feat(third_party): separate nixpkgs whitelist to allow more owners r/2064

The exposed package list has to be changed/amended quite frequently, every time somebody wants to use a package not yet in that list and thus has to whitelist it here. This effectively requires a superowner review every single time, which is an unreasonable blocker for many CLs. I thus propose moving the list into a separate file (I called it `nixpkgs-whitelist.nix` which is more descriptive than `exposed.nix` and letting anybody add themselves to the OWNERS on that file. Change-Id: Ied8bac066e4b9a91ddd642db805fe33dc37872c9 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2323 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>
author: Profpatsch <mail@profpatsch.de> 2021-01-03T16·07+0100
committer: Profpatsch <mail@profpatsch.de> 2021-01-08T12·56+0000
commit: 68c4730365a2874ee26d3cc92fbeb073de460a4b (patch)
tree: 9c2d55d3ca77402fad19ee8ee88884b7c60c4896 /third_party/default.nix
parent: 0b4e280a0791cea82f3d076c5e6ddebfaed9d704 (diff)
1 files changed, 1 insertions, 178 deletions
diff --git a/third_party/default.nix b/third_party/default.nix
index ba307aeae4..086e25ab85 100644
--- a/third_party/default.nix
+++ b/third_party/default.nix
@@ -29,184 +29,7 @@ let
   };
   stableNixpkgs = import stableNixpkgsSrc {};
 
-  exposed = {
-    # Inherit the packages from nixos-unstable that should be available inside
-    # of the repo. They become available under `pkgs.third_party.<name>`
-    inherit (nixpkgs)
-      age
-      autoconf
-      autoreconfHook
-      avrdude
-      avrlibc
-      bashInteractive
-      bat
-      buildBazelPackage
-      buildFHSUserEnv
-      buildGoModule
-      buildGoPackage
-      buildPackages
-      buildkite-agent
-      busybox
-      bzip2
-      c-ares
-      cacert
-      cachix
-      cairo
-      cargo
-      cgit
-      clang_11
-      cmake
-      coreutils
-      cudatoolkit
-      darwin
-      dfu-programmer
-      dfu-util
-      diffutils
-      docker-compose
-      dockerTools
-      emacs26
-      emacs26-nox
-      emacsPackages
-      emacsPackagesGen
-      execline
-      fd
-      fetchFromGitHub
-      fetchgit
-      fetchurl
-      fetchzip
-      fira
-      fira-code
-      fira-mono
-      flamegraph
-      fontconfig
-      freetype
-      gettext
-      glibc
-      gmock
-      gnutar
-      google-cloud-sdk
-      graphviz
-      gzip
-      haskell
-      iana-etc
-      imagemagickBig
-      installShellFiles
-      jdk
-      jdk11
-      jdk11_headless
-      jetbrains-mono
-      jq
-      kontemplate
-      lib
-      libredirect
-      linuxPackages
-      luajit
-      lutris
-      makeFontsConf
-      makeWrapper
-      mdbook
-      meson
-      mime-types
-      mkShell
-      moreutils
-      nano
-      nginx
-      ninja
-      nix
-      openssh
-      openssl
-      overrideCC
-      pandoc
-      parallel
-      pkgconfig
-      pkgsCross
-      postgresql
-      pounce
-      pulseaudio
-      python3
-      python3Packages
-      quassel
-      remarshal
-      rink
-      ripgrep
-      rsync
-      runCommand
-      runCommandLocal
-      runCommandNoCC
-      rustPlatform
-      rustc
-      buildRustCrate
-      s6-portable-utils
-      sbcl
-      shellcheck
-      sqlite
-      stdenvNoCC
-      stern
-      symlinkJoin
-      systemd
-      tdlib
-      teensy-loader-cli
-      terraform_0_12
-      texlive
-      thttpd
-      tree
-      tree-sitter
-      unzip
-      which
-      writeShellScript
-      writeShellScriptBin
-      writeText
-      writers
-      xorg
-      xz
-      zlib
-      zstd;
-
-    # Inherit packages from the stable channel for things that are
-    # broken on unstable
-    inherit (stableNixpkgs)
-      awscli # TODO(grfn): Move back to unstable once it is fixed
-      ;
-
-    # Required by //third_party/nix
-    inherit (nixpkgs)
-      aws-sdk-cpp
-      bison
-      boehmgc
-      boost # urgh
-      brotli
-      busybox-sandbox-shell
-      curl
-      docbook5
-      docbook_xsl_ns
-      editline
-      flex
-      libseccomp
-      libsodium
-      libxml2
-      libxslt
-      mercurial
-      perl
-      perlPackages
-      utillinuxMinimal;
-
-    haskellPackages = (nixpkgs.haskellPackages.override {
-      overrides = (import ./haskell_overlay { pkgs = nixpkgs; });
-    });
-
-    gradle_6 = (nixpkgs.gradleGen.override {
-      java = nixpkgs.jdk11;
-      jdk = nixpkgs.jdk11;
-    }).gradleGen rec {
-      name = "gradle-6.5.1";
-      nativeVersion = "0.22-milestone-3";
-
-      src = builtins.fetchurl {
-        url = "https://services.gradle.org/distributions/${name}-bin.zip";
-        sha256 = "0jmmipjh4fbsn92zpifa5cqg5ws2a4ha0s4jzqhrg4zs542x79sh";
-      };
-    };
-  };
+  exposed = import ./nixpkgs-exposed.nix { inherit nixpkgs stableNixpkgs; };
 
 in exposed.lib.fix(self: exposed // {
   callPackage = nixpkgs.lib.callPackageWith self;
author	Profpatsch <mail@profpatsch.de>	2021-01-03T16·07+0100
committer	Profpatsch <mail@profpatsch.de>	2021-01-08T12·56+0000
commit	68c4730365a2874ee26d3cc92fbeb073de460a4b (patch)
tree	9c2d55d3ca77402fad19ee8ee88884b7c60c4896 /third_party/default.nix
parent	0b4e280a0791cea82f3d076c5e6ddebfaed9d704 (diff)