From ceccff3439fdbb11ac2025bdd4578970f3c49e28 Mon Sep 17 00:00:00 2001 From: Leonhard Markert Date: Tue, 5 Nov 2019 11:57:05 +0100 Subject: [PATCH] lorri: init at version unstable-2019-10-30 Includes user service (nixos/modules/services/development/lorri) that starts on demand. --- nixos/tests/all-tests.nix | 1 + nixos/tests/lorri/builder.sh | 3 + nixos/tests/lorri/default.nix | 26 +++++++++ nixos/tests/lorri/fake-shell.nix | 5 ++ pkgs/tools/misc/lorri/default.nix | 56 +++++++++++++++++++ .../misc/lorri/runtime-closure.nix.template | 37 ++++++++++++ pkgs/tools/misc/lorri/runtime.nix | 33 +++++++++++ pkgs/top-level/all-packages.nix | 5 +- 8 files changed, 165 insertions(+), 1 deletion(-) create mode 100644 nixos/tests/lorri/builder.sh create mode 100644 nixos/tests/lorri/default.nix create mode 100644 nixos/tests/lorri/fake-shell.nix create mode 100644 pkgs/tools/misc/lorri/default.nix create mode 100644 pkgs/tools/misc/lorri/runtime-closure.nix.template create mode 100644 pkgs/tools/misc/lorri/runtime.nix diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 8ba10bdc4f4..b285f817d96 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -147,6 +147,7 @@ in login = handleTest ./login.nix {}; loki = handleTest ./loki.nix {}; #logstash = handleTest ./logstash.nix {}; + lorri = handleTest ./lorri/default.nix {}; mailcatcher = handleTest ./mailcatcher.nix {}; mathics = handleTest ./mathics.nix {}; matomo = handleTest ./matomo.nix {}; diff --git a/nixos/tests/lorri/builder.sh b/nixos/tests/lorri/builder.sh new file mode 100644 index 00000000000..b586b2bf798 --- /dev/null +++ b/nixos/tests/lorri/builder.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +printf "%s" "${name:?}" > "${out:?}" diff --git a/nixos/tests/lorri/default.nix b/nixos/tests/lorri/default.nix new file mode 100644 index 00000000000..53074385a65 --- /dev/null +++ b/nixos/tests/lorri/default.nix @@ -0,0 +1,26 @@ +import ../make-test-python.nix { + machine = { pkgs, ... }: { + imports = [ ../../modules/profiles/minimal.nix ]; + environment.systemPackages = [ pkgs.lorri ]; + }; + + testScript = '' + # Copy files over + machine.succeed( + "cp '${./fake-shell.nix}' shell.nix" + ) + machine.succeed( + "cp '${./builder.sh}' builder.sh" + ) + + # Start the daemon and wait until it is ready + machine.execute("lorri daemon > lorri.stdout 2> lorri.stderr &") + machine.wait_until_succeeds("grep --fixed-strings 'lorri: ready' lorri.stdout") + + # Ping the daemon + machine.execute("lorri ping_ $(readlink -f shell.nix)") + + # Wait for the daemon to finish the build + machine.wait_until_succeeds("grep --fixed-strings 'OutputPaths' lorri.stdout") + ''; +} diff --git a/nixos/tests/lorri/fake-shell.nix b/nixos/tests/lorri/fake-shell.nix new file mode 100644 index 00000000000..9de9d247e54 --- /dev/null +++ b/nixos/tests/lorri/fake-shell.nix @@ -0,0 +1,5 @@ +derivation { + system = builtins.currentSystem; + name = "fake-shell"; + builder = ./builder.sh; +} diff --git a/pkgs/tools/misc/lorri/default.nix b/pkgs/tools/misc/lorri/default.nix new file mode 100644 index 00000000000..914578c47ec --- /dev/null +++ b/pkgs/tools/misc/lorri/default.nix @@ -0,0 +1,56 @@ +{ stdenv +, pkgs +, fetchFromGitHub +, rustPlatform + # Updater script +, runtimeShell +, writeScript + # Tests +, nixosTests + # Apple dependencies +, CoreServices +, Security +, cf-private +}: + +rustPlatform.buildRustPackage rec { + pname = "lorri"; + version = "unstable-2019-10-30"; + + meta = with stdenv.lib; { + description = "Your project's nix-env"; + homepage = "https://github.com/target/lorri"; + license = licenses.asl20; + maintainers = with maintainers; [ grahamc Profpatsch ]; + }; + + src = fetchFromGitHub { + owner = "target"; + repo = pname; + # Run `eval $(nix-build -A lorri.updater)` after updating the revision! + rev = "03f10395943449b1fc5026d3386ab8c94c520ee3"; + sha256 = "0fcl79ndaziwd8d74mk1lsijz34p2inn64b4b4am3wsyk184brzq"; + }; + + cargoSha256 = "1daff4plh7hwclfp21hkx4fiflh9r80y2c7k2sd3zm4lmpy0jpfz"; + doCheck = false; + + BUILD_REV_COUNT = src.revCount or 1; + RUN_TIME_CLOSURE = pkgs.callPackage ./runtime.nix {}; + + nativeBuildInputs = with pkgs; [ nix direnv which ]; + buildInputs = + stdenv.lib.optionals stdenv.isDarwin [ CoreServices Security cf-private ]; + + passthru = { + updater = with builtins; writeScript "copy-runtime-nix.sh" '' + #!${runtimeShell} + set -euo pipefail + cp ${src}/nix/runtime.nix ${toString ./runtime.nix} + cp ${src}/nix/runtime-closure.nix.template ${toString ./runtime-closure.nix.template} + ''; + tests = { + nixos = nixosTests.lorri; + }; + }; +} diff --git a/pkgs/tools/misc/lorri/runtime-closure.nix.template b/pkgs/tools/misc/lorri/runtime-closure.nix.template new file mode 100644 index 00000000000..2cb2ec4bbb9 --- /dev/null +++ b/pkgs/tools/misc/lorri/runtime-closure.nix.template @@ -0,0 +1,37 @@ +# Nix with sandboxing requires every path used at build time be +# explicitly declared. If we simply passed in the paths, they +# would be copied in as sources. Using builtins.storePath we're +# able to tell Nix that, no, in fact, treat these not as sources +# to copy, but instead of a regular store path. +# +# Include the explicit closure, too, otherwise we'll get mysterious +# "file not found" errors due to the glibc interpreter being +# missing. +let + # Magic inspired by Nix's config.nix: + # https://github.com/NixOS/nix/blob/f9a2ea44867cd1dbb408bca4df0ced806137b7f7/corepkgs/config.nix.in#L23 + # + # If the dependency is in the Nix store we're using, refer to + # it as a literal store path. If it isn't, refer to it "normally". + # + # This makes sandboxing happy when in a nix-build, and the + # evaluation happy when in a «cargo build». + tools_build_host = @tools_build_host@; + + # Compare the stringified version of the tools_build_host Nix store + # path to the evaluator's stringified Nix store path. Otherwise, + # Nix will read the sources in to the /nix/store, and, well, + # you can only copy the /nix/store in to the /nix/store so many + # times before you run out of disk space. + dep = if ("${toString (dirOf tools_build_host)}" == "${toString builtins.storeDir}") + then (builtins.trace "using storePath" builtins.storePath) + else (builtins.trace "using toString" toString) # assume we have no sandboxing + ; + + tools = dep tools_build_host; + +in { + path = "${tools}/bin"; + builder = "${tools}/bin/bash"; + closure = import @runtime_closure_list@ { inherit dep; }; +} diff --git a/pkgs/tools/misc/lorri/runtime.nix b/pkgs/tools/misc/lorri/runtime.nix new file mode 100644 index 00000000000..71bc89b5af3 --- /dev/null +++ b/pkgs/tools/misc/lorri/runtime.nix @@ -0,0 +1,33 @@ +{ + # Plumbing tools: + closureInfo, runCommand, writeText, buildEnv, + + # Actual dependencies to propagate: + bash, coreutils }: +let + tools = buildEnv { + name = "lorri-runtime-tools"; + paths = [ coreutils bash ]; + }; + + runtimeClosureInfo = closureInfo { + rootPaths = [ tools ]; + }; + + closureToNix = runCommand "closure.nix" {} + '' + ( + echo '{ dep, ... }: [' + sed -E 's/^(.*)$/ (dep \1)/' ${runtimeClosureInfo}/store-paths + echo ']' + ) > $out + ''; + + runtimeClosureInfoAsNix = runCommand "runtime-closure.nix" { + runtime_closure_list = closureToNix; + tools_build_host = tools; + } + '' + substituteAll ${./runtime-closure.nix.template} $out + ''; +in runtimeClosureInfoAsNix diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index fe2283525f9..cb53dcdb5c3 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -8438,7 +8438,10 @@ in llvmPackages_latest = llvmPackages_9; - lorri = throw "lorri is not stable yet. Please go to https://github.com/target/lorri and follow the installation instructions there, for the time being."; + lorri = callPackage ../tools/misc/lorri { + inherit (darwin) cf-private; + inherit (darwin.apple_sdk.frameworks) CoreServices Security; + }; manticore = callPackage ../development/compilers/manticore { };