33378.
2018-01-07 17:50:44 +02:00
Daiderd Jordan
5a02143c20
Merge pull request #33010 from LnL7/cacert-hook
cacert: add hook that sets SSL_CERT_FILE
2018-01-07 09:55:15 +01:00
dywedir
10e22d53ad carnix: 0.5.0 -> 0.5.2 2018-01-06 13:53:23 +01:00
Will Dietz
40b2647b69 gcc-wrapper-old: grab name of dynamicLinker for bintools 2018-01-05 18:55:13 -06:00
Shea Levy
0f925943fd
Fix emacsWithPackages after 7f3ca3e21a.
This is hacky but it does the job, resurrects findInputs from before staging merge
2018-01-04 12:15:55 -05:00
Frederik Rietdijk
1869e7e5b0 Merge remote-tracking branch 'upstream/master' into HEAD 2018-01-01 15:09:55 +01:00
Wei-Ming Yang
70e9b60b33
dockerTools.examples: correct a typo in comments
This commit is for correcting a typo in comments.
2018-01-01 16:13:40 +08:00
Vladimír Čunát
1fcd92ce92
Merge branch 'master' into staging
A few thousand rebuilds from master, again.
Hydra: ?compare=1422362
2017-12-31 09:53:49 +01:00
John Ericson
64965e8224
Merge pull request #29483 from veprbl/hardening_unsupported_flags
cc-wrapper: allow compilers to specify unsupported hardening modes
2017-12-30 23:25:43 -05:00
Yegor Timoshenko
60a133f9d0
Merge pull request #33139 from yegortimoshenko/20171228.053707/chrootenv
chrootenv: rewrite on top of GLib
2017-12-31 06:59:31 +03:00
John Ericson
4d2b763817
Merge pull request #26805 from obsidiansystems/cross-elegant
Make cross compilation elegant
2017-12-30 22:58:02 -05:00
John Ericson
469fd89832 stdenv-setup: Ease the transition with native builds
- All deps go on the PATH

 - CC and Bintools wrappers with their host != depender's host still get their
   setup hooks run.

 - Environment hooks get applied to all packages

This isn't so elegent, but eases the transition on a very significant
PR.
2017-12-30 22:04:23 -05:00
John Ericson
046f091e0d treewide: Don't use envHook anymore
This commits needs a MAJOR audit as I oftentimes just guessed which of
`$hostOffset`, `$targetOffset`, or a fixed offset should be used.
2017-12-30 22:04:22 -05:00
John Ericson
a1cdc2011e strip setup hook: Learn about only stripping host/target binaries alone
`dontStrip` is still a catch-all, but `dontStripHost` and
`dontStripTarget` are also now available for finer-grained disabling.
2017-12-30 22:04:22 -05:00
John Ericson
3a50395ef2 {bintools,cc}-wrapper: extraPackages should be depsTargetTargetPropagated
They are libraries used by programs built with these tools, not used by the
tools themselves.
2017-12-30 22:04:21 -05:00
John Ericson
a036473a0a {bintools,cc}-wrapper: Fix setup hook to respect the role of the cc-compiler
We now have the information to properly determine the role the
cc-wrapper dependency has, by taking advantage of `offset`. No longer
use the soon-to-be-deprecated crossConfig environment variable, the
temp hack used before this change.
2017-12-30 22:04:21 -05:00
Yegor Timoshenko
4b1cf5afb8
chrootenv: rewrite on top of GLib
Changes:

* doesn't handle root user separately
* doesn't chdir("/") which makes using it seamless
* only bind mounts, doesn't symlink (i.e. files)

Incidentally, fixes #33106.

It's about two times shorter than the previous version, and much
easier to read/follow through. It uses GLib quite heavily, along with
RAII (available in GCC/Clang).
2017-12-30 22:28:38 +00:00
Dmitry Kalinkin
6d9769663d
cc-wrapper: allow compilers to specify unsupported hardening modes
Fixes: 0fd7ef61b2 ('clang_34: Disable hardening bits (#28543)')
2017-12-30 12:23:25 -05:00
John Ericson
eb27be0731
Merge pull request #33186 from obsidiansystems/cross-binutils
binutils: Fix cross, again
2017-12-29 17:42:38 -05:00
John Ericson
cc44e04472 bintools-wrapper: Define fallback default emulation
This ensures we by-default cross-compile to the intended platform.
2017-12-29 17:32:28 -05:00
Jörg Thalheim
c333e9b348
Merge pull request #32302 from andir/uwimap-pollution
uwimap pollution of `include/`
2017-12-29 00:08:26 +01:00
Yegor Timoshenko
25b35f4ffb
chrootenv: resolve potential race condition 2017-12-28 00:25:02 +00:00
Daiderd Jordan
091c2b9f04
cacert: cleanup exporting SSL_CERT_FILE 2017-12-27 21:36:32 +01:00
Joachim F
e6542d0609
Merge pull request #32916 from jbedo/singularity-2.4
singularity: 2.2 -> 2.4
2017-12-25 13:30:42 +00:00
Orivej Desh
c4be328f98
Merge pull request #32814 from fahadsadah/patch-1
build-support: clean-up fetchSvn
2017-12-24 01:24:56 +00:00
Dan Peebles
0cb623c3d9
fetchurl: add user agent
It would be nice to be able to track Nix requests. It's not trustworthy,
but can be helpful for stats and routing in HTTP logs.

Since `fetchurl` is used so widely, we should "magically" get a UA on
`fetchzip`, `fetchFromGitHub`, and other related fetchers.

Since `fetchurl` is only used for fixed-output derivations, this should
cause no mass rebuild.

User-Agent example: curl/7.57.0 Nixpkgs/18.03
2017-12-23 22:20:56 +00:00
Yegor Timoshenko
73a0d95b96 chrootenv: code review
* Wrap LEN macro in parantheses
* Drop env_filter in favor of stateful environ_blacklist_filter,
  use execvp instead of execvpe, don't explicitly use environ
* Add argument error logging wherever it makes sense
* Drop strjoin in favor of asprintf
* char* -> const char* where appropriate
* Handle stat errors
* Print user messages with fputs, not errorf
* Abstract away is_str_in (previously bind_blacklisted)
* Cleanup temporary directory on error
* Some minor syntactic and naming changes

Thanks to Jörg Thalheim and Tuomas Tynkkynen for the code review!
2017-12-22 18:56:13 +03:00
Yegor Timoshenko
710662be94 chrootenv: error on chrootenv-inside-chrootenv, resolves #32802 2017-12-22 18:56:13 +03:00
Yegor Timoshenko
0234cd41b4 chrootenv: replace env whitelist with blacklist, closes #32878 2017-12-22 18:56:13 +03:00
Yegor Timoshenko
c03663a145 chrootenv: bind-mount all dirs in /, symlink files, closes #32877 2017-12-22 18:56:13 +03:00
Yegor Timoshenko
ef1accae91 chrootenv: print sysctl command for Debian users, fixes #32876 2017-12-22 18:56:13 +03:00
Justin Bedo
db927ea35b
singularity: 2.2 -> 2.4 2017-12-21 10:50:06 +11:00
zimbatm
adc5c9b83d
mkShell: add builder (#30975) 2017-12-20 23:42:07 +00:00
Orivej Desh
e2c8655405 ld-is-cc-hook: init
This hook sets LD to CC, for use with software that works as if LD=$CC when LD
is unset, and does not work when LD=ld.
2017-12-19 01:45:42 +00:00
Orivej Desh
170a964815 makeSetupHook: make the default name "hook" overridable
for occasional convenience while looking at drv paths,
such as in the output of nix-build and nix-diff.
2017-12-19 01:41:31 +00:00
Fahad Sadah
60e937b8b2 build-support: tidy fetchSvn
Remove old workaround rendered unnecessary by af9db522cf
2017-12-18 15:56:53 +00:00
Orivej Desh
7c58e8dfc2 Merge branch 'master' into staging
* master: (125 commits)
  scummvm: fix eval
  tinycc: 0.9.27pre-20171016 -> 0.9.27
  Update terraform provider versions
  vscode: 1.18.1 -> 1.19.0
  linux: 4.14.6 -> 4.14.7
  scummvm: 1.9.0 -> 2.0.0
  cmst: 2017.03.18 -> 2017.09.19
  albert: 0.14.7 -> 0.14.14
  obs-studio: fix vlc plugin
  ffmpeg, ffmpeg-full: 3.4 -> 3.4.1
  uchiwa: 0.26.3 -> 1.1.0
  linux-testing: 4.15-rc3 -> 4.15-rc4
  steam: override nss, nspr, fixes #32781
  ponyc: 0.20.0 -> 0.21.0
  pythonPackages.pwntools: disable tests
  gnome3.gnome-tweak-tool: 3.26.3 → 3.26.4
  vim-rhubarb: init at 2017-06-28
  atom: depend on libsecret
  nvidia-settings: Make sure binary can find libXv.so
  backblaze-b2: 0.6.2 -> 1.1.0
  ...
2017-12-18 15:56:03 +00:00
Orivej Desh
eca6ab79f1
Merge pull request #32498 from dylex/patch-1
Don't set cxx_stdlib when nativeTools on linux
2017-12-17 04:24:19 +00:00
Dylan Simon
0c62b7cd74 cc-wrapper: don't set cxx_stdlib when nativeTools is true
There are no gcc paths on nativeTools, and cc isn't set.
2017-12-17 04:23:54 +00:00
Vladimír Čunát
24d81d6332
Merge branch 'master' into staging 2017-12-15 21:40:23 +01:00
Orivej Desh
76a97fdb31 libredirect: add description
Fixes #32675
2017-12-14 19:03:35 +00:00
John Ericson
a0b1ebeee9 Merge remote-tracking branch 'upstream/staging' into binutils-wrapper 2017-12-13 16:14:47 -05:00
John Ericson
7ef4448c97 Merge commit '9d8f9b2e531bf95a700a949d879927fb6996ffc9' into binutils-wrapper 2017-12-13 16:08:36 -05:00
John Ericson
99806c5e12 bintools-wrapper: Create man and info outputs propagated underlying ones
These will be installed if the wrappers are. The wrappers aren't very
good to install, but that's another matter.
2017-12-13 16:08:19 -05:00
John Ericson
ef178be597 bintools-wrapper: Support ld.ldd, along with ld.bfd and ld.gold
Also make the code more precise in the process
2017-12-13 16:08:18 -05:00
John Ericson
b8a21aa918 misc setup-hooks: Use env vars to refer to binutils programs
This is more robust for cross-compilation
2017-12-13 16:08:18 -05:00
John Ericson
2bba929062 bintools-wrapper: Import separately from cc-wrapper 2017-12-13 16:08:18 -05:00
John Ericson
8e557ed2c5 bintools-wrapper: Init
Factor a bintools (i.e. binutils / cctools) wrapper out of cc-wrapper. While
only LD is wrapped, the setup hook defines environment variables on behalf of
other utilites.
2017-12-13 16:08:18 -05:00
John Ericson
4f869bccc1 cc-wrapper: Don't treat "-" alone as a flag
It means stdin, and is morally equivalent to passing a file. e.g.

  $ echo 'int main(void) { return 0; }' | gcc -x c -

will compile and link a binary.
2017-12-13 16:08:17 -05:00
John Ericson
bdd6c037c0 cc-wrapper: Use separate mangler for "bool" variables
This avoids any `NIX_FOOBAR=1 1` not triggering conditions.
2017-12-13 16:08:17 -05:00
John Ericson
fc7ed86915 cc-wrapper: Pull variable mangler into utils.sh
In preparation for splitting out bintools-wrapper
2017-12-13 16:08:13 -05:00
Graham Christensen
105d9519c1
Merge remote-tracking branch 'origin/master' into staging 2017-12-12 20:06:36 -05:00
Graham Christensen
e5629dc51a
Merge pull request #32365 from vcunat/p/check-meta
check meta, treewide
2017-12-12 18:55:23 -05:00
Vladimír Čunát
3a110ea3f9
treewide platform checks: abort -> throw
They aren't meant to be critical (uncatchable) errors.
Tested with nix-env + checkMeta:
[ "x86_64-linux" "i686-linux" "x86_64-darwin" "aarch64-linux" ]
2017-12-12 18:08:10 -05:00
Vladimír Čunát
c2b679516f
Merge branch 'master' into staging 2017-12-12 21:08:16 +01:00
Tuomas Tynkkynen
0d27df280f build-support/vm: Use devtmpfs, not static device nodes
In 2017, there is no reason to create a static /dev.
2017-12-12 14:31:50 +02:00
Eelco Dolstra
2d4fdc1b9e
debian: 8.9 -> 8.10 2017-12-12 13:14:17 +01:00
Pierre-Étienne Meunier
4348b7f2d0 carnix: init at 0.5.0
fixes #31150
2017-12-12 04:59:12 -06:00
Pierre-Étienne Meunier
5a0d954156 add buildRustCrate function to build rust crates 2017-12-12 04:58:45 -06:00
Pierre-Étienne Meunier
ea232fe29d add fetchCrate function to fetch rust crates 2017-12-12 04:58:45 -06:00
John Ericson
45d4b27d02 cc-wrapper: GNAT wrapper stop caring about -m32
It need not concern itself with 32-bit dynamic linking; ld-wrapper handles that now.
2017-12-11 19:12:28 -05:00
Orivej Desh
dd604d575f Merge branch 'master' into staging
* master: (39 commits)
  pythonPackages: rename dns -> dnspython
  awesome: fix LUA_PATH/LUA_CPATH to lgi [now for version 3.5]
  qt4: fix qmake on darwin and delete custom install phase
  python.buildEnv: always include the $out output
  nix-bash-completions: lazy load aware install
  borg: 1.1.1 -> 1.1.3
  nixos/programs/bash: document that /etc/bash_completion.d is obsolete
  ocamlPackages.markup: 0.7.4 -> 0.7.5
  hhvm: 3.21 -> 3.23.2
  ocamlPackages.ulex: 1.1 -> 1.2
  notmuch: 0.25.2 -> 0.25.3
  gmime3: 3.0.1 -> 3.0.5
  qt4: fix darwin install phase
  nixos/programs/bash: Let bash-completion lazy load scripts
  Revert "gmime: 3.0.1 -> 3.0.5"
  rawtherapee: delete unused files
  pythonPackages: rename dns -> dnspython
  nixpkgs: remove sqlite/kyotocabinet deps for leveldb
  tor-browser-bundle-bin: 7.0.10 -> 7.0.11
  networkmanager: remove restart after suspend from resume
  ...
2017-12-10 15:24:30 +00:00
Andreas Rammhold
7d7d3775e5
Revert "fix phpPackages memcache,memcached,xdebug"
This reverts commit 8c125c0c74.
2017-12-10 12:12:43 +01:00
Jörg Thalheim
8bdbb21f9c
Merge pull request #31182 from yegortimoshenko/chroot-user/c-rewrite
chroot-user: rewrite in C, drop CHROOTENV_EXTRA_BINDS
2017-12-10 08:20:59 +00:00
Orivej Desh
926aaa4870
Merge pull request #32215 from dtzWill/feature/clang-multilib
multilib-capable clang, multilib tests
2017-12-09 21:41:54 +00:00
Jörg Thalheim
438fb59e6f chroot-user: better error message, if unshare is not allowed 2017-12-09 09:14:56 +00:00
Benjamin Hipple
b1ec502c1e Init Centos 7.4 vmTools diskImage
This commit adds the CentOS 7.4 base image from the CentOS mirror, for use with
building RPMs or evaluating Nix expressions in a CentOS image.

When CentOS 7.5 comes out, I will swap this URL to the permanently vaulted image.
2017-12-03 11:42:34 -05:00
Parnell Springmeyer
25865688a7
docker: init fetchdocker nix code for docker2nix
This change adds granular, non-docker daemon docker image fetchers and
a docker image layer compositor to be used in conjunction with the
`docker2nix` utility provided by the `haskellPackages.hocker` package.

This change includes a hackage package version bump and updated sha256
for recent fixes released to `hocker` resulting from formulating this
patch.
2017-12-01 21:00:52 -06:00
Will Dietz
115bf9d2cf cc-wrapper: don't add broken cflags to clang
On non-GNU (gcc) compilers, there is no "/lib/gcc/..."
so when this is eventually expanded this is empty
resulting in an incomplete "-idirafter " that
eats the next argument:

-idirafter -B/nix/store/wamjwwdvkmhbf4f2902nhw8jxxzv0hy3-clang-wrapper-4.0.1/bin/
2017-11-30 18:43:43 -06:00
John Ericson
5efca65f24
Merge pull request #28448 from obsidiansystems/cc-wrapper-setup-var
cc-wrapper: Newstyle setup vars
2017-11-28 16:11:36 -05:00
John Ericson
43e1137397 cc-wrapper: Define new- and old-style cross env vars
For example, `BUILD_CC` and `CC_FOR_BUILD`
2017-11-28 15:57:05 -05:00
John Ericson
f4cb1e2ffc cc-wrapper: Export env vars for objdump and readelf in setup-hook
Also fix alphabetical order
2017-11-28 15:56:21 -05:00
John Ericson
994cb76850 cc-wrapper: Don't leave CMD defined after setup hook
Rename to `cmd` too, as uppercase typically means the variable is
exported.
2017-11-28 15:56:17 -05:00
Vladimír Čunát
6705f30e2c
Merge branch 'master' into staging 2017-11-27 15:09:53 +01:00
John Ericson
c634647271 Merge branch 'ericson2314-cross-base' into staging
I forgot to sed some files in #32098.
2017-11-27 03:33:47 -05:00
John Ericson
43e00f7d18 cc-wrapper: Fix stray binPrefix -> targetPrefix
I thought my sed in e755a8a27d was
exhaustive, but it was not.
2017-11-27 03:30:15 -05:00
John Ericson
caa3599599 binutils-wrapper: Remove stray file left over from old revert
binutils-wrapper was removed in ec8d41f08c. I
hope to reintroduce it, but under a different name, so this can go.
2017-11-27 03:29:09 -05:00
John Ericson
1c44d5efc6
Merge pull request #32098 from obsidiansystems/binPrefix
treewide: Use `targetPrefix` instead of `prefix` for platform name prefixes
2017-11-27 03:20:53 -05:00
John Ericson
e755a8a27d treewide: Use targetPrefix instead of prefix for platform name prefixes
Certain tools, e.g. compilers, are customarily prefixed with the name of
their target platform so that multiple builds can be used at once
without clobbering each other on the PATH. I was using identifiers named
`prefix` for this purpose, but that conflicts with the standard use of
`prefix` to mean the directory where something is installed. To avoid
conflict and confusion, I renamed those to `targetPrefix`.
2017-11-27 03:15:50 -05:00
Thomas Tuegel
471dc983cd
Merge pull request #31912 from ttuegel/rust/rw-source
buildRustPackage: make dependencies' source writable
2017-11-26 09:20:47 -06:00
Tuomas Tynkkynen
f3794bb8cb nixos/qemu-guest: Ensure virtio_mmio is available in initrd
ARM and AArch64 might use virtio_mmio in some cases.
2017-11-26 11:22:39 +02:00
Orivej Desh
29b2984b0c
Merge pull request #31987 from jtojnar/devhelp-devdoc
stdenv: Move devhelp books to outputDevdoc
2017-11-25 23:14:47 +00:00
Jan Tojnar
70a0580e38
stdenv: Move devhelp books to outputDevdoc 2017-11-24 02:09:44 +01:00
Frederik Rietdijk
6ad79678d4 Merge remote-tracking branch 'upstream/master' into HEAD 2017-11-23 16:38:31 +01:00
Graham Christensen
1f0a09fd59
Merge pull request #31801 from bhipple/centos-7.3-vmtools-image
Init Centos 7.3 vmTools diskImage
2017-11-22 20:19:51 -05:00
John Ericson
405412dfd9
Merge pull request #31775 from obsidiansystems/stdenv-both-propagated-files
stdenv setup: Always use both propagated files
2017-11-22 15:23:37 -05:00
Orivej Desh
b8e1e7191e Merge branch 'master' into staging
* master: (80 commits)
  lkl: Supports aarch64
  wimlib: nitpicks
  gitAndTools.git-codeowners: 0.1.1 -> 0.1.2
  wimlib: init at 1.12.0
  kernel: improve modDirVersion error message
  releaseTools.sourceTarball: Clean up temporary files
  dotnetPackages.SmartIrc4net: rehash source
  migmix: make it a fixed-output derivation
  vm: Create /dev/full
  samba: 4.6.8 -> 4.6.11 to address CVEs CVE-2017-14746 & CVE-2017-15275
  microcodeIntel: 20170707 -> 20171117
  sshd: Remove ripemd160 MACs
  kernel config: Enable MEDIA_CONTROLLER
  linux: 4.4.99 -> 4.4.100
  linux: 4.9.63 -> 4.9.64
  nix-bash-completions: 0.4 -> 0.5
  linux: 4.14 -> 4.14.1
  linux: 4.13.14 -> 4.13.15
  nix-zsh-completions: 0.3.3 -> 0.3.5
  dns-root-data: use a stable URL that I maintain anyway
  ...
2017-11-21 22:48:36 +00:00
Eelco Dolstra
3d5828ebed
releaseTools.sourceTarball: Clean up temporary files 2017-11-21 19:45:20 +01:00
Eelco Dolstra
9f74cf3e12
vm: Create /dev/full
https://hydra.nixos.org/build/64519371
2017-11-21 18:25:50 +01:00
John Ericson
da19c34d0f stdenv setup: Always use both propagated files
This continues #23374, which always kept around both attributes, by
always including both propagated files: `propgated-native-build-inputs`
and `propagated-build-inputs`. `nativePkgs` and `crossPkgs` are still
defined as before, however, so this change should only barely
observable.

This is an incremental step to fully keeping the dependencies separate
in all cases.
2017-11-21 10:44:44 -05:00
Thomas Tuegel
7ede960a27
buildRustPackage: make dependencies' source writable
Some packages, such as the xcb crate, do code generation at build-time;
therefore, the dependencies' source tree must be writable.
2017-11-20 11:02:01 -06:00
Benjamin Hipple
368432e17f Init Centos 7.3 vmTools diskImage
This commit adds the CentOS 7.3 base image from the CentOS vault, for use with
building RPMs or evaluating Nix expressions.
2017-11-18 16:05:49 -05:00
Orivej Desh
fbdc74c761 makeWrapper: delete --set-eval
because --run is good enough.
2017-11-17 12:53:54 +00:00
Orivej Desh
4199892768 makeWrapper: add --set-default and --set-eval
After #31497 starter quoting all values, there arouse the need to left some
values evaluated.

`--set-default var value` expands to `export var=${var-value}`, where value is
not evaluated and literally assigned to var unless it is already set.

`--set-eval var value` expands to `export var=$(eval echo value)`, where value
is evaluated by `eval`.
2017-11-17 10:11:01 +00:00
Orivej Desh
cd0e2f5d36
Merge pull request #31497 from abbradar/quote-makewrapper
makeWrapper: quote variables
2017-11-14 00:10:19 +00:00
Nikolay Amiantov
29c0591dc1 makeWrapper: quote values properly
This uses Bash ${foo@Q} feature to quote values properly, which allows us to
handle values containing spaces, dollars etc.

Thanks orivej for the idea!
2017-11-11 16:08:52 +03:00
Frederik Rietdijk
4508a17da7
Merge pull request #31356 from FRidh/fetchgitPrivate
fetchgitPrivate: put our custom ssh on PATH
2017-11-10 10:57:50 +01:00
Yegor Timoshenko
edb59ee7bd chroot-user: rewrite in C, drop CHROOTENV_EXTRA_BINDS
Formatted via clang-format.
2017-11-09 19:58:55 +00:00
John Ericson
4c6a1db756 Merge base commit of #30484 into staging 2017-11-08 14:26:33 -05:00
John Ericson
0101856765
Merge pull request #30549 from obsidiansystems/bintools
treewide: Introduce stdenv.cc.bintools
2017-11-08 14:20:48 -05:00
Frederik Rietdijk
f8eed5f7a5 fetchgitPrivate: put our custom ssh on PATH
Currently we wrap ssh so it can find the config file passed in by
<ssh-config-file>. If one however uses ProxyCommand ssh, then ssh that
is on PATH is taken (which is also unavailable when using nix-shell
--pure), which is the plain ${openssh}/bin/ssh.

This commit makes sure our wrapped ssh is available on PATH.
2017-11-07 14:07:52 +01:00
Vladimír Čunát
9aa37b159b
Merge branch 'master' into staging 2017-11-07 06:41:23 +01:00
Frederik Rietdijk
13cc4f513e
Merge pull request #31271 from FRidh/fetchurl
fetchurl: add passthru
2017-11-06 20:41:22 +01:00
Vladimír Čunát
1d9a8e2289
Merge branch 'master' into staging 2017-11-06 13:24:06 +01:00
Vladimír Čunát
c8c6a1edb5
Merge #31209: cc-wrapper: Fix if dynamicLinker not found 2017-11-06 13:07:43 +01:00
Bojan Nikolic
3a63fc1258 Remove trailing line 2017-11-05 23:00:24 +00:00
Bojan Nikolic
2ed054885b Remove the unnecessary second conditional 2017-11-05 22:57:44 +00:00
John Ericson
70d91badf5 treewide: Depend on stdenv.cc.bintools instead of binutils directly
One should do this when needed executables at build time. It is more
honest and cross-friendly than refering to binutils directly.
2017-11-05 17:10:53 -05:00
Tuomas Tynkkynen
0d9f2f0bb4 platforms.nix: Clean up more 'uboot' legacy
For a while now, the only thing the 'uboot' attribute does is to tell
whether to add ubootTools to kernel/initrd builds. That can be
determined with platform.kernelTarget == "uImage" just as well.
2017-11-05 17:06:59 +02:00
Tuomas Tynkkynen
b50693d16c kernel, initrd: Remove legacy ubootChooser 2017-11-05 15:11:12 +02:00
Nikolay Amiantov
5f3b84e979 cc-wrapper: disable POSIX compatibility 2017-11-05 12:19:37 +02:00
Frederik Rietdijk
ef21b240c8 fetchurl: add passthru
so that we could add e.g. the `version` attribute.
2017-11-05 10:12:19 +01:00
knupfer
d71833ee36 fetchipfs: init
Fixes #18296
2017-11-04 23:01:27 +01:00
Bojan Nikolic
3e9daece1d nixos/cc-wrapper: Fix bug if dynamicLinker not found
If a dynamic linker for target is not found the generated script fails
due to unbound variable error (due to "set -u"). Correct by specifying
default value with dynamicLinker:- and not generating ldflagsBefore if
no linker is found.

This problem was found when cross compiling to mingw32 targets
2017-11-03 21:36:43 +00:00
Ryan Trinkle
ded1281f45
Merge branch 'master' into docker-dirlinks 2017-11-03 10:53:00 -04:00
Piotr Bogdan
eb33f5bc04 build-pecl: honour nativeBuildInputs
Otherwise certain extensions are unable to locate pkgconfig.
2017-11-02 16:28:06 +00:00
Vladimír Čunát
c4be15a83b
closure-info: another half-blind attempt to fix on Hydra
The previous one was very bad and worsened the situation.
But even running with some nix-1.12 I'm unable to reproduce
the original failure.  Let's unblock channels for now.
2017-11-01 08:07:15 +01:00
Vladimír Čunát
7320572387
closure-info: half-blind attempt to fix on Hydra
I'm not sure why these started to block channel several days ago.
I've been unable to reproduce the failures locally.
2017-11-01 07:40:49 +01:00
Vladimír Čunát
447802a683
Merge branch 'master' into staging 2017-10-31 23:47:34 +01:00
Joerg Thalheim
cdf059f797 fetchbzr: do not write logs to non-existing home 2017-10-30 21:51:22 +00:00
Vladimír Čunát
687943763c
Merge branch 'master' into staging 2017-10-30 22:30:14 +01:00
Falco Peijnenburg
3004b6f150 fetchgitrevision: removed
It doesn't work and was last referred to in 5553546c21
2017-10-30 18:37:20 +01:00
Rodney Lorrimar
9b0d50e3d0 fetchbower: clean common uri characters from version string
Some bower.json files have URL dependencies missing a version.

Fixes rvl/bower2nix#18
2017-10-30 18:23:45 +01:00
Eelco Dolstra
c3255fe8ec
fetchzip and friends: Set "name" to "source" by default
This makes them produce the same store paths as builtins.fetchgit,
builtins.fetchTarball etc. See
65b5f177b5.
2017-10-30 17:17:07 +01:00
Falco Peijnenburg
febe376f13 fetchadc: removed
It's not being used
2017-10-30 16:48:26 +01:00
Vaibhav Sagar
376f7aa761
Update nix-prefetch-git
s/understand/understood/
2017-10-29 12:02:26 +08:00
zimbatm
daf53c9a10 buildRustPackage: allow passthru overrides
Don't ignore the passthru that could be passed to the derivation
2017-10-26 17:44:52 +01:00
Eelco Dolstra
8f349a3bf3
Add function closureInfo to replace pathsFromGraph
Unlike pathsFromGraph, on Nix 1.12, this function produces a
registration file containing correct NAR hash/size information.

https://hydra.nixos.org/build/62832723
2017-10-25 15:38:14 +02:00
Eelco Dolstra
5939af52b3
pathsFromGraph: Remove obsolete printManifest feature 2017-10-25 15:38:11 +02:00
Kevin Cox
5f8cf0048e rust: update cargo builder to fetch registry dynamically
The biggest benefit is that we no longer have to update the registry
package. This means that just about any cargo package can be built by
nix. No longer does `cargo update` need to be feared because it will
update to packages newer then what is available in nixpkgs.

Instead of fetching the cargo registry this bundles all the source code
into a "vendor/" folder.

This also uses the new --frozen and --locked flags which is nice.

Currently cargo-vendor only provides binaries for Linux and
macOS 64-bit. This can be solved by building it for the other
architectures and uploading it somewhere (like the NixOS cache).

This also has the downside that it requires a change to everyone's deps
hash. And if the old one is used because it was cached it will fail to
build as it will attempt to use the old version. For this reason the
attribute has been renamed to `cargoSha256`.

Authors:
* Kevin Cox <kevincox@kevincox.ca>
* Jörg Thalheim <Mic92@users.noreply.github.com>
* zimbatm <zimbatm@zimbatm.com>
2017-10-23 00:30:47 +01:00
Nikolay Amiantov
2a036ca1a5 buildFHSEnv: fix NIX_* compiler flags
This is needed now after #27672.
2017-10-17 00:39:39 +03:00
Daniel Peebles
416979f3f7 Merge pull request #30150 from copumpkin/no-rpath-nonsense
Get rid of most @rpath nonsense on Darwin
2017-10-08 16:21:27 -04:00
Dan Peebles
b426c85ce2 Get rid of most @rpath nonsense on Darwin
This requires some small changes in the stdenv, then working around the
weird choice LLVM made to hardcode @rpath in its install name, and then
lets us remove a ton of annoying workaround hacks in many of our Go
packages. With any luck this will mean less hackery going forward.
2017-10-08 16:13:46 -04:00
Vladimír Čunát
ef41fc7f51
Merge branch 'master' into staging
Hydra: ?compare=1399476
2017-10-07 10:17:42 +02:00
Nikita Uvarov
cb593780f3 trivial-builders.nix: fix writeShellScriptBin
The check should be performed on the target shell script, not on the output directory.
2017-10-06 10:55:36 +02:00
Orivej Desh
66d4941afe Merge branch 'master' into staging
* master: (48 commits)
  Mathematica: 11.0.1 -> 11.2.0
  kbfs: 20170922.f76290 -> 20171004.40555d
  packer: 1.0.3 -> 1.1.0
  libxdg-basedir: 1.0.2 -> 1.2.0
  fscrypt: 0.2.1 -> 0.2.2
  devtodo: init at 0.1.20
  keybase: 1.0.30 -> 1.0.33
  elixir: Fix locale problem on NixOS
  keybase-gui: 1.0.25 -> 1.0.33
  terraform: 0.10.2 -> 0.10.7  (#30055)
  emby: 3.2.32.0 -> 3.2.33.0
  sbcl: 1.3.21 -> 1.4.0
  ardour: 5.11 -> 5.12
  axoloti: fix evaluation
  axoloti: init at 1.0.12-1
  melpa-packages: Add new lean packages
  fastlane: init at 2.60.1
  nixos/traefik: guard example path
  go-ethereum: 1.7.0 -> 1.7.1
  xzgv: 0.9.1 -> 0.9.2
  ...
2017-10-05 07:41:39 +00:00
Dan Peebles
dd8a42a224 fetchpatch: allow callers to specify postFetch sensibly
Before this fix, it seemed to be trying to merge our postFetch with the
patch normalization logic, but accidentally clobbering the whole thing
with the passed-in value.
2017-10-03 12:48:30 -04:00
Eelco Dolstra
3c3d8710b5 Merge pull request #29568 from obsidiansystems/cc-wrapper-32
cc-wrapper: Clean up dynamic linking with x86 multilib
2017-10-02 17:57:30 +02:00
Orivej Desh
fda26c8476 Merge branch 'master' into staging
* master: (271 commits)
  pysmbc: clarify license
  pysmbc: fix license
  bazel: 0.5.4 -> 0.6.0 (#29990)
  googler: init at 3.3
  go: declare support for aarch64
  firefox-beta-bin: 56.0b5 -> 57.0b4
  spotify: 1.0.64.401.g9d720389-21 -> 1.0.64.407.g9bd02c2d-26
  gogs: 0.11.19 -> 0.11.29
  grafana: 4.5.1 -> 4.5.2
  mopidy-iris: 3.4.1 -> 3.4.9
  nextcloud: 12.0.2 -> 12.0.3
  haskell-json-autotype: jailbreak to fix build within LTS 9.x
  kore: fix up
  kore: init at 2.0.0
  glusterfs service: fix issues with useRpcbind
  tig: 2.2.2 -> 2.3.0
  haskell-hspec-core: enable test suite again
  hackage-packages.nix: automatic Haskell package set update
  librsvg: fix thumbnailer path
  awscli: 1.11.108 -> 1.11.162
  ...
2017-10-02 00:22:12 +00:00
John Ericson
fdbda216b1 cc-wrapper: Clean up dynamic linking with x86 multilib
It's better layering to do everything in ld-wrapper. Also, use numeric
comparisons for `relocatable`.
2017-09-28 20:05:26 -04:00
John Ericson
2cb098b7b4 Merge branch 'cc-wrapper-stdenvNoCC' into ericson2314-cross-base 2017-09-28 19:12:31 -04:00
John Ericson
f037625f87 Merge remote-tracking branch 'upstream/staging' into deps-reorg 2017-09-28 12:32:57 -04:00
Robin Gloster
20677fca59
dockerTools: fix hash to accomodate the pullImage revert 2017-09-28 14:09:49 +02:00
Robin Gloster
5c6dc717a6
Revert "dockerTools.pullImage: use skopeo to pull the image"
This reverts commit 01174c5f4d.

See https://github.com/NixOS/nixpkgs/pull/29302#issuecomment-332809092
for more information. This broke image format compatibility and
therefore amongst others mesos.
2017-09-28 14:09:49 +02:00
Robin Gloster
dabb296c76
Revert "dockerTools.buildImage: Switch to the format image generated by Skopeo"
This reverts commit 35f205a4b6.

This does not use a standard format and by that breaks mesos
2017-09-28 13:01:34 +02:00
Vladimír Čunát
41aa302727
Merge branch 'master' into staging 2017-09-26 22:31:59 +02:00
Vladimír Čunát
ef35406c09
Merge #29617: cc-wrapper: Use stdenvNoCC to build 2017-09-26 21:59:04 +02:00
John Ericson
d349f9a340 cc-wrapper: Use stdenvNoCC to build
cc-wrapper may wrap a cc-compiler, but it doesn't need one to build
itself. (c.f. expand-response-params is a separate derivation.) This
helps avoid cycles on the cross stuff, in addition to removing a
useless dependency edge.

I could have been super careful with overrides in the stdenv to avoid
the mass rebuild, but I don't think it's worth it.
2017-09-26 14:08:21 -04:00
John Ericson
87067dc471 Merge pull request #29580 from obsidiansystems/stdenv-super-debug
stdenv: Provide a way for full `set -x` debugging
2017-09-26 14:05:00 -04:00
John Ericson
0d3d2a01d2 cc-wrapper: Add set -x tracing for NIX_DEBUG >= 7 2017-09-26 11:24:19 -04:00
John Ericson
127a5f3357 treewide: Use (( "${NIX_DEBUG:-0}" >= 1) )) consistently 2017-09-26 11:24:19 -04:00
Antoine Eiche
ff4d7f0fd2 dockerTools.examples.nix: set NIX_PAGER=cat environment variable 2017-09-25 09:39:15 +02:00
Vladimír Čunát
cb9a846762
Merge older staging
Hydra looks OK; not finished yet but already has more successes than
on master.
2017-09-24 20:56:11 +02:00
Antoine Eiche
35f205a4b6 dockerTools.buildImage: Switch to the format image generated by Skopeo
We were using 'Combined Image JSON + Filesystem Changeset Format' [1] to
unpack and pack image and this patch switches to the format used by the registry.

We used the 'repository' file which is not generated by Skopeo when it
pulls an image. Moreover, all information of this file are also in the
manifest.json file.
We then use the manifest.json file instead of 'repository' file. Note
also the manifest.json file is required to push an image with Skopeo.

Fix #29636

[1] 749d90e10f/image/spec/v1.1.md (combined-image-json--filesystem-changeset-format)
2017-09-23 13:17:07 +02:00
Vladimír Čunát
73282c8cc2
Merge branch 'master' into staging
Thousands of rebuilds from master :-/
2017-09-23 09:57:23 +02:00
John Ericson
ed14223f8c treewide: Manual fix more pkg-config build-inputs 2017-09-21 15:49:54 -04:00
John Ericson
531e4b80c9 misc pkgs: Basic sed to get fix pkgconfig and autoreconfHook buildInputs
Only acts on one-line dependency lists.
2017-09-21 15:49:53 -04:00
Antoine Eiche
cb6fc52f99 dockerTools.buildImageWithNixDb: Make output paths valid and add gcroots
The database dump doesn't contain sha and size. This leads to invalid
path in the container. We have to fix the database by using
nix-store.
Note a better way to do this is available in Nix 1.12 (since the
database dump contains all required information).

We also add content output paths in the gcroots since they ca be used
by the container.
2017-09-20 20:14:29 +02:00
Antoine Eiche
df589a438e dockerTools.buildImageWithNixDb: populate the Nix Db of the image Nix store
Currently, the contents closure is copied to the layer but there is no
nix database initialization. If pkgs.nix is added in the contents,
nix-store doesn't work because there is no nix database.

From the contents of the layer, this commit generates and loads the
database in the nix store of the container. This only works if there
is no parent layer that already have a nix store (to support several
nix layers, we would have to merge nix databases of parent layers).

We also add an example to play with the nix store inside the
container. Note it seems `more` is a missing dependency of the nix
package!
2017-09-20 20:14:24 +02:00
John Ericson
e9c1f64048 Merge branch 'master' into staging 2017-09-20 01:39:59 -04:00
John Ericson
6c74ee68b9 cc-wrapper, cc-wrapper-old: Simplify shell logic
1. `crossDrv` is now the default so we don't need to worry about that in
   build != host builds.

2. shell is the build time shell, so `wrapCCCross` doesn't need to
   worry, as build == host.

3. `shell.shellPath` will always be appended where useful.

4. Complicated `shell == ""` logic served no purpose.
2017-09-19 16:45:24 -04:00
Vladimír Čunát
d4c33d5e4e
Merge branch 'master' into staging 2017-09-19 18:03:09 +02:00
John Ericson
d403ffecdd Merge master-merged PRs #29547 and #29548 into staging 2017-09-18 23:33:22 -04:00
John Ericson
6338c0b202 Merge pull request #29548 from obsidiansystems/cc-wrapper-cross-misc
cc-wrapper: Two trivial changes affecting cross compilation
2017-09-18 19:34:26 -04:00
John Ericson
13fc982e65 cc-wrapper: Use same dynamic loader on all Darwin, not just x86_64
In practice, this is correct because iOS is on ARM and puts the loader
there.
2017-09-18 19:25:58 -04:00
John Ericson
a44bbc72e6 cc-wrapper: Remove obsolete assertion
This was just causing evaluation problems on cross.
2017-09-18 19:22:57 -04:00
Michael Weiss
018a5ae2f4 fetchRepoProject: Fetch into $out and make it deterministic
Fetch into $out and remove all version control files to make it
deterministic (.repo and all .git subdirectories - e.g. the .git/index
files change every time).

Additionally I've changed the default of "useArchive" to false because
fetching with "--archive" will fail for some projects (e.g.
"platform/external/iosched" from the AOSP).

Now, this function should hopefully work for every tag of the AOSP.
2017-09-17 23:16:33 +02:00
Vladimír Čunát
4ca45f229b
set-source-date-epoch-to-latest.sh: shut up a warning
> bash: warning: command substitution: ignored null byte in input
/cc #28227.  Also break the overlong line.
2017-09-17 10:35:44 +02:00
Antoine Eiche
01174c5f4d dockerTools.pullImage: use skopeo to pull the image
Before this patch, a VM was used to spawn docker that pulled the
VM. Now, the tool Skopeo does this job well so we can simplify our
dockerTools since we doesn't need Docker anymore:)

This also fixe the regression described in
https://github.com/NixOS/nixpkgs/issues/29271 : cntlm proxy doesn't
work in 17.09 while it worked in 17.03.

Note Skopeo doesn't produce the same output than docker pull so, we
have to update sha.
2017-09-17 08:26:02 +01:00
Michael Weiss
337380ea1d gitRepo: Fix an error due to missing TLS certificates
This was a problem when run inside a sandbox, e.g. via
"fetchRepoProject". The error message from repo seems unrelated:

fatal: Cannot get https://gerrit.googlesource.com/git-repo/clone.bundle
fatal: error no host given

But the exception is actually thrown due to missing certificates
(/etc/ssl/certs). It should be possible to provide another location via
environment variables (e.g. SSL_CERT_FILE, REQUESTS_CA_BUNDLE or
CURL_CA_BUNDLE) but apparently that doesn't actually work for some
reason (would have to study our Python packaging).

Now "fetchRepoProject" works without the "--no-clone-bundle" option.
2017-09-16 22:13:56 +02:00
Michael Weiss
62b9d78b18 fetchRepoProject: Fix the GnuPG verification
The verification was failing with the following error:
gpg: keyblock resource '/tmp/nix-build-XYZ.drv-0/.repo/repo/./.repoconfig/gnupg/pubring.kbx': No such file or directory

Using an absolute path for $HOME fixes this.

And since 175ecbab91 the dependencies on
"git" and "gnupg" aren't required anymore as "gitRepo" already covers
them.
2017-09-16 17:57:14 +02:00
Michael Weiss
50ce8abccf fetchRepoProject: Refactor the code
Should hopefully make it a bit more readable and less redundant.
2017-09-16 17:25:25 +02:00
Frederik Rietdijk
03fa6965ad Merge remote-tracking branch 'upstream/master' into HEAD 2017-09-16 12:34:32 +02:00
John Ericson
12452178e8 Merge pull request #29381 from obsidiansystems/autoreconf-hook
autoreconfHook: Simplify by avoiding `findInputs`
2017-09-14 13:16:53 -04:00
John Ericson
d242978671 autoreconfHook: Simplify by avoiding findInputs
`findInputs` is a stdenv/setup helper we should strive not to call
elsewhere. Using normal deps is more idiomatic anyways.
2017-09-14 13:16:12 -04:00
Frederik Rietdijk
87f757e834 Merge pull request #27780 from tilpner/overridable-buildenv
Make buildEnv overridable
2017-09-14 17:26:33 +02:00
Domen Kožar
f49b7d3c88
vm: remove trusty-updates hash as it changes too often 2017-09-14 11:29:10 +02:00
Jörg Thalheim
9e7db9a9f9 Merge pull request #28963 from nlewo/docker-readiness
dockerTools.pullImage: change the docker deamon readiness mechanism
2017-09-13 10:39:16 +01:00
Frederik Rietdijk
628b6c0e9d Merge remote-tracking branch 'upstream/master' into HEAD 2017-09-11 22:52:53 +02:00
Domen Kožar
c7a152e5d0
vm: bump trusty-updates hash
In future we might just not use the updates if hash changes too
often.
2017-09-11 13:02:19 +02:00
Eelco Dolstra
ec8d41f08c
Revert "Merge pull request #28557 from obsidiansystems/binutils-wrapper"
This reverts commit 0a944b345e, reversing
changes made to 61733ed6cc.

I dislike these massive stdenv changes with unclear motivation,
especially when they involve gratuitous mass renames like NIX_CC ->
NIX_BINUTILS. The previous such rename (NIX_GCC -> NIX_CC) caused
months of pain, so let's not do that again.
2017-09-07 12:51:21 +02:00
John Ericson
eb326c9cb7 macos-sierra-shared: Fix, after binutils-wrapper broke it
cctool's as needs to be told use to use gnu as, or else we'd need a
dependency cycle between cctools and clang for this case.

In general, this is not a problem because clang uses its own integrated
assembler where possible, and gnu as otherwise.
2017-09-06 14:28:14 -04:00
John Ericson
3601a97e3c binutils-wrapper: Accidentally deleted macOS Sierra reexport hack
Did this when spliting off binutils-wrapper from cc-wrapper in
40e9b2a7e6: I deleted the file instead of
moving it.
2017-09-04 11:26:41 -04:00
Antoine Eiche
132e790735 dockerTools.pullImage: change the docker deamon readiness mechanism
To wait for the docker deamon, curl requests are sent. However, if a
http proxy is set, it will respond instead of the docker daemon.
To avoid this, we send docker ps command instead of curl command.
2017-09-04 10:52:16 +02:00
John Ericson
0a944b345e Merge pull request #28557 from obsidiansystems/binutils-wrapper
Binutils-wrapper: Init by refactoring out of cc-wrapper
2017-09-03 10:37:27 -04:00
Vladimír Čunát
51d6d27e90
Merge #28227: set-source-date-epoch-to-latest.sh: ignore generated files 2017-09-02 21:36:34 +02:00
Frederik Rietdijk
d0dab8a330 Merge remote-tracking branch 'upstream/master' into HEAD 2017-09-02 11:10:52 +02:00
John Ericson
dbf6d20d64 binutils-wrapper: Import separately from cc-wrapper 2017-09-01 11:44:56 -04:00
John Ericson
40e9b2a7e6 binutils-wrapper: Init
Factor a binutils wrapper out of cc-wrapper. While only LD is wrapped,
the setup hook defines environment variables on behalf of other
utilites.
2017-09-01 11:44:55 -04:00
John Ericson
fbb7d335db cc-wrapper: Use separate mangler for "bool" variables
This avoids any `NIX_FOOBAR=1 1` not triggering conditions.
2017-09-01 11:44:54 -04:00