aboutsummaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2016-04-22Fold "nix query-path-sigs" into "nix path-info"Eelco Dolstra
2016-04-22Add "nix copy" commandEelco Dolstra
This replaces nix-push. For example, $ nix copy --to file:///tmp/cache -r $(type -p firefox) copies the closure of firefox to the specified binary cache. And $ nix copy --from file:///tmp/cache --to s3://my-cache /nix/store/abcd... copies between two binary caches. It will also replace nix-copy-closure, once we have an SSHStore class, e.g. $ nix copy --from ssh://alice@machine /nix/store/abcd...
2016-04-22BinaryCacheStore: When adding a path, ensure the references are validEelco Dolstra
This prevents copying a partial closure to a binary cache.
2016-04-21Fix test failuresEelco Dolstra
2016-04-21Implement S3BinaryCacheStore::queryAllValidPaths()Eelco Dolstra
This allows commands like "nix verify --all" or "nix path-info --all" to work on S3 caches. Unfortunately, this requires some ugly hackery: when querying the contents of the bucket, we don't want to have to read every .narinfo file. But the S3 bucket keys only include the hash part of each store path, not the name part. So as a special exception queryAllValidPaths() can now return store paths *without* the name part, and queryPathInfo() accepts such store paths (returning a ValidPathInfo object containing the full name).
2016-04-21Move S3BinaryCacheStore from HydraEelco Dolstra
This allows running arbitrary Nix commands against an S3 binary cache. To do: make this a compile time option to prevent a dependency on aws-sdk-cpp.
2016-04-21nix path-info: AddEelco Dolstra
Forgot to commit this earlier...
2016-04-21nix --help: Show usage examplesEelco Dolstra
2016-04-21nix --help: Show short flagsEelco Dolstra
2016-04-20RemoteStore: Propagate InvalidPath exceptions from the daemonEelco Dolstra
2016-04-20BinaryCacheStore: Insert new paths into the disk cacheEelco Dolstra
2016-04-20Cache path info lookups in SQLiteEelco Dolstra
This re-implements the binary cache database in C++, allowing it to be used by other Store backends, in particular the S3 backend.
2016-04-19Move path info caching from BinaryCacheStore to StoreEelco Dolstra
Caching path info is generally useful. For instance, it speeds up "nix path-info -rS /run/current-system" (i.e. showing the closure sizes of all paths in the closure of the current system) from 5.6s to 0.15s. This also eliminates some APIs like Store::queryDeriver() and Store::queryReferences().
2016-04-16Print out all bad references/requisites at onceDan Peebles
Also updates tests to check for new information. Fixes #799
2016-04-15Make the .narinfo cache biggerEelco Dolstra
2016-04-15BinaryCacheStore: Do negative caching of .narinfo lookupsEelco Dolstra
2016-04-15BinaryCacheStore::readFile(): Return a shared_ptr to a stringEelco Dolstra
This allows readFile() to indicate that a file doesn't exist, and might eliminate some large string copying.
2016-04-15Unify "nix verify-paths" and "nix verify-store"Eelco Dolstra
"verify-store" is now simply an "--all" flag to "nix verify". This flag can be used for any other store path command as well (e.g. "nix path-info", "nix copy-sigs", ...).
2016-04-14Merge pull request #815 from vcunat/p/outputsToInstallEelco Dolstra
nix-env: respect meta.outputsToInstall
2016-04-14Make $NIX_PATH parsing more robustEelco Dolstra
2016-04-14Support channel:<channel-name> URIsEelco Dolstra
For convenience, you can now say $ nix-env -f channel:nixos-16.03 -iA hello instead of $ nix-env -f https://nixos.org/channels/nixos-16.03/nixexprs.tar.xz -iA hello Similarly, $ nix-shell -I channel:nixpkgs-unstable -p hello $ nix-build channel:nixos-15.09 -A hello Abstracting over the NixOS/Nixpkgs channels location also allows us to use a more efficient transport (e.g. Git) in the future.
2016-04-14Make the search path lazier with non-fatal errorsEelco Dolstra
Thus, -I / $NIX_PATH entries are now downloaded only when they are needed for evaluation. An error to download an entry is a non-fatal warning (just like non-existant paths). This does change the semantics of builtins.nixPath, which now returns the original, rather than resulting path. E.g., before we had [ { path = "/nix/store/hgm3yxf1lrrwa3z14zpqaj5p9vs0qklk-nixexprs.tar.xz"; prefix = "nixpkgs"; } ... ] but now [ { path = "https://nixos.org/channels/nixos-16.03/nixexprs.tar.xz"; prefix = "nixpkgs"; } ... ] Fixes #792.
2016-04-14Set RLIMIT_CORE to 0, infinity in buildersEelco Dolstra
This prevents the builder from being affected by whatever the host system limits happen to be.
2016-04-14Make primop registration pluggableEelco Dolstra
This way we don't have to put all primops in one giant file.
2016-04-14Fix std::atomic_flag build failureEelco Dolstra
http://hydra.nixos.org/build/34453794
2016-04-11Remove manifest supportEelco Dolstra
Manifests have been superseded by binary caches for years. This also gets rid of nix-pull, nix-generate-patches and bsdiff/bspatch.
2016-04-08Remove failed build cachingEelco Dolstra
This feature was implemented for Hydra, but Hydra no longer uses it.
2016-04-08Make LocalStore thread-safeEelco Dolstra
Necessary for multi-threaded commands like "nix verify-paths".
2016-04-07nix verify-paths: Add ‘--sigs-needed <N>’ flagEelco Dolstra
This specifies the number of distinct signatures required to consider each path "trusted". Also renamed ‘--no-sigs’ to ‘--no-trust’ for the flag that disables verifying whether a path is trusted (since a path can also be trusted if it has no signatures, but was built locally).
2016-04-07Use secret-key-files for verifyingEelco Dolstra
2016-04-07Sign locally-built pathsEelco Dolstra
Locally-built paths are now signed automatically using the secret keys specified by the ‘secret-key-files’ option.
2016-04-06Fix "tar: This does not look like a tar archive" with fetchTarball / -I http://Eelco Dolstra
The 304 Not Modified was not handled correctly, so the empty result from the conditional request would overwrite the previous tarball.
2016-04-05Add "nix sign-paths" commandEelco Dolstra
E.g. $ nix sign-paths -k ./secret -r $(type -p geeqie) signs geeqie and all its dependencies using the key in ./secret.
2016-04-05Add "nix copy-sigs" commandEelco Dolstra
This imports signatures from one store into another. E.g. $ nix copy-sigs -r /run/current-system -s https://cache.nixos.org/ imported 595 signatures
2016-04-05Probably fix SQLITE_BUSY errorsEelco Dolstra
2016-04-04throwSQLiteError(): Check for SIGINT so we don't loop foreverEelco Dolstra
2016-03-31Add missing -pthreadEelco Dolstra
https://hydra.nixos.org/build/33908385
2016-03-30LocalStore: Keep track of ultimately trusted pathsEelco Dolstra
These are content-addressed paths or outputs of locally performed builds. They are trusted even if they don't have signatures, so "nix verify-paths" won't complain about them.
2016-03-30Improve the SQLite wrapper APIEelco Dolstra
In particular, this eliminates a bunch of boilerplate code.
2016-03-30Factour out SQLite handlingEelco Dolstra
2016-03-30Turn retrying SQLite transactions into a higher-order functionEelco Dolstra
2016-03-30nix verify: Support checking against signatures in other storesEelco Dolstra
Typical usage is to check local paths using the signatures from a binary cache: $ nix verify-paths -r /run/current-system -s https://cache.nixos.org path ‘/nix/store/c1k4zqfb74wba5sn4yflb044gvap0x6k-nixos-system-mandark-16.03.git.fc2d7a5M’ is untrusted ... checked 844 paths, 119 untrusted
2016-03-30HttpBinaryCacheStore: Treat 403 errors as 404Eelco Dolstra
2016-03-30CurlDownloader: Fix HTTP error processingEelco Dolstra
2016-03-29Improve SIGINT handling in multi-threaded programsEelco Dolstra
The flag remembering whether an Interrupted exception was thrown is now thread-local. Thus, all threads will (eventually) throw Interrupted. Previously, one thread would throw Interrupted, and then the other threads wouldn't see that they were supposed to quit.
2016-03-29Add "nix verify-store" commandEelco Dolstra
Like "nix-store --verify --check-contents", but with the same advantages as "nix verify-paths".
2016-03-29Add "nix verify-paths" commandEelco Dolstra
Unlike "nix-store --verify-path", this command verifies signatures in addition to store path contents, is multi-threaded (especially useful when verifying binary caches), and has a progress indicator. Example use: $ nix verify-paths --store https://cache.nixos.org -r $(type -p thunderbird) ... [17/132 checked] checking ‘/nix/store/rawakphadqrqxr6zri2rmnxh03gqkrl3-autogen-5.18.6’
2016-03-29Re-enable sync_with_stdioEelco Dolstra
Otherwise writing to std::cerr is not thread-safe (in particular, lines will be randomly duplicated).
2016-03-24Move signature support from NarInfo to ValidPathInfoEelco Dolstra
2016-03-24TyposEelco Dolstra