about summary refs log tree commit diff
path: root/third_party
AgeCommit message (Collapse)AuthorFilesLines
2021-06-02 r/2641 fix(3p/josh): Temporarily patch instances of master->canonVincent Ambo2-0/+51
... until hardcoded references are removed upstream. This is motivated by HEAD-branch related issues when cloning depot via josh and a naive search for places where `master` was used directly. Change-Id: I46709631d6ee5561344fc5f407324bcf69c641e2 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3171 Tested-by: BuildkiteCI Reviewed-by: cschilling <christian.schilling.de@gmail.com> Reviewed-by: sterni <sternenseemann@systemli.org>
2021-06-02 r/2640 chore(3p/josh): Bump to most recent commitVincent Ambo1-2/+2
Includes a potentially relevant fix (anonymous authentication with the correct username). Change-Id: Iabf2eff43e98cc8b7b998ead3775b1fc8f1dfac6 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3173 Tested-by: BuildkiteCI Reviewed-by: cschilling <christian.schilling.de@gmail.com>
2021-06-02 r/2639 chore(3p/naersk): Bump version to latest commitVincent Ambo1-5/+3
There have been a few relevant fixes. Change-Id: I84b6fb645703972b03f1210cb69d03467caefbfa Reviewed-on: https://cl.tvl.fyi/c/depot/+/3172 Reviewed-by: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
2021-05-25 r/2630 chore(nixpkgs): Bump channels to 2021-05-25Vincent Ambo8-41/+20
* users/grfn/system/home/yeren: remove obsolete awscli2 overrides * ops: make new isSystemUser || isNormalUser assertion happy * users/grfn/system/system/mugwump: make buildkite agents system users * users/tazjin/nixos/camden: set isSystemUser = true for git * users/tazjin/emacs: Remove missing & broken packages * third_party/openldap: remove, as the argon2 module is now enabled upstream * third_party/gerrit_plugins: Pinned new unstable hashes * third_party/nix, third_party/grpc: Disabled CI as these are broken * third_party/overlays/emacs: Bumped version to stay in sync with channel * third_party/buzz: Update LIBCLANG_PATH to reference libclang.lib, since libclang's default output no longer contains libclang.so * users/grfn/system/home: Install julia-stable instead of julia (which aliases to julia-lts), as the latter depends on an insecure version of libgit Change-Id: Iff33b0ecb0ef07a82d1de35e23c40d2f4bf0f8ed Reviewed-on: https://cl.tvl.fyi/c/depot/+/3001 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: grfn <grfn@gws.fyi>
2021-05-24 r/2626 refactor(ops/nixos): Pass `depot` as a special argumentVincent Ambo1-3/+32
This changes the evaluation order for the `depot` argument and ensures it is partially evaluated before the module system starts resolving imports. This way we can import modules from `depot.path` without `depot` having to come from readTree. Fixes b/129. Change-Id: Icf4dd2be15011055dac8b27e991a4ff6a12bf827 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3156 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-05-24 r/2622 chore(3p/overlays): Remove LLVM11 bump from overlayVincent Ambo10-20/+16
* This was mostly for //third_party/nix and its dependencies which now have been set to use llvmPackages_11 manually. * For //users/grfn/achilles we also manually select the newer LLVM version. * //tools/cheddar doesn't seem to need llvm anymore. * //third_party/buzz also compiles with clang 7.1.0 * replace clang-tools everywhere with new attribute clang-tools_11 For the future we may want to have something similar again, but it may not be necessary to invest too much time into it: nixpkgs is set to upgrade their default llvmPackages to LLVM 11 as well at some point in the near future. Co-Authored-By: sterni <sternenseemann@systemli.org> Change-Id: Id83868dbc476a6c776b59518b856c933f30ea79d Reviewed-on: https://cl.tvl.fyi/c/depot/+/3135 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: grfn <grfn@gws.fyi>
2021-05-22 r/2607 refactor(tazjin/emacs): Switch to sending mail via lieerVincent Ambo2-54/+0
This drops the msmtp requirement from my configuration; there's still some cleanup to be done but I need to double-check this in a few environments first. Change-Id: I298f4ff77b45cb214fbccee84e9bbd861508d11a Reviewed-on: https://cl.tvl.fyi/c/depot/+/3132 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-05-22 r/2605 feat(3p/litestream): Add derivation for litestreamVincent Ambo1-0/+23
This is a simple Go module build for https://litestream.io/ If this ends up being useful, we should upstream this to nixpkgs. Change-Id: I3beb64c9adb3b57fcef4e1dfb27f293a15f90a76 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3085 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-05-21 r/2599 feat(apereo-cas): move away from 127.0.0.1:8443Florian Klink1-1/+1
The following commit itends to bind on port 8443 on all interfaces, so let's move this to something else. Change-Id: Ibb94a0f4e6892b6e543b542b89bcdaaefb617f23 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3126 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-05-17 r/2595 feat(tools): add rust-crates-advisoryProfpatsch1-0/+27
We have a bunch of crates in `third_party/rust-crates`; it would be great if we could check them for existing CVEs. This tool does that, it takes the rust security advisory database, parses the applicable CVEs, and cross-checks them against the actual crate versions we list in our package database. The dumb parser we wrote is tested against all entries in the database, so we will notice when upstream breaks their shit. Checking the semver stuff is easy enough with the semver crate. If an advisory matches, it prints the whole thing and fails the build. Change-Id: I9e912c43d37a685d9d7a4424defc467a171ea3c4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2818 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: sterni <sternenseemann@systemli.org>
2021-05-04 r/2563 chore(3p/josh): Bump version to latest HEADVincent Ambo2-73/+3
This lets us drop the patch for pinning the git library, as this one is now pinned to something upstream. Change-Id: Ib8026f5f22e2e49371a2bad83aa726c2951570e4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3086 Tested-by: BuildkiteCI Reviewed-by: eta <eta@theta.eu.org>
2021-04-23 r/2537 feat(third_party/gopkgs): add charmbracelet/{bubbletea,bubbles}Profpatsch10-0/+171
A small go TUI framework based on the Elm Architecture. Change-Id: I0c400a7b25af682735bfc5061db179e5d1dd75ab Reviewed-on: https://cl.tvl.fyi/c/depot/+/2853 Reviewed-by: Profpatsch <mail@profpatsch.de> Reviewed-by: lukegb <lukegb@tvl.fyi> Tested-by: BuildkiteCI
2021-04-23 r/2536 docs(third_party/rust-crates): add top commentProfpatsch1-0/+3
Change-Id: I3938310cb5d50a2bc85b20bb415af78d1b42c844 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2816 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-04-20 r/2533 chore(3p/emacs): Remove obsolete third-party packagesVincent Ambo19-8624/+0
We don't need these in the depot anymore as the Emacs overlay now provides newer versions of them, or because they are not used anymore. Change-Id: I393e1580b66450d0bb128213bc79668172dadacc Reviewed-on: https://cl.tvl.fyi/c/depot/+/3005 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-04-16 r/2519 feat(3p/josh): Import and build joshVincent Ambo2-0/+95
We've had josh in here previously, but it was kind of immature back then. The repository looks much better now and I'd like to give it another try. Josh is a Rust project, the build here is done with naersk. Change-Id: I3731340d00ce1eb4cef55de114e1915579e47ef3 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3017 Reviewed-by: lukegb <lukegb@tvl.fyi> Tested-by: BuildkiteCI
2021-04-13 r/2504 feat(overlays/tvl): Add our emacs packages to the fixpointVincent Ambo1-1/+8
Adds all TVL Emacs packages to the emacsPackages fixpoint unter `tvlPackages` ... one step closer to native compilation. Change-Id: I938689ccab057164babfb88cd467a490b3efd39b Reviewed-on: https://cl.tvl.fyi/c/depot/+/3004 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi> Reviewed-by: adisbladis <adisbladis@gmail.com>
2021-04-13 r/2503 feat(tools/emacs-pkgs): Add new builder for internal packagesVincent Ambo1-2/+2
Adds a new internal builder that makes it possible to override the `emacsPackages` passed to our Emacs packages, which in turn makes it possible to inject them into the emacsPackages fixpoint and use them with features like Emacs native compilation. Change-Id: I80dad57115c83cf5693ae6ba4e4cf3105d103d5e Reviewed-on: https://cl.tvl.fyi/c/depot/+/3003 Tested-by: BuildkiteCI Reviewed-by: adisbladis <adisbladis@gmail.com> Reviewed-by: grfn <grfn@gws.fyi>
2021-04-13 r/2502 feat(3p/overlays): Add bleeding-edge Emacs overlayVincent Ambo2-0/+12
This adds adisbladis' Emacs overlay, which makes bleeding-edge functionality such as native compilation of Elisp available. Change-Id: I29861cb4da37bf8bf7fdb6fba5f2525c7a024356 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3002 Reviewed-by: adisbladis <adisbladis@gmail.com> Tested-by: BuildkiteCI
2021-04-12 r/2499 fix(3p/gerrit_plugins/oauth): adapt to CAS "flat" attributesLuke Granger-Brown1-14/+42
CAS nested attributes produce a key called "attributes", which is disliked by Grafana, because it expects any key called attributes to be a map<string, list<string>>, whereas CAS just produces a map<string, string>. As part of setting up Grafana SSO we need therefore to fix Gerrit so it can adapt to the new syntax that we're adopting. Change-Id: Ia79dae78c0eae6e21135a06cd5850606f82bcdb8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2981 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-04-12 r/2497 refactor: Replace 'depotPath' with 'depot.path'Vincent Ambo2-3/+2
Instead of having two ways of accessing the path to the depot (one of which was stuttering, depot.depotPath) we settle on only one: depot.path. This was mostly used for NixOS module imports. Co-Authored-By: Florian Klink <flokli@flokli.de> Change-Id: I2c0db23383fc34f6ca76baaad4cc4af2d9dfae15 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2962 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi> Reviewed-by: sterni <sternenseemann@systemli.org>
2021-04-12 r/2485 refactor(users/glittershark): Rename to grfnGriffin Smith3-3/+3
Rename my //users directory and all places that refer to glittershark to grfn, including nix references and documentation. This may require some extra attention inside of gerrit's database after it lands to allow me to actually push things. Change-Id: I4728b7ec2c60024392c1c1fa6e0d4a59b3e266fa Reviewed-on: https://cl.tvl.fyi/c/depot/+/2933 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: lukegb <lukegb@tvl.fyi> Reviewed-by: glittershark <grfn@gws.fyi>
2021-04-12 r/2484 feat(3p): upgrade sbcl to 2.1.2sterni4-10/+10
sbcl 2.0.9 introduced a new warning: > minor incompatible change: the compiler signals a warning at > compile-time when an initform of T, NIL or 0 does not match > a STANDARD-CLASS slot's declared type. This broke a few packages, but they all have been fixed upstream in the meantime and we only need to bump their versions. The culprits are: * defclass-std which possibly has become unmaintained since the fix (december 2020). * cl-prevalence which also needs one symbol from bt now * lisp-binary which also includes a new file now Change-Id: I06bb47a129d5ef912a623315c1281aedd1ceac2a Reviewed-on: https://cl.tvl.fyi/c/depot/+/2934 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: glittershark <grfn@gws.fyi>
2021-04-11 r/2481 chore(3p): Bump channels to 2021-04-09Vincent Ambo5-29/+12
Fixes included: * exposed gtest in the package set, required for protobuf * pinned SBCL to version 2.0.8: The channel moved it to >2.1, and a bunch of warnings seemed to be killing our builds - we should investigate this later. * removed kernel patches from //users/tazjin/frog: this machine is currently out of service anyways, not worth fixing while it's offline * removed steam & lutris from frog (they're currently broken) * removed Haskell overrides for hedgehog-classes & hgeometry-combinatorial * use gRPC sources from upstream and inject Abseil via Nix instead * fix for renamed grpc import in //third_party/nix * use libfprint-tod from upstream nixpkgs in glittershark/yeren and delete glittershark/pkgs/fprintd entirely, since all of the patches used there are available and working from upstream now (and stopped working here after the bump) Change-Id: Ia90e6f774f7b88bc9e60d28351b900ca43ee2695 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2901 Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: lukegb <lukegb@tvl.fyi> Tested-by: BuildkiteCI
2021-04-11 r/2479 fix(3p/haskellPackages): re-add random 1.2.0 to fix xanthoussterni1-5/+4
The random_1_2_0 attribute of haskellPackages currently holds random 1.2.0 which is what we want to have. We need to disable tests because they cause an infinite recursion as basically all testing libraries depend on random. This has the nice side effect that we no longer need import from derivation for random 1.2.0 (but owothia and xanthous still use it). Re-enable CI for xanthous. Additinonally we need to deal with the fallout of the haskellPackages overlay now also being pulled in for some machines since cl/2910 and let pandoc compile with random 1.2.0. Change-Id: I78d220e5bd35f3469d80d69e77e712a529f21d33 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2924 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: glittershark <grfn@gws.fyi>
2021-04-11 r/2473 feat(3p/nixpkgs): Plumb through externalArgs.nixpkgsBisectPathVincent Ambo1-3/+9
This lets the import of the depot root accept an additional argument called `externalArgs`, which can be used to pass additional arguments into a depot package set. This is used in //third_party/nixpkgs for replacing the source of the nixos-unstable channel with a path. With this we can bisect the nixpkgs used in third_party easily. Change-Id: I4f65eb3d6b521ed9f437649b7b068f1e6ab8210f Reviewed-on: https://cl.tvl.fyi/c/depot/+/2925 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-04-10 r/2471 fix(3p/nix): Fix dependency inclusion and reenable CIVincent Ambo1-9/+6
Change-Id: Ic2b7db4abe636b73b4c71e6a2f1501d3b4b8b90e Reviewed-on: https://cl.tvl.fyi/c/depot/+/2922 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-04-10 r/2470 refactor: Move nixpkgs attribute to `third_party.nixpkgs`Vincent Ambo17-371/+167
Please read b/108 to make sense of this. This gets rid of the explicit list of exposed packages from nixpkgs, and instead makes the entire package set available at `third_party.nixpkgs`. To accommodate this, a LOT of things have to be very slightly shuffled around. Some of this was done in already submitted CLs, but this change is unfortunately still quite noisy. Pay extra attention to: * overlay-like functionality that was partially moved to actual overlays (partially as in, the minimum required to get a green build) * modified uses of the package set path, esp. in NixOS systems Special notes: * xanthous has been disabled in CI because of issues with the Haskell overlay * //third_party/nix has been disabled because of other unclear dependency issues Both of these will be tackled in a followup CL. Change-Id: I2f9c60a4d275fdb5209264be0addfd7e06c53118 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2910 Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2021-04-10 r/2469 chore(tazjin/emacs): Use telega from nixpkgsVincent Ambo1-21/+0
adisbladis fixed the tdlib/telega versioning issues in nixpkgs at some point, so this isn't required anymore. Change-Id: Ib98e73d0e4394765f08f5f3741f70adab459c22f Reviewed-on: https://cl.tvl.fyi/c/depot/+/2909 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-04-10 r/2466 refactor(3p/overlays): Move haskell overlay to new tree locationVincent Ambo3-2/+8
nixpkgs_exposed is going away, and the haskell overlay is independent from that. See also b/108, cl/2910 Change-Id: I3aea6dfc427a914f3f88146fd0b45d60dfd45a1a Reviewed-on: https://cl.tvl.fyi/c/depot/+/2918 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-04-10 r/2465 refactor(3p/dhall): Move easy-dhall-nix import into separate folderVincent Ambo4-18/+26
This is part of paving the way for clearly distinguishing between packages from nixpkgs and //third_party. See also: b/108, cl/2910 Change-Id: I28b5abd1f0f9fa3c4478c9f255b2025f4a4139f1 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2917 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: Profpatsch <mail@profpatsch.de> Reviewed-by: tazjin <mail@tazj.in>
2021-04-10 r/2462 refactor(fun): Consistent use of depot.third_party vs. pkgsVincent Ambo1-0/+1
In preparation for the solution of b/108, we need to consistently use `depot.third_party` for packages that are only packed in the TVL depot and `pkgs` for things that come from nixpkgs. This commit cleans up a huge chunk of these uses in //fun Change-Id: I45a7b392a9749fa7859ff5100dcea415bda807c3 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2914 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-04-10 r/2461 refactor(third_party): Consistent use of depot.third_party vs. pkgsVincent Ambo46-108/+107
In preparation for the solution of b/108, we need to consistently use `depot.third_party` for packages that are only packed in the TVL depot and `pkgs` for things that come from nixpkgs. This commit cleans up a huge chunk of these uses in //third_party Change-Id: Ic382c0cdea7330a84d5f0b7d109c824ddceb94e7 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2912 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-04-07 r/2454 feat(3p/buzz): InitGriffin Smith2-0/+40
Package buzz, a desktop email notifier that uses passive (push-based) IMAP connections to get email notifications quickly. Change-Id: Idbd175db882cdab975b0928cd6920954500954a1 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2902 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-04-06 r/2451 feat(3p/gerrit): expose the Gerrit API in the outputLuke Granger-Brown2-3/+9
Writing Gerrit plugins that don't use the in-tree build system is more convenient if the API is actually exposed in the derivation's output. Change-Id: I3408d35498ca879576d532b005e36fde8ff2ea61 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2871 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-04-06 r/2450 chore(3p/gerrit): update gerrit and pluginsLuke Granger-Brown11-66/+281
This reverts commit 9551b628d02323b01ecb80220342eea488f7200e (i.e. this is a rollfoward for https://cl.tvl.fyi/c/depot/+/2817) Change-Id: Iaffcf1cdbe119d26ecb09cc88f9a56436b374c08 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2870 Reviewed-by: tazjin <mail@tazj.in> Tested-by: BuildkiteCI
2021-04-06 r/2447 fix(3p/cgit): fix max-width for #summarysterni1-1/+1
Having a space between the number and the unit is not valid CSS. I was aware of this problem, but apparently forgot to amend the fix. Change-Id: I74936db515799763038669d0a11da53f28f722be Reviewed-on: https://cl.tvl.fyi/c/depot/+/2867 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>
2021-04-04 r/2432 feat(third_party/rust-crates): default to 2018 rust editionProfpatsch1-15/+24
We override the default `buildRustCrate` with our default options. Kinda amazing how many crates still default to the 2015 edition; probably to be backwards compatible with older compilers? Change-Id: Ic571f527b1575a03b8b58e6b75bcf12c4b9b7d9c Reviewed-on: https://cl.tvl.fyi/c/depot/+/2842 Tested-by: BuildkiteCI Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-04-04 r/2424 revert(3p/gerrit): chore(3p/gerrit): update gerrit and pluginslukegb10-68/+65
This reverts commit f59c6214c4b1812120bd500a23d1cb6e160d6665. Reason for revert: new gerrit's JS appears to not have compiled correctly; rolling back until I can figure out why Change-Id: If16fe341aad25bef30ed7be8c6ac49cadf2a732c Reviewed-on: https://cl.tvl.fyi/c/depot/+/2821 Reviewed-by: lukegb <lukegb@tvl.fyi> Tested-by: BuildkiteCI
2021-04-04 r/2423 chore(3p/gerrit): update gerrit and pluginsLuke Granger-Brown10-65/+68
Yeet. Change-Id: I4de6453419f520a44af19d561a36d242195a64e9 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2817 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-04-03 r/2422 refactor(3p/rust-crates): use imported buildRustCrate everywheresterni1-28/+28
A bit less noisy in the definitions and the nix parser can already detect it being misspelled. Change-Id: I979da11471187e36cde5c015aaf654f925757a8b Reviewed-on: https://cl.tvl.fyi/c/depot/+/2814 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-04-03 r/2421 feat(3p/rust-crates): get dependencies from the depot fix pointsterni1-1/+3
I think it is good practice to always get dependencies from the depot fix point if they are exposed. The reasoning for this is that if we improve the support for overriding in depot, say by introducing a depot.extend functions or even full blown overlay support, this will already work as expected. Change-Id: Ibb8dffcf32e8f46817a2db2da26139fabdce55bc Reviewed-on: https://cl.tvl.fyi/c/depot/+/2770 Tested-by: BuildkiteCI Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-04-03 r/2419 chore: move all 3p buildRustCrate derivations to //third_partysterni2-0/+276
Profpatsch and me are basically the only users of depot.users.Profpatsch.writers.rustSimple*. To pull in the odd dependency we usually use buildRustCrate which is rather convenient. However we've picked up the bad habit of inlining these in a let somewhere instead of managing them in a more central location although there has been an (unsuccesful) attempt at this in //users/Profpatsch/rust-crates.nix. This CL moves all buildRustCrate based derivations into third_party.rust-crates and deletes any duplicate derivations we have accumulated in the tree. Change-Id: I8f68b95ebd546708e9af07dca36d72dba9ca8c77 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2769 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-04-03 r/2418 feat(3p/apereo-cas): add the LDAP DN to the list of attributesLuke Granger-Brown1-2/+4
Panettone currently uses the LDAP DN as the user key, so we collect it here so that we can later make sure its exposed to Panettone. Change-Id: Ia2048cb479a2afe6fe9f47181115ae7ec13dedf3 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2811 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: glittershark <grfn@gws.fyi>
2021-04-03 r/2417 chore(3p/apereo-cas): move TVL configLuke Granger-Brown1-0/+3
There's some non-secret config that made its way into the secrets file. This CL moves it into git so we can track it properly. Change-Id: I3f5bf5e1f7addabb199997fb7b1f805b9157fbbe Reviewed-on: https://cl.tvl.fyi/c/depot/+/2810 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-04-03 r/2415 chore(3p/gerrit_plugins): init oauthLuke Granger-Brown3-0/+72
Add the OAuth gerrit plugin to our mini collection of Gerrit plugins. This includes a patch to make the plugin work correctly with CAS 6.x, which has changed the attributes into a JSON object with the attributes nested inside, instead of a JSON list. Change-Id: I4741f137cca9c8eb45b9ea660fb4cbf6962be9a4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2782 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-04-03 r/2413 feat(3p/lisp): Add cl-smtpGriffin Smith2-0/+29
Change-Id: Idbf63e346b696fb6704390d7a76a2f2b2d3bc190 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2802 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-04-03 r/2412 chore(3p/gerrit_plugins): attempt to stabilise hashes a bitLuke Granger-Brown1-7/+3
I'm dropping the leaveDotGit and deepClone bits; they were set like that purely to try to make the build stamping work. In practice, not only does the build stamping not work, but it also means we hit some inconveniently-different hashes from time to time when gitiles does... something??? on its backend. I'm also putting some gcroots for these on whitby, which should also help a bit, although it's a bit of a hack. Change-Id: Ie6082248393e62795c18b1971fc2d16f4e8cc81d Reviewed-on: https://cl.tvl.fyi/c/depot/+/2781 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-04-02 r/2400 feat(3p/cgit): limit width of div#summary, i. e. /about/**sterni2-0/+5
Decreased text width for the /about pages should increase readability considerably as jumping back to the beginning is hard for longer lines. The result is still not perfect as the font size for the /about pages is rather small and many lines thus get broken somewhat awkwardly. We could probably migitate that using a larger font size. The implementation choice of adding a tvl-extra.css which we inject into cgit.css in preBuild is for simplicity: We don't need to worry about routing an extra CSS file and loading it from the right location via extra cgit head entries and serving it at the correct location using either nginx or thttpd. A drawback of this is however that iteration is slowed down by cgit's compilation time. Additionally, this should be the basis for implementing a bubblegum themed cgit for Profpatsch. Change-Id: I18060f735167acd623cef7a17c83408978461249 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2756 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-04-02 r/2397 feat(3p/cgit): enableParallelBuildingsterni1-0/+2
This gives a decent compilation speedup even on slow machines, so seems worth it. Let's hope the cgit build process is not racy. Change-Id: Ic4ae72789da2ccae16fd48e46aec624244b25035 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2755 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-04-01 r/2394 feat(web/bubblegum): nix CGI programming frameworksterni1-0/+1
So here is what has been keeping me up at night: At some point I realized that nix actually made a somewhat passable language for CGI programming: * That `builtins.getEnv` exists as one of the impurities of Nix is perfect as environment variables are the main way of communication from the web server to the CGI application. * We can actually read from the filesystem via builtins.readDir and builtins.readFile with bearable overhead if we avoid importing the used paths into the nix store. * Templating and routing are convenient to implement via indented strings and attribute sets respectively. Of course there are obvious limitation: * The overhead of derivations is probably much to great for them to be useful via IfD. * Even without derivations, nix evaluation is very slow to the point were a trivial application takes between 100ms and 400ms to produce a response. * We can't really cause effects other than producing a response which makes it not viable for a lot of applications. There are some ways around this: * With a custom interpreter we could have streaming and multiplexed I/O (using lazy lists emulated via attrsets) to cause such effects, but it would probably perform terribly. * We can use builtins.fetchurl to call other HTTP-based microservices, but only in very limited constraints, i. e. only GET, no headers, and only if the tarball ttl is set to 0 in the global nix.conf. * Terrible error handling capabilities because builtins.tryEval actually doesn't catch a lot of errors. To prove that it actually works, there are some demo applications, which I invite you to run and potentially break horribly: nix-build -A web.bubblegum.examples && ./result # navigate to http://localhost:9000 The setup uses thttpd and executes the nix CGI scripts using users.sterni.nint which automatically passed `depot`, so they can import the cgi library. Change-Id: I3a22a749612211627e5f8301c31ec2e7a872812c Reviewed-on: https://cl.tvl.fyi/c/depot/+/2746 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>