Commit graph

15449 commits

Author SHA1 Message Date
Valentin Gagarin 8e222fbb12
Merge pull request #8848 from BootRhetoric/flake-authentication 2023-11-04 00:23:28 +01:00
BootRhetoric 271932782d
fetchGit and flake: add commit signature verification tests
This adds simple tests of the commit signature verification mechanism of
fetchGit and its flake input wrapper.
OpenSSH is added to the build dependencies since it's needed to create
a key when testing the functionality. It is neither a built- nor a
runtime dependency.
2023-11-03 20:23:31 +01:00
BootRhetoric 098f0615c9
fetchGit and flake: add publicKeys list input
This adds publicKeys as an optional fetcher input attribute to flakes
and builtins.fetchGit to provide a nix interface for the json-encoded
`publicKeys` attribute of the git fetcher.

Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
2023-11-03 20:23:31 +01:00
BootRhetoric 6df32889a5
Add git commit verification input attributes
This implements the git input attributes `verifyCommit`, `keytype`,
`publicKey` and `publicKeys` as experimental feature
`verified-fetches`. `publicKeys` should be a json string.
This representation was chosen because all attributes must be of type bool,
int or string so they can be included in flake uris (see definition of
fetchers::Attr).
2023-11-03 20:15:12 +01:00
Robert Hensing 66cb364f58
Merge pull request #9289 from edolstra/fix-warnings
Fix gcc warnings
2023-11-03 12:41:52 +01:00
Ramses 60b363936d
libstore/ssh-ng: Fix phase reporting in log files.
When doing local builds, we get phase reporting lines in the log file,
they look like '@nix {"action":"setPhase","phase":"unpackPhase"}'.
With the ssh-ng protocol, we do have access to these messages, but since we
are only including messages of type resBuildLogLine in the logs, the phase
information does not end up in the log file.

The phase reporting could probably be improved altoghether (it looks like it
is kind of accidental that these JSON messages for phase reporting show up
but others don't, just because they are actually emitted by nixpkgs' stdenv),
but as a first step I propose to make ssh-ng behave in the same way as local builds do.
2023-11-03 12:30:25 +01:00
Eelco Dolstra b0455e9931 Fix uninitialized variable warnings on i686-linux
https://hydra.nixos.org/build/239849607
2023-11-03 12:04:20 +01:00
Eelco Dolstra 55dd1244d2 parseDerivation(): Fix warning about uninitialized 'version' variable 2023-11-03 12:04:20 +01:00
Eelco Dolstra e9a857e418
Merge pull request #9288 from edolstra/fix-nar-access-test
Fix nar-access test on macOS
2023-11-03 11:39:48 +01:00
Eelco Dolstra e5908212e2 Fix nar-access test on macOS 2023-11-03 11:03:58 +01:00
John Ericson 727ada1a41
Merge pull request #9268 from obsidiansystems/systematize-characterization-tests
Systematize characterization tests a bit more
2023-11-02 12:38:28 -04:00
John Ericson d15c3a33e6 Don't use std::invocable C++ concept yet
It s not supported on all platforms yet. Can revert this once it is.
2023-11-02 12:06:29 -04:00
John Ericson b107431816 Systematize characterization tests a bit more
Deduplicating code moreover enforcing the pattern means:

 - It is easier to write new characterization tests because less boilerplate

 - It is harder to mess up new tests because there are fewer places to
   make mistakes.

Co-authored-by: Jacek Galowicz <jacek@galowicz.de>
2023-11-02 12:06:08 -04:00
Eelco Dolstra 39ea46abb1 Merge remote-tracking branch 'origin/master' into libgit2 2023-11-02 16:16:37 +01:00
John Ericson 1e61c007be
Merge pull request #9234 from fricklerhandwerk/doc-style-examples
styleguide: add note on highlighting examples and syntax definitions
2023-11-02 09:49:38 -04:00
John Ericson 7f56ed8b90
Merge pull request #9207 from fricklerhandwerk/doc-store-path
document store paths
2023-11-02 09:48:18 -04:00
John Ericson 8c99d40cac
Merge pull request #9232 from fricklerhandwerk/doc-store-object
document store objects in terms of their constituent parts
2023-11-02 09:45:48 -04:00
John Ericson 90de958637
Merge pull request #9265 from obsidiansystems/better-parse-sink
Make `ParseSink` a bit better
2023-11-02 09:28:29 -04:00
Eelco Dolstra 5223114c93
Merge pull request #9269 from edolstra/unify-accessor
Unify `FSAccessor` and `SourceAccessor`
2023-11-02 14:23:10 +01:00
Eelco Dolstra d26c317b14
Use expect
Co-authored-by: John Ericson <git@JohnEricson.me>
2023-11-02 13:40:54 +01:00
Robert Hensing a80fb9fa39
Merge pull request #9277 from keszybz/file-permissions
Remove stray executable permissions on source files
2023-11-02 13:19:38 +01:00
Zbigniew Jędrzejewski-Szmek 55ed09c4f2 Remove stray executable permissions on source files
Noticed because of a warning during an rpm build:
*** WARNING: ./usr/src/debug/nix-2.18.1-1.fc40.x86_64/src/nix-copy-closure/nix-copy-closure.cc is executable but has no shebang, removing executable bit
*** WARNING: ./usr/src/debug/nix-2.18.1-1.fc40.x86_64/src/nix-channel/nix-channel.cc is executable but has no shebang, removing executable bit
2023-11-02 09:24:21 +01:00
Valentin Gagarin d7b7a79f3e document store paths
update the glossary to point to the new page.

since this is a cross-cutting concern, it warrants its own section in
the manual.

Co-authored-by: John Ericson <git@JohnEricson.me>
2023-11-02 06:01:51 +01:00
Valentin Gagarin 4ba8b182be document store objects in terms of their constituent parts
this also rephrases the introductory sentence to be more general, in order to
avoid the same word being repeated in short succession.
2023-11-02 06:01:30 +01:00
John Ericson 12f9719162
Merge pull request #9250 from fricklerhandwerk/fix-anchors
fix anchor in conf-file
2023-11-01 21:30:22 -04:00
John Ericson d7710a40be flake: Temporarily get Nixpkgs ahead of Hydra
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/31ed632c692e6a36cfc18083b88ece892f863ed4' (2023-09-21)
  → 'github:NixOS/nixpkgs/9eb24edd6a0027fed010ccfe300a9734d029983c' (2023-11-01)
2023-11-01 20:09:55 -04:00
Eelco Dolstra e47984ce0b
Fix whitespace
Co-authored-by: John Ericson <git@JohnEricson.me>
2023-11-01 20:19:08 +01:00
John Ericson 8d66346293
Merge pull request #9271 from keszybz/if-fix
fix: gcc complains about if which doesn't guard the indented statement
2023-11-01 14:02:33 -04:00
Zbigniew Jędrzejewski-Szmek eab9292738 fix: gcc complains about if which doesn't guard the indented statement 2023-11-01 18:10:06 +01:00
Eelco Dolstra 2f5c1a27dc LocalStoreAccessor: Reuse PosixSourceAccessor 2023-11-01 17:22:25 +01:00
Eelco Dolstra 1a902f5fa7 Merge FSAccessor into SourceAccessor 2023-11-01 17:09:28 +01:00
Eelco Dolstra 581693bdea fmt(): Handle std::string_view 2023-11-01 16:33:22 +01:00
Eelco Dolstra 50aae0a14c FSAccessor: Make the fileSize and narOffset fields optional
The narOffset field only applies to NAR accessors. The fileSize field
may be too expensive to compute for certain accessors (e.g. libgit).
2023-11-01 15:39:40 +01:00
Eelco Dolstra 5381123879 Unify DirEntries types 2023-11-01 15:33:35 +01:00
Eelco Dolstra cdb27c1519 SourceAccessor: Change the main interface from lstat() to maybeLstat() 2023-11-01 15:26:07 +01:00
Eelco Dolstra 8ffd1695ce Unify FSAccessor::Type and SourceAccessor::Type 2023-11-01 14:43:20 +01:00
John Ericson 6132ffd825
Merge pull request #9266 from hercules-ci/doc-hacking-clangd-fix-tests
doc/hacking: Fix clangd for tests
2023-11-01 09:38:43 -04:00
John Ericson 0707db2b1c
Merge pull request #9255 from NixOS/libfetcher-docs-json
libfetcher doc automation
2023-11-01 09:38:02 -04:00
Eelco Dolstra b2ac6fc040 Remove FSAccessor::Type::tMissing
Instead stat() now returns std::nullopt to denote that the file
doesn't exist.
2023-11-01 14:36:40 +01:00
Robert Hensing bc4a1695ac doc/hacking: Fix clangd for tests 2023-11-01 11:44:16 +01:00
John Ericson 1093d6585f Make ParseSink a bit better
I wouldn't call it *good* yet, but this will do for now.

- `RetrieveRegularNARSink` renamed to `RegularFileSink` and moved
  accordingly because it actually has nothing to do with NARs in
  particular.

  - its `fd` field is also marked private

- `copyRecursive` introduced to dump a `SourceAccessor` into a
  `ParseSink`.

- `NullParseSink` made so `ParseSink` no longer has sketchy default
  methods.

This was done while updating #8918 to work with the new
`SourceAccessor`.
2023-11-01 02:36:43 -04:00
John Ericson e3febfcd53
Merge pull request #6258 from obsidiansystems/gcc-bug-ergonomics
Remove bug-avoiding `StoreConfig *` casts for settings
2023-10-31 12:48:27 -04:00
John Ericson b2cae33aef Remove bug-avoiding StoreConfig * casts for settings
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80431 has been fixed, and
per the previous commit we now check that is the case at build time.
2023-10-31 12:09:46 -04:00
John Ericson 1f4525531e Add configure test to ensure GCC bug is fixed
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80431

(test is adapted from issue, test does not test for GCC-specific
behavior but rather absence of bug, so test is good with other compilers
too.)
2023-10-31 12:09:46 -04:00
Théophane Hufschmitt 12a0ae73db
Merge pull request #8817 from iFreilicht/flake-update-lock-overhaul
Overhaul `nix flake update` and `nix flake lock` UX
2023-10-31 16:19:05 +01:00
Eelco Dolstra f8da50644c
Merge pull request #9256 from NixOS/dependabot/github_actions/zeebe-io/backport-action-2.0.0
build(deps): bump zeebe-io/backport-action from 1.4.0 to 2.0.0
2023-10-31 16:07:25 +01:00
Eelco Dolstra 0c5eac9c45 Git fetcher: Handle submodules for workdirs 2023-10-31 15:59:25 +01:00
Felix Uhl f282ef5a56 fix: segfault in positional arg completion
Adding the inputPath as a positional feature uncovered this bug.
As positional argument forms were discarded from the `expectedArgs`
list, their closures were not. When the `.completer` closure was then
called, part of the surrounding object did not exist anymore.

This didn't cause an issue before, but with the new call to
`getEvalState()` in the "inputs" completer in nix/flake.cc, a segfault
was triggered reproducibly on invalid memory access to the `this`
pointer, which was always 0.

The solution of splicing the argument forms into a new list to extend
their lifetime is a bit of a hack, but I was unable to get the "nicer"
iterator-based solution to work.
2023-10-31 15:33:57 +01:00
Felix Uhl c7dcdb8325 Overhaul nix flake update and lock commands
Closes #5110
2023-10-31 15:33:57 +01:00
Felix Uhl c762b65dc5 Fix documentation of flake command output 2023-10-31 15:33:57 +01:00