aboutsummaryrefslogtreecommitdiff
path: root/release.nix
AgeCommit message (Collapse)Author
2018-02-07SimplifyEelco Dolstra
2018-02-07Merge branch 'fix-aarch64-test' of https://github.com/grahamc/nixEelco Dolstra
2018-01-18Don't define builtins.{currentSystem,currentTime} in pure modeEelco Dolstra
This makes it easier to provide a default, e.g. system = builtins.currentSystem or "x86_64-linux";
2018-01-16Add pure evaluation modeEelco Dolstra
In this mode, the following restrictions apply: * The builtins currentTime, currentSystem and storePath throw an error. * $NIX_PATH and -I are ignored. * fetchGit and fetchMercurial require a revision hash. * fetchurl and fetchTarball require a sha256 attribute. * No file system access is allowed outside of the paths returned by fetch{Git,Mercurial,url,Tarball}. Thus 'nix build -f ./foo.nix' is not allowed. Thus, the evaluation result is completely reproducible from the command line arguments. E.g. nix build --pure-eval '( let nix = fetchGit { url = https://github.com/NixOS/nixpkgs.git; rev = "9c927de4b179a6dd210dd88d34bda8af4b575680"; }; nixpkgs = fetchGit { url = https://github.com/NixOS/nixpkgs.git; ref = "release-17.09"; rev = "66b4de79e3841530e6d9c6baf98702aa1f7124e4"; }; in (import (nix + "/release.nix") { inherit nix nixpkgs; }).build.x86_64-linux )' The goal is to enable completely reproducible and traceable evaluation. For example, a NixOS configuration could be fully described by a single Git commit hash. 'nixos-rebuild' would do something like nix build --pure-eval '( (import (fetchGit { url = file:///my-nixos-config; rev = "..."; })).system ') where the Git repository /my-nixos-config would use further fetchGit calls or Git externals to fetch Nixpkgs and whatever other dependencies it has. Either way, the commit hash would uniquely identify the NixOS configuration and allow it to reproduced.
2018-01-10release: access fetchGit from builtins to fix eval w/1.11 (<1.12)Will Dietz
2018-01-04Fix Fedora 25 i386 RPM buildBenjamin Hipple
2018-01-02Fix RPM builds by increasing VM memory sizeBenjamin Hipple
The VM was running out of RAM while handling debug symbols, which caused the eu-strip to fail while separating debug symbols.
2017-12-25Remove debug lineEelco Dolstra
2017-12-22release.nix: Use fetchTarball and fetchGitEelco Dolstra
In particular, using fetchGit means we don't need hackery to clean the source tree when building from an unclean tree.
2017-12-12tests.setuid: only on i686 and x86_64 linuxsGraham Christensen
2017-12-04Simplify build by including nlohmann/json.hppEelco Dolstra
2017-11-14Add dependencies for coverage testEelco Dolstra
2017-11-14Update lcov filterEelco Dolstra
2017-11-14Remove ncurses-binEelco Dolstra
2017-11-03fetchGit: Add a testEelco Dolstra
2017-11-01Add fetchMercurial primopEelco Dolstra
E.g. $ nix eval '(fetchMercurial https://www.mercurial-scm.org/repo/hello)' { branch = "default"; outPath = "/nix/store/alvb9y1kfz42bjishqmyy3pphnrh1pfa-source"; rev = "82e55d328c8ca4ee16520036c0aaace03a5beb65"; revCount = 1; shortRev = "82e55d328c8c"; } $ nix eval '(fetchMercurial { url = https://www.mercurial-scm.org/repo/hello; rev = "0a04b987be5ae354b710cefeba0e2d9de7ad41a9"; })' { branch = "default"; outPath = "/nix/store/alvb9y1kfz42bjishqmyy3pphnrh1pfa-source"; rev = "0a04b987be5ae354b710cefeba0e2d9de7ad41a9"; revCount = 0; shortRev = "0a04b987be5a"; } $ nix eval '(fetchMercurial /tmp/unclean-hg-tree)' { branch = "default"; outPath = "/nix/store/cm750cdw1x8wfpm3jq7mz09r30l9r024-source"; rev = "0000000000000000000000000000000000000000"; revCount = 0; shortRev = "000000000000"; }
2017-10-06fixing bashisms in test codeJörg Thalheim
This fixed the build on ubuntu/debian, where dash is the sh.
2017-09-14Remove Debian 8 and Ubuntu 14.10Eelco Dolstra
These have a GCC (4.9) that is too old. https://hydra.nixos.org/eval/1391740
2017-08-21Allow builders to create activitiesEelco Dolstra
Actually, currently they can only create download activities. Thus, downloads by builtins.fetchurl show up in the progress bar.
2017-08-19Remove nix-mode.el from Nix.Matthew Bauer
This removes the file nix-mode.el from Nix. The file is now available within the repository https://github.com/NixOS/nix-mode. Fixes #662 Fixes #1040 Fixes #1054 Fixes #1055 Closes #1119 Fixes #1419 NOTE: all of the above should be fixed within NixOS/nix-mode. If one of those hasn’t please reopen within NixOS/nix-mode and not within NixOS/nix.
2017-07-14Switch to a fancy multi-user installer on DarwinGraham Christensen
2017-07-14Shellcheck the existing installerGraham Christensen
2017-07-14Tarball job: Include libseccomp on Linux onlyEelco Dolstra
2017-06-19Let hydra choose an alternate list of systemsShea Levy
2017-06-01Fix coverage jobEelco Dolstra
2017-06-01RPM, Deb: Add dependency on libseccompEelco Dolstra
2017-05-29Add test for setuid seccomp filterEelco Dolstra
2017-05-29Add a seccomp filter to prevent creating setuid/setgid binariesEelco Dolstra
This prevents builders from setting the S_ISUID or S_ISGID bits, preventing users from using a nixbld* user to create a setuid/setgid binary to interfere with subsequent builds under the same nixbld* uid. This is based on aszlig's seccomp code (47f587700d646f5b03a42f2fa57c28875a31efbe). Reported by Linus Heckemann.
2017-05-15Add --with-sandbox-shell configure flagEelco Dolstra
And add a 116 KiB ash shell from busybox to the release build. This helps to make sandbox builds work out of the box on non-NixOS systems and with diverted stores.
2017-05-10Replace readline by linenoiseEelco Dolstra
Using linenoise avoids a license compatibility issue (#1356), is a lot smaller and doesn't pull in ncurses.
2017-05-03Fix Ubuntu 16.10 buildEelco Dolstra
http://hydra.nixos.org/build/52420073
2017-05-03Fix perlBindings.x86_64-darwinEelco Dolstra
http://hydra.nixos.org/build/52401151
2017-04-28Check for libreadlineEelco Dolstra
2017-04-25Make "nix repl" buildEelco Dolstra
2017-04-14Build on aarch64-linuxEelco Dolstra
2017-04-11Drop WWW::Curl dependencyEelco Dolstra
Somehow this came back after d1da6967b8891763ce04d668027cf300c9bbf0b2.
2017-03-31Fix evaluation errorEelco Dolstra
2017-03-31Merge branch 'remove-perl' of https://github.com/shlevy/nixEelco Dolstra
2017-03-30Remove tabsShea Levy
2017-03-15Add support for brotli compressionEelco Dolstra
Build logs on cache.nixos.org are compressed using Brotli (since this allows them to be decompressed automatically by Chrome and Firefox), so it's handy if "nix log" can decompress them.
2017-03-05Add signing and s3 support on darwinShea Levy
2017-02-22DohEelco Dolstra
2017-02-22Fix 32-bit RPM/Deb buildsEelco Dolstra
http://hydra.nixos.org/build/49130529
2017-02-21Drop some Ubuntu releasesEelco Dolstra
2017-02-21Debian build: Use parallel make and add Ubuntu 16.10Eelco Dolstra
2017-02-21RPM build: Use parallel makeEelco Dolstra
2017-02-21Build RPMs for Fedora 25Eelco Dolstra
Disabled hardened build because it makes the linker fail with messages like relocation R_X86_64_PC32 against undefined symbol `BZ2_bzWriteOpen' can not be used when making a shared object; recompile with -fPIC See https://fedoraproject.org/wiki/Changes/Harden_All_Packages.
2017-02-07Add nix-perl package for the perl bindingsShea Levy
2017-02-07Remove perl dependency.Shea Levy
Fixes #341
2017-01-27release.nix: Drop nix-shell referencesEelco Dolstra