From f6c94430c8d71b95660ffff2ef621d2747a08cad Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Sat, 23 Dec 2023 23:50:29 +0200 Subject: feat(tvix/build/protos): add some missing fields - directory in which the castore input nodes are mounted - working directory for the build command - scratch paths - network access y/n - whether a (static) /bin/sh should be provided Populate these fields appropriately, and extend the tests in tvix-glue with a FOD example. Change-Id: I4f9de1483d6696d74694a09784910c407acb0be0 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10412 Autosubmit: flokli Tested-by: BuildkiteCI Reviewed-by: sterni --- tvix/build/protos/build.proto | 49 ++++++++++++++++++++++++++++++------------- 1 file changed, 34 insertions(+), 15 deletions(-) (limited to 'tvix/build/protos') diff --git a/tvix/build/protos/build.proto b/tvix/build/protos/build.proto index 75146a8bd3ca..bdabb037a080 100644 --- a/tvix/build/protos/build.proto +++ b/tvix/build/protos/build.proto @@ -45,16 +45,36 @@ option go_package = "code.tvl.fyi/tvix/build-go;buildv1"; // support "send all BuildRequest for a nixpkgs eval to a remote builder and put // the laptop to sleep" usecases later. message BuildRequest { + // The list of all root nodes that should be visible in STORE_DIR at the time + // of the build. + // As root nodes are content-addressed, no additional signatures are needed + // to substitute / make these available in the build environment. + // Inputs are sorted by their names. + repeated tvix.castore.v1.Node inputs = 1; + // The command (and its args) executed as the build script. // In the case of a Nix derivation, this is usually // ["/path/to/some-bash/bin/bash", "-e", "/path/to/some/builder.sh"]. - repeated string command_args = 1; + repeated string command_args = 2; + + // The working dir of the command, relative to the build root. + // "build", in the case of Nix. + string working_dir = 3; + + // A list of "scratch" paths, relative to the build root. + // These will be write-able during the build. + // [build] in the case of Nix. + repeated string scratch_paths = 4; + + // The path where the castore input nodes will be located at, + // "/nix/store" in case of Nix. + string store_dir = 5; - // The list of outputs the build is expected to produce. - // These are basenames inside /nix/store. + // The list of output nodes the build is expected to produce. + // These are basenames inside store_dir. // If the path is not produced, the build is considered to have failed. // Outputs are sorted. - repeated string outputs = 2; + repeated string outputs = 6; // The list of environment variables and their values that should be set // inside the build environment. @@ -66,23 +86,16 @@ message BuildRequest { // We don't want to bleed these very nix-specific sandbox impl details into // (dumber) builders if we don't have to. // Environment variables are sorted by their keys. - repeated EnvVar environment_vars = 3; + repeated EnvVar environment_vars = 7; message EnvVar { string key = 1; bytes value = 2; } - // The list of all root nodes that should be visible in /nix/store at the - // time of the build. - // As root nodes are content-addressed, no additional signatures are needed - // to substitute / make these available in the build environment. - // Inputs are sorted by their names. - repeated tvix.castore.v1.Node inputs = 4; - // A set of constraints that need to be satisfied on a build host before a // Build can be started. - BuildConstraints constraints = 5; + BuildConstraints constraints = 8; // BuildConstraints represents certain conditions that must be fulfilled // inside the build environment to be able to build this. @@ -97,9 +110,15 @@ message BuildRequest { uint64 min_memory = 2; // A list of (absolute) paths that need to be available in the build - // environment. - // TBD, This is probably things like /dev/kvm, but no nix store paths. + // environment, like `/dev/kvm`. + // This is distinct from the castore nodes in inputs. repeated string available_ro_paths = 3; + + // Whether the build should be able to access the network, + bool network_access = 4; + + // Whether to provide a /bin/sh inside the build environment, usually a static bash. + bool provide_bin_sh = 5; } // TODO: allow describing something like "preferLocal", to influence composition? -- cgit 1.4.1