Commit graph

11913 commits

Author SHA1 Message Date
Jairo Llopis aa3927f0f1
feat: include openssh in docker image
When leveraging remote builders or cache in CI workloads, sometimes you need to configure nix to connect via SSH to a remote server.

It is the case for example when using nixbuild.net.

By including `openssh` package, CI should be able to reach remote builders when configured i.e. with environment variables.
2022-04-14 13:49:47 +01:00
Eelco Dolstra d89840b103 Make InstallableFlake::toValue() and toDerivation() behave consistently
In particular, this means that 'nix eval` (which uses toValue()) no
longer auto-calls functions or functors (because
AttrCursor::findAlongAttrPath() doesn't).

Fixes #6152.

Also use ref<> in a few places, and don't return attrpaths from
getCursor() because cursors already have a getAttrPath() method.
2022-04-14 14:07:04 +02:00
Eelco Dolstra 0e58affd39
Merge pull request #6213 from NixOS/dependabot/github_actions/actions/checkout-3
Bump actions/checkout from 2 to 3
2022-04-13 14:36:04 +02:00
dependabot[bot] dc9510c8d7
Bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-13 12:10:29 +00:00
Eelco Dolstra 727cf888c2
Merge pull request #6401 from NixOS/dependabot/github_actions/cachix/install-nix-action-17
build(deps): bump cachix/install-nix-action from 16 to 17
2022-04-13 14:09:31 +02:00
Kasper Gałkowski 2769e43f61 assert hash types for Git and Mercurial 2022-04-12 21:13:14 +02:00
dependabot[bot] 5fc73c276b
build(deps): bump cachix/install-nix-action from 16 to 17
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 16 to 17.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v16...v17)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-11 22:01:20 +00:00
Eelco Dolstra f7276bc948
Merge pull request #6392 from danpls/fix-actualUrl-mercurial
libfetchers: Fix assertion (Mercurial)
2022-04-11 11:16:04 +02:00
Eelco Dolstra 1f5d8e590e
Merge pull request #6384 from mschwaig/confirm-multi-user-install-without-systemd
installer: ask for confirmation on multi-user install without systemd
2022-04-11 11:15:27 +02:00
Eelco Dolstra 092f6d2e7a
Merge pull request #6380 from thufschmitt/fix-double-slahsh-in-uri
Allow empty path segments in urls
2022-04-11 11:15:14 +02:00
Eelco Dolstra 2311868aaa
Merge pull request #6391 from danpls/replace-regex
libfetchers: Replace regex to clarify intent
2022-04-11 11:14:10 +02:00
Eelco Dolstra 734019ce56
Merge pull request #6397 from sebastianblunt/builderlogging
Log builder args and environment variables
2022-04-11 11:13:35 +02:00
Sebastian Blunt 63d9a81819 Log builder args and environment variables
Previously it only logged the builder's path, this changes it to log the
arguments at the same log level, and the environment variables at the
vomit level.

This helped me debug https://github.com/svanderburg/node2nix/issues/75
2022-04-10 21:10:37 -07:00
Daniel Pauls 38125a47ab Test fetchMercurial with path containing a . segment 2022-04-09 23:39:00 +02:00
Daniel Pauls d6b7529579 libfetchers: Fix assertion (Mercurial)
See commit 1e1cd6e7a for more information.
2022-04-09 19:10:23 +02:00
Daniel Pauls 770f7371f3 libfetchers: Replace regex to clarify intent 2022-04-09 17:00:14 +02:00
Théophane Hufschmitt 646af7325d
Merge pull request #6376 from Uthar/master
don't assume that rev is a SHA1 hash
2022-04-08 17:56:27 +02:00
Théophane Hufschmitt f3d3587ab3 Allow empty path segments in urls
Valid per https://datatracker.ietf.org/doc/html/rfc3986#section-3.3 (and
also somewhat frequently happening for local paths)
2022-04-08 16:09:49 +02:00
Eelco Dolstra a52e369c07
Merge pull request #6382 from edolstra/remove-error-name
Remove unused "name" field from Error
2022-04-08 12:18:47 +02:00
Eelco Dolstra c68963eaea Remove duplicate "error:" 2022-04-08 11:48:30 +02:00
Eelco Dolstra 8bd9ebf52c Error: Remove unused sname() method 2022-04-08 11:31:51 +02:00
Eelco Dolstra 168ef9f3ab Remove unused Error.name field 2022-04-08 11:31:51 +02:00
Martin Schwaighofer 4f29cf1a1d installer: ask for confirmation on multi-user install without systemd
On Linux a user can go through all the way through the multi-user install
and find out at the end that they now have to manually configure their
init system to launch the nix daemon.

I suspect that for a significant number of users this is not
what they wanted. They might prefer a single-user install.
Now they have to manually uninstall nix before they can
go through the single-user install.

This introduces a confirmation dialog before the install
in that specific situation to make sure that they want to proceed.

See also: https://github.com/NixOS/nix/issues/4999#issuecomment-1064188080
This closes #4999 but rejecting it and closing that issue anyways
would also be valid.
2022-04-08 11:23:54 +02:00
Kasper Gałkowski 2c2fd4946f don't assume that rev is a SHA1 hash
This was a problem when writing a fetcher that uses e.g. sha256 hashes
for revisions. This doesn't actually do anything new, but allows for
creating such fetchers in the future (perhaps when support for Git's
SHA256 object format gains more popularity).
2022-04-07 19:49:47 +02:00
Eelco Dolstra 8b1e328d5d
Merge pull request #6348 from cole-h/fix-restoring-mount-namespace
libutil: Fix restoring mount namespace
2022-04-07 18:15:33 +02:00
Théophane Hufschmitt b53e0a6aa0
Merge pull request #6374 from danpls/fix-actualUrl
libfetchers: Fix assertion
2022-04-07 17:57:24 +02:00
Théophane Hufschmitt 305d3a0ec3 Test fetchgit with path containing a . segment 2022-04-07 17:31:12 +02:00
Théophane Hufschmitt e80dd0b600
Merge pull request #6375 from rehno-lindeque/nixosmodules-dot-default
Rename `nixosModule` to `nixosModules.default` consistent with other outputs
2022-04-07 13:01:19 +02:00
Rehno Lindeque 5ff4c42608 Update release notes 2022-04-06 12:24:35 -04:00
Rehno Lindeque b9c969a866 nix flake check: Warn about deprecated nixosModule output 2022-04-06 12:20:39 -04:00
Daniel Pauls 1e1cd6e7a9 libfetchers: Fix assertion
The filter expects all paths to have a prefix of the raw `actualUrl`, but
`Store::addToStore(...)` provides absolute canonicalized paths.
To fix this create an absolute and canonicalized path from the `actualUrl` and
use it instead.

Fixes #6195.
2022-04-06 17:33:23 +02:00
Eelco Dolstra f01e33f283
Merge pull request #6372 from edolstra/curl-fail
Installer: Use curl --fail so we don't silently ignore download errors
2022-04-06 15:02:20 +02:00
Eelco Dolstra a7b12c6bd9 curl: Use --fail to catch errors 2022-04-06 13:34:25 +02:00
Eelco Dolstra 36c1e3bc5f
Merge pull request #6371 from edolstra/substitution-error-msg
Fix empty 'nix copy' error message
2022-04-06 13:17:01 +02:00
Eelco Dolstra 318936366d Fix empty 'nix copy' error message
This was caused by SubstitutionGoal not setting the errorMsg field in
its BuildResult. We now get a more descriptive message than in 2.7.0, e.g.

  error: path '/nix/store/13mh...' is required, but there is no substituter that can build it

instead of the misleading (since there was no build)

  error: build of '/nix/store/13mh...' failed

Fixes #6295.
2022-04-06 12:43:53 +02:00
Eelco Dolstra fbeb8fd1b4
Merge pull request #6370 from edolstra/fetch-closure-query-params
fetchClosure: Don't allow URL query parameters
2022-04-06 12:22:39 +02:00
Eelco Dolstra 589f6f267b fetchClosure: Don't allow URL query parameters
Allowing this is a potential security hole, since it allows the user
to specify parameters like 'local-nar-cache'.
2022-04-06 11:52:51 +02:00
Eelco Dolstra c0ad86f681
Merge pull request #6366 from danpls/base64-reserve
libutil: Reserve memory when en/decoding base64
2022-04-05 23:20:33 +02:00
Eelco Dolstra f89fa29914
Merge pull request #6367 from danpls/fix-npos
tokenizeString: Fix semantic mistake
2022-04-05 23:19:35 +02:00
Daniel Pauls 513652d594 tokenizeString: Fix semantic mistake
`string_view::find_first_not_of(...)` and
`string_view::find_first_of(...)` return `string_view::npos` on error
not `string::npos`.
2022-04-05 22:33:03 +02:00
Daniel Pauls 1fa0393479 libutil: Reserve memory when en/decoding base64
The size of the output when encoding to and decoding from base64 is
(roughly) known so we can allocate it in advance to prevent
reallocation.
2022-04-05 21:30:50 +02:00
Eelco Dolstra 27b952a8a1
Merge pull request #6362 from thufschmitt/verbose-doctor
doctor: Always show the output
2022-04-05 17:33:10 +02:00
Eelco Dolstra 71c07ac0e7
Merge pull request #6363 from thufschmitt/definition-list-in-nix.conf-manual
Add anchors to the nix.conf options in the manual
2022-04-05 17:32:48 +02:00
Eelco Dolstra 5fe4fe823c
Merge pull request #6365 from edolstra/update-nixpkgs
Update to latest Nixpkgs 21.05
2022-04-05 17:23:23 +02:00
Eelco Dolstra 8d6c937d6a flake.lock: Update
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/82891b5e2c2359d7e58d08849e4c89511ab94234' (2021-09-28)
  → 'github:NixOS/nixpkgs/530a53dcbc9437363471167a5e4762c5fcfa34a1' (2022-02-19)
2022-04-05 16:41:40 +02:00
Eelco Dolstra f98d76ff1a rl-2.7.md: Fix title 2022-04-05 14:13:26 +02:00
Théophane Hufschmitt 9a640afc1e doctor: Always show the output
Fix https://github.com/NixOS/nix/issues/6342
2022-04-05 14:04:01 +02:00
Théophane Hufschmitt 660c19eb49 manual: Add some anchor targets for the nix.conf options
For each `nix.conf` option, add an empty html node with a unique `id`
that can be used as an anchor target. Also make the name of the option
be a link to that target so that it’s easily discoverable.

We can’t rewrite the whole list as an html definition list like it’s
done for the builtins because these options also appear in a man page,
and the manpage renderer (lowdown) can’t render arbitrary html. But the
hack here allows to keep the manpage and have the links in the html
version.

Fix https://github.com/NixOS/nix/issues/5745
2022-04-05 13:50:42 +02:00
Eelco Dolstra ec90fc4d1f
Merge pull request #6360 from thufschmitt/flake-check-accept-welcomeText
Allow `welcomeText` when checking a flake template
2022-04-05 11:50:45 +02:00
Théophane Hufschmitt 5abe3f4aa6 Allow welcomeText when checking a flake template
Fix https://github.com/NixOS/nix/issues/6321
2022-04-05 11:03:43 +02:00