Merge pull request #126034 from lukegb/bazel-build-configured

Switch buildBazelPackage fetchConfigured on by default
This commit is contained in:
Luke Granger-Brown 2021-06-07 23:59:33 +01:00 committed by GitHub
commit 840f6883fc
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 71 additions and 30 deletions

View file

@ -64,6 +64,13 @@
this version for the entire lifecycle of the 21.11 release.
</para>
</listitem>
<listitem>
<para>
Those making use of <literal>buildBazelPackage</literal> will
need to regenerate the fetch hashes (preferred), or set
<literal>fetchConfigured = false;</literal>.
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="other-notable-changes">

View file

@ -28,4 +28,7 @@ In addition to numerous new and upgraded packages, this release has the followin
* PHP 7.3 is no longer supported due to upstream not supporting this
version for the entire lifecycle of the 21.11 release.
* Those making use of `buildBazelPackage` will need to regenerate the fetch
hashes (preferred), or set `fetchConfigured = false;`.
## Other Notable Changes

View file

@ -1,6 +1,8 @@
{ lib
, buildBazelPackage
, fetchFromGitHub
, callPackage
, bash
, cacert
, git
, glibcLocales
@ -9,6 +11,7 @@
, iptables
, makeWrapper
, procps
, protobuf
, python3
}:
@ -16,9 +19,12 @@ let
preBuild = ''
patchShebangs .
substituteInPlace tools/defs.bzl \
--replace "#!/bin/bash" "#!${bash}/bin/bash"
# Tell rules_go to use the Go binary found in the PATH
sed -E -i \
-e 's|go_version\s*=\s*"[^"]+",|go_version = "host",|g' \
-e 's|go_version\s*=\s*"[^"]+"|go_version = "host"|g' \
WORKSPACE
# The gazelle Go tooling needs CA certs
@ -31,20 +37,37 @@ let
export GOPATH=
'';
# Patch the protoc alias so that it always builds from source.
rulesProto = fetchFromGitHub {
owner = "bazelbuild";
repo = "rules_proto";
rev = "f7a30f6f80006b591fa7c437fe5a951eb10bcbcf";
sha256 = "10bcw0ir0skk7h33lmqm38n9w4nfs24mwajnngkbs6jb5wsvkqv8";
extraPostFetch = ''
sed -i 's|name = "protoc"|name = "_protoc_original"|' $out/proto/private/BUILD.release
cat <<EOF >>$out/proto/private/BUILD.release
alias(name = "protoc", actual = "@com_github_protocolbuffers_protobuf//:protoc", visibility = ["//visibility:public"])
EOF
'';
};
in buildBazelPackage rec {
name = "gvisor-${version}";
version = "2019-11-14";
version = "20210518.0";
src = fetchFromGitHub {
owner = "google";
repo = "gvisor";
rev = "release-20191114.0";
sha256 = "0kyixjjlws9iz2r2srgpdd4rrq94vpxkmh2rmmzxd9mcqy2i9bg1";
rev = "release-${version}";
sha256 = "15a6mlclnyfc9mx3bjksnnf4vla0xh0rv9kxdp34la4gw3c4hksn";
};
nativeBuildInputs = [ git glibcLocales go makeWrapper python3 ];
bazelTarget = "//runsc:runsc";
bazelFlags = [
"--override_repository=rules_proto=${rulesProto}"
];
# gvisor uses the Starlark implementation of rules_cc, not the built-in one,
# so we shouldn't delete it from our dependencies.
@ -76,14 +99,14 @@ in buildBazelPackage rec {
rm -f "$bazelOut"/java.log "$bazelOut"/java.log.*
'';
sha256 = "0fhmlq0d2317gwhma2mz1anb69j4chybk90j71j88wpgw1hxbk34";
sha256 = "13pahppm431m198v5bffrzq5iw8m79riplbfqp0afh384ln669hb";
};
buildAttrs = {
inherit preBuild;
installPhase = ''
install -Dm755 bazel-bin/runsc/*_pure_stripped/runsc $out/bin/runsc
install -Dm755 bazel-out/*/bin/runsc/runsc_/runsc $out/bin/runsc
# Needed for the 'runsc do' subcomand
wrapProgram $out/bin/runsc \

View file

@ -35,7 +35,7 @@ args@{
# required for the build as configured, rather than fetching all the dependencies
# which may not work in some situations (e.g. Java code which ends up relying on
# Debian-specific /usr/share/java paths, but doesn't in the configured build).
, fetchConfigured ? false
, fetchConfigured ? true
# Dont add Bazel --copt and --linkopt from NIX_CFLAGS_COMPILE /
# NIX_LDFLAGS. This is necessary when using a custom toolchain which
@ -126,7 +126,7 @@ in stdenv.mkDerivation (fBuildAttrs // {
find $bazelOut/external -maxdepth 1 -type l | while read symlink; do
name="$(basename "$symlink")"
rm "$symlink"
test -f "$bazelOut/external/@$name.marker" && rm "$bazelOut/external/@$name.marker"
test -f "$bazelOut/external/@$name.marker" && rm "$bazelOut/external/@$name.marker" || true
done
# Patching symlinks to remove build directory reference

View file

@ -288,9 +288,9 @@ let
fetchAttrs = {
# cudaSupport causes fetch of ncclArchive, resulting in different hashes
sha256 = if cudaSupport then
"1i7z2a7bc2q1vn1h9nx1xc6g1r1cby2xvbcs20fj9h6c2fgaw9j4"
"10m6qj3kchgxfgb6qh59vc51knm9r9pkng8bf90h00dnggvv8234"
else
"0s8q5rxq8abr50c5jpwv96ncfc0k8jw7w70ri8viqy031g9v9v45";
"04a98yrp09nd0p17k0jbzkgjppxs0yma7m5zkfrwgvr4g0w71v68";
};
buildAttrs = {

View file

@ -56,7 +56,7 @@ buildBazelPackage rec {
sed -e '/^FILE:@bazel_gazelle_go_repository_tools.*/d' -i $bazelOut/external/\@*.marker
'';
sha256 = "0rwwjjj6zaj4hdcbsbp0di53xn6203r2vgpddhdrp8iph9ab60cg";
sha256 = "1j175z3d4fbi4pl35py7yjq7ywrvwin6id131jv32hx0ck4g1m46";
};
buildAttrs = {

View file

@ -3,7 +3,9 @@
, fetchFromGitHub
, stdenv
, cmake
, gn
, go
, jdk
, ninja
, python3
, nixosTests
@ -15,8 +17,8 @@ let
# However, the version string is more useful for end-users.
# These are contained in a attrset of their own to make it obvious that
# people should update both.
version = "1.16.2";
commit = "e98e41a8e168af7acae8079fc0cd68155f699aa3";
version = "1.17.3";
commit = "46bf743b97d0d3f01ff437b2f10cc0bd9cdfe6e4";
};
in
buildBazelPackage rec {
@ -26,7 +28,7 @@ buildBazelPackage rec {
owner = "envoyproxy";
repo = "envoy";
rev = srcVer.commit;
hash = "sha256-aWVMRKFCZzf9/96NRPCP4jiW38DJhXyi0gEqW7uIpnQ=";
hash = "sha256:09zzr4h3zjsb2rkxrvlazpx0jy33yn9j65ilxiqbvv0ckaralqfc";
extraPostFetch = ''
chmod -R +w $out
@ -36,29 +38,29 @@ buildBazelPackage rec {
'';
};
patches = [
# Quiche needs to be updated to compile under newer GCC.
# This is a manual backport of https://github.com/envoyproxy/envoy/pull/13949.
./0001-quiche-update-QUICHE-tar-13949.patch
# upb needs to be updated to compile under newer GCC.
# This is a manual backport of https://github.com/protocolbuffers/upb/commit/9bd23dab4240b015321a53c45b3c9e4847fbf020.
./0002-Add-upb-patch-to-make-it-compile-under-GCC10.patch
];
postPatch = ''
sed -i 's,#!/usr/bin/env python3,#!${python3}/bin/python,' bazel/foreign_cc/luajit.patch
sed -i '/javabase=/d' .bazelrc
# Patch paths to build tools, and disable gold because it just segfaults.
substituteInPlace bazel/external/wee8.genrule_cmd \
--replace '"''$$gn"' '"''$$(command -v gn)"' \
--replace '"''$$ninja"' '"''$$(command -v ninja)"' \
--replace '"''$$WEE8_BUILD_ARGS"' '"''$$WEE8_BUILD_ARGS use_gold=false"'
'';
nativeBuildInputs = [
cmake
python3
gn
go
jdk
ninja
];
fetchAttrs = {
sha256 = "0q72c2zrl5vc8afkhkwyalb2h0mxn3133d4b9z4gag0p95wbwgc0";
sha256 = "sha256:1cy2b73x8jzczq9z9c1kl7zrg5iasvsakb50zxn4mswpmajkbj5h";
dontUseCmakeConfigure = true;
dontUseGnConfigure = true;
preInstall = ''
# Strip out the path to the build location (by deleting the comment line).
find $bazelOut/external -name requirements.bzl | while read requirements; do
@ -78,10 +80,14 @@ buildBazelPackage rec {
>$bazelOut/external/config_validation_pip3/PyYAML-5.3.1-cp38-cp38-linux_x86_64.whl
>$bazelOut/external/protodoc_pip3/PyYAML-5.3.1-cp38-cp38-linux_x86_64.whl
>$bazelOut/external/thrift_pip3/thrift-0.13.0-cp38-cp38-linux_x86_64.whl
# Remove Unix timestamps from go cache.
rm -rf $bazelOut/external/bazel_gazelle_go_repository_cache/{gocache,pkg/mod/cache,pkg/sumdb}
'';
};
buildAttrs = {
dontUseCmakeConfigure = true;
dontUseGnConfigure = true;
dontUseNinjaInstall = true;
preConfigure = ''
sed -i 's,#!/usr/bin/env bash,#!${stdenv.shell},' $bazelOut/external/rules_foreign_cc/tools/build_defs/framework.bzl
@ -98,7 +104,6 @@ buildBazelPackage rec {
'';
};
fetchConfigured = true;
removeRulesCC = false;
removeLocalConfigCc = true;
removeLocal = false;

View file

@ -11,15 +11,15 @@ let
in
buildGoModule rec {
pname = "pomerium";
version = "0.13.3";
version = "0.14.4";
src = fetchFromGitHub {
owner = "pomerium";
repo = "pomerium";
rev = "v${version}";
hash = "sha256-g0w1aIHvf2rJANvGWHeUxdnyCDsvy/PQ9Kp8nDdT/0w=";
hash = "sha256:097csr8f43cn0iq030ajvvpwnwcfmjxyyk6pcisdy937axlrzska";
};
vendorSha256 = "sha256-grihU85OcGyf9/KKrv87xZonX5r+Z1oHQTf84Ya61fg=";
vendorSha256 = "sha256:0n45xvwjiqyh41dsm4z1rnkgkycf5wfmacm804hqnd5rz7xk2shf";
subPackages = [
"cmd/pomerium"
"cmd/pomerium-cli"

View file

@ -19102,7 +19102,10 @@ in
engelsystem = callPackage ../servers/web-apps/engelsystem { php = php74; };
envoy = callPackage ../servers/http/envoy { };
envoy = callPackage ../servers/http/envoy {
go = go_1_15;
jdk = openjdk11;
};
etcd = callPackage ../servers/etcd { };
etcd_3_4 = callPackage ../servers/etcd/3.4.nix { };
@ -24167,7 +24170,7 @@ in
gv = callPackage ../applications/misc/gv { };
gvisor = callPackage ../applications/virtualization/gvisor {
go = go_1_14;
go = go_1_16;
};
gvisor-containerd-shim = callPackage ../applications/virtualization/gvisor/containerd-shim.nix { };