about summary refs log tree commit diff
path: root/tvix/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'tvix/default.nix')
-rw-r--r--tvix/default.nix152
1 files changed, 21 insertions, 131 deletions
diff --git a/tvix/default.nix b/tvix/default.nix
index f965959c91c0..49b6a9e03e11 100644
--- a/tvix/default.nix
+++ b/tvix/default.nix
@@ -2,79 +2,9 @@
 { pkgs, lib, depot, ... }:
 
 let
-  # crate override for crates that need protobuf
-  protobufDep = prev: (prev.nativeBuildInputs or [ ]) ++ [ pkgs.buildPackages.protobuf ];
-  iconvDarwinDep = lib.optional pkgs.stdenv.isDarwin pkgs.libiconv;
-
-  # On Darwin, some crates producing binaries need to be able to link against security.
-  darwinDeps = lib.optionals pkgs.stdenv.isDarwin (with pkgs.buildPackages.darwin.apple_sdk.frameworks; [
-    Security
-    SystemConfiguration
-  ]);
-
   # Load the crate2nix crate tree.
-  crates = import ./Cargo.nix {
-    inherit pkgs;
-    nixpkgs = pkgs.path;
-
-    # Hack to fix Darwin build
-    # See https://github.com/NixOS/nixpkgs/issues/218712
-    buildRustCrateForPkgs = pkgs:
-      if pkgs.stdenv.isDarwin then
-        let
-          buildRustCrate = pkgs.buildRustCrate;
-          buildRustCrate_ = args: buildRustCrate args // { dontStrip = true; };
-          override = o: args: buildRustCrate.override o (args // { dontStrip = true; });
-        in
-        pkgs.makeOverridable override { }
-      else pkgs.buildRustCrate;
-
-    defaultCrateOverrides = pkgs.defaultCrateOverrides // {
-      zstd-sys = prev: {
-        nativeBuildInputs = prev.nativeBuildInputs or [ ];
-        buildInputs = prev.buildInputs or [ ] ++ iconvDarwinDep;
-      };
-
-      opentelemetry-proto = prev: {
-        nativeBuildInputs = protobufDep prev;
-      };
-
-      prost-build = prev: {
-        nativeBuildInputs = protobufDep prev;
-      };
-
-      prost-wkt-types = prev: {
-        nativeBuildInputs = protobufDep prev;
-      };
-
-      tonic-reflection = prev: {
-        nativeBuildInputs = protobufDep prev;
-      };
-
-      tvix-build = prev: {
-        PROTO_ROOT = depot.tvix.build.protos.protos;
-        nativeBuildInputs = protobufDep prev;
-        buildInputs = darwinDeps;
-      };
-
-      tvix-castore = prev: {
-        PROTO_ROOT = depot.tvix.castore.protos.protos;
-        nativeBuildInputs = protobufDep prev;
-      };
-
-      tvix-cli = prev: {
-        buildInputs = prev.buildInputs or [ ] ++ darwinDeps;
-      };
-
-      tvix-store = prev: {
-        PROTO_ROOT = depot.tvix.store.protos.protos;
-        nativeBuildInputs = protobufDep prev;
-        # fuse-backend-rs uses DiskArbitration framework to handle mount/unmount on Darwin
-        buildInputs = prev.buildInputs or [ ]
-          ++ darwinDeps
-          ++ lib.optional pkgs.stdenv.isDarwin pkgs.buildPackages.darwin.apple_sdk.frameworks.DiskArbitration;
-      };
-    };
+  crates = pkgs.callPackage ./Cargo.nix {
+    defaultCrateOverrides = depot.tvix.utils.defaultCrateOverridesForPkgs pkgs;
   };
 
   # Cargo dependencies to be used with nixpkgs rustPlatform functions.
@@ -85,11 +15,10 @@ let
     # and the outputHash as value.
     outputHashes = builtins.listToAttrs
       (map
-        (crateName:
-          (lib.nameValuePair "${crateName}-${crates.internal.crates.${crateName}.version}" crates.internal.crates.${crateName}.src.outputHash)
+        (k:
+          (lib.nameValuePair "${crates.internal.crates.${k}.crateName}-${crates.internal.crates.${k}.version}" crates.internal.crates.${k}.src.outputHash)
         ) [
         "bigtable_rs"
-        "test-generator"
         "wu-manber"
       ]);
   };
@@ -112,57 +41,6 @@ in
 {
   inherit crates protos;
 
-  # Run crate2nix generate, ensure the output doesn't differ afterwards
-  # (and doesn't fail).
-  #
-  # Currently this re-downloads every crate every time
-  # crate2nix-check (but not crate2nix) is built.
-  # TODO(amjoseph): be less wasteful with bandwidth.
-  #
-  crate2nix-check =
-    let
-      outputHashAlgo = "sha256";
-    in
-    pkgs.stdenv.mkDerivation {
-      inherit src;
-
-      # Important: we include the hash of the Cargo.lock file and
-      # Cargo.nix file in the derivation name.  This forces the FOD
-      # to be rebuilt/reverified whenever either of them changes.
-      name = "tvix-crate2nix-check-" +
-        (builtins.substring 0 8 (builtins.hashFile "sha256" ./Cargo.lock)) +
-        "-" +
-        (builtins.substring 0 8 (builtins.hashFile "sha256" ./Cargo.nix));
-
-      nativeBuildInputs = with pkgs; [ git cacert cargo ];
-      buildPhase = ''
-        export CARGO_HOME=$(mktemp -d)
-
-        # The following command can be omitted, in which case
-        # crate2nix-generate will run it automatically, but won't show the
-        # output, which makes it look like the build is somehow "stuck" for a
-        # minute or two.
-        cargo metadata > /dev/null
-
-        # running this command counteracts depotfmt brokenness
-        git init
-
-        ${depot.tools.crate2nix-generate}/bin/crate2nix-generate
-
-        # technically unnecessary, but provides more-helpful output in case of error
-        diff -ur Cargo.nix ${src}/Cargo.nix
-
-        # the FOD hash will check that the (re-)generated Cargo.nix matches the committed Cargo.nix
-        cp Cargo.nix $out
-      '';
-
-      # This is an FOD in order to allow `cargo` to perform network access.
-      outputHashMode = "flat";
-      inherit outputHashAlgo;
-      outputHash = builtins.hashFile outputHashAlgo ./Cargo.nix;
-      env.SSL_CERT_FILE = "${pkgs.cacert.out}/etc/ssl/certs/ca-bundle.crt";
-    };
-
   # Provide the Tvix logo in both .webp and .png format.
   logo = pkgs.runCommand "logo"
     {
@@ -187,6 +65,7 @@ in
     inherit cargoDeps src;
     name = "tvix-rust-docs";
     PROTO_ROOT = protos;
+    TVIX_BUILD_SANDBOX_SHELL = "/homeless-shelter";
 
     nativeBuildInputs = with pkgs; [
       cargo
@@ -198,7 +77,7 @@ in
 
     buildInputs = [
       pkgs.fuse
-    ] ++ iconvDarwinDep;
+    ] ++ lib.optional pkgs.stdenv.isDarwin pkgs.libiconv;
 
     buildPhase = ''
       cargo doc --document-private-items
@@ -212,6 +91,7 @@ in
     inherit cargoDeps src;
     name = "tvix-clippy";
     PROTO_ROOT = protos;
+    TVIX_BUILD_SANDBOX_SHELL = "/homeless-shelter";
 
     buildInputs = [
       pkgs.fuse
@@ -225,15 +105,25 @@ in
       rustPlatform.cargoSetupHook
     ];
 
-    # Allow blocks_in_conditions due to false positives with #[tracing::instrument(…)]:
-    # https://github.com/rust-lang/rust-clippy/issues/12281
-    buildPhase = "cargo clippy --tests --all-features --benches --examples -- -Dwarnings -A clippy::blocks_in_conditions | tee $out";
+    buildPhase = "cargo clippy --tests --all-features --benches --examples -- -Dwarnings | tee $out";
   };
 
+  crate2nix-check =
+    let
+      crate2nix-check = depot.tvix.utils.mkCrate2nixCheck ./Cargo.nix;
+    in
+    crate2nix-check.command.overrideAttrs {
+      meta.ci.extraSteps = {
+        inherit crate2nix-check;
+      };
+    };
+
   meta.ci.targets = [
     "clippy"
-    "crate2nix-check"
     "shell"
     "rust-docs"
+    "crate2nix-check"
   ];
+
+  utils = import ./utils.nix { inherit pkgs lib depot; };
 }