From dd6ee53bfe6e7a779c63bfc01180e13fe96b9b2e Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Mon, 8 Jul 2024 01:58:14 +0100 Subject: [PATCH] pkgs/gerrit: update to 3.10.0 This does a bit more than advertised, since this also switches to a different set of Bazel package building infrastructure that I'm hoping will be more extensible than buildBazelPackage as it exists in nixpkgs today. In any case, the FOD here _seems_ to be much more stable than that previously produced by the old approach, but no promises :) --- overlays/gerrit.nix | 8 +- .../bazelRulesJavaHook/default.nix | 8 + .../bazelRulesJavaHook/local_java/BUILD.bazel | 3 + .../bazelRulesJavaHook/local_java/WORKSPACE | 1 + .../bazelRulesJavaHook/setup-hook.sh | 17 ++ .../bazelRulesNodeJS5Hook/default.nix | 53 +++++ .../bazelRulesNodeJS5Hook/local_node/BUILD | 20 ++ .../local_node/WORKSPACE | 1 + .../bazelRulesNodeJS5Hook/local_node/bin/node | 3 + .../bazelRulesNodeJS5Hook/local_node/bin/npm | 3 + .../bazelRulesNodeJS5Hook/local_yarn/BUILD | 0 .../local_yarn/WORKSPACE | 1 + .../bazelRulesNodeJS5Hook/local_yarn/bin/yarn | 2 + .../bazelRulesNodeJS5Hook/setup-hook.sh | 63 ++++++ pkgs/buildBazelPackageNG/default.nix | 115 +++++++++++ pkgs/gerrit/0001-Syntax-highlight-nix.patch | 16 +- .../0002-Syntax-highlight-rules.pl.patch | 12 +- .../0003-Add-titles-to-CLs-over-HTTP.patch | 35 ++-- pkgs/gerrit/bazelrc | 11 ++ pkgs/gerrit/default.nix | 185 +++++++----------- pkgs/gerrit/gerrit-cl-431977-bump-sshd.patch | 40 ++++ pkgs/gerrit/workspace_overrides.bzl | 5 + pkgs/gerrit_plugins/builder.nix | 65 +++--- pkgs/gerrit_plugins/code-owners/default.nix | 10 +- pkgs/gerrit_plugins/oauth/default.nix | 11 +- 25 files changed, 500 insertions(+), 188 deletions(-) create mode 100644 pkgs/buildBazelPackageNG/bazelRulesJavaHook/default.nix create mode 100644 pkgs/buildBazelPackageNG/bazelRulesJavaHook/local_java/BUILD.bazel create mode 100644 pkgs/buildBazelPackageNG/bazelRulesJavaHook/local_java/WORKSPACE create mode 100644 pkgs/buildBazelPackageNG/bazelRulesJavaHook/setup-hook.sh create mode 100644 pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/default.nix create mode 100644 pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_node/BUILD create mode 100644 pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_node/WORKSPACE create mode 100644 pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_node/bin/node create mode 100644 pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_node/bin/npm create mode 100644 pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_yarn/BUILD create mode 100644 pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_yarn/WORKSPACE create mode 100644 pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_yarn/bin/yarn create mode 100644 pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/setup-hook.sh create mode 100644 pkgs/buildBazelPackageNG/default.nix create mode 100644 pkgs/gerrit/bazelrc create mode 100644 pkgs/gerrit/gerrit-cl-431977-bump-sshd.patch create mode 100644 pkgs/gerrit/workspace_overrides.bzl diff --git a/overlays/gerrit.nix b/overlays/gerrit.nix index f5d6176..f38e445 100644 --- a/overlays/gerrit.nix +++ b/overlays/gerrit.nix @@ -1,9 +1,7 @@ self: super: { - buildGerrit = self.callPackage ../pkgs/gerrit { }; - gerrit = self.buildGerrit { }; - buildGerritBazelPlugin = self.callPackage ../pkgs/gerrit_plugins/builder.nix { - inherit (self) buildGerrit; - }; + buildBazelPackageNG = self.callPackage ../pkgs/buildBazelPackageNG { }; + gerrit = self.callPackage ../pkgs/gerrit { }; + buildGerritBazelPlugin = self.callPackage ../pkgs/gerrit_plugins/builder.nix { }; gerritPlugins = { code-owners = self.callPackage ../pkgs/gerrit_plugins/code-owners { }; oauth = self.callPackage ../pkgs/gerrit_plugins/oauth { }; diff --git a/pkgs/buildBazelPackageNG/bazelRulesJavaHook/default.nix b/pkgs/buildBazelPackageNG/bazelRulesJavaHook/default.nix new file mode 100644 index 0000000..eb8332e --- /dev/null +++ b/pkgs/buildBazelPackageNG/bazelRulesJavaHook/default.nix @@ -0,0 +1,8 @@ +{ makeSetupHook }: + +makeSetupHook { + name = "rules_java_bazel_hook"; + substitutions = { + local_java = ./local_java; + }; +} ./setup-hook.sh diff --git a/pkgs/buildBazelPackageNG/bazelRulesJavaHook/local_java/BUILD.bazel b/pkgs/buildBazelPackageNG/bazelRulesJavaHook/local_java/BUILD.bazel new file mode 100644 index 0000000..8bea495 --- /dev/null +++ b/pkgs/buildBazelPackageNG/bazelRulesJavaHook/local_java/BUILD.bazel @@ -0,0 +1,3 @@ +alias(name = "jdk", actual = "@local_jdk//:jdk") +alias(name = "toolchain", actual = "@local_jdk//:toolchain") +alias(name = "bootstrap_runtime_toolchain", actual = "@local_jdk//:bootstrap_runtime_toolchain") diff --git a/pkgs/buildBazelPackageNG/bazelRulesJavaHook/local_java/WORKSPACE b/pkgs/buildBazelPackageNG/bazelRulesJavaHook/local_java/WORKSPACE new file mode 100644 index 0000000..5b31078 --- /dev/null +++ b/pkgs/buildBazelPackageNG/bazelRulesJavaHook/local_java/WORKSPACE @@ -0,0 +1 @@ +workspace(name = "local_java") diff --git a/pkgs/buildBazelPackageNG/bazelRulesJavaHook/setup-hook.sh b/pkgs/buildBazelPackageNG/bazelRulesJavaHook/setup-hook.sh new file mode 100644 index 0000000..f7f7e3a --- /dev/null +++ b/pkgs/buildBazelPackageNG/bazelRulesJavaHook/setup-hook.sh @@ -0,0 +1,17 @@ +prePatchHooks+=(_setupLocalJavaRepo) + +javaVersions=(11 17 21) +javaPlatforms=( + "linux" "linux_aarch64" "linux_ppc64le" "linux_s390x" + "macos" "macos_aarch64" + "win" "win_arm64") + +_setupLocalJavaRepo() { + for javaVersion in ${javaVersions[@]}; do + for javaPlatform in ${javaPlatforms[@]}; do + bazelFlagsArray+=( + "--override_repository=remotejdk${javaVersion}_${javaPlatform}=@local_java@" + ) + done + done +} diff --git a/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/default.nix b/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/default.nix new file mode 100644 index 0000000..c99cc39 --- /dev/null +++ b/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/default.nix @@ -0,0 +1,53 @@ +{ stdenvNoCC +, lib +, makeSetupHook +, fetchFromGitHub +, coreutils +, gnugrep +, nodejs +, yarn +, git +, cacert +}: +let + rulesNodeJS = stdenvNoCC.mkDerivation rec { + pname = "bazelbuild-rules_nodejs"; + version = "5.8.5"; + + src = fetchFromGitHub { + owner = "bazelbuild"; + repo = "rules_nodejs"; + rev = version; + hash = "sha256-6UbYRrOnS93+pK4VI016gQZv2jLCzkJn6wJ4vZNCNjY="; + }; + + dontBuild = true; + + postPatch = '' + shopt -s globstar + for i in **/*.bzl **/*.sh **/*.cjs; do + substituteInPlace "$i" \ + --replace-quiet '#!/usr/bin/env bash' '#!${stdenvNoCC.shell}' \ + --replace-quiet '#!/bin/bash' '#!${stdenvNoCC.shell}' + done + sed -i '/^#!/a export PATH=${lib.makeBinPath [ coreutils gnugrep ]}:$PATH' internal/node/launcher.sh + ''; + + installPhase = '' + cp -R . $out + ''; + }; +in makeSetupHook { + name = "bazelbuild-rules_nodejs-5-hook"; + propagatedBuildInputs = [ + nodejs + yarn + git + cacert + ]; + substitutions = { + inherit nodejs yarn cacert rulesNodeJS; + local_node = ./local_node; + local_yarn = ./local_yarn; + }; +} ./setup-hook.sh diff --git a/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_node/BUILD b/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_node/BUILD new file mode 100644 index 0000000..d764d23 --- /dev/null +++ b/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_node/BUILD @@ -0,0 +1,20 @@ +load("@build_bazel_rules_nodejs//nodejs:toolchain.bzl", _node_toolchain = "node_toolchain") + +package(default_visibility = ["//visibility:public"]) + +exports_files([ + "bin/node", + "bin/npm", +]) + +_node_toolchain( + name = "node_toolchain", + target_tool_path = "__NODEJS__/bin/node", + npm_path = "__NODEJS__/bin/npm", +) + +toolchain( + name = "nodejs", + toolchain = ":node_toolchain", + toolchain_type = "@build_bazel_rules_nodejs//nodejs:toolchain_type", +) diff --git a/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_node/WORKSPACE b/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_node/WORKSPACE new file mode 100644 index 0000000..5bc1698 --- /dev/null +++ b/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_node/WORKSPACE @@ -0,0 +1 @@ +workspace(name = "nodejs") diff --git a/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_node/bin/node b/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_node/bin/node new file mode 100644 index 0000000..ef1f010 --- /dev/null +++ b/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_node/bin/node @@ -0,0 +1,3 @@ +#!/bin/sh + +exec "__NODEJS__/bin/node" "$@" diff --git a/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_node/bin/npm b/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_node/bin/npm new file mode 100644 index 0000000..63a985d --- /dev/null +++ b/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_node/bin/npm @@ -0,0 +1,3 @@ +#!/bin/sh + +exec "__NODEJS__/bin/npm" "$@" diff --git a/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_yarn/BUILD b/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_yarn/BUILD new file mode 100644 index 0000000..e69de29 diff --git a/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_yarn/WORKSPACE b/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_yarn/WORKSPACE new file mode 100644 index 0000000..2a1b7d4 --- /dev/null +++ b/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_yarn/WORKSPACE @@ -0,0 +1 @@ +workspace(name = "yarn") diff --git a/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_yarn/bin/yarn b/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_yarn/bin/yarn new file mode 100644 index 0000000..2009572 --- /dev/null +++ b/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/local_yarn/bin/yarn @@ -0,0 +1,2 @@ +#!/bin/sh +exec "__YARN__/bin/yarn" "$@" diff --git a/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/setup-hook.sh b/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/setup-hook.sh new file mode 100644 index 0000000..5e3cf1e --- /dev/null +++ b/pkgs/buildBazelPackageNG/bazelRulesNodeJS5Hook/setup-hook.sh @@ -0,0 +1,63 @@ +prePatchHooks+=(_setupLocalNodeRepos) +preBuildHooks+=(_setupYarnCache) + +case "$bazelPhase" in + cache) + postInstallHooks+=(_copyYarnCache) + ;; + build) + preBuildHooks+=(_linkYarnCache) + ;; + *) + echo "Unexpected bazelPhase '$bazelPhase' (want cache or build)" >&2 + exit 1 + ;; +esac + + +_setupLocalNodeRepos() { + cp -R @local_node@ $HOME/local_node + chmod -R +w $HOME/local_node + substituteInPlace $HOME/local_node/bin/node \ + --replace-fail '__NODEJS__' '@nodejs@' + substituteInPlace $HOME/local_node/bin/npm \ + --replace-fail '__NODEJS__' '@nodejs@' + substituteInPlace $HOME/local_node/BUILD \ + --replace-fail '__NODEJS__' '@nodejs@' + chmod -R +x $HOME/local_node/bin/* + + cp -R @local_yarn@ $HOME/local_yarn + chmod -R +w $HOME/local_yarn + substituteInPlace $HOME/local_yarn/bin/yarn \ + --replace-fail '__YARN__' '@yarn@' + chmod -R +x $HOME/local_yarn/bin/* + + bazelFlagsArray+=( + "--override_repository=build_bazel_rules_nodejs=@rulesNodeJS@" + + "--override_repository=nodejs_linux_amd64=$HOME/local_node" + "--override_repository=nodejs_linux_arm64=$HOME/local_node" + "--override_repository=nodejs_linux_s390x=$HOME/local_node" + "--override_repository=nodejs_linux_ppc64le=$HOME/local_node" + "--override_repository=nodejs_darwin_amd64=$HOME/local_node" + "--override_repository=nodejs_darwin_arm64=$HOME/local_node" + "--override_repository=nodejs_windows_amd64=$HOME/local_node" + "--override_repository=nodejs_windows_arm64=$HOME/local_node" + "--override_repository=nodejs=$HOME/local_node" + + "--override_repository=yarn=$HOME/local_yarn" + ) +} + +_setupYarnCache() { + @yarn@/bin/yarn config set cafile "@cacert@/etc/ssl/certs/ca-bundle.crt" + @yarn@/bin/yarn config set yarn-offline-mirror "$HOME/yarn-offline-mirror" +} + +_copyYarnCache() { + cp -R "$HOME/yarn-offline-mirror" "$out/yarn-offline-mirror" +} + +_linkYarnCache() { + ln -sf "$cache/yarn-offline-mirror" "$HOME/yarn-offline-mirror" +} diff --git a/pkgs/buildBazelPackageNG/default.nix b/pkgs/buildBazelPackageNG/default.nix new file mode 100644 index 0000000..b131b95 --- /dev/null +++ b/pkgs/buildBazelPackageNG/default.nix @@ -0,0 +1,115 @@ +{ stdenv +, lib +, pkgs +, coreutils +}: + +let + hooks = { + bazelRulesJavaHook = pkgs.callPackage ./bazelRulesJavaHook { }; + bazelRulesNodeJS5Hook = pkgs.callPackage ./bazelRulesNodeJS5Hook { }; + }; + + builder = { + name ? "${baseAttrs.pname}-${baseAttrs.version}" + , bazelTargets + , bazel ? pkgs.bazel + , depsHash + , extraCacheInstall ? "" + , extraBuildSetup ? "" + , extraBuildInstall ? "" + , ... + }@baseAttrs: + + let + cleanAttrs = lib.flip removeAttrs [ + "bazelTargets" "depsHash" "extraCacheInstall" "extraBuildSetup" "extraBuildInstall" + ]; + attrs = cleanAttrs baseAttrs; + + base = stdenv.mkDerivation (attrs // { + nativeBuildInputs = (attrs.nativeBuildInputs or []) ++ [ + bazel + ]; + + preUnpack = '' + if [[ ! -d $HOME ]]; then + export HOME=$NIX_BUILD_TOP/home + mkdir -p $HOME + fi + ''; + + bazelTargetNames = builtins.attrNames bazelTargets; + }); + + cache = base.overrideAttrs (base: { + name = "${name}-deps"; + + bazelPhase = "cache"; + + buildPhase = '' + runHook preBuild + + bazel sync --repository_cache=repository-cache $bazelFlags "''${bazelFlagsArray[@]}" + bazel build --repository_cache=repository-cache --nobuild $bazelFlags "''${bazelFlagsArray[@]}" $bazelTargetNames + + runHook postBuild + ''; + + installPhase = '' + runHook preInstall + + mkdir $out + echo "${bazel.version}" > $out/bazel_version + cp -R repository-cache $out/repository-cache + ${extraCacheInstall} + + runHook postInstall + ''; + + outputHashMode = "recursive"; + outputHash = depsHash; + }); + + build = base.overrideAttrs (base: { + bazelPhase = "build"; + + inherit cache; + + nativeBuildInputs = (base.nativeBuildInputs or []) ++ [ + coreutils + ]; + + buildPhase = '' + runHook preBuild + + ${extraBuildSetup} + bazel build --repository_cache=$cache/repository-cache $bazelFlags "''${bazelFlagsArray[@]}" $bazelTargetNames + + runHook postBuild + ''; + + installPhase = '' + runHook preInstall + + ${builtins.concatStringsSep "\n" (lib.mapAttrsToList (target: outPath: lib.optionalString (outPath != null) '' + TARGET_OUTPUTS="$(bazel cquery --repository_cache=$cache/repository-cache $bazelFlags "''${bazelFlagsArray[@]}" --output=files "${target}")" + if [[ "$(echo "$TARGET_OUTPUTS" | wc -l)" -gt 1 ]]; then + echo "Installing ${target}'s outputs ($TARGET_OUTPUTS) into ${outPath} as a directory" + mkdir -p "${outPath}" + cp $TARGET_OUTPUTS "${outPath}" + else + echo "Installing ${target}'s output ($TARGET_OUTPUTS) to ${outPath}" + mkdir -p "${dirOf outPath}" + cp "$TARGET_OUTPUTS" "${outPath}" + fi + '') bazelTargets)} + ${extraBuildInstall} + + runHook postInstall + ''; + }); + in build; +in hooks // { + __functor = self: lib.makeOverridable builder; +} diff --git a/pkgs/gerrit/0001-Syntax-highlight-nix.patch b/pkgs/gerrit/0001-Syntax-highlight-nix.patch index bdc3fd3..d17dc27 100644 --- a/pkgs/gerrit/0001-Syntax-highlight-nix.patch +++ b/pkgs/gerrit/0001-Syntax-highlight-nix.patch @@ -1,4 +1,4 @@ -From 084e4f92fb58f7cd85303ba602fb3c40133c8fcc Mon Sep 17 00:00:00 2001 +From 216843cff4a8e41ad9887118751a412c1a22ce72 Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Thu, 2 Jul 2020 23:02:32 +0100 Subject: [PATCH 1/3] Syntax highlight nix @@ -9,23 +9,23 @@ Subject: [PATCH 1/3] Syntax highlight nix 2 files changed, 2 insertions(+) diff --git a/polygerrit-ui/app/embed/diff/gr-syntax-layer/gr-syntax-layer-worker.ts b/polygerrit-ui/app/embed/diff/gr-syntax-layer/gr-syntax-layer-worker.ts -index a9f88bdd81..385249f280 100644 +index 50742903de..d1e89920cc 100644 --- a/polygerrit-ui/app/embed/diff/gr-syntax-layer/gr-syntax-layer-worker.ts +++ b/polygerrit-ui/app/embed/diff/gr-syntax-layer/gr-syntax-layer-worker.ts -@@ -93,6 +93,7 @@ const LANGUAGE_MAP = new Map([ +@@ -98,6 +98,7 @@ const LANGUAGE_MAP = new Map([ ['text/x-vhdl', 'vhdl'], ['text/x-yaml', 'yaml'], ['text/vbscript', 'vbscript'], + ['text/x-nix', 'nix'], ]); - const CLASS_PREFIX = 'gr-diff gr-syntax gr-syntax-'; + const CLASS_PREFIX = 'gr-syntax gr-syntax-'; diff --git a/resources/com/google/gerrit/server/mime/mime-types.properties b/resources/com/google/gerrit/server/mime/mime-types.properties -index 2f9561ba2e..739818ec05 100644 +index 642ef474a5..97f1ff835b 100644 --- a/resources/com/google/gerrit/server/mime/mime-types.properties +++ b/resources/com/google/gerrit/server/mime/mime-types.properties -@@ -149,6 +149,7 @@ mscin = text/x-mscgen - msgenny = text/x-msgenny +@@ -154,6 +154,7 @@ msgenny = text/x-msgenny + mts = application/typescript nb = text/x-mathematica nginx.conf = text/x-nginx-conf +nix = text/x-nix @@ -33,5 +33,5 @@ index 2f9561ba2e..739818ec05 100644 nsi = text/x-nsis nt = text/n-triples -- -2.37.3 +2.45.1 diff --git a/pkgs/gerrit/0002-Syntax-highlight-rules.pl.patch b/pkgs/gerrit/0002-Syntax-highlight-rules.pl.patch index 4b91e2c..d0da61d 100644 --- a/pkgs/gerrit/0002-Syntax-highlight-rules.pl.patch +++ b/pkgs/gerrit/0002-Syntax-highlight-rules.pl.patch @@ -1,4 +1,4 @@ -From aedf8ac8fa5113843bcd83ff85e2d9f3bffdb16c Mon Sep 17 00:00:00 2001 +From 63f1ff6ea749ae2af29a53463bca81bc3f4bf25b Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Thu, 2 Jul 2020 23:02:43 +0100 Subject: [PATCH 2/3] Syntax highlight rules.pl @@ -9,10 +9,10 @@ Subject: [PATCH 2/3] Syntax highlight rules.pl 2 files changed, 2 insertions(+) diff --git a/polygerrit-ui/app/embed/diff/gr-syntax-layer/gr-syntax-layer-worker.ts b/polygerrit-ui/app/embed/diff/gr-syntax-layer/gr-syntax-layer-worker.ts -index 385249f280..7cb3068494 100644 +index d1e89920cc..5d62af1c64 100644 --- a/polygerrit-ui/app/embed/diff/gr-syntax-layer/gr-syntax-layer-worker.ts +++ b/polygerrit-ui/app/embed/diff/gr-syntax-layer/gr-syntax-layer-worker.ts -@@ -68,6 +68,7 @@ const LANGUAGE_MAP = new Map([ +@@ -72,6 +72,7 @@ const LANGUAGE_MAP = new Map([ ['text/x-perl', 'perl'], ['text/x-pgsql', 'pgsql'], // postgresql ['text/x-php', 'php'], @@ -21,10 +21,10 @@ index 385249f280..7cb3068494 100644 ['text/x-protobuf', 'protobuf'], ['text/x-puppet', 'puppet'], diff --git a/resources/com/google/gerrit/server/mime/mime-types.properties b/resources/com/google/gerrit/server/mime/mime-types.properties -index 739818ec05..58eb727bf9 100644 +index 97f1ff835b..85d630340f 100644 --- a/resources/com/google/gerrit/server/mime/mime-types.properties +++ b/resources/com/google/gerrit/server/mime/mime-types.properties -@@ -200,6 +200,7 @@ rq = application/sparql-query +@@ -208,6 +208,7 @@ rq = application/sparql-query rs = text/x-rustsrc rss = application/xml rst = text/x-rst @@ -33,5 +33,5 @@ index 739818ec05..58eb727bf9 100644 s = text/x-gas sas = text/x-sas -- -2.37.3 +2.45.1 diff --git a/pkgs/gerrit/0003-Add-titles-to-CLs-over-HTTP.patch b/pkgs/gerrit/0003-Add-titles-to-CLs-over-HTTP.patch index c4edee3..a5881e5 100644 --- a/pkgs/gerrit/0003-Add-titles-to-CLs-over-HTTP.patch +++ b/pkgs/gerrit/0003-Add-titles-to-CLs-over-HTTP.patch @@ -1,19 +1,19 @@ -From f49c50ca9a84ca374b7bd91c171bbea0457f2c7a Mon Sep 17 00:00:00 2001 +From ca2df6d7f53441d443d42908e30bf60fbfc15392 Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Thu, 2 Jul 2020 23:03:02 +0100 Subject: [PATCH 3/3] Add titles to CLs over HTTP --- - .../gerrit/httpd/raw/IndexHtmlUtil.java | 13 +++- + .../gerrit/httpd/raw/IndexHtmlUtil.java | 12 +++- .../google/gerrit/httpd/raw/IndexServlet.java | 8 ++- .../google/gerrit/httpd/raw/StaticModule.java | 5 +- .../gerrit/httpd/raw/TitleComputer.java | 67 +++++++++++++++++++ .../gerrit/httpd/raw/PolyGerritIndexHtml.soy | 4 +- - 5 files changed, 89 insertions(+), 8 deletions(-) + 5 files changed, 88 insertions(+), 8 deletions(-) create mode 100644 java/com/google/gerrit/httpd/raw/TitleComputer.java diff --git a/java/com/google/gerrit/httpd/raw/IndexHtmlUtil.java b/java/com/google/gerrit/httpd/raw/IndexHtmlUtil.java -index 72bfe40c3b..439bd73b44 100644 +index a92dd18f04..f87c46d321 100644 --- a/java/com/google/gerrit/httpd/raw/IndexHtmlUtil.java +++ b/java/com/google/gerrit/httpd/raw/IndexHtmlUtil.java @@ -41,6 +41,7 @@ import java.util.Collections; @@ -24,7 +24,7 @@ index 72bfe40c3b..439bd73b44 100644 import java.util.Set; import java.util.function.Function; -@@ -62,13 +63,14 @@ public class IndexHtmlUtil { +@@ -63,13 +64,14 @@ public class IndexHtmlUtil { String faviconPath, Map urlParameterMap, Function urlInScriptTagOrdainer, @@ -36,22 +36,21 @@ index 72bfe40c3b..439bd73b44 100644 data.putAll( staticTemplateData( canonicalURL, cdnPath, faviconPath, urlParameterMap, urlInScriptTagOrdainer)) -- .putAll(dynamicTemplateData(gerritApi, requestedURL)); -+ .putAll(dynamicTemplateData(gerritApi, requestedURL, titleComputer)); +- .putAll(dynamicTemplateData(gerritApi, requestedURL, canonicalURL)); ++ .putAll(dynamicTemplateData(gerritApi, requestedURL, canonicalURL, titleComputer)); Set enabledExperiments = new HashSet<>(); enabledExperiments.addAll(experimentFeatures.getEnabledExperimentFeatures()); // Add all experiments enabled through url -@@ -81,7 +83,8 @@ public class IndexHtmlUtil { +@@ -82,7 +84,7 @@ public class IndexHtmlUtil { /** Returns dynamic parameters of {@code index.html}. */ public static ImmutableMap dynamicTemplateData( -- GerritApi gerritApi, String requestedURL) throws RestApiException, URISyntaxException { -+ GerritApi gerritApi, String requestedURL, TitleComputer titleComputer) -+ throws RestApiException, URISyntaxException { +- GerritApi gerritApi, String requestedURL, String canonicalURL) ++ GerritApi gerritApi, String requestedURL, String canonicalURL, TitleComputer titleComputer) + throws RestApiException, URISyntaxException { ImmutableMap.Builder data = ImmutableMap.builder(); Map initialData = new HashMap<>(); - Server serverApi = gerritApi.config().server(); -@@ -129,6 +132,10 @@ public class IndexHtmlUtil { +@@ -141,6 +143,10 @@ public class IndexHtmlUtil { } data.put("gerritInitialData", initialData); @@ -102,17 +101,17 @@ index fcb821e5ae..e1464b992b 100644 } catch (URISyntaxException | RestApiException e) { throw new IOException(e); diff --git a/java/com/google/gerrit/httpd/raw/StaticModule.java b/java/com/google/gerrit/httpd/raw/StaticModule.java -index 15dcf42e0e..9f56bf33ce 100644 +index b00294f73e..f1c1aae12c 100644 --- a/java/com/google/gerrit/httpd/raw/StaticModule.java +++ b/java/com/google/gerrit/httpd/raw/StaticModule.java -@@ -241,10 +241,11 @@ public class StaticModule extends ServletModule { +@@ -224,10 +224,11 @@ public class StaticModule extends ServletModule { @CanonicalWebUrl @Nullable String canonicalUrl, @GerritServerConfig Config cfg, GerritApi gerritApi, - ExperimentFeatures experimentFeatures) { + ExperimentFeatures experimentFeatures, + TitleComputer titleComputer) { - String cdnPath = options.devCdn().orElse(cfg.getString("gerrit", null, "cdnPath")); + String cdnPath = options.devCdn().orElseGet(() -> cfg.getString("gerrit", null, "cdnPath")); String faviconPath = cfg.getString("gerrit", null, "faviconPath"); - return new IndexServlet(canonicalUrl, cdnPath, faviconPath, gerritApi, experimentFeatures); + return new IndexServlet(canonicalUrl, cdnPath, faviconPath, gerritApi, experimentFeatures, titleComputer); @@ -193,7 +192,7 @@ index 0000000000..8fd2053ad0 + } +} diff --git a/resources/com/google/gerrit/httpd/raw/PolyGerritIndexHtml.soy b/resources/com/google/gerrit/httpd/raw/PolyGerritIndexHtml.soy -index dbfef44dfe..347ee75aab 100644 +index 5ff1822cd9..81c3cdf0e1 100644 --- a/resources/com/google/gerrit/httpd/raw/PolyGerritIndexHtml.soy +++ b/resources/com/google/gerrit/httpd/raw/PolyGerritIndexHtml.soy @@ -33,10 +33,12 @@ @@ -211,5 +210,5 @@ index dbfef44dfe..347ee75aab 100644 {\n} -- -2.37.3 +2.45.1 diff --git a/pkgs/gerrit/bazelrc b/pkgs/gerrit/bazelrc new file mode 100644 index 0000000..f77da77 --- /dev/null +++ b/pkgs/gerrit/bazelrc @@ -0,0 +1,11 @@ +# Not using common --repository_cache because Gerrit's bazelrc overrides this... +build --repository_cache=repository-cache +build --action_env=SSL_CERT_FILE +build --action_env=GERRIT_CACHE_HOME +build --tool_java_runtime_version=local_jdk --java_runtime_version=local_jdk +build --workspace_status_command="cat .version" + +# Disable errorprone +build --javacopt="-XepDisableAllChecks" + +sync --repository_cache=repository-cache diff --git a/pkgs/gerrit/default.nix b/pkgs/gerrit/default.nix index 3fc9862..3d21fa8 100644 --- a/pkgs/gerrit/default.nix +++ b/pkgs/gerrit/default.nix @@ -1,135 +1,96 @@ -{ buildFHSUserEnv, writeShellScriptBin, buildBazelPackage, fetchgit, unzip }: -{ name ? "gerrit-${version}", version ? "3.9.1", src ? (fetchgit { - url = "https://gerrit.googlesource.com/gerrit"; - rev = "620a819cbf3c64fff7a66798822775ad42c91d8e"; - branchName = "v${version}"; - sha256 = "sha256:1mdxbgnx3mpxand4wq96ic38bb4yh45q271h40jrk7dk23sgmz02"; - fetchSubmodules = true; - }), bazelTargets ? [ "release" "api-skip-javadoc" ] +{ buildBazelPackageNG +, lib +, fetchgit +, bazel_7 +, python3 +, openjdk21_headless +, curl +, unzip +, extraBazelPackageAttrs ? {} }: + let - bazelRunScript = writeShellScriptBin "bazel-run" '' - yarn config set cache-folder "$bazelOut/external/yarn_cache" - export HOME="$bazelOut/external/home" - mkdir -p "$bazelOut/external/home" - exec /bin/bazel "$@" - ''; - bazelTop = buildFHSUserEnv { - name = "bazel"; - targetPkgs = pkgs: [ - (pkgs.bazel_5.override { enableNixHacks = true; }) - pkgs.jdk17_headless - pkgs.zlib - pkgs.python3 - pkgs.curl - pkgs.nodejs - pkgs.yarn - pkgs.git - bazelRunScript - ]; - runScript = "/bin/bazel-run"; - }; - bazel = bazelTop // { override = x: bazelTop; }; + inherit (buildBazelPackageNG) bazelRulesJavaHook bazelRulesNodeJS5Hook; in -buildBazelPackage { - inherit name version src; +(buildBazelPackageNG rec { + pname = "gerrit"; + version = "3.10.0"; + + bazel = bazel_7; + + src = (fetchgit { + url = "https://gerrit.googlesource.com/gerrit"; + rev = "v${version}"; + fetchSubmodules = true; + deepClone = true; + hash = "sha256-FpKuzityHuHNYBIOL8YUjCLlkuVBfxjvHECb26NsZNE="; + }).overrideAttrs (_: { + env.NIX_PREFETCH_GIT_CHECKOUT_HOOK = '' + pushd "$dir" >/dev/null + ${python3}/bin/python tools/workspace_status_release.py | sort > .version + popd >/dev/null + + # delete all the .git; we can't do this using fetchgit if deepClone is on, + # but our mischief has already been achieved by the python command above :) + find "$dir" -name .git -print0 | xargs -0 rm -rf + ''; + }); + depsHash = "sha256-Z6pvnL8bv09K4wKaatUCsnXAtSno+BJO6rTKhDsHYv4="; patches = [ ./0001-Syntax-highlight-nix.patch ./0002-Syntax-highlight-rules.pl.patch ./0003-Add-titles-to-CLs-over-HTTP.patch + + ./gerrit-cl-431977-bump-sshd.patch ]; - inherit bazel bazelTargets; + nativeBuildInputs = [ + bazelRulesJavaHook + bazelRulesNodeJS5Hook - bazelFlags = [ - "--repository_cache=" - "--disk_cache=" + curl + openjdk21_headless + python3 + unzip ]; - removeRulesCC = false; - fetchConfigured = true; + prePatch = '' + rm .bazelversion - fetchAttrs = { - sha256 = "sha256-rsYQR6/RO5NM3/fnB3lEmbz876B59QWxWpE3M/Z4rK4="; - preBuild = '' - rm .bazelversion - ''; + ln -sf ${./bazelrc} user.bazelrc - installPhase = '' - runHook preInstall + ln -sf ${./workspace_overrides.bzl} workspace_overrides.bzl + substituteInPlace WORKSPACE \ + --replace-fail 'load("@io_bazel_rules_webtesting//web:repositories.bzl"' 'load("//:workspace_overrides.bzl"' \ + --replace-fail 'load("@io_bazel_rules_webtesting//web/versioned:browsers-0.3.3.bzl"' 'load("//:workspace_overrides.bzl"' - # Remove all built in external workspaces, Bazel will recreate them when building - rm -rf $bazelOut/external/{bazel_tools,\@bazel_tools.marker} - rm -rf $bazelOut/external/{embedded_jdk,\@embedded_jdk.marker} - rm -rf $bazelOut/external/{local_config_cc,\@local_config_cc.marker} - rm -rf $bazelOut/external/{local_*,\@local_*.marker} + patchShebangs Documentation/replace_macros.py + ''; - # Clear markers - find $bazelOut/external -name '@*\.marker' -exec sh -c 'echo > {}' \; + postPatch = '' + sed -Ei 's,^(STABLE_BUILD_GERRIT_LABEL.*)$,\1-dirty-nix,' .version + ''; - # Remove all vcs files - rm -rf $(find $bazelOut/external -type d -name .git) - rm -rf $(find $bazelOut/external -type d -name .svn) - rm -rf $(find $bazelOut/external -type d -name .hg) + preBuild = '' + export GERRIT_CACHE_HOME=$HOME/gerrit-cache + ''; - # Removing top-level symlinks along with their markers. - # This is needed because they sometimes point to temporary paths (?). - # For example, in Tensorflow-gpu build: - #sha256:06bmzbcb9717s4b016kcbn8nr9pgaz04i8bnzg7ybkbdwpl8vxvv"; platforms -> NIX_BUILD_TOP/tmp/install/35282f5123611afa742331368e9ae529/_embedded_binaries/platforms - find $bazelOut/external -maxdepth 1 -type l | while read symlink; do - name="$(basename "$symlink")" - rm -rf "$symlink" "$bazelOut/external/@$name.marker" - done + extraCacheInstall = '' + cp -R $GERRIT_CACHE_HOME $out/gerrit-cache + ''; - # Patching symlinks to remove build directory reference - find $bazelOut/external -type l | while read symlink; do - new_target="$(readlink "$symlink" | sed "s,$NIX_BUILD_TOP,NIX_BUILD_TOP,")" - rm "$symlink" - ln -sf "$new_target" "$symlink" - done + extraBuildSetup = '' + ln -sf $cache/gerrit-cache $GERRIT_CACHE_HOME + ''; + extraBuildInstall = '' + mkdir -p "$out"/share/api/ + unzip bazel-bin/api-skip-javadoc.zip -d "$out"/share/api + ''; - echo '${bazel.name}' > $bazelOut/external/.nix-bazel-version - - # Gerrit fixups: - # Normalize permissions on .yarn-{tarball,metadata} files - test -d $bazelOut/external/yarn_cache && find $bazelOut/external/yarn_cache \( -name .yarn-tarball.tgz -or -name .yarn-metadata.json \) -exec chmod 644 {} + - - mkdir $bazelOut/_bits/ - find . -name node_modules -prune -print | while read d; do - echo "$d" "$(dirname $d)" - mkdir -p $bazelOut/_bits/$(dirname $d) - cp -R "$d" "$bazelOut/_bits/$(dirname $d)/node_modules" - done - - (cd $bazelOut/ && tar czf $out --sort=name --mtime='@1' --owner=0 --group=0 --numeric-owner external/ _bits/) - - runHook postInstall - ''; - }; - - buildAttrs = { - preConfigure = '' - rm .bazelversion - - [ "$(ls -A $bazelOut/_bits)" ] && cp -R $bazelOut/_bits/* ./ || true - ''; - postPatch = '' - # Disable all errorprone checks, since we might be using a different version. - sed -i \ - -e '/-Xep:/d' \ - -e '/-XepExcludedPaths:/a "-XepDisableAllChecks",' \ - tools/BUILD - ''; - installPhase = '' - mkdir -p "$out"/webapps/ "$out"/share/api/ - cp bazel-bin/release.war "$out"/webapps/gerrit-${version}.war - unzip bazel-bin/api-skip-javadoc.zip -d "$out"/share/api - ''; - - nativeBuildInputs = [ - unzip - ]; + bazelTargets = { + "//:release" = "$out/webapps/gerrit-${version}.war"; + "//:api-skip-javadoc" = null; }; passthru = { @@ -149,4 +110,4 @@ buildBazelPackage { "webhooks" ]; }; -} +}).override extraBazelPackageAttrs diff --git a/pkgs/gerrit/gerrit-cl-431977-bump-sshd.patch b/pkgs/gerrit/gerrit-cl-431977-bump-sshd.patch new file mode 100644 index 0000000..3a08df2 --- /dev/null +++ b/pkgs/gerrit/gerrit-cl-431977-bump-sshd.patch @@ -0,0 +1,40 @@ +Bump SSHD version to 2.13.1 + +Release-Notes: Update SSHD version to 2.13.1 +Change-Id: Ib7bc185bfd9e7eda0cc04230da8bd87ee1bb2358 + +diff --git a/tools/nongoogle.bzl b/tools/nongoogle.bzl +index 91caf31..d9b90d8 100644 +--- a/tools/nongoogle.bzl ++++ b/tools/nongoogle.bzl +@@ -137,18 +137,18 @@ + sha1 = "cb2f351bf4463751201f43bb99865235d5ba07ca", + ) + +- SSHD_VERS = "2.12.0" ++ SSHD_VERS = "2.13.1" + + maven_jar( + name = "sshd-osgi", + artifact = "org.apache.sshd:sshd-osgi:" + SSHD_VERS, +- sha1 = "32b8de1cbb722ba75bdf9898e0c41d42af00ce57", ++ sha1 = "50958cc44076749e790d7332021cff546707624c", + ) + + maven_jar( + name = "sshd-sftp", + artifact = "org.apache.sshd:sshd-sftp:" + SSHD_VERS, +- sha1 = "0f96f00a07b186ea62838a6a4122e8f4cad44df6", ++ sha1 = "e1b6da4ef604718e32cad59ef32618610da7a170", + ) + + maven_jar( +@@ -166,7 +166,7 @@ + maven_jar( + name = "sshd-mina", + artifact = "org.apache.sshd:sshd-mina:" + SSHD_VERS, +- sha1 = "8b202f7d4c0d7b714fd0c93a1352af52aa031149", ++ sha1 = "ff4a9fac41a111d806f6a058d23278b0819da7ce", + ) + + maven_jar( diff --git a/pkgs/gerrit/workspace_overrides.bzl b/pkgs/gerrit/workspace_overrides.bzl new file mode 100644 index 0000000..8393686 --- /dev/null +++ b/pkgs/gerrit/workspace_overrides.bzl @@ -0,0 +1,5 @@ +def web_test_repositories(): + pass + +def browser_repositories(*args, **kwargs): + pass diff --git a/pkgs/gerrit_plugins/builder.nix b/pkgs/gerrit_plugins/builder.nix index 299b208..a232625 100644 --- a/pkgs/gerrit_plugins/builder.nix +++ b/pkgs/gerrit_plugins/builder.nix @@ -1,36 +1,45 @@ -{ buildGerrit, gerrit, runCommandLocal, lib }: - { name - , src - , depsOutputHash - , overlayPluginCmd ? '' - cp -R "${src}" "$out/plugins/${name}" - '' - , postPatch ? "" - , patches ? [ ] -}: (buildGerrit { +{ gerrit +, runCommandLocal +, lib +}: + +{ name +, version +, src +, depsHash ? null +, overlayPluginCmd ? '' + cp -R "${src}" "$out/plugins/${name}" + echo "STABLE_BUILD_${lib.toUpper name}_LABEL v${version}-nix${if patches != [] then "-dirty" else ""}" >> $out/.version + '' +, postOverlayPlugin ? "" +, postPatch ? "" +, patches ? [ ] +}: ((gerrit.override { + extraBazelPackageAttrs = (old: { name = "${name}.jar"; src = runCommandLocal "${name}-src" { } '' cp -R "${gerrit.src}" "$out" - chmod +w "$out/plugins" + chmod -R +w "$out" ${overlayPluginCmd} + ${postOverlayPlugin} ''; + depsHash = (if depsHash != null then depsHash else old.depsHash); - bazelTargets = [ "//plugins/${name}" ]; + bazelTargets = { + "//plugins/${name}" = "$out"; + }; + + extraBuildInstall = ""; + }); }).overrideAttrs (super: { - deps = super.deps.overrideAttrs (superDeps: { - outputHash = depsOutputHash; - }); - installPhase = '' - cp "bazel-bin/plugins/${name}/${name}.jar" "$out" - ''; - postPatch = '' - ${super.postPatch or ""} - pushd "plugins/${name}" - ${lib.concatMapStringsSep "\n" (patch: '' - patch -p1 < ${patch} - '') patches} - popd - ${postPatch} - ''; - }) + postPatch = '' + ${super.postPatch or ""} + pushd "plugins/${name}" + ${lib.concatMapStringsSep "\n" (patch: '' + patch -p1 < ${patch} + '') patches} + popd + ${postPatch} + ''; +})) diff --git a/pkgs/gerrit_plugins/code-owners/default.nix b/pkgs/gerrit_plugins/code-owners/default.nix index a54131c..57a8ffb 100644 --- a/pkgs/gerrit_plugins/code-owners/default.nix +++ b/pkgs/gerrit_plugins/code-owners/default.nix @@ -1,12 +1,12 @@ -{ fetchgit, buildGerritBazelPlugin, lib }: +{ buildGerritBazelPlugin, fetchgit }: -buildGerritBazelPlugin { +buildGerritBazelPlugin rec { name = "code-owners"; - depsOutputHash = "sha256-Ee2n7R/vi91drR+dNYB0QnGiiqcmz9/pynHhV9yDxdE="; + version = "7de40d8"; src = fetchgit { url = "https://gerrit.googlesource.com/plugins/code-owners"; - rev = "e654ae5bda2085bce9a99942bec440e004a114f3"; - sha256 = "sha256:14d3x3iqskgw16pvyaa0swh252agj84p9pzlf24l8lgx9d7y4biz"; + rev = "7de40d8b30e55eb64316b6fc3d0d00da9caddade"; + hash = "sha256-0sLwUcG9RN1o9vZGW8ErwL7UgJapgYoo8XMGsWLO25Q="; }; patches = [ ./using-usernames.patch diff --git a/pkgs/gerrit_plugins/oauth/default.nix b/pkgs/gerrit_plugins/oauth/default.nix index a52b1d5..6752ee9 100644 --- a/pkgs/gerrit_plugins/oauth/default.nix +++ b/pkgs/gerrit_plugins/oauth/default.nix @@ -2,15 +2,14 @@ buildGerritBazelPlugin rec { name = "oauth"; - depsOutputHash = "sha256-4/+E0BwkA+rYYCy7y3G9xF86DJj+CFzPZUNXC5HN5wc="; + version = "982316"; src = fetchgit { url = "https://gerrit.googlesource.com/plugins/oauth"; - rev = "b27cf3ea820eec2ddd22d217fc839261692ccdb0"; - sha256 = "1m654ibgzprrhcl0wpzqrmq8drpgx6rzlw0ha16l1fi2zv5idkk2"; + rev = "98231604d60788bb43490f1a301d792817ac8008"; + hash = "sha256-AuVO1Yys8BYqGHZI/adszCUg0JM2v4Td4fe26LdOPLM="; }; - overlayPluginCmd = '' - chmod +w "$out" "$out/plugins/external_plugin_deps.bzl" - cp -R "${src}" "$out/plugins/${name}" + depsHash = "sha256-qEeKQPyt3uIS+BStrputBUnE3ft5c4oeazgsWd+lbN8="; + postOverlayPlugin = '' cp "${src}/external_plugin_deps.bzl" "$out/plugins/external_plugin_deps.bzl" ''; }