[Nix#9292] `builtins.fetchGit` dirty mode almost unusable in pure evaluation mode #105

New issue

Open

opened 2024-03-16 06:44:55 +00:00 by lix-bot · 0 comments

lix-bot commented

2024-03-16 06:44:55 +00:00

Member

Upstream-Issue: NixOS/nix#9292

Describe the bug

builtins.fetchGit has a mode where if you pass a local directory and no ref nor rev, it uses the state of the tracked files in the Git working directory.

With pure evaluation, this mode is almost unusable, because it requires a narHash, even though paths in pure evaluation mode will always be in the Nix store, and therefore implicitly pure.

Steps To Reproduce

This can be reproduced with both stable Nix and Flakes, it doesn't depend on any experimental features, but I'll use Flakes since it's really hard to use pure evaluation mode without it.

Create this flake.nix file in a new empty Git repository:

{
  outputs =
    { ... }:
    # Show that ./. is in the Nix store in pure eval
    builtins.trace ./. {
      withoutHash = builtins.fetchGit ./.;
      withHash = builtins.fetchGit {
        url = ./.;
        # Setting this hash changes it!
        narHash = "";
      };
    };
}

Try to evaluate fetchGit without providing a narHash, notice how it doesn't let us. Note that we use path: so that the .git directory is also available:

$ nix eval path:.#withoutHash
trace: /nix/store/0hnwhrv57lcxjsk6d81p12ggi8y6pd2d-source
error: in pure evaluation mode, 'fetchTree' requires a locked input, at «none»:0

Try to evaluate fetchGit with an empty narHash:

$ nix eval path:.#withHash
trace: /nix/store/0hnwhrv57lcxjsk6d81p12ggi8y6pd2d-source
warning: Git tree '/nix/store/0hnwhrv57lcxjsk6d81p12ggi8y6pd2d-source' is dirty
error: NAR hash mismatch in input 'git+file:///nix/store/0hnwhrv57lcxjsk6d81p12ggi8y6pd2d-source' (/nix/store/w8y68nl6642mmyhh2204hfhsa5yy5195-source), expected 'sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=', got 'sha256-YZHo9RvTnZi8xJJrns12YSFJcg2yfRrYbV4mS25nyqw='

This gives us the correct hash, however this would prevent us from including flake.nix in Git, since that would then influence the hash again, and we can't put the hash into a file influenced by the hash.

Expected behavior

builtins.fetchGit ./. in pure evaluation mode should just work, since the path will refer to a store path, which is always pure.

nix-env --version output

nix-env (Nix) 2.15.1

Additional context

This issue is sponsored by Antithesis ✨

Priorities

Add 👍 to issues you find important.

Upstream-Issue: https://git.lix.systems/NixOS/nix/issues/9292 **Describe the bug** `builtins.fetchGit` has a mode where if you pass a local directory and no `ref` nor `rev`, it uses the state of the tracked files in the Git working directory. With pure evaluation, this mode is almost unusable, because it requires a `narHash`, even though paths in pure evaluation mode will always be in the Nix store, and therefore implicitly pure. **Steps To Reproduce** This can be reproduced with both stable Nix and Flakes, it doesn't depend on any experimental features, but I'll use Flakes since it's really hard to use pure evaluation mode without it. 1. Create this `flake.nix` file in a new empty Git repository: ```nix { outputs = { ... }: # Show that ./. is in the Nix store in pure eval builtins.trace ./. { withoutHash = builtins.fetchGit ./.; withHash = builtins.fetchGit { url = ./.; # Setting this hash changes it! narHash = ""; }; }; } ``` 2. Try to evaluate `fetchGit` without providing a `narHash`, notice how it doesn't let us. Note that we use `path:` so that the `.git` directory is also available: ``` $ nix eval path:.#withoutHash trace: /nix/store/0hnwhrv57lcxjsk6d81p12ggi8y6pd2d-source error: in pure evaluation mode, 'fetchTree' requires a locked input, at «none»:0 ``` 3. Try to evaluate `fetchGit` with an empty `narHash`: ``` $ nix eval path:.#withHash trace: /nix/store/0hnwhrv57lcxjsk6d81p12ggi8y6pd2d-source warning: Git tree '/nix/store/0hnwhrv57lcxjsk6d81p12ggi8y6pd2d-source' is dirty error: NAR hash mismatch in input 'git+file:///nix/store/0hnwhrv57lcxjsk6d81p12ggi8y6pd2d-source' (/nix/store/w8y68nl6642mmyhh2204hfhsa5yy5195-source), expected 'sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=', got 'sha256-YZHo9RvTnZi8xJJrns12YSFJcg2yfRrYbV4mS25nyqw=' ``` This gives us the correct hash, however this would prevent us from including `flake.nix` in Git, since that would then influence the hash again, and we can't put the hash into a file influenced by the hash. **Expected behavior** `builtins.fetchGit ./.` in pure evaluation mode should just work, since the path will refer to a store path, which is always pure. **`nix-env --version` output** nix-env (Nix) 2.15.1 **Additional context** This issue is sponsored by [Antithesis](https://antithesis.com/) :sparkles: **Priorities** Add :+1: to [issues you find important](https://github.com/NixOS/nix/issues?q=is%3Aissue+is%3Aopen+sort%3Areactions-%2B1-desc).

lix-bot added the

bug

imported

labels 2024-03-16 06:44:55 +00:00

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: lix-project/lix#105

No description provided.

[Nix#9292] builtins.fetchGit dirty mode almost unusable in pure evaluation mode #105

[Nix#9292] `builtins.fetchGit` dirty mode almost unusable in pure evaluation mode #105