In preparation for the deprecation of `stdenv.isX`.
These shorthands are not conducive to cross-compilation because they
hide the platforms.
Darwin might get cross-compilation for which the continued usage of `stdenv.isDarwin` will get in the way
One example of why this is bad and especially affects compiler packages
https://www.github.com/NixOS/nixpkgs/pull/343059
There are too many files to go through manually but a treewide should
get users thinking when they see a `hostPlatform.isX` in a place where it
doesn't make sense.
```
fd --type f "\.nix" | xargs sd --fixed-strings "stdenv.is" "stdenv.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "stdenv'.is" "stdenv'.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "clangStdenv.is" "clangStdenv.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "gccStdenv.is" "gccStdenv.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "stdenvNoCC.is" "stdenvNoCC.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "inherit (stdenv) is" "inherit (stdenv.hostPlatform) is"
fd --type f "\.nix" | xargs sd --fixed-strings "buildStdenv.is" "buildStdenv.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "effectiveStdenv.is" "effectiveStdenv.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "originalStdenv.is" "originalStdenv.hostPlatform.is"
```
With cryptography 42 we can no longer just override the `src`,
because the derivation for 42 can no longer build version 40.
So revive the old version based on:
git show d74195bc77c03b6b7aa7c3433205dd518f245ef2~:pkgs/development/python-modules/cryptography/default.nix > pkgs/development/python-modules/cryptography/40.nix
git show d74195bc77c03b6b7aa7c3433205dd518f245ef2~:pkgs/development/python-modules/cryptography/vectors.nix > pkgs/development/python-modules/cryptography/vectors-40.nix │
Also:
* Include a patch for CVE-2024-26130
* Run `nixfmt` on them.
* `Securiy` -> `Security ? null` because in the local override
it doesn't seem to pass that Darwin-specific package on Linux;
avoids error:
Function called without required argument "Security"
Otherwise references to the Python interpreter inside the set are wrong, as demonstrated by:
``` nix
with import <nixpkgs> { };
let
python' = python3.override {
packageOverrides = final: prev: { requests = prev.requests.overridePythonAttrs(old: { version = "1337"; }); };
};
in python'.pkgs.python.pkgs.requests
```
which returns the _non_ overriden requests.
And the same with `self`:
```
with import <nixpkgs> { };
let
python' = python3.override {
self = python';
packageOverrides = final: prev: { requests = prev.requests.overridePythonAttrs(old: { version = "1337"; }); };
};
in python'.pkgs.python.pkgs.requests
```
which returns the overriden requests.
This can manifest itself as file collisions when constructing environments or as subtly incorrect dependency graphs.
This is yet another incarnation of https://tracker.ceph.com/issues/64213
which was fixed for cryptography specifically (thus fixing dashboard)
but since our bcrypt update https://github.com/NixOS/nixpkgs/pull/291195
every module broke for the same reason
Until upstream manages to get this fixed permanently, I don't see that
we can do much but "vendor" in these old deps.
It may be possible to more delicately patch the rust package underneath
bcrypt, but I'm not sure how
Since ba83271df0 the build fails with
applying patch /nix/store/46rxbbvl2l3mrxb50y9rzy7ahgx0lraj-d741901dddd731895346636c0d3556c6fa51fbe6.patch
patching file tests/hazmat/primitives/test_aead.py
Hunk #1 FAILED at 56.
Hunk #2 FAILED at 197.
Hunk #3 FAILED at 378.
Hunk #4 FAILED at 525.
Hunk #5 FAILED at 700.
Hunk #6 FAILED at 844.
6 out of 6 hunks FAILED -- saving rejects to file tests/hazmat/primitives/test_aead.py.rej
Fixes#241482.
Also fix test putting cluster in unhealthy `POOL_APP_NOT_ENABLED` state;
this seems to be the default state with Ceph 18.2.1 at least,
and it does not hurt to fix it now already in the way the Ceph docs say.
Also revert "nixosTests.ceph-single-node: remove dashboard check"
This reverts commit 41b27d7f4b.
While trying to mount CephFS using libceph and systemd, mount.ceph tries to call "modinfo", "modprobe", and "grep", but fails with the error "sh: line 1: modprobe: command not found". This is because ceph calls these binaries by running the command "sh -c -- <application> %s %s", which does not pass the PATH environment variable through. This isn't usually a problem, because ceph, by default, calls the paths of these binaries as they would be in debian, in /sbin and /bin, but a change was made to replace these with relative paths, thus breaking the mounting process entirely. Replacing these relative paths with absolute store paths alleviates this issue whilst preserving all functionality.
The following issues were encountered during the upgrade:
* "Could NOT find thrift (missing: thrift_LIBRARIES thrift_INCLUDE_DIR)"
Fixed by disabling Jaeger support, see added comment.
* ```
/build/ceph-18.2.0/src/extblkdev/ExtBlkDevInterface.h:38:10: fatal error: sys/capability.h: No such file or directory
38 | #include <sys/capability.h>
```
Fixed by `libcap` dependency.
Ceph's Debian dependencies include both `libcap` and `libcap-ng`:
c8c946c970/debian/control (L38-L39)
* ```
Manually-specified variables were not used by the project:
MGR_PYTHON_VERSION
```
Dropped 4 years ago for Ceph 15:
5fc657b40d
So I removed the flag.
* Warning:
```
-- Could NOT find nasm
```
Looking at the code (macros such as `HAVE_NASM_X64`), nasm existence actually results in some optimised crypto SIMD instructions being compiled, so we probably want this for performance.
Adding `nasm` to `nativeBuildInputs` first brought error:
```
/nix/store/p6dlr3skfhxpyphipg2bqnj52999banh-bash-5.2-p15/bin/bash: line 1: /build/ceph-18.2.0/src/nasm-wrapper: cannot execute: required file not found
make[2]: *** [src/crypto/isa-l/CMakeFiles/ceph_crypto_isal.dir/build.make:117: src/crypto/isa-l/CMakeFiles/ceph_crypto_isal.dir/isa-l_crypto/aes/cbc_multibinary.asm.o] Error 127
```
Solution: `patchShebangs src/nasm-wrapper`, even better `patchShebangs src/`.
* ```
Manually-specified variables were not used by the project:
WITH_SYSTEM_CIMG
WITH_SYSTEM_JSONCPP
```
These never were Ceph CMake options, so I removed them.
* `libcap-ng` is Linux-only, and only used for the `mount.ceph` command:
c8c946c970/src/CMakeLists.txt (L829-L830)
Thus use it for Linux only.
* The Parquet build error is now gone, so we can enable support for it.
This version-override approach is annoying me, as the original
derivation is then supposed to support multiple versions
without knowing about it. And naturally it tends to break.
(this time on 446a8703c3)
https://hydra.nixos.org/build/228178995/nixlog/3/tail
Updates Ceph from the Pacific to the Quincy release tree.
Upgrade to boost179 and python310, cleans up the python environment,
builds with more system libraries.
Disables parquet support for the radosgw, because I couldn't
get it to build.
Also properly enable the testsuite on ceph-common and generally unroll
and sort lists for a better overview and history.
Co-Authored-By: name_snrl <Demogorgon-74@ya.ru>
checkInputs used to be added to nativeBuildInputs. Now we have
nativeCheckInputs to do that instead. Doing this treewide change allows
to keep hashes identical to before the introduction of
nativeCheckInputs.