aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/manual/src/contributing/hacking.md6
-rw-r--r--flake.nix290
-rw-r--r--tests/installer/default.nix2
3 files changed, 113 insertions, 185 deletions
diff --git a/doc/manual/src/contributing/hacking.md b/doc/manual/src/contributing/hacking.md
index f5c76f837..d16ffa4af 100644
--- a/doc/manual/src/contributing/hacking.md
+++ b/doc/manual/src/contributing/hacking.md
@@ -30,7 +30,7 @@ This shell also adds `./outputs/bin/nix` to your `$PATH` so you can run `nix` im
To get a shell with one of the other [supported compilation environments](#compilation-environments):
```console
-$ nix develop .#clang11Stdenv
+$ nix develop .#native-clang11StdenvPackages
```
> **Note**
@@ -77,12 +77,12 @@ $ nix-shell
To get a shell with one of the other [supported compilation environments](#compilation-environments):
```console
-$ nix-shell -A devShells.x86_64-linux.clang11Stdenv
+$ nix-shell -A devShells.x86_64-linux.native-clang11StdenvPackages
```
> **Note**
>
-> You can use `ccacheStdenv` to drastically improve rebuild time.
+> You can use `native-ccacheStdenvPackages` to drastically improve rebuild time.
> By default, [ccache](https://ccache.dev) keeps artifacts in `~/.cache/ccache/`.
To build Nix itself in this shell:
diff --git a/flake.nix b/flake.nix
index 0ac77cacc..c399a5304 100644
--- a/flake.nix
+++ b/flake.nix
@@ -8,10 +8,11 @@
outputs = { self, nixpkgs, nixpkgs-regression, lowdown-src }:
let
+ inherit (nixpkgs) lib;
officialRelease = false;
- version = nixpkgs.lib.fileContents ./.version + versionSuffix;
+ version = lib.fileContents ./.version + versionSuffix;
versionSuffix =
if officialRelease
then ""
@@ -25,34 +26,36 @@
stdenvs = [ "gccStdenv" "clangStdenv" "clang11Stdenv" "stdenv" "libcxxStdenv" "ccacheStdenv" ];
- forAllSystems = f: nixpkgs.lib.genAttrs systems (system: f system);
- forAllSystemsAndStdenvs = f: forAllSystems (system:
- nixpkgs.lib.listToAttrs
+ forAllSystems = lib.genAttrs systems;
+
+ forAllCrossSystems = lib.genAttrs crossSystems;
+
+ forAllStdenvs = f:
+ lib.listToAttrs
(map
- (n:
- nixpkgs.lib.nameValuePair "${n}Packages" (
- f system n
- )) stdenvs
- )
- );
+ (stdenvName: {
+ name = "${stdenvName}Packages";
+ value = f stdenvName;
+ })
+ stdenvs);
- forAllStdenvs = f: nixpkgs.lib.genAttrs stdenvs (stdenv: f stdenv);
# Memoize nixpkgs for different platforms for efficiency.
- nixpkgsFor =
- let stdenvsPackages = forAllSystemsAndStdenvs
- (system: stdenv:
- import nixpkgs {
- inherit system;
- overlays = [
- (overlayFor (p: p.${stdenv}))
- ];
- }
- );
- in
- # Add the `stdenvPackages` at toplevel, both because these are the ones
- # we want most of the time and for backwards compatibility
- forAllSystems (system: stdenvsPackages.${system} // stdenvsPackages.${system}.stdenvPackages);
+ nixpkgsFor = forAllSystems
+ (system: let
+ make-pkgs = crossSystem: stdenv: import nixpkgs {
+ inherit system crossSystem;
+ overlays = [
+ (overlayFor (p: p.${stdenv}))
+ ];
+ };
+ stdenvs = forAllStdenvs (make-pkgs null);
+ native = stdenvs.stdenvPackages;
+ in {
+ inherit stdenvs native;
+ static = native.pkgsStatic;
+ cross = forAllCrossSystems (crossSystem: make-pkgs crossSystem "stdenv");
+ });
commonDeps = { pkgs, isStatic ? false }: with pkgs; rec {
# Use "busybox-sandbox-shell" if present,
@@ -144,7 +147,7 @@
};
installScriptFor = systems:
- with nixpkgsFor.x86_64-linux;
+ with nixpkgsFor.x86_64-linux.native;
runCommand "installer-script"
{ buildInputs = [ nix ];
}
@@ -208,8 +211,9 @@
installCheckPhase = "make installcheck -j$NIX_BUILD_CORES -l$NIX_BUILD_CORES";
};
- binaryTarball = buildPackages: nix: pkgs:
+ binaryTarball = nix: pkgs:
let
+ inherit (pkgs) buildPackages;
inherit (pkgs) cacert;
installerClosureInfo = buildPackages.closureInfo { rootPaths = [ nix cacert ]; };
in
@@ -289,7 +293,9 @@
# Forward from the previous stage as we don’t want it to pick the lowdown override
nixUnstable = prev.nixUnstable;
- nix = with final; with commonDeps { inherit pkgs; }; currentStdenv.mkDerivation {
+ nix = with final; with commonDeps { inherit pkgs; }; let
+ canRunInstalled = currentStdenv.buildPlatform.canExecute currentStdenv.hostPlatform;
+ in currentStdenv.mkDerivation {
name = "nix-${version}";
inherit version;
@@ -300,24 +306,26 @@
outputs = [ "out" "dev" "doc" ];
nativeBuildInputs = nativeBuildDeps;
- buildInputs = buildDeps ++ awsDeps;
+ buildInputs = buildDeps
+ # There have been issues building these dependencies
+ ++ lib.optionals (currentStdenv.hostPlatform == currentStdenv.buildPlatform) awsDeps;
propagatedBuildInputs = propagatedDeps;
disallowedReferences = [ boost ];
- preConfigure =
+ preConfigure = lib.optionalString (! currentStdenv.hostPlatform.isStatic)
''
# Copy libboost_context so we don't get all of Boost in our closure.
# https://github.com/NixOS/nixpkgs/issues/45462
mkdir -p $out/lib
cp -pd ${boost}/lib/{libboost_context*,libboost_thread*,libboost_system*} $out/lib
rm -f $out/lib/*.a
- ${lib.optionalString currentStdenv.isLinux ''
+ ${lib.optionalString currentStdenv.hostPlatform.isLinux ''
chmod u+w $out/lib/*.so.*
patchelf --set-rpath $out/lib:${currentStdenv.cc.cc.lib}/lib $out/lib/libboost_thread.so.*
''}
- ${lib.optionalString currentStdenv.isDarwin ''
+ ${lib.optionalString currentStdenv.hostPlatform.isDarwin ''
for LIB in $out/lib/*.dylib; do
chmod u+w $LIB
install_name_tool -id $LIB $LIB
@@ -328,7 +336,9 @@
'';
configureFlags = configureFlags ++
- [ "--sysconfdir=/etc" ];
+ [ "--sysconfdir=/etc" ] ++
+ lib.optional stdenv.hostPlatform.isStatic "--enable-embedded-sandbox-shell" ++
+ lib.optional (!canRunInstalled) "--disable-doc-gen";
enableParallelBuilding = true;
@@ -356,6 +366,8 @@
strictDeps = true;
+ hardeningDisable = lib.optional stdenv.hostPlatform.isStatic "pie";
+
passthru.perl-bindings = with final; perl.pkgs.toPerlModule (currentStdenv.mkDerivation {
name = "nix-perl-${version}";
@@ -388,7 +400,7 @@
postUnpack = "sourceRoot=$sourceRoot/perl";
});
- meta.platforms = systems;
+ meta.platforms = lib.platforms.unix;
};
lowdown-nix = with final; currentStdenv.mkDerivation rec {
@@ -414,14 +426,15 @@
# https://nixos.org/manual/nixos/unstable/index.html#sec-calling-nixos-tests
runNixOSTestFor = system: test: nixos-lib.runTest {
imports = [ test ];
- hostPkgs = nixpkgsFor.${system};
+ hostPkgs = nixpkgsFor.${system}.native;
defaults = {
- nixpkgs.pkgs = nixpkgsFor.${system};
+ nixpkgs.pkgs = nixpkgsFor.${system}.native;
};
_module.args.nixpkgs = nixpkgs;
};
in {
+ inherit nixpkgsFor;
# A Nixpkgs overlay that overrides the 'nix' and
# 'nix.perl-bindings' packages.
@@ -430,32 +443,28 @@
hydraJobs = {
# Binary package for various platforms.
- build = nixpkgs.lib.genAttrs systems (system: self.packages.${system}.nix);
+ build = forAllSystems (system: self.packages.${system}.nix);
- buildStatic = nixpkgs.lib.genAttrs linux64BitSystems (system: self.packages.${system}.nix-static);
+ buildStatic = lib.genAttrs linux64BitSystems (system: self.packages.${system}.nix-static);
- buildCross = nixpkgs.lib.genAttrs crossSystems (crossSystem:
- nixpkgs.lib.genAttrs ["x86_64-linux"] (system: self.packages.${system}."nix-${crossSystem}"));
+ buildCross = forAllCrossSystems (crossSystem:
+ lib.genAttrs ["x86_64-linux"] (system: self.packages.${system}."nix-${crossSystem}"));
- buildNoGc = nixpkgs.lib.genAttrs systems (system: self.packages.${system}.nix.overrideAttrs (a: { configureFlags = (a.configureFlags or []) ++ ["--enable-gc=no"];}));
+ buildNoGc = forAllSystems (system: self.packages.${system}.nix.overrideAttrs (a: { configureFlags = (a.configureFlags or []) ++ ["--enable-gc=no"];}));
# Perl bindings for various platforms.
- perlBindings = nixpkgs.lib.genAttrs systems (system: self.packages.${system}.nix.perl-bindings);
+ perlBindings = forAllSystems (system: nixpkgsFor.${system}.native.nix.perl-bindings);
# Binary tarball for various platforms, containing a Nix store
# with the closure of 'nix' package, and the second half of
# the installation script.
- binaryTarball = nixpkgs.lib.genAttrs systems (system: binaryTarball nixpkgsFor.${system} nixpkgsFor.${system}.nix nixpkgsFor.${system});
-
- binaryTarballCross = nixpkgs.lib.genAttrs ["x86_64-linux"] (system: builtins.listToAttrs (map (crossSystem: {
- name = crossSystem;
- value = let
- nixpkgsCross = import nixpkgs {
- inherit system crossSystem;
- overlays = [ self.overlays.default ];
- };
- in binaryTarball nixpkgsFor.${system} self.packages.${system}."nix-${crossSystem}" nixpkgsCross;
- }) crossSystems));
+ binaryTarball = forAllSystems (system: binaryTarball nixpkgsFor.${system}.native.nix nixpkgsFor.${system}.native);
+
+ binaryTarballCross = lib.genAttrs ["x86_64-linux"] (system:
+ forAllCrossSystems (crossSystem:
+ binaryTarball
+ self.packages.${system}."nix-${crossSystem}"
+ nixpkgsFor.${system}.cross.${crossSystem}));
# The first half of the installation script. This is uploaded
# to https://nixos.org/nix/install. It downloads the binary
@@ -465,11 +474,11 @@
installerScriptForGHA = installScriptFor [ "x86_64-linux" "x86_64-darwin" "armv6l-linux" "armv7l-linux"];
# docker image with Nix inside
- dockerImage = nixpkgs.lib.genAttrs linux64BitSystems (system: self.packages.${system}.dockerImage);
+ dockerImage = lib.genAttrs linux64BitSystems (system: self.packages.${system}.dockerImage);
# Line coverage analysis.
coverage =
- with nixpkgsFor.x86_64-linux;
+ with nixpkgsFor.x86_64-linux.native;
with commonDeps { inherit pkgs; };
releaseTools.coverageAnalysis {
@@ -513,7 +522,7 @@
tests.containers = runNixOSTestFor "x86_64-linux" ./tests/nixos/containers/containers.nix;
- tests.setuid = nixpkgs.lib.genAttrs
+ tests.setuid = lib.genAttrs
["i686-linux" "x86_64-linux"]
(system: runNixOSTestFor system ./tests/nixos/setuid.nix);
@@ -521,7 +530,7 @@
# Make sure that nix-env still produces the exact same result
# on a particular version of Nixpkgs.
tests.evalNixpkgs =
- with nixpkgsFor.x86_64-linux;
+ with nixpkgsFor.x86_64-linux.native;
runCommand "eval-nixos" { buildInputs = [ nix ]; }
''
type -p nix-env
@@ -532,18 +541,18 @@
'';
tests.nixpkgsLibTests =
- nixpkgs.lib.genAttrs systems (system:
+ forAllSystems (system:
import (nixpkgs + "/lib/tests/release.nix")
- { pkgs = nixpkgsFor.${system}; }
+ { pkgs = nixpkgsFor.${system}.native; }
);
metrics.nixpkgs = import "${nixpkgs-regression}/pkgs/top-level/metrics.nix" {
- pkgs = nixpkgsFor.x86_64-linux;
+ pkgs = nixpkgsFor.x86_64-linux.native;
nixpkgs = nixpkgs-regression;
};
installTests = forAllSystems (system:
- let pkgs = nixpkgsFor.${system}; in
+ let pkgs = nixpkgsFor.${system}.native; in
pkgs.runCommand "install-tests" {
againstSelf = testNixVersions pkgs pkgs.nix pkgs.pkgs.nix;
againstCurrentUnstable =
@@ -568,67 +577,18 @@
perlBindings = self.hydraJobs.perlBindings.${system};
installTests = self.hydraJobs.installTests.${system};
nixpkgsLibTests = self.hydraJobs.tests.nixpkgsLibTests.${system};
- } // (nixpkgs.lib.optionalAttrs (builtins.elem system linux64BitSystems)) {
+ } // (lib.optionalAttrs (builtins.elem system linux64BitSystems)) {
dockerImage = self.hydraJobs.dockerImage.${system};
});
packages = forAllSystems (system: rec {
- inherit (nixpkgsFor.${system}) nix;
+ inherit (nixpkgsFor.${system}.native) nix;
default = nix;
- } // (nixpkgs.lib.optionalAttrs (builtins.elem system linux64BitSystems) {
- nix-static = let
- nixpkgs = nixpkgsFor.${system}.pkgsStatic;
- in with commonDeps { pkgs = nixpkgs; isStatic = true; }; nixpkgs.stdenv.mkDerivation {
- name = "nix-${version}";
-
- src = self;
-
- VERSION_SUFFIX = versionSuffix;
-
- outputs = [ "out" "dev" "doc" ];
-
- nativeBuildInputs = nativeBuildDeps;
- buildInputs = buildDeps ++ propagatedDeps;
-
- # Work around pkgsStatic disabling all tests.
- # Remove in NixOS 22.11, see https://github.com/NixOS/nixpkgs/pull/140271.
- preHook =
- ''
- doCheck=1
- doInstallCheck=1
- '';
-
- configureFlags =
- configureFlags ++
- [ "--sysconfdir=/etc"
- "--enable-embedded-sandbox-shell"
- ];
-
- enableParallelBuilding = true;
-
- makeFlags = "profiledir=$(out)/etc/profile.d";
-
- installFlags = "sysconfdir=$(out)/etc";
-
- postInstall = ''
- mkdir -p $doc/nix-support
- echo "doc manual $doc/share/doc/nix/manual" >> $doc/nix-support/hydra-build-products
- mkdir -p $out/nix-support
- echo "file binary-dist $out/bin/nix" >> $out/nix-support/hydra-build-products
- '';
-
- installCheckFlags = "sysconfdir=$(out)/etc";
-
- stripAllList = ["bin"];
-
- strictDeps = true;
-
- hardeningDisable = [ "pie" ];
- };
-
+ } // (lib.optionalAttrs (builtins.elem system linux64BitSystems) {
+ nix-static = nixpkgsFor.${system}.static.nix;
dockerImage =
let
- pkgs = nixpkgsFor.${system};
+ pkgs = nixpkgsFor.${system}.native;
image = import ./docker.nix { inherit pkgs; tag = version; };
in
pkgs.runCommand
@@ -640,73 +600,30 @@
ln -s ${image} $image
echo "file binary-dist $image" >> $out/nix-support/hydra-build-products
'';
- }
-
- // builtins.listToAttrs (map (crossSystem: {
- name = "nix-${crossSystem}";
- value = let
- nixpkgsCross = import nixpkgs {
- inherit system crossSystem;
- overlays = [ self.overlays.default ];
- };
- inherit (nixpkgsCross) lib;
- in with commonDeps { pkgs = nixpkgsCross; }; nixpkgsCross.stdenv.mkDerivation {
- name = "nix-${version}";
-
- src = self;
-
- VERSION_SUFFIX = versionSuffix;
-
- outputs = [ "out" "dev" "doc" ];
-
- nativeBuildInputs = nativeBuildDeps;
- buildInputs = buildDeps ++ propagatedDeps;
-
- configureFlags = [
- "CXXFLAGS=-I${lib.getDev nixpkgsCross.rapidcheck}/extras/gtest/include"
- "--sysconfdir=/etc"
- "--disable-doc-gen"
- ];
-
- enableParallelBuilding = true;
-
- makeFlags = "profiledir=$(out)/etc/profile.d";
-
- doCheck = true;
-
- installFlags = "sysconfdir=$(out)/etc";
-
- postInstall = ''
- mkdir -p $doc/nix-support
- echo "doc manual $doc/share/doc/nix/manual" >> $doc/nix-support/hydra-build-products
- mkdir -p $out/nix-support
- echo "file binary-dist $out/bin/nix" >> $out/nix-support/hydra-build-products
- '';
-
- doInstallCheck = true;
- installCheckFlags = "sysconfdir=$(out)/etc";
- };
- }) (if system == "x86_64-linux" then crossSystems else [])))
-
- // (builtins.listToAttrs (map (stdenvName:
- nixpkgsFor.${system}.lib.nameValuePair
- "nix-${stdenvName}"
- nixpkgsFor.${system}."${stdenvName}Packages".nix
- ) stdenvs)));
-
- devShells = forAllSystems (system:
- forAllStdenvs (stdenv:
- with nixpkgsFor.${system};
+ } // builtins.listToAttrs (map
+ (crossSystem: {
+ name = "nix-${crossSystem}";
+ value = nixpkgsFor.${system}.cross.${crossSystem}.nix;
+ })
+ crossSystems)
+ // builtins.listToAttrs (map
+ (stdenvName: {
+ name = "nix-${stdenvName}";
+ value = nixpkgsFor.${system}.stdenvs."${stdenvName}Packages".nix;
+ })
+ stdenvs)));
+
+ devShells = let
+ makeShell = pkgs: stdenv:
with commonDeps { inherit pkgs; };
- nixpkgsFor.${system}.${stdenv}.mkDerivation {
+ stdenv.mkDerivation {
name = "nix";
outputs = [ "out" "dev" "doc" ];
nativeBuildInputs = nativeBuildDeps
- ++ (lib.optionals
- nixpkgsFor.${system}.${stdenv}.cc.isClang
- [ bear clang-tools ]);
+ ++ (lib.optionals stdenv.cc.isClang [ pkgs.bear pkgs.clang-tools ]);
+
buildInputs = buildDeps ++ propagatedDeps ++ awsDeps;
inherit configureFlags;
@@ -724,10 +641,21 @@
# Make bash completion work.
XDG_DATA_DIRS+=:$out/share
'';
- }
- )
- // { default = self.devShells.${system}.stdenv; }
- );
-
+ };
+ in
+ forAllSystems (system:
+ let
+ makeShells = prefix: pkgs:
+ lib.mapAttrs'
+ (k: v: lib.nameValuePair "${prefix}-${k}" v)
+ (forAllStdenvs (stdenvName: makeShell pkgs pkgs.${stdenvName}));
+ in
+ (makeShells "native" nixpkgsFor.${system}.native) //
+ (makeShells "static" nixpkgsFor.${system}.static) //
+ (forAllCrossSystems (crossSystem: let pkgs = nixpkgsFor.${system}.cross.${crossSystem}; in makeShell pkgs pkgs.stdenv)) //
+ {
+ default = self.devShells.${system}.native-stdenvPackages;
+ }
+ );
};
}
diff --git a/tests/installer/default.nix b/tests/installer/default.nix
index 32aa7889a..31d83699d 100644
--- a/tests/installer/default.nix
+++ b/tests/installer/default.nix
@@ -120,7 +120,7 @@ let
makeTest = imageName: testName:
let image = images.${imageName}; in
- with nixpkgsFor.${image.system};
+ with nixpkgsFor.${image.system}.native;
runCommand
"installer-test-${imageName}-${testName}"
{ buildInputs = [ qemu_kvm openssh ];