Commit graph

1863 commits

Author SHA1 Message Date
eldritch horrors 4018fcb9b8 Merge pull request #9233 from bouk/bouk/apply-config-inner
config: add included files into parsedContents before applying
(cherry picked from commit 82359eba6b)
Change-Id: Idde3177010fec7b8bafe6088c3c23d5caf491845
2024-03-04 07:11:25 +01:00
eldritch horrors a089d8f5f6 Merge pull request #9465 from obsidiansystems/build-dir
Use `buildprefix` in a few more places

(cherry picked from commit b6a3fde6b7)
Change-Id: I2790663fa9f8242ac2db6582b7e421d2fdf42942
2024-03-04 07:11:25 +01:00
eldritch horrors c208e918e5 fix: nlohmann::adl_serializer for std::optional (#9147)
This allows templates such as `NLOHMANN_DEFINE_TYPE_*` templates and other generators with things like `std::vector<std::optional<T>>`.

Co-authored-by: John Ericson <John.Ericson@Obsidian.Systems>
(cherry picked from commit 02bd821f2e)
Change-Id: I8b0ebcf2af4226610dadd565962f2d2327415a03
2024-03-04 07:11:25 +01:00
eldritch horrors 340a6cf977 Merge pull request #9257 from Artturin/nixenvjsondrvpath
`nix-env --query`: fix `--json` ignoring `--drv-path`

(cherry picked from commit 516e7ddc41)
Change-Id: I84b5bccea9d0383e2e74544743b703942e7be547
2024-03-04 05:59:15 +01:00
eldritch horrors 3f3badffc9 Merge pull request #9395 from nbraud/buitlins
builtins.concatMap: Fix typo in error message

(cherry picked from commit 4292d99756)
Change-Id: Ia33d1b02e41f699ef0c8c2d6487c9f70b2cc8cf4
2024-03-04 05:56:04 +01:00
eldritch horrors 5e182235cb Merge pull request #7348 from thufschmitt/dont-use-vlas
Remove the usage of VLAs in the code

(cherry picked from commit ac4431e9d0)
Change-Id: Ifbf5fbfc2e27122362a2aaea4b62c7cf3ca46b1a
2024-03-04 05:51:23 +01:00
eldritch horrors 1b135e6e7b Fix boost::bad_format_string exception in builtins.addErrorContext (#9291)
* Fix boost::bad_format_string exception in builtins.addErrorContext

The message passed to addTrace was incorrectly being used as a format
string and this this would cause an exception when the string contained
a '%', which can be hit in places where arbitrary file paths are
interpolated.

* add test

(cherry picked from commit 61d6fe059e)
Change-Id: Idd671127a9c1ccc8b94e58e727632fcc064f3cbe
2024-03-04 05:39:12 +01:00
eldritch horrors 8ed486ebe6 Merge pull request #9225 from drupol/nixpkgs-pr-107251/make-gnutar-reproducible
fix: make sure `tar` reproducibility flags are set
(cherry picked from commit 28dddde0ac)
Change-Id: I57c4d4374f5195099e6d763827b6d7d05785b3a8
2024-03-04 05:34:19 +01:00
eldritch horrors 2633ca3f88 Merge pull request #9288 from edolstra/fix-nar-access-test
Fix nar-access test on macOS

(cherry picked from commit e9a857e418)
Change-Id: I2fd2ec3e6ccb88350bdcd2ba15ccfd77275399c9
2024-03-04 05:27:18 +01:00
eldritch horrors 7ff1dca1fa Merge pull request #9247 from obsidiansystems/derivation-test-with-files
Turn derivation unit tests into unit characterization tests

(cherry picked from commit a6e587923c)
Change-Id: Ia2a2e65aabfee8d5d52142b8fdaacbae4a27242c
2024-03-04 05:21:10 +01:00
eldritch horrors ea10088703 Merge pull request #9216 from obsidiansystems/addDrvOutputDependencies-pre
Add `builtins.addDrvOutputDependencies`

(cherry picked from commit a58d7f143e)
Change-Id: Ia5a1790bf29dfaf29287cc35cdae6b6d650e7a83
2024-03-04 05:06:56 +01:00
eldritch horrors 032eff7f69 Merge pull request #8470 from ncfavier/shebang-single-quotes
nix-shell: support single quotes in shebangs, fix whitespace parsing
(cherry picked from commit 3b99c62913)
Change-Id: I2a431b21c3467eefa1ef95d5a36d672f45b6937a
2024-03-04 05:06:32 +01:00
eldritch horrors 7f590ea709 Merge pull request #6223 from obsidiansystems/worker-proto-with-version
Give `nix daemon` and `nix-store --serve` protocols separate serializers with version info

(cherry picked from commit 8b68bbb777)
Change-Id: Ia3d3b9fbaf9f0ae62ab225020b7d14790e793655
2024-03-04 04:59:31 +01:00
Robert Hensing ab40b2c5d0 Merge pull request #9157 from obsidiansystems/protocol-versions
Add protocol versions to `{Worker,Serve}Proto::*Conn`

(cherry picked from commit 4d17c59d8d)
Change-Id: I497af39deb792e50c157a1305d8c9e722798740b
2024-03-04 04:43:35 +01:00
eldritch horrors 5ddd1a9166 Merge pull request #9168 from obsidiansystems/fix-lang-tests-read-only
Fix language tests a bit

(cherry picked from commit e92cac789f)
Change-Id: I527e94c5af0921ff2559ce5a4ac7635be791c22e
2024-03-04 04:42:21 +01:00
eldritch horrors d28a6618a8 Merge pull request #9167 from obsidiansystems/pre-overhaul-completions
Improve tests and docs prior to refactoring completions

(cherry picked from commit 5442d9b472)
Change-Id: Ief99ac2cd9c92981a9a522d15b9c3daf99182c9d
2024-03-04 04:38:33 +01:00
eldritch horrors e12e9f2452 Merge pull request #9137 from obsidiansystems/serve-protocol
Introduce separate Serve protocol serialisers

(cherry picked from commit d070d8b746)
Change-Id: Ibcc8639e8997bcd07f7a5318330a147bcadc411b
2024-03-04 04:37:05 +01:00
eldritch horrors 6897e238bd Merge pull request #9099 from obsidiansystems/common-proto
Factor out bits of the worker protocol to use elsewhere

(cherry picked from commit 4b1a97338f)
Change-Id: If93afa0f8b1cf9b0e705b34fa71e6fd708752758
2024-03-04 04:36:58 +01:00
eldritch horrors fd1299cef3 Merge pull request #9106 from Ericson2314/positive-source-filtering
Use positive source filtering for the standalone functional tests job and Perl bindings

(cherry picked from commit 6b6bd90030)
Change-Id: I896be67654f893d543ed6beb5d0d0d6c6d36e027
2024-03-04 04:36:42 +01:00
eldritch horrors 4517de00cb Merge pull request #8905 from hercules-ci/no-unknown-location
Don't print unknown locations unless requested for dev purposes

(cherry picked from commit 3dd4475826)
Change-Id: I04a91277d1d9d09f5c1bf4a28fc99f0702b161e5
2024-03-04 04:36:38 +01:00
eldritch horrors c36ba796dd Merge pull request #9096 from NixOS/dont-rebuild-twice-on-ci
Don't run the tests that require building if we're not building

(cherry picked from commit 8cfa582f43)
Change-Id: I6085ca6107349669407340d7a5e52639a2febc90
2024-03-04 04:36:33 +01:00
eldritch horrors 7e966819b5 Merge pull request #9098 from obsidiansystems/test-proto
Enable most of the third `BuildResult` worker protocol test

(cherry picked from commit d344c112f7)
Change-Id: I7b2b72aa84c19a6069f9c12128d901262db6f91c
2024-03-04 04:36:28 +01:00
eldritch horrors ea0008deea Merge pull request #9094 from obsidiansystems/test-proto
Test the rest of the worker protocol serializers

(cherry picked from commit 2f1c16dfa2)
Change-Id: Idfd72d32b21d14a260e02f65531d287cef7464d2
2024-03-04 04:36:23 +01:00
eldritch horrors f17e7b1855 Merge pull request #8923 from obsidiansystems/test-proto
Unit test some worker protocol serializers

(cherry picked from commit c6faef61a6)
Change-Id: I99e36f5f17eb7642211a4e42a16b143424f164b4
2024-03-04 04:36:14 +01:00
Eelco Dolstra bef68e53b9 Fix symlink handling
This restores the symlink handling behaviour prior to
94812cca98.

Fixes #9298.

(cherry picked from commit 31ebc6028b)
2024-01-21 20:53:30 +00:00
Shea Levy ba48ab4b95
Merge branch '2.18-maintenance' into ifd-buildStore-2.18 2024-01-11 07:21:16 -05:00
Shea Levy e7c2b35827
Build IFD in the build store when using eval-store.
Previously, IFDs would be built within the eval store, even though one
is typically using `--eval-store` precisely to *avoid* local builds.

Because the resulting Nix expression must be copied back to the eval
store in order to be imported, this requires the eval store to trust
the build store's signatures.

(cherry picked from commit c3942ef85f)
2024-01-11 06:34:27 -05:00
Shea Levy be208d8e78
remote-store test: Break out IFD expression into a separate file
(cherry picked from commit 9cb287657b)
2024-01-11 06:30:02 -05:00
John Ericson 615bd655e5 Add missing -pthread for test support libraries
This is good in general (see how the other libraries also have long had
it, since 49fe9592a4) but in particular
needed to fix the NetBSD build.

(cherry picked from commit b23273f6a2)
2023-12-05 23:44:41 +00:00
John Ericson f7f37035c8 Move tests to separate directories, and document
Today, with the tests inside a `tests` intermingled with the
corresponding library's source code, we have a few problems:

- We have to be careful that wildcards don't end up with tests being
  built as part of Nix proper, or test headers being installed as part
  of Nix proper.

- Tests in libraries but not executables is not right:

  - It means each executable runs the previous unit tests again, because
    it needs the libraries.

  - It doesn't work right on Windows, which doesn't want you to load a
    DLL just for the side global variable . It could be made to work
    with the dlopen equivalent, but that's gross!

This reorg solves these problems.

There is a remaining problem which is that sibbling headers (like
`hash.hh` the test header vs `hash.hh` the main `libnixutil` header) end
up shadowing each other. This PR doesn't solve that. That is left as
future work for a future PR.

Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>

(cherry picked from commit 91b6833686)
(cherry picked from commit a61e42adb528b3d40ce43e07c79368d779a8b624)
2023-12-01 13:05:03 -05:00
John Ericson 30dcc19d1f Put functional tests in tests/functional
I think it is bad for these reasons when `tests/` contains a mix of
functional and integration tests

 - Concepts is harder to understand, the documentation makes a good
   unit vs functional vs integration distinction, but when the
   integration tests are just two subdirs within `tests/` this is not
   clear.

 - Source filtering in the `flake.nix` is more complex. We need to
   filter out some of the dirs from `tests/`, rather than simply pick
   the dirs we want and take all of them. This is a good sign the
   structure of what we are trying to do is not matching the structure
   of the files.

With this change we have a clean:
```shell-session
$ git show 'HEAD:tests'
tree HEAD:tests

functional/
installer/
nixos/
```

(cherry picked from commit 68c81c7375)
2023-12-01 12:06:43 -05:00
John Ericson 72b65981f9 Revert "Adapt scheduler to work with dynamic derivations"
This reverts commit 5e3986f59c. This
un-implements RFC 92 but fixes the critical bug #9052 which many people
are hitting. This is a decent stop-gap until a minimal reproduction of
that bug is found and a proper fix can be made.

Mostly fixed #9052, but I would like to leave that issue open until we
have a regression test, so I can then properly fix the bug (unbreaking
RFC 92) later.

(cherry picked from commit 8440afbed7)
2023-10-02 15:05:23 +00:00
Robert Hensing 860f64c345 pathExists: isDir when endswith /.
(cherry picked from commit f8a3893e8d)
2023-10-01 13:58:20 +01:00
Cole Helbling f3005632c4 Re-enable systemd-nspawn test
It was disabled in c6953d1ff6 because
a recent Nixpkgs bump brought in a new systemd which changed how
systemd-nspawn worked.

As far as I can tell, the issue was caused by this upstream systemd
commit:
b71a0192c0

Bind-mounting the host's `/sys` and `/proc` into the container's
`/run/host/{sys,proc}` fixes the issue and allows the test to succeed.

(cherry picked from commit 883092e3f7)
2023-09-20 17:03:47 +00:00
Eelco Dolstra b6b2a0aea9 Use "touch -h"
https://hydra.nixos.org/build/235888160

This is needed because Nixpkgs now contains dangling symlinks
(pkgs/test/nixpkgs-check-by-name/tests/symlink-invalid/pkgs/by-name/fo/foo/foo.nix).
2023-09-19 17:21:07 +02:00
Eelco Dolstra c6953d1ff6 Disable systemd-nspawn test
This is broken because of a change in systemd in NixOS 23.05. It fails
with

  Failed to mount proc (type proc) on /proc (MS_NOSUID|MS_NODEV|MS_NOEXEC ""): Operation not permitted
2023-09-19 17:03:21 +02:00
Eelco Dolstra c451b48993 Merge remote-tracking branch 'origin/master' into p/flake-update 2023-09-19 13:33:56 +02:00
John Ericson 80d7994f52 Special-case error message to add extra information
The Derivation parser and old ATerm unfortunately leaves few ways to get
nice errors when an old version of Nix encounters a new version of the
format. The most likely scenario for this to occur is with a new client
making a derivation that the old daemon it is communicating with cannot
understand.

The extensions we just created for dynamic derivation deps will add a
version field, solving the problem going forward, but there is still the
issue of what to do about old versions of Nix up to now.

The solution here is to carefully catch the bad error from the daemon
that is likely to indicate this problem, and add some extra context to
it.

There is another "Ugly backwards compatibility hack" in
`remote-store.cc` that also works by transforming an error.

Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2023-09-07 10:39:37 -04:00
John Ericson 7ad66cb3ef Allow dynamic derivation deps in inputDrvs
We use the same nested map representation we used for goals, again in
order to save space. We might someday want to combine with `inputDrvs`,
by doing `V = bool` instead of `V = std::set<OutputName>`, but we are
not doing that yet for sake of a smaller diff.

The ATerm format for Derivations also needs to be extended, in addition
to the in-memory format. To accomodate this, we added a new basic
versioning scheme, so old versions of Nix will get nice errors. (And
going forward, if the ATerm format changes again the errors will be even
better.)

`parsedStrings`, an internal function used as part of parsing
derivations in A-Term format, used to consume the final `]` but expect
the initial `[` to already be consumed. This made for what looked like
unbalanced brackets at callsites, which was confusing. Now it consumes
both which is hopefully less confusing.

As part of testing, we also created a unit test for the A-Term format for
regular non-experimental derivations too.

Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>

Apply suggestions from code review

Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2023-09-07 10:39:37 -04:00
Eelco Dolstra 919781cacc
Merge branch 'master' into valid_deriver_2 2023-09-01 13:35:05 +02:00
Eelco Dolstra b88784278f
Merge pull request #8869 from hercules-ci/fix-issue-8838-pathExists-isDir
Fix #8838, pathExists: isDir when ends with `/ `
2023-09-01 13:15:54 +02:00
Robert Hensing be3362e747 Fix nix-copy test 2023-08-30 19:35:02 -04:00
Eelco Dolstra 5b5f56a9d4
Merge pull request #8859 from edolstra/tarball-last-modified
Tarball trees: Propagate lastModified
2023-08-29 17:02:06 +02:00
Robert Hensing 1e08e12d81 pathExists: isDir when endswith /
Fixes https://github.com/NixOS/nix/issues/8838
2023-08-25 17:18:37 +02:00
Robert Hensing d2e6cfa075 tests/lang/eval-okay-pathexists: Add cases 2023-08-25 17:17:33 +02:00
John Ericson 50f40ac4c0
Merge pull request #8829 from obsidiansystems/build-dynamic-derivations
Adapt scheduler to work with dynamic derivations
2023-08-25 11:13:15 -04:00
tomberek b563ef38cc
Merge pull request #8819 from VertexA115/fix/deep-follow-paths
Fix follow path checking at depths greater than 2
2023-08-25 10:33:05 -04:00
John Ericson dd9f816b29
Merge pull request #8661 from hercules-ci/test-reformat-error-message
tests: Reformat exit code error message
2023-08-25 10:17:15 -04:00
John Ericson 5e3986f59c Adapt scheduler to work with dynamic derivations
To avoid dealing with an optional `drvPath` (because we might not know
it yet) everywhere, make an `CreateDerivationAndRealiseGoal`. This goal
just builds/substitutes the derivation file, and then kicks of a build
for that obtained derivation; in other words it does the chaining of
goals when the drv file is missing (as can already be the case) or
computed (new case).

This also means the `getDerivation` state can be removed from
`DerivationGoal`, which makes the `BasicDerivation` / in memory case and
`Derivation` / drv file file case closer together.

The map type is factored out for clarity, and because we will soon hvae
a second use for it (`Derivation` itself).

Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2023-08-25 10:01:25 -04:00
Guillaume Girol 925a444b92 add nix-store --query --valid-derivers command
notably useful when nix-store --query --deriver returns a non-existing
path.

Co-authored-by: Felix Uhl <iFreilicht@users.noreply.github.com>
2023-08-24 11:37:24 +02:00
Eelco Dolstra 81045f243f Tarball trees: Propagate lastModified
This makes them behave consistently with GitHub/GitLab flakes.
2023-08-22 21:51:26 +02:00
Robert Hensing 75243c9693
test/flakes/follow-paths.sh: Quote
Co-authored-by: Alex Ameen <alex.ameen.tx@gmail.com>
2023-08-18 14:46:13 +02:00
Felix Uhl 17ceec3a91 Test repl formatting with and without :p 2023-08-17 13:03:43 +02:00
Vertex 20d9c672d1
Update tests/flakes/follow-paths.sh
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2023-08-15 10:10:27 +01:00
Alex Zero 1ef8008ca7 Fix follow path checking at depths greater than 2
We need to recurse into the input tree to handle follows paths that
trarverse multiple inputs that may or may not be follow paths
themselves.
2023-08-14 18:55:46 +01:00
John Ericson 44c8d83831 Create outputOf primop.
In the Nix language, given a drv path, we should be able to construct
another string referencing to one of its output. We can do this today
with `(import drvPath).output`, but this only works for derivations we
already have.

With dynamic derivations, however, that doesn't work well because the
`drvPath` isn't yet built: importing it like would need to trigger IFD,
when the whole point of this feature is to do "dynamic build graph"
without IFD!

Instead, what we want to do is create a placeholder value with the right
string context to refer to the output of the as-yet unbuilt derivation.
A new primop in the language, analogous to `builtins.placeholder` can be
used to create one. This will achieve all the right properties. The
placeholder machinery also will match out the `outPath` attribute for CA
derivations works.

In 60b7121d2c we added that type of
placeholder, and the derived path and string holder changes necessary to
support it. Then in the previous commit we cleaned up the code
(inspiration finally hit me!) to deduplicate the code and expose exactly
what we need. Now, we can wire up the primop trivally!

Part of RFC 92: dynamic derivations (tracking issue #6316)

Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2023-08-14 09:37:37 -04:00
tomberek 010dc7958e
Merge pull request #8369 from obsidiansystems/inductive-derived-path
Make the Derived Path family of types inductive for dynamic derivations
2023-08-11 08:50:22 -05:00
John Ericson 60b7121d2c Make the Derived Path family of types inductive for dynamic derivations
We want to be able to write down `foo.drv^bar.drv^baz`:
`foo.drv^bar.drv` is the dynamic derivation (since it is itself a
derivation output, `bar.drv` from `foo.drv`).

To that end, we create `Single{Derivation,BuiltPath}` types, that are
very similar except instead of having multiple outputs (in a set or
map), they have a single one. This is for everything to the left of the
rightmost `^`.

`NixStringContextElem` has an analogous change, and now can reuse
`SingleDerivedPath` at the top level. In fact, if we ever get rid of
`DrvDeep`, `NixStringContextElem` could be replaced with
`SingleDerivedPath` entirely!

Important note: some JSON formats have changed.

We already can *produce* dynamic derivations, but we can't refer to them
directly. Today, we can merely express building or example at the top
imperatively over time by building `foo.drv^bar.drv`, and then with a
second nix invocation doing `<result-from-first>^baz`, but this is not
declarative. The ethos of Nix of being able to write down the full plan
everything you want to do, and then execute than plan with a single
command, and for that we need the new inductive form of these types.

Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
2023-08-10 00:08:32 -04:00
Peter Waller 4b1bd822ac Try to realise CA derivations during queryMissing
This enables nix to correctly report what will be fetched in the case
that everything is a cache hit.

Note however that if an intermediate build of something which is not
cached could still cause products to end up being substituted if the
intermediate build results in a CA path which is in the cache.

Fixes #8615.

Signed-off-by: Peter Waller <p@pwaller.net>
2023-08-09 20:57:04 +01:00
Théophane Hufschmitt d00fe5f225
Merge pull request #8805 from tweag/fix-add-to-store-existing
[V2] Fix misread of source if path is already valid
2023-08-08 14:57:45 +02:00
Théophane Hufschmitt afac001c39 Test the parallel copy over ssh-ng
Regression test for https://github.com/NixOS/nix/issues/6253
2023-08-08 11:55:09 +02:00
Eelco Dolstra 5624777988
Merge pull request #8786 from Ma27/fix-why-depends-precise
nix/why-depends: fix output of `--precise`
2023-08-07 19:32:49 +02:00
Théophane Hufschmitt 4999f42a70
Merge pull request #8322 from tweag/stabilize-discard-references
Stabilize `discard-references`
2023-08-07 17:35:02 +02:00
Théophane Hufschmitt ad410abbe0 Stabilize discard-references
It has been there for a few releases now (landed in 2.14.0), doesn't
seem to cause any major issue and is wanted in a few places
(https://github.com/NixOS/nix/pull/7087#issuecomment-1544471346).
2023-08-07 16:53:37 +02:00
Maximilian Bosch 7c09104a94
nix/why-depends: fix output of --precise
I haven't checked when this was exactly introduced, but on Nix 2.16 I
realized that the additional lines inserted when using `--precise` are
completely separated from the tree:

    nix why-depends /nix/store/ccgr4faaxys39s091qridxg1947lggh4-evcxr-0.14.2 /nix/store/b7hvml0m3qmqraz1022fwvyyg6fc1vdy-gcc-12.2.0 --precise --extra-experimental-features nix-command
    /nix/store/ccgr4faaxys39s091qridxg1947lggh4-evcxr-0.14.2
        → /nix/store/lcf37pgp3rgww67v9x2990hbfwx96c1w-gcc-wrapper-12.2.0
            → /nix/store/b7hvml0m3qmqraz1022fwvyyg6fc1vdy-gcc-12.2.0
    └───bin/evcxr: …':'}.PATH=${PATH/':''/nix/store/lcf37pgp3rgww67v9x2990hbfwx96c1w-gcc-wrapper-12.2.0/bin'':'/':'}…
        └───bin/cpp: …k disable=SC2193.[[ "/nix/store/b7hvml0m3qmqraz1022fwvyyg6fc1vdy-gcc-12.2.0/bin/cpp" = *++ ]] &&…

This is apparently because `std::cout` is buffered and flushed in the
end whereas the rest of the output isn't. The fix is rather simple, just
use `logger->cout` as it's already the case for the rest of the code.

This way we also don't need to insert additional newlines in the `hits`
map since that's something the logger takes care of.

Also added a small test to make sure that the layout of this is somehow
tested to reduce the risk of further regressions here.
2023-08-04 23:11:08 +02:00
Eelco Dolstra d9e7758f47 Don't require .tar/.zip extension for tarball flakerefs
Special-casing the file name is rather ugly, so we shouldn't do
that. So now any {file,http,https} URL is handled by
TarballInputScheme, except for non-flake inputs (i.e. inputs that have
the attribute `flake = false`).
2023-08-01 16:07:20 +02:00
Robert Hensing 33d58a90c2 toJSON: Add attribute path to trace 2023-07-31 13:02:54 +02:00
Alex Ameen 2d1d81114d
Add parseFlakeRef and flakeRefToString builtins (#8670)
Over the last year or so I've run into several use cases where I need to
parse and/or serialize URLs for use by `builtins.fetchTree` or
`builtins.getFlake`, largely in order to produce _lockfile-like_ files
for lang2nix frameworks or tools which use `nix` internally to drive
builds.

I've gone through the painstaking process of emulating
`nix::FlakeRef::fromAttrs` and `nix::parseFlakeRef` several times with
mixed success; but these are difficult to create and even harder to
maintain if I hope to stay aligned with changes to the real
parser/serializer.

I understand why adding new `builtins` isn't something we want to do
flagrantly. I'm recommending this addition simply because I keep
encountering use cases where I need to parse/serialize these URIs in
`nix` expressions, and I want a reliable solution.

Co-authored-by: Eelco Dolstra <edolstra@gmail.com>
Co-authored-by: John Ericson <git@JohnEricson.me>
2023-07-25 17:43:33 +00:00
Naïm Favier 570a1a3ad7
parser: merge nested dynamic attributes
Fixes https://github.com/NixOS/nix/issues/7115
2023-07-21 17:14:03 +02:00
John Ericson 453c4be93c
Merge pull request #8680 from NixLayeredStore/test-groups
Introduce notion of a test group, use for CA tests
2023-07-19 11:17:57 -04:00
Robert Hensing 0e3a7e34a0
Merge pull request #8506 from corngood/ssh-master
Pass NIX_SSHOPTS when checking for an ssh master connection.
2023-07-18 15:47:57 +02:00
John Ericson 259e328de8 Introduce notion of a test group, use for CA tests
Grouping our tests should make it easier to understand the intent than
one long poorly-arranged list. It also is convenient for running just
the tests for a specific component when working on that component.

We need at least one test group so this isn't dead code; I decided to
collect the tests for the `ca-derivations` and `dynamic-derivations`
experimental features in groups. Do
```bash
make ca.test-group -jN
```
and
```bash
make dyn-drv.test-group -jN
```
to try running just them.

I originally did this as part of #8397 for being able to just the local
overlay store alone. I am PRing it separately now so we can separate
general infra from new features.

Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
2023-07-18 09:31:13 -04:00
Théophane Hufschmitt a8d5bb5e7e
Merge pull request #8342 from NixLayeredStore/best-effort-supplementary-groups
Best effort supplementary groups
2023-07-17 20:58:17 +02:00
John Ericson 0f7242ff87 Test nested sandboxing, and make nicer error
We were bedeviled by sandboxing issues when working on the layered
store. The problem ended up being that when we have nested nix builds,
and the inner store is inside the build dir (e.g. store is
`/build/nix-test/$name/store`, build dir is `/build`) bind mounts
clobber each other and store paths cannot be found.

After thoroughly cleaning up `local-derivation-goal.cc`, we might be
able to make that work. But that is a lot of work. For now, we just fail
earlier with a proper error message.

Finally, test this: nested sandboxing without the problematic store dir
should work, and with should fail with the expected error message.

Co-authored-by: Dylan Green <67574902+cidkidnix@users.noreply.github.com>
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2023-07-14 09:40:24 -04:00
cidkidnix adb28d4a26 move unset NIX_STORE_DIR in supplementary-groups.sh
to inside the unshare
2023-07-13 14:23:24 -05:00
cidkidnix 1a13757880 Add comment regarding the unset of NIX_STORE_DIR
in build-remote.sh and supplementary-groups.sh
2023-07-13 14:18:12 -05:00
John Ericson 84c4e6f0ac Revert "Skip build-remote-trustless unless sandbox is supported."
This reverts commit 41412dc4ae.
2023-07-13 15:06:50 -04:00
John Ericson 9e64f24340 Revert "Check _NIX_TEST_NO_SANDBOX when setting _canUseSandbox."
This reverts commit c1d39de1fb.
2023-07-13 15:06:34 -04:00
John Ericson ddc0a2050b Merge remote-tracking branch 'upstream/master' into best-effort-supplementary-groups 2023-07-13 15:06:08 -04:00
John Ericson e072e18475 Fix race condition in the language tests
When we pipe to `>(...)` like that, we unfortunately don't wait for the
process to finish. Better to just substitute the file.

Also, use the "unified" diff output that people (including myself) are
more familiar with, thanks to Git.
2023-07-13 08:09:03 -04:00
Mathnerd314 c70484454f Expanded test suite
* Lang now verifies errors and parse output

* Some new miscellaneous tests

* Easy way to update the tests

* Document workflow in manual

* Use `!` not `~` as separater char for sed

  It is confusing to use `~` when we are talking about paths and home
  directories!

* Test test suite itself (`test/lang-test/infra.sh`)

Additionally, run shellcheck on `tests/lang.sh` to help ensure it is
correct, now that is is more complex.

Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
2023-07-11 21:43:09 -04:00
Ben Radford 41412dc4ae
Skip build-remote-trustless unless sandbox is supported. 2023-07-11 12:52:59 +01:00
Ben Radford c1d39de1fb
Check _NIX_TEST_NO_SANDBOX when setting _canUseSandbox. 2023-07-11 12:08:33 +01:00
Ben Radford 07dabcc90e
Always attempt setgroups but allow failure to be ignored. 2023-07-11 10:44:05 +01:00
Ben Radford 25b20b4ad2
Merge remote-tracking branch 'origin/master' into best-effort-supplementary-groups 2023-07-11 09:38:34 +01:00
John Ericson c2c8187118 Fix test file name
It's UTF-8, not UFT-8.
2023-07-10 20:58:19 -04:00
John Ericson 028b26a77f
Merge pull request #8370 from hercules-ci/fetchClosure-input-addressed
`fetchClosure`: input addressed and pure
2023-07-09 23:41:22 -04:00
Robert Hensing 9fc82de493 signing.sh: Revert test improvement because it fails on GHA + macOS 2023-07-07 15:37:09 +02:00
Robert Hensing 3b3822ea1d tests: Reformat exit code error message
Now looks like:

Expected exit code '123' but got '0' from command 'echo' 'hi'
2023-07-07 15:08:25 +02:00
Eelco Dolstra 5fbfbb4c7c Fix test 2023-07-03 12:23:57 +02:00
Robert Hensing a6c17097d2 tests: Don't install test-libstoreconsumer program
Sorry about that.
Fixes https://github.com/NixOS/nix/issues/8616
2023-06-30 23:36:27 +02:00
Robert Hensing fefb947132 tests/signing.sh: Check signature checking error message
We should check error messages, so that we know the command fails for
the right reason.
Alternatively, a mere typo can run the test undetected.
2023-06-30 18:23:44 +02:00
Robert Hensing 1db81f7107 tests/fetchClosure: Improve coverage of new and some existing flows 2023-06-30 18:23:44 +02:00
Robert Hensing 40052c7613 fetchClosure: Docs and error message improvements
Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
2023-06-30 18:23:42 +02:00
Robert Hensing ea30f152b7 fetchClosure: Allow input addressed paths in pure mode
When explicitly requested by the caller, as suggested in the meeting
(https://github.com/NixOS/nix/pull/8090#issuecomment-1531139324)

> @edolstra: { toPath } vs { fromPath } is too implicit

I've opted for the `inputAddressed = true` requirement, because it
we did not agree on renaming the path attributes.

> @roberth: more explicit
> @edolstra: except for the direction; not immediately clear in which direction the rewriting happens

This is in fact the most explicit syntax and a bit redundant, which is
good, because that redundancy lets us deliver an error message that
reminds expression authors that CA provides a better experience to
their users.
2023-06-30 18:22:43 +02:00
Eelco Dolstra a0c617348b
Merge pull request #8589 from jfroche/sign-paths-as-allowed-user
Allow to sign path as unprivileged user
2023-06-30 13:13:42 +02:00
Jean-François Roche 80c9259756 Allow to sign path as unprivileged user
User can now sign path as unprivileged/allowed user

refs #1708
2023-06-27 18:31:31 +02:00
Maximilian Bosch 559fd7ffe7
nix flake check: improve error message if overlay is not a lambda (#8582)
* nix flake check: improve error message if overlay is not a lambda

Suppose you have an overlay like this

    {
      inputs = { /* ... */ };
      outputs = { flake-utils, ... }: flake-utils.lib.eachDefaultSystem
        (system: {
          overlays.default = final: prev: {

          };
        });
    }

then `nix flake check` (correctly) fails because `overlays` are supposed
to have the structure `overlays.<name> = final: prev: exp`. However, the
error-message is a little bit counter-intuitive:

    error: overlay does not take an argument named 'final'

While one might guess where the error actually comes from because the
trace above says `… while checking the overlay 'overlays.x86_64-linux'`
this is still pretty confusing because it complains about an argument
not being named `final` even though that's evidently the case.

With this change, the error-message actually makes it clear what's
wrong:

    [ma27@carsten:~/Projects/nix/tmp]$ nix flake check --extra-experimental-features 'nix-command flakes' path:$(pwd)
    error:
           … while checking flake output 'overlays'

             at /nix/store/clgblnxx003hyrq8qkz5ab6kgqkck6qc-source/flake.nix:4:5:

                3|   outputs = { ... }: {
                4|     overlays.x86_64-linux.snens = final: prev: {
                 |     ^
                5|       kek = throw "snens";

           … while checking the overlay 'overlays.x86_64-linux'

             at /nix/store/clgblnxx003hyrq8qkz5ab6kgqkck6qc-source/flake.nix:4:5:

                3|   outputs = { ... }: {
                4|     overlays.x86_64-linux.snens = final: prev: {
                 |     ^
                5|       kek = throw "snens";

           error: overlay is not a lambda, but a set instead
2023-06-27 14:58:29 +02:00
Théophane Hufschmitt 60f06a1714
Merge pull request #5385 from Enzime/add/dirty-rev
Add `dirtyRev` and `dirtyShortRev` to `fetchGit`
2023-06-24 14:55:31 +02:00
Michael Hoang a7b49086c7 Add dirtyRev and dirtyShortRev to fetchGit
Fixes #4682
2023-06-24 14:17:25 +10:00