- Make tests/lxd.nix use NixOS's lxdMeta & lxdImage to avoid relying on
3rd party containers such as Alpine Linux for testing purposes.
- Merge tests/lxd-image.nix into tests/lxd.nix, since now both have a
similar structure.
- Extract duplicated inline LXD configuration into a separate file,
- Add passthru.lxd-nftables & passthru.lxd-image-server.
This use of tryEval causes hydra to fully ignore evaluation failures of
packages that occur while trying to evaluate the hydra platforms it should be
built on. This includes failures that occur during evaluation of:
- The `.type` attribute value
- The `.meta.hydraPlatforms` or `.meta.platforms` attribute value
- The `.version` attribute, since this can determine whether
`.meta.position` is set
- For non-derivations, `.recurseForDerivations` or `.recurseForRelease`
Here's a minimal `release.nix` file, showcasing how a `.version` failure
is ignored:
let
packages = pkgs: {
success = pkgs.stdenv.mkDerivation {
name = "success";
};
ignoredFailure = pkgs.stdenv.mkDerivation {
pname = "ignored-failure";
version = throw "version error";
};
caughtFailure = pkgs.stdenv.mkDerivation {
name = "caught-failure";
src = throw "src error";
};
};
releaseLib = import <nixpkgs/pkgs/top-level/release-lib.nix> {
packageSet = args: packages (import <nixpkgs> args);
supportedSystems = [ "x86_64-linux" ];
};
in
releaseLib.mapTestOn (releaseLib.packagePlatforms releaseLib.pkgs)
Evaluating this with `hydra-eval-jobs` before this change yields:
$ hydra-eval-jobs release.nix -I nixpkgs=/path/to/nixpkgs
warning: `--gc-roots-dir' not specified
error: "error: --- ThrownError --- hydra-eval-jobs\nsrc error"
{
"caughtFailure.x86_64-linux": {
"error": "error: --- ThrownError --- hydra-eval-jobs\nsrc error"
},
"success.x86_64-linux": {
"description": "",
"drvPath": "/nix/store/q1sw933xd9bxfx6rcp0kqksbprj1wmwj-success.drv",
"homepage": "",
"isChannel": false,
"license": "",
"maintainers": "",
"maxSilent": 7200,
"nixName": "success",
"outputs": {
"out": "/nix/store/7awrz6hss4jjxvgbwi4wlyikncmslb7a-success"
},
"schedulingPriority": 100,
"system": "x86_64-linux",
"timeout": 36000
}
}
Where you can see that there is no job for the `ignoredFailure`
derivation. Compare this to after this change:
$ hydra-eval-jobs release.nix -I nixpkgs=/path/to/nixpkgs
warning: `--gc-roots-dir' not specified
error: "error: --- ThrownError --- hydra-eval-jobs\nsrc error"
error: "error: --- ThrownError --- hydra-eval-jobs\nversion error"
{
"caughtFailure.x86_64-linux": {
"error": "error: --- ThrownError --- hydra-eval-jobs\nsrc error"
},
"ignoredFailure": {
"error": "error: --- ThrownError --- hydra-eval-jobs\nversion error"
},
"success.x86_64-linux": {
"description": "",
"drvPath": "/nix/store/q1sw933xd9bxfx6rcp0kqksbprj1wmwj-success.drv",
"homepage": "",
"isChannel": false,
"license": "",
"maintainers": "",
"maxSilent": 7200,
"nixName": "success",
"outputs": {
"out": "/nix/store/7awrz6hss4jjxvgbwi4wlyikncmslb7a-success"
},
"schedulingPriority": 100,
"system": "x86_64-linux",
"timeout": 36000
}
}
Notice how `ignoredFailure` is now part of the result.
We were using `supportedMatches` both when getting the list of
platforms, and before `genAttrs` the derivation for each. Now we just
filter the second time,
Instead of intersecting system strings, we filter with the sort of
patterns used in `meta.platforms`.
Indicating this change `forTheseSystems` has been renamed to
`forMatchingSystems`, since the given list is now patterns to match, and
not the systems themselves. [Just as with `meta.platforms`, systems
strings are also supported for backwards compatibility.]
This is more flexible, and makes the `forMatchingSystems` and
packagePlatforms` cases more analogous.
Negative reasoning like `allBut` is a bad idea with an open world of
platforms. Concretely, if we add a new, quite different sort of
platform, existing packages with `allBut` will claim they work on it
even though they probably won't.
Currently the logic of generating nixpkgs Hydra jobs is to walk through
the pkgs evaluated for system = "x86_64-linux", collect any derivations
and their meta.platforms values. However, that doesn't work for
packages whose meta.platforms doesn't include x86_64-linux, as just
evaluating their meta attribute raises an error so they get skipped
completely.
As a less-intrusive fix (i.e. anything than rewriting the current package
enumeration logic), allow passing `config.allowUnsupportedSystem = true`
to permit evaluating packages regardless of their platform and use that
in the package listing phase.
Fixes#25200
The old hard-coded lists are now used to test system parsing.
In the process, make an `assertTrue` in release lib for eval tests; also
use it in release-cross
This allows customizing the nixpkgs arguments by the caller. My use case
is creating a personal nixpkgs channel containing some unfree packages.
The default is still to not build unfree packages, so for nixpkgs this
is no functional change.
[N.B., this package also applies to the commits that follow it in the same
PR.]
In most cases, buildPackages = pkgs so things work just as before. For
cross compiling, however, buildPackages is resolved as the previous
bootstrapping stage. This allows us to avoid the mkDerivation hacks cross
compiling currently uses today.
To avoid a massive refactor, callPackage will splice together both package
sets. Again to avoid churn, it uses the old `nativeDrv` vs `crossDrv` to do
so. So now, whether cross compiling or not, packages with get a `nativeDrv`
and `crossDrv`---in the non-cross-compiling case they are simply the same
derivation. This is good because it reduces the divergence between the
cross and non-cross dataflow. See `pkgs/top-level/splice.nix` for a comment
along the lines of the preceding paragraph, and the code that does this
splicing.
Also, `forceNativeDrv` is replaced with `forceNativePackages`. The latter
resolves `pkgs` unless the host platform is different from the build
platform, in which case it resolves to `buildPackages`. Note that the
target platform is not important here---it will not prevent
`forcedNativePackages` from resolving to `pkgs`.
--------
Temporarily, we make preserve some dubious decisions in the name of preserving
hashes:
Most importantly, we don't distinguish between "host" and "target" in the
autoconf sense. This leads to the proliferation of *Cross derivations
currently used. What we ought to is resolve native deps of the cross "build
packages" (build = host != target) package set against the "vanilla
packages" (build = host = target) package set. Instead, "build packages"
uses itself, with (informally) target != build in all cases.
This is wrong because it violates the "sliding window" principle of
bootstrapping stages that shifting the platform triple of one stage to the
left coincides with the next stage's platform triple. Only because we don't
explicitly distinguish between "host" and "target" does it appear that the
"sliding window" principle is preserved--indeed it is over the reductionary
"platform double" of just "build" and "host/target".
Additionally, we build libc, libgcc, etc in the same stage as the compilers
themselves, which is wrong because they are used at runtime, not build
time. Fixing this is somewhat subtle, and the solution and problem will be
better explained in the commit that does fix it.
Commits after this will solve both these issues, at the expense of breaking
cross hashes. Native hashes won't be broken, thankfully.
--------
Did the temporary ugliness pan out? Of the packages that currently build in
`release-cross.nix`, the only ones that have their hash changed are
`*.gcc.crossDrv` and `bootstrapTools.*.coreutilsMinimal`. In both cases I
think it doesn't matter.
1. GCC when doing a `build = host = target = foreign` build (maximally
cross), still defines environment variables like `CPATH`[1] with
packages. This seems assuredly wrong because whether gcc dynamically
links those, or the programs built by gcc dynamically link those---I
have no idea which case is reality---they should be foreign. Therefore,
in all likelihood, I just made the gcc less broken.
2. Coreutils (ab)used the old cross-compiling infrastructure to depend on
a native version of itself. When coreutils was overwritten to be built
with fewer features, the native version it used would also be
overwritten because the binding was tight. Now it uses the much looser
`BuildPackages.coreutils` which is just fine as a richer build dep
doesn't cause any problems and avoids a rebuild.
So, in conclusion I'd say the conservatism payed off. Onward to actually
raking the muck in the next PR!
[1]: https://gcc.gnu.org/onlinedocs/gcc/Environment-Variables.html
It now strictly evaluates all remaining attributes, preventing
unevaluated thunks that cannot be garbage-collected. It's also applied
to all jobs in Nixpkgs' release.nix.
This reduces hydra-eval-jobs' memory consumption on the 14.12
release-combined jobset from 5.1 GB to 2.0 GB.
The function ‘mkDerivation’ now checks whether the current platform
type is included in a package's meta.platform field. If not, it
throws an exception:
$ nix-build -A linux --argstr system x86_64-darwin
error: user-thrown exception: the package ‘linux-3.10.15’ is not supported on ‘x86_64-darwin’
These packages also no longer show up in ‘nix-env -qa’ output. This
means, for instance, that the number of packages shown on
x86_64-freebsd has dropped from 9268 to 4764.
Since meta.platforms was also used to prevent Hydra from building some
packages, there now is a new attribute meta.hydraPlatforms listing the
platforms on which Hydra should build the package (which defaults to
meta.platforms).
That is, there are now distinct jobs like ‘coreutils.x86_64-linux’ and
‘coreutils.x86_64-darwin’, rather than a single job ‘coreutils’ with
multiple builds. This means that testing a job is simpler:
$ nix-build pkgs/top-level/release.nix -A coreutils.x86_64-linux
See https://github.com/NixOS/hydra/issues/60 for the motivation.