Commit graph

9057 commits

Author SHA1 Message Date
John Ericson 66321463e1 Merge remote-tracking branch 'upstream/master' into trustless-remote-builder-simple 2020-08-17 13:07:28 +00:00
Eelco Dolstra e849b19872
Merge pull request #3932 from chkno/no-show-signature
Don't try to parse signature check as commit timestamp
2020-08-17 11:00:24 +02:00
Eelco Dolstra 847a5392f4 Merge branch 'ca-no-need-trust' of https://github.com/obsidiansystems/nix 2020-08-17 10:57:02 +02:00
Eelco Dolstra 3c619f6290 Merge branch 'test-RemoteStore-buildDerivation' of https://github.com/obsidiansystems/nix 2020-08-17 10:53:18 +02:00
John Ericson 767e0b7726 Merge branch 'fixed-output-remote-builder-test' into trustless-remote-builder-simple 2020-08-16 18:54:12 +00:00
John Ericson dbf96e10ec Test remote building with fixed output derivations 2020-08-16 17:38:12 +00:00
John Ericson 9dd28a65c8 Merge remote-tracking branch 'upstream/master' into trustless-remote-builder-simple 2020-08-16 16:05:54 +00:00
John Ericson 6f7ac5e865 Remove extra closing paren 2020-08-14 21:59:31 +00:00
John Ericson 4b571ea321
Update src/libstore/daemon.cc
Co-authored-by: Eelco Dolstra <edolstra@gmail.com>
2020-08-14 11:52:37 -04:00
Eelco Dolstra 13e49be660
Merge pull request #3875 from obsidiansystems/new-interface-for-path-pathOpt
Offer a safer interface for path and pathOpt
2020-08-14 17:19:19 +02:00
Eelco Dolstra 7714d9a943
Merge pull request #3924 from obsidiansystems/features-per-store
Make `system-features` a store setting
2020-08-14 17:13:07 +02:00
Eelco Dolstra 9b9d5297ba
Merge pull request #3909 from matthewbauer/readd-hashed-mirrors
Add hashed-mirrors back
2020-08-14 17:05:47 +02:00
Eelco Dolstra d81f13f7cb
Merge pull request #3899 from obsidiansystems/make-narHash-not-optional
Make narHash in ValidPathInfo not optional
2020-08-14 17:00:18 +02:00
John Ericson cbc4344297 Trustless remote building
Co-authored-by: Matthew Bauer <mjbauer95@gmail.com>
2020-08-14 04:53:58 +00:00
Chuck ed026f7206 Don't try to parse signature check as commit timestamp
When the log.showSignature git setting is enabled, the output of
"git log" contains signature verification information in addition to the
timestamp GitInputScheme::fetch wants:

  $ git log -1 --format=%ct
  gpg: Signature made Sat 07 Sep 2019 02:02:03 PM PDT
  gpg:                using RSA key 0123456789ABCDEF0123456789ABCDEF01234567
  gpg:                issuer "user@example.com"
  gpg: Good signature from "User <user@example.com>" [ultimate] 1567890123
  1567890123

For folks that had log.showSignature set, this caused all nix operations
on flakes to fail:

  $ nix build
  error: stoull
2020-08-13 17:44:42 -07:00
John Ericson 53f92c779a Merge branch 'legacy-ssh-build-paths' of github.com:obsidiansystems/nix into HEAD 2020-08-13 21:40:59 +00:00
John Ericson e1308b1211 Define LegacySSHStore::buildPaths using cmdBuildPaths
Evidentally this was never implemented because Nix switched to using
`buildDerivation` exclusively before `build-remote.pl` was rewritten.

The `nix-copy-ssh` test (already) tests this.
2020-08-13 21:27:55 +00:00
John Ericson 5ccd94501d Allow trustless building of CA derivations
Include a long comment explaining the policy. Perhaps this can be moved
to the manual at some point in the future.

Also bump the daemon protocol minor version, so clients can tell whether
`wopBuildDerivation` supports trustless CA derivation building. I hope
to take advantage of this in a follow-up PR to support trustless remote
building with the minimal sending of derivation closures.
2020-08-13 18:15:57 +00:00
Eelco Dolstra e11bbfb0ab
Merge pull request #3928 from obsidiansystems/more-tee
Use `TeeSink` and `TeeSouce` in a few more places
2020-08-13 17:19:50 +02:00
John Ericson 85aacbee64 Use TeeSink and TeeSouce in a few more places 2020-08-13 14:51:17 +00:00
Eelco Dolstra 859cd4acea
Merge pull request #3923 from obsidiansystems/daemon-auth-cleanup
Separate auth and logic for the daemon
2020-08-13 11:01:53 +02:00
John Ericson d2f2be0f70 Test RemoteStore::buildDerivation
Fix `wopNarFromPath` which needed a `toRealPath`.
2020-08-13 04:07:14 +00:00
John Ericson 5d67f18c86 Merge branch 'daemon-auth-cleanup' of github.com:obsidiansystems/nix into HEAD 2020-08-12 18:22:31 +00:00
John Ericson 4720853129 Make system-features a store setting
This seems more correct. It also means one can specify the features a
store should support with --store and remote-store=..., which is useful.
I use this to clean up the build remotes test.
2020-08-12 18:13:00 +00:00
John Ericson 8d4162ff9e Separate auth and logic for the daemon
Before, processConnection wanted to know a user name and user id, and
`nix-daemon --stdio`, when it isn't proxying to an underlying daemon,
would just assume "root" and 0. But `nix-daemon --stdio` (no proxying)
shouldn't make guesses about who holds the other end of its standard
streams.

Now processConnection takes an "auth hook", so `nix-daemon` can provide
the appropriate policy and daemon.cc doesn't need to know or care what
it is.
2020-08-12 15:22:33 +00:00
Eelco Dolstra 574bf60b4d
Merge pull request #3919 from bburdette/issue-2238-demotion
demote remote build message to Info
2020-08-11 20:32:29 +02:00
Ben Burdette 1a281ec07f demote remote build message to Info 2020-08-11 10:29:43 -06:00
Eelco Dolstra 7a911b6783
Merge pull request #3914 from obsidiansystems/small-drv-serialize-cleanup
Two small derivation serialization cleanups
2020-08-11 07:14:38 +02:00
Eelco Dolstra 5f263e1fb7
Merge pull request #3916 from Ma27/progress-bar-coloring
Always reset ANSI colors in progress-bar line
2020-08-11 07:13:41 +02:00
Maximilian Bosch 5f8ae16c8b
Always reset ANSI colors in progress-bar line
When having a message like `waiting for a machine to build X` and
building with `nix build -L`, the log-prefix is always colored yellow[1]
on a small terminal-width as everything (including the ANSI color-reset) is
stripped away.

To work around that problem, this patch explicitly adds an `ANSI_NORMAL`
to the end of the line.

[1] https://imgur.com/a/FjtJOk3
2020-08-10 17:44:17 +02:00
John Ericson 581183d4d5 Deduplicate parsing and reading derivations 2020-08-10 01:40:50 +00:00
John Ericson bcd0629c2e Remove name parameter from writeDerivation
The name is now stored with the derivation itself.
2020-08-10 01:35:59 +00:00
Eelco Dolstra edfd676e05 Fix .ls file names in binary caches
These are not supposed to include the 'name' part of the store
path. This was broken by 759947bf72.
2020-08-07 21:18:29 +02:00
Eelco Dolstra 3c75ddc16b nix build (and others): Force re-evaluation of cached errors
Fixes #3872.

This is a bit hacky. Ideally we would automatically re-evaluate the
failed attribute iff we need to print the error message (so in
commands like 'nix search' we wouldn't re-evaluate because we're
suppressing errors).
2020-08-07 14:47:23 +02:00
Eelco Dolstra 2ffc058950 Make --no-eval-cache a global setting 2020-08-07 14:13:24 +02:00
Matthew Bauer 96c158d6e1 Fix build 2020-08-06 21:04:31 -05:00
Matthew Bauer 8abc577cc2 Merge remote-tracking branch 'origin/master' into readd-hashed-mirrors 2020-08-06 18:58:59 -05:00
Matthew Bauer 641c950701 Add hashed-mirrors back
Some users have their own hashed-mirrors setup, that is used to mirror
things in addition to what’s available on tarballs.nixos.org. Although
this should be feasable to do with a Binary Cache, it’s not always
easy, since you have to remember what "name" each of the tarballs has.
Continuing to support hashed-mirrors is cheap, so it’s best to leave
support in Nix. Note that NIX_HASHED_MIRRORS is also supported in
Nixpkgs through fetchurl.nix.

Note that this excludes tarballs.nixos.org from the default, as in
\#3689. All of these are available on cache.nixos.org.
2020-08-06 18:19:09 -05:00
John Ericson e89b5bd0bf Minimize the usage of Hash::dummy 2020-08-06 18:31:48 +00:00
John Ericson 5e59b25a23 Merge remote-tracking branch 'upstream/master' into make-narHash-not-optional 2020-08-06 15:34:15 +00:00
Eelco Dolstra 6146447842
Merge pull request #3856 from obsidiansystems/buildable-variant
Make `Buildable` a `std::variant`
2020-08-06 14:14:06 +02:00
Eelco Dolstra 59067f0f58 repl.cc: Check for HAVE_BOEHMGC
Fixes #3906.
2020-08-06 11:40:41 +02:00
Eelco Dolstra 3321b2bc65
Merge pull request #3897 from bburdette/error-2238
error messages for issue 2238
2020-08-06 11:31:36 +02:00
Carlo Nucera d5d9907a9e Fix perl integration 2020-08-05 15:57:42 -04:00
Carlo Nucera 1d2e80ddd6 Merge branch 'master' of github.com:NixOS/nix into new-interface-for-path-pathOpt 2020-08-05 15:45:33 -04:00
Carlo Nucera 8241e660ba Remove Hash::operator bool ()
Since the hash is not optional anymore
2020-08-05 15:30:38 -04:00
Carlo Nucera be6e1c6457 Merge branch 'master' of github.com:NixOS/nix into make-narHash-not-optional 2020-08-05 15:14:47 -04:00
Carlo Nucera 1ad6394b33 Add Hash::dummy to signal default value
We did this in the same spirit of the dummy value that's present in
libstore/path.hh
2020-08-05 15:11:49 -04:00
Carlo Nucera 1d71028f4d Remove optionality in ValidPathInfo::narInfo 2020-08-05 14:42:48 -04:00
Ben Burdette 31f1af0cab don't crash if there's no drvPath 2020-08-05 11:26:06 -06:00