Commit graph

18669 commits

Author SHA1 Message Date
Doron Behar
76287a9207 distributed-builds.md: Clarify warning ssh access requirements 2023-05-31 01:28:15 +02:00
Valentin Gagarin
9afd525e18 update documentation according to release notes 2023-05-30 22:58:15 +02:00
Valentin Gagarin
7a5731aa07 link to mentioned builtin 2023-05-30 22:58:00 +02:00
Robert Hensing
bed2fe2312
Merge pull request #8398 from polykernel/perf/lazy-eval-replacements-replacestrings
primops: lazy evaluation of replaceStrings replacements
2023-05-30 22:49:42 +02:00
Eelco Dolstra
ecae62020b
Merge pull request #8406 from NixOS/fix-ca-attrs-false
Restore Nix 2.3 behaviour for {__impure,__contentAddressed} = false
2023-05-30 11:59:14 +02:00
Eelco Dolstra
a35e041ce2
Merge pull request #8414 from NixOS/dependabot/github_actions/cachix/install-nix-action-21
Bump cachix/install-nix-action from 20 to 21
2023-05-30 11:57:41 +02:00
Eelco Dolstra
f3a88857b4 maintainers/upload-release.pl: Don't update nix-fallback-paths.nix 2023-05-30 11:49:59 +02:00
dependabot[bot]
2e01a53a36
Bump zeebe-io/backport-action from 1.2.0 to 1.3.0
Bumps [zeebe-io/backport-action](https://github.com/zeebe-io/backport-action) from 1.2.0 to 1.3.0.
- [Release notes](https://github.com/zeebe-io/backport-action/releases)
- [Commits](https://github.com/zeebe-io/backport-action/compare/v1.2.0...v1.3.0)

---
updated-dependencies:
- dependency-name: zeebe-io/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-05-29 22:56:44 +00:00
dependabot[bot]
6b56376c89
Bump cachix/install-nix-action from 20 to 21
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 20 to 21.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v20...v21)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-05-29 22:56:41 +00:00
Eelco Dolstra
61ddfa154b
Merge pull request #8399 from tweag/fix-chrooted-stores-error-path
Properly report build errors on chrooted stores
2023-05-27 17:55:57 +02:00
Eelco Dolstra
e4aebccf20 Restore Nix 2.3 behaviour for {__impure,__contentAddressed} = false
Fixes #8405.
2023-05-27 17:53:30 +02:00
Théophane Hufschmitt
940e9eb8dd
Merge pull request #8240 from tweag/macos-sandbox
ci: Always run with sandbox, even on Darwin
2023-05-26 17:06:02 +02:00
Yorick van Pelt
2c462486fe
create pathAccessible, use it to infer default dirs 2023-05-26 15:36:47 +02:00
Yorick van Pelt
a6c78ba367
getDefaultNixPath: ignore EPERM 2023-05-26 15:36:46 +02:00
Yorick van Pelt
b7cde90c6b
Call getDefaultSSLCertFile() only when none is specified
This does pathExists on various paths, which crashes on EPERM in the
macOS sandbox.
2023-05-26 15:36:45 +02:00
Silvan Mosberger
be48907470
ci: Always run with sandbox, even on Darwin
And fix a test failure in the sandbox due to /home
existing on Darwin but not being accessible in the sandbox since it's a
symlink to /System/Volumes/Data/home, see
https://github.com/NixOS/nix/actions/runs/4205378453/jobs/7297384658#step:6:2127:

    C++ exception with description "error: getting status of /home/schnitzel/darmstadt/pommes: Operation not permitted" thrown in the test body.

On Linux this wasn't a problem because there /home doesn't exist in the sandbox
2023-05-26 15:36:44 +02:00
polykernel
a382919d7d
primops: lazy evaluation of replaceStrings replacements
The primop `builtins.replaceStrings` currently always strictly evaluates the
replacement strings, however time and space are wasted for their computation
if the corresponding pattern do not occur in the input string. This commit
makes the evaluation of the replacement strings lazy by deferring their
evaluation to when the corresponding pattern are matched and memoize the result
for efficient retrieval on subsequent matches.

The testcases for replaceStrings was updated to check for lazy evaluation
of the replacements. A note was also added in the release notes to
document the behavior change.
2023-05-25 18:35:23 -04:00
Théophane Hufschmitt
f41dd2c306
Merge pull request #7948 from mkenigs/ventura-diff
installer: don't assume GNU diff
2023-05-25 18:15:42 +02:00
Matthew Kenigsberg
367fcd9eb5
installer: don't assume GNU diff
macOS Ventura ships with it's own version of diff. Try to output a
similar diff with Apple diff as with GNU diff, instead of failing

Helps https://github.com/NixOS/nix/issues/7286
2023-05-25 08:59:05 -06:00
Théophane Hufschmitt
d16a1994fb Properly report build errors on chrooted stores
When encountering a build error, Nix moves the output paths out of the
chroot into their final location (for “easier debugging of build
failures”). However this was broken for chroot stores as it was moving
it to the _logical_ location, not the _physical_ one.

Fix it by moving to the physical (_real_) location.

Fix https://github.com/NixOS/nix/issues/8395
2023-05-25 16:38:29 +02:00
Ben Radford
8e4b15e6a0
Merge branch 'master' into read-only-local-store 2023-05-25 10:06:24 +01:00
Aneesh Agrawal
c694f1a2f3 Remove old default from docs for hashed-mirrors
The `hashed-mirrors` option did use to have this default value,
but it was removed and re-added with an empty default value.
As the autogenerated docs show the (actual) default values from code,
remove this incorrect reference from the docs.

I was updating my nix.conf settings after a few years and noticed this.
2023-05-24 11:05:40 -04:00
Théophane Hufschmitt
d0cecbe877 Disable the fetchClosure test for old daemons
Broken because of the change introduced by #4282
2023-05-24 15:35:46 +02:00
Théophane Hufschmitt
34e1b464f0 Normalize the hash-rewriting process when building derivations 2023-05-24 14:11:50 +02:00
Théophane Hufschmitt
a917fb0d53 Use a RewritingSink in derivation goal
Possibly this will make it stream
2023-05-24 14:11:50 +02:00
Théophane Hufschmitt
3ebe1341ab Make RewritingSink accept a map of rewrites
Giving it the same semantics as `rewriteStrings`.
Also add some tests for it
2023-05-24 14:11:50 +02:00
Théophane Hufschmitt
6e4570234d
Merge pull request #8390 from oxalica/fix/long-path-error-msg
Fix typo in error message of too long store path
2023-05-24 08:33:27 +02:00
oxalica
303858afad Fix typo in error message of too long store path 2023-05-24 01:24:28 +08:00
Ben Radford
ff12cf3b94
Merge branch 'read-only-local-store' into overlayfs-store 2023-05-23 09:52:41 +01:00
Guillaume Maudoux
f0233f3a3f Further refactor linux-sandbox.sh and fix tee usage 2023-05-23 10:05:56 +02:00
Peter Becich
a420ccc6a8
nix flake check: skip derivations for foreign systems (#7759)
`nix flake show` now skips derivations for foreign systems: https://github.com/NixOS/nix/pull/6988

This commit borrows from that to implement the same behavior for `nix flake check`.

See "nix flake check breaks on IFD in multi-platform flake" https://github.com/NixOS/nix/issues/4265
2023-05-23 06:59:44 +02:00
Guillaume Maudoux
b9c2f834ee Check exact error codes in linux-sandbox.sh 2023-05-22 23:39:31 +02:00
Bernardo Meurer
bf693319f6
feat: add always-allow-substitutes
This adds a new configuration option to Nix, `always-allow-substitutes`,
whose effect is simple: it causes the `allowSubstitutes` attribute in
derivations to be ignored, and for substituters to always be used.

This is extremely valuable for users of Nix in CI, where usually
`nix-build-uncached` is used. There, derivations which disallow
substitutes cause headaches as the inputs for building already-cached
derivations need to be fetched to spuriously rebuild some simple text
file.

This option should be a good middle-ground, since it doesn't imply
rebuilding the world, such as the approach I took in
https://github.com/NixOS/nixpkgs/pull/221048
2023-05-22 19:42:29 +01:00
Théophane Hufschmitt
494a09c6df
Merge pull request #8377 from layus/fix-ssl-cert-mount
Make mounting ssl cert file optional
2023-05-22 14:06:57 +02:00
Ben Radford
d6ea3b6a19
Need to enable read-only-local-store flag for test. 2023-05-22 12:14:10 +01:00
Ben Radford
32404292a3
Merge branch 'master' into read-only-local-store 2023-05-22 12:08:02 +01:00
Ben Radford
7251800086
Put read-only setting behind an experimental flag. 2023-05-22 11:38:37 +01:00
Théophane Hufschmitt
673fe85976
Merge pull request #8365 from obsidiansystems/proto-structs
Revert "Revert "Use template structs instead of phantoms""
2023-05-22 09:34:34 +02:00
Guillaume Maudoux
5a98dd0b39 Add tests for bind mount of SSL certs in sandbox 2023-05-22 02:32:09 +02:00
Guillaume Maudoux
b14fea6fff Shortcircuit for empty caFile 2023-05-19 23:30:35 +02:00
Guillaume Maudoux
36b7e30c11 Make mounting ssl cert file optional 2023-05-19 22:47:40 +02:00
Eelco Dolstra
3305fd0cb1
Merge pull request #8354 from KasyanDiGris/git-fetcher-ask-credentials
Ask for git credentials in fetcher
2023-05-19 13:40:43 +02:00
Eelco Dolstra
34381d5747
Merge pull request #8215 from obsidiansystems/general-repair-path
Support `repairPath` on most stores.
2023-05-19 13:39:48 +02:00
Eelco Dolstra
e31d9b910d
Merge pull request #7312 from layus/fixed-output-system-cert
Allow system certs access to fixed-output derivations
2023-05-19 13:05:16 +02:00
Ben Radford
0c36fe6c8c
Update test to match new error message. 2023-05-18 14:36:24 +01:00
Ben Radford
8ffeb1c4e5
Throw error instead of silently skipping CA migration. 2023-05-18 13:51:21 +01:00
Ben Radford
d55e38b98a
Check earlier whether schema migration is required. 2023-05-18 13:51:21 +01:00
Ben Radford
fe174d72a2
Fix spelling of 'immutable' in documentation. 2023-05-18 13:51:21 +01:00
Robert Hensing
b1c34c0ee8
Merge pull request #8366 from obsidiansystems/worker-proto-forward-decl-types
Don't use `store-api.hh` in `worker-protocol.hh`
2023-05-18 14:33:52 +02:00
Robert Hensing
c27fb72294
Merge pull request #8353 from obsidiansystems/downstream-installable-type
Upgrade `downstreamPlaceholder` to a type with methods
2023-05-18 14:31:05 +02:00