Merge pull request #126034 from lukegb/bazel-build-configured
Switch buildBazelPackage fetchConfigured on by default
This commit is contained in:
commit
840f6883fc
9 changed files with 71 additions and 30 deletions
|
@ -64,6 +64,13 @@
|
|||
this version for the entire lifecycle of the 21.11 release.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Those making use of <literal>buildBazelPackage</literal> will
|
||||
need to regenerate the fetch hashes (preferred), or set
|
||||
<literal>fetchConfigured = false;</literal>.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
<section xml:id="other-notable-changes">
|
||||
|
|
|
@ -28,4 +28,7 @@ In addition to numerous new and upgraded packages, this release has the followin
|
|||
* PHP 7.3 is no longer supported due to upstream not supporting this
|
||||
version for the entire lifecycle of the 21.11 release.
|
||||
|
||||
* Those making use of `buildBazelPackage` will need to regenerate the fetch
|
||||
hashes (preferred), or set `fetchConfigured = false;`.
|
||||
|
||||
## Other Notable Changes
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
{ lib
|
||||
, buildBazelPackage
|
||||
, fetchFromGitHub
|
||||
, callPackage
|
||||
, bash
|
||||
, cacert
|
||||
, git
|
||||
, glibcLocales
|
||||
|
@ -9,6 +11,7 @@
|
|||
, iptables
|
||||
, makeWrapper
|
||||
, procps
|
||||
, protobuf
|
||||
, python3
|
||||
}:
|
||||
|
||||
|
@ -16,9 +19,12 @@ let
|
|||
preBuild = ''
|
||||
patchShebangs .
|
||||
|
||||
substituteInPlace tools/defs.bzl \
|
||||
--replace "#!/bin/bash" "#!${bash}/bin/bash"
|
||||
|
||||
# Tell rules_go to use the Go binary found in the PATH
|
||||
sed -E -i \
|
||||
-e 's|go_version\s*=\s*"[^"]+",|go_version = "host",|g' \
|
||||
-e 's|go_version\s*=\s*"[^"]+"|go_version = "host"|g' \
|
||||
WORKSPACE
|
||||
|
||||
# The gazelle Go tooling needs CA certs
|
||||
|
@ -31,20 +37,37 @@ let
|
|||
export GOPATH=
|
||||
'';
|
||||
|
||||
# Patch the protoc alias so that it always builds from source.
|
||||
rulesProto = fetchFromGitHub {
|
||||
owner = "bazelbuild";
|
||||
repo = "rules_proto";
|
||||
rev = "f7a30f6f80006b591fa7c437fe5a951eb10bcbcf";
|
||||
sha256 = "10bcw0ir0skk7h33lmqm38n9w4nfs24mwajnngkbs6jb5wsvkqv8";
|
||||
extraPostFetch = ''
|
||||
sed -i 's|name = "protoc"|name = "_protoc_original"|' $out/proto/private/BUILD.release
|
||||
cat <<EOF >>$out/proto/private/BUILD.release
|
||||
alias(name = "protoc", actual = "@com_github_protocolbuffers_protobuf//:protoc", visibility = ["//visibility:public"])
|
||||
EOF
|
||||
'';
|
||||
};
|
||||
|
||||
in buildBazelPackage rec {
|
||||
name = "gvisor-${version}";
|
||||
version = "2019-11-14";
|
||||
version = "20210518.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "google";
|
||||
repo = "gvisor";
|
||||
rev = "release-20191114.0";
|
||||
sha256 = "0kyixjjlws9iz2r2srgpdd4rrq94vpxkmh2rmmzxd9mcqy2i9bg1";
|
||||
rev = "release-${version}";
|
||||
sha256 = "15a6mlclnyfc9mx3bjksnnf4vla0xh0rv9kxdp34la4gw3c4hksn";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ git glibcLocales go makeWrapper python3 ];
|
||||
|
||||
bazelTarget = "//runsc:runsc";
|
||||
bazelFlags = [
|
||||
"--override_repository=rules_proto=${rulesProto}"
|
||||
];
|
||||
|
||||
# gvisor uses the Starlark implementation of rules_cc, not the built-in one,
|
||||
# so we shouldn't delete it from our dependencies.
|
||||
|
@ -76,14 +99,14 @@ in buildBazelPackage rec {
|
|||
rm -f "$bazelOut"/java.log "$bazelOut"/java.log.*
|
||||
'';
|
||||
|
||||
sha256 = "0fhmlq0d2317gwhma2mz1anb69j4chybk90j71j88wpgw1hxbk34";
|
||||
sha256 = "13pahppm431m198v5bffrzq5iw8m79riplbfqp0afh384ln669hb";
|
||||
};
|
||||
|
||||
buildAttrs = {
|
||||
inherit preBuild;
|
||||
|
||||
installPhase = ''
|
||||
install -Dm755 bazel-bin/runsc/*_pure_stripped/runsc $out/bin/runsc
|
||||
install -Dm755 bazel-out/*/bin/runsc/runsc_/runsc $out/bin/runsc
|
||||
|
||||
# Needed for the 'runsc do' subcomand
|
||||
wrapProgram $out/bin/runsc \
|
||||
|
|
|
@ -35,7 +35,7 @@ args@{
|
|||
# required for the build as configured, rather than fetching all the dependencies
|
||||
# which may not work in some situations (e.g. Java code which ends up relying on
|
||||
# Debian-specific /usr/share/java paths, but doesn't in the configured build).
|
||||
, fetchConfigured ? false
|
||||
, fetchConfigured ? true
|
||||
|
||||
# Don’t add Bazel --copt and --linkopt from NIX_CFLAGS_COMPILE /
|
||||
# NIX_LDFLAGS. This is necessary when using a custom toolchain which
|
||||
|
@ -126,7 +126,7 @@ in stdenv.mkDerivation (fBuildAttrs // {
|
|||
find $bazelOut/external -maxdepth 1 -type l | while read symlink; do
|
||||
name="$(basename "$symlink")"
|
||||
rm "$symlink"
|
||||
test -f "$bazelOut/external/@$name.marker" && rm "$bazelOut/external/@$name.marker"
|
||||
test -f "$bazelOut/external/@$name.marker" && rm "$bazelOut/external/@$name.marker" || true
|
||||
done
|
||||
|
||||
# Patching symlinks to remove build directory reference
|
||||
|
|
|
@ -288,9 +288,9 @@ let
|
|||
fetchAttrs = {
|
||||
# cudaSupport causes fetch of ncclArchive, resulting in different hashes
|
||||
sha256 = if cudaSupport then
|
||||
"1i7z2a7bc2q1vn1h9nx1xc6g1r1cby2xvbcs20fj9h6c2fgaw9j4"
|
||||
"10m6qj3kchgxfgb6qh59vc51knm9r9pkng8bf90h00dnggvv8234"
|
||||
else
|
||||
"0s8q5rxq8abr50c5jpwv96ncfc0k8jw7w70ri8viqy031g9v9v45";
|
||||
"04a98yrp09nd0p17k0jbzkgjppxs0yma7m5zkfrwgvr4g0w71v68";
|
||||
};
|
||||
|
||||
buildAttrs = {
|
||||
|
|
|
@ -56,7 +56,7 @@ buildBazelPackage rec {
|
|||
sed -e '/^FILE:@bazel_gazelle_go_repository_tools.*/d' -i $bazelOut/external/\@*.marker
|
||||
'';
|
||||
|
||||
sha256 = "0rwwjjj6zaj4hdcbsbp0di53xn6203r2vgpddhdrp8iph9ab60cg";
|
||||
sha256 = "1j175z3d4fbi4pl35py7yjq7ywrvwin6id131jv32hx0ck4g1m46";
|
||||
};
|
||||
|
||||
buildAttrs = {
|
||||
|
|
|
@ -3,7 +3,9 @@
|
|||
, fetchFromGitHub
|
||||
, stdenv
|
||||
, cmake
|
||||
, gn
|
||||
, go
|
||||
, jdk
|
||||
, ninja
|
||||
, python3
|
||||
, nixosTests
|
||||
|
@ -15,8 +17,8 @@ let
|
|||
# However, the version string is more useful for end-users.
|
||||
# These are contained in a attrset of their own to make it obvious that
|
||||
# people should update both.
|
||||
version = "1.16.2";
|
||||
commit = "e98e41a8e168af7acae8079fc0cd68155f699aa3";
|
||||
version = "1.17.3";
|
||||
commit = "46bf743b97d0d3f01ff437b2f10cc0bd9cdfe6e4";
|
||||
};
|
||||
in
|
||||
buildBazelPackage rec {
|
||||
|
@ -26,7 +28,7 @@ buildBazelPackage rec {
|
|||
owner = "envoyproxy";
|
||||
repo = "envoy";
|
||||
rev = srcVer.commit;
|
||||
hash = "sha256-aWVMRKFCZzf9/96NRPCP4jiW38DJhXyi0gEqW7uIpnQ=";
|
||||
hash = "sha256:09zzr4h3zjsb2rkxrvlazpx0jy33yn9j65ilxiqbvv0ckaralqfc";
|
||||
|
||||
extraPostFetch = ''
|
||||
chmod -R +w $out
|
||||
|
@ -36,29 +38,29 @@ buildBazelPackage rec {
|
|||
'';
|
||||
};
|
||||
|
||||
patches = [
|
||||
# Quiche needs to be updated to compile under newer GCC.
|
||||
# This is a manual backport of https://github.com/envoyproxy/envoy/pull/13949.
|
||||
./0001-quiche-update-QUICHE-tar-13949.patch
|
||||
|
||||
# upb needs to be updated to compile under newer GCC.
|
||||
# This is a manual backport of https://github.com/protocolbuffers/upb/commit/9bd23dab4240b015321a53c45b3c9e4847fbf020.
|
||||
./0002-Add-upb-patch-to-make-it-compile-under-GCC10.patch
|
||||
];
|
||||
postPatch = ''
|
||||
sed -i 's,#!/usr/bin/env python3,#!${python3}/bin/python,' bazel/foreign_cc/luajit.patch
|
||||
sed -i '/javabase=/d' .bazelrc
|
||||
# Patch paths to build tools, and disable gold because it just segfaults.
|
||||
substituteInPlace bazel/external/wee8.genrule_cmd \
|
||||
--replace '"''$$gn"' '"''$$(command -v gn)"' \
|
||||
--replace '"''$$ninja"' '"''$$(command -v ninja)"' \
|
||||
--replace '"''$$WEE8_BUILD_ARGS"' '"''$$WEE8_BUILD_ARGS use_gold=false"'
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [
|
||||
cmake
|
||||
python3
|
||||
gn
|
||||
go
|
||||
jdk
|
||||
ninja
|
||||
];
|
||||
|
||||
fetchAttrs = {
|
||||
sha256 = "0q72c2zrl5vc8afkhkwyalb2h0mxn3133d4b9z4gag0p95wbwgc0";
|
||||
sha256 = "sha256:1cy2b73x8jzczq9z9c1kl7zrg5iasvsakb50zxn4mswpmajkbj5h";
|
||||
dontUseCmakeConfigure = true;
|
||||
dontUseGnConfigure = true;
|
||||
preInstall = ''
|
||||
# Strip out the path to the build location (by deleting the comment line).
|
||||
find $bazelOut/external -name requirements.bzl | while read requirements; do
|
||||
|
@ -78,10 +80,14 @@ buildBazelPackage rec {
|
|||
>$bazelOut/external/config_validation_pip3/PyYAML-5.3.1-cp38-cp38-linux_x86_64.whl
|
||||
>$bazelOut/external/protodoc_pip3/PyYAML-5.3.1-cp38-cp38-linux_x86_64.whl
|
||||
>$bazelOut/external/thrift_pip3/thrift-0.13.0-cp38-cp38-linux_x86_64.whl
|
||||
|
||||
# Remove Unix timestamps from go cache.
|
||||
rm -rf $bazelOut/external/bazel_gazelle_go_repository_cache/{gocache,pkg/mod/cache,pkg/sumdb}
|
||||
'';
|
||||
};
|
||||
buildAttrs = {
|
||||
dontUseCmakeConfigure = true;
|
||||
dontUseGnConfigure = true;
|
||||
dontUseNinjaInstall = true;
|
||||
preConfigure = ''
|
||||
sed -i 's,#!/usr/bin/env bash,#!${stdenv.shell},' $bazelOut/external/rules_foreign_cc/tools/build_defs/framework.bzl
|
||||
|
@ -98,7 +104,6 @@ buildBazelPackage rec {
|
|||
'';
|
||||
};
|
||||
|
||||
fetchConfigured = true;
|
||||
removeRulesCC = false;
|
||||
removeLocalConfigCc = true;
|
||||
removeLocal = false;
|
||||
|
|
|
@ -11,15 +11,15 @@ let
|
|||
in
|
||||
buildGoModule rec {
|
||||
pname = "pomerium";
|
||||
version = "0.13.3";
|
||||
version = "0.14.4";
|
||||
src = fetchFromGitHub {
|
||||
owner = "pomerium";
|
||||
repo = "pomerium";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-g0w1aIHvf2rJANvGWHeUxdnyCDsvy/PQ9Kp8nDdT/0w=";
|
||||
hash = "sha256:097csr8f43cn0iq030ajvvpwnwcfmjxyyk6pcisdy937axlrzska";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-grihU85OcGyf9/KKrv87xZonX5r+Z1oHQTf84Ya61fg=";
|
||||
vendorSha256 = "sha256:0n45xvwjiqyh41dsm4z1rnkgkycf5wfmacm804hqnd5rz7xk2shf";
|
||||
subPackages = [
|
||||
"cmd/pomerium"
|
||||
"cmd/pomerium-cli"
|
||||
|
|
|
@ -19102,7 +19102,10 @@ in
|
|||
|
||||
engelsystem = callPackage ../servers/web-apps/engelsystem { php = php74; };
|
||||
|
||||
envoy = callPackage ../servers/http/envoy { };
|
||||
envoy = callPackage ../servers/http/envoy {
|
||||
go = go_1_15;
|
||||
jdk = openjdk11;
|
||||
};
|
||||
|
||||
etcd = callPackage ../servers/etcd { };
|
||||
etcd_3_4 = callPackage ../servers/etcd/3.4.nix { };
|
||||
|
@ -24167,7 +24170,7 @@ in
|
|||
gv = callPackage ../applications/misc/gv { };
|
||||
|
||||
gvisor = callPackage ../applications/virtualization/gvisor {
|
||||
go = go_1_14;
|
||||
go = go_1_16;
|
||||
};
|
||||
|
||||
gvisor-containerd-shim = callPackage ../applications/virtualization/gvisor/containerd-shim.nix { };
|
||||
|
|
Loading…
Reference in a new issue