pyrox.dev / nixpkgs
lol
fork atom

Merge pull request #126034 from lukegb/bazel-build-configured

Switch buildBazelPackage fetchConfigured on by default

authored by

Luke Granger-Brown and committed by
GitHub 840f6883 ce3f3e6e

+71 -30
unified split
+7
nixos/doc/manual/from_md/release-notes/rl-2111.section.xml
··· 64 64 this version for the entire lifecycle of the 21.11 release. 65 65 </para> 66 66 </listitem> 67 + <listitem> 68 + <para> 69 + Those making use of <literal>buildBazelPackage</literal> will 70 + need to regenerate the fetch hashes (preferred), or set 71 + <literal>fetchConfigured = false;</literal>. 72 + </para> 73 + </listitem> 67 74 </itemizedlist> 68 75 </section> 69 76 <section xml:id="other-notable-changes">
+3
nixos/doc/manual/release-notes/rl-2111.section.md
··· 28 28 * PHP 7.3 is no longer supported due to upstream not supporting this 29 29 version for the entire lifecycle of the 21.11 release. 30 30 31 + * Those making use of `buildBazelPackage` will need to regenerate the fetch 32 + hashes (preferred), or set `fetchConfigured = false;`. 33 + 31 34 ## Other Notable Changes
+29 -6
pkgs/applications/virtualization/gvisor/default.nix
··· 1 1 { lib 2 2 , buildBazelPackage 3 3 , fetchFromGitHub 4 + , callPackage 5 + , bash 4 6 , cacert 5 7 , git 6 8 , glibcLocales ··· 9 11 , iptables 10 12 , makeWrapper 11 13 , procps 14 + , protobuf 12 15 , python3 13 16 }: 14 17 ··· 16 19 preBuild = '' 17 20 patchShebangs . 18 21 22 + substituteInPlace tools/defs.bzl \ 23 + --replace "#!/bin/bash" "#!${bash}/bin/bash" 24 + 19 25 # Tell rules_go to use the Go binary found in the PATH 20 26 sed -E -i \ 21 - -e 's|go_version\s*=\s*"[^"]+",|go_version = "host",|g' \ 27 + -e 's|go_version\s*=\s*"[^"]+"|go_version = "host"|g' \ 22 28 WORKSPACE 23 29 24 30 # The gazelle Go tooling needs CA certs ··· 31 37 export GOPATH= 32 38 ''; 33 39 40 + # Patch the protoc alias so that it always builds from source. 41 + rulesProto = fetchFromGitHub { 42 + owner = "bazelbuild"; 43 + repo = "rules_proto"; 44 + rev = "f7a30f6f80006b591fa7c437fe5a951eb10bcbcf"; 45 + sha256 = "10bcw0ir0skk7h33lmqm38n9w4nfs24mwajnngkbs6jb5wsvkqv8"; 46 + extraPostFetch = '' 47 + sed -i 's|name = "protoc"|name = "_protoc_original"|' $out/proto/private/BUILD.release 48 + cat <<EOF >>$out/proto/private/BUILD.release 49 + alias(name = "protoc", actual = "@com_github_protocolbuffers_protobuf//:protoc", visibility = ["//visibility:public"]) 50 + EOF 51 + ''; 52 + }; 53 + 34 54 in buildBazelPackage rec { 35 55 name = "gvisor-${version}"; 36 - version = "2019-11-14"; 56 + version = "20210518.0"; 37 57 38 58 src = fetchFromGitHub { 39 59 owner = "google"; 40 60 repo = "gvisor"; 41 - rev = "release-20191114.0"; 42 - sha256 = "0kyixjjlws9iz2r2srgpdd4rrq94vpxkmh2rmmzxd9mcqy2i9bg1"; 61 + rev = "release-${version}"; 62 + sha256 = "15a6mlclnyfc9mx3bjksnnf4vla0xh0rv9kxdp34la4gw3c4hksn"; 43 63 }; 44 64 45 65 nativeBuildInputs = [ git glibcLocales go makeWrapper python3 ]; 46 66 47 67 bazelTarget = "//runsc:runsc"; 68 + bazelFlags = [ 69 + "--override_repository=rules_proto=${rulesProto}" 70 + ]; 48 71 49 72 # gvisor uses the Starlark implementation of rules_cc, not the built-in one, 50 73 # so we shouldn't delete it from our dependencies. ··· 76 99 rm -f "$bazelOut"/java.log "$bazelOut"/java.log.* 77 100 ''; 78 101 79 - sha256 = "0fhmlq0d2317gwhma2mz1anb69j4chybk90j71j88wpgw1hxbk34"; 102 + sha256 = "13pahppm431m198v5bffrzq5iw8m79riplbfqp0afh384ln669hb"; 80 103 }; 81 104 82 105 buildAttrs = { 83 106 inherit preBuild; 84 107 85 108 installPhase = '' 86 - install -Dm755 bazel-bin/runsc/*_pure_stripped/runsc $out/bin/runsc 109 + install -Dm755 bazel-out/*/bin/runsc/runsc_/runsc $out/bin/runsc 87 110 88 111 # Needed for the 'runsc do' subcomand 89 112 wrapProgram $out/bin/runsc \
+2 -2
pkgs/build-support/build-bazel-package/default.nix
··· 35 35 # required for the build as configured, rather than fetching all the dependencies 36 36 # which may not work in some situations (e.g. Java code which ends up relying on 37 37 # Debian-specific /usr/share/java paths, but doesn't in the configured build). 38 - , fetchConfigured ? false 38 + , fetchConfigured ? true 39 39 40 40 # Don’t add Bazel --copt and --linkopt from NIX_CFLAGS_COMPILE / 41 41 # NIX_LDFLAGS. This is necessary when using a custom toolchain which ··· 126 126 find $bazelOut/external -maxdepth 1 -type l | while read symlink; do 127 127 name="$(basename "$symlink")" 128 128 rm "$symlink" 129 - test -f "$bazelOut/external/@$name.marker" && rm "$bazelOut/external/@$name.marker" 129 + test -f "$bazelOut/external/@$name.marker" && rm "$bazelOut/external/@$name.marker" || true 130 130 done 131 131 132 132 # Patching symlinks to remove build directory reference
+2 -2
pkgs/development/python-modules/tensorflow/default.nix
··· 288 288 fetchAttrs = { 289 289 # cudaSupport causes fetch of ncclArchive, resulting in different hashes 290 290 sha256 = if cudaSupport then 291 - "1i7z2a7bc2q1vn1h9nx1xc6g1r1cby2xvbcs20fj9h6c2fgaw9j4" 291 + "10m6qj3kchgxfgb6qh59vc51knm9r9pkng8bf90h00dnggvv8234" 292 292 else 293 - "0s8q5rxq8abr50c5jpwv96ncfc0k8jw7w70ri8viqy031g9v9v45"; 293 + "04a98yrp09nd0p17k0jbzkgjppxs0yma7m5zkfrwgvr4g0w71v68"; 294 294 }; 295 295 296 296 buildAttrs = {
+1 -1
pkgs/development/tools/bazel-watcher/default.nix
··· 56 56 sed -e '/^FILE:@bazel_gazelle_go_repository_tools.*/d' -i $bazelOut/external/\@*.marker 57 57 ''; 58 58 59 - sha256 = "0rwwjjj6zaj4hdcbsbp0di53xn6203r2vgpddhdrp8iph9ab60cg"; 59 + sha256 = "1j175z3d4fbi4pl35py7yjq7ywrvwin6id131jv32hx0ck4g1m46"; 60 60 }; 61 61 62 62 buildAttrs = {
+19 -14
pkgs/servers/http/envoy/default.nix
··· 3 3 , fetchFromGitHub 4 4 , stdenv 5 5 , cmake 6 + , gn 6 7 , go 8 + , jdk 7 9 , ninja 8 10 , python3 9 11 , nixosTests ··· 15 17 # However, the version string is more useful for end-users. 16 18 # These are contained in a attrset of their own to make it obvious that 17 19 # people should update both. 18 - version = "1.16.2"; 19 - commit = "e98e41a8e168af7acae8079fc0cd68155f699aa3"; 20 + version = "1.17.3"; 21 + commit = "46bf743b97d0d3f01ff437b2f10cc0bd9cdfe6e4"; 20 22 }; 21 23 in 22 24 buildBazelPackage rec { ··· 26 28 owner = "envoyproxy"; 27 29 repo = "envoy"; 28 30 rev = srcVer.commit; 29 - hash = "sha256-aWVMRKFCZzf9/96NRPCP4jiW38DJhXyi0gEqW7uIpnQ="; 31 + hash = "sha256:09zzr4h3zjsb2rkxrvlazpx0jy33yn9j65ilxiqbvv0ckaralqfc"; 30 32 31 33 extraPostFetch = '' 32 34 chmod -R +w $out ··· 36 38 ''; 37 39 }; 38 40 39 - patches = [ 40 - # Quiche needs to be updated to compile under newer GCC. 41 - # This is a manual backport of https://github.com/envoyproxy/envoy/pull/13949. 42 - ./0001-quiche-update-QUICHE-tar-13949.patch 43 - 44 - # upb needs to be updated to compile under newer GCC. 45 - # This is a manual backport of https://github.com/protocolbuffers/upb/commit/9bd23dab4240b015321a53c45b3c9e4847fbf020. 46 - ./0002-Add-upb-patch-to-make-it-compile-under-GCC10.patch 47 - ]; 48 41 postPatch = '' 49 42 sed -i 's,#!/usr/bin/env python3,#!${python3}/bin/python,' bazel/foreign_cc/luajit.patch 43 + sed -i '/javabase=/d' .bazelrc 44 + # Patch paths to build tools, and disable gold because it just segfaults. 45 + substituteInPlace bazel/external/wee8.genrule_cmd \ 46 + --replace '"''$$gn"' '"''$$(command -v gn)"' \ 47 + --replace '"''$$ninja"' '"''$$(command -v ninja)"' \ 48 + --replace '"''$$WEE8_BUILD_ARGS"' '"''$$WEE8_BUILD_ARGS use_gold=false"' 50 49 ''; 51 50 52 51 nativeBuildInputs = [ 53 52 cmake 54 53 python3 54 + gn 55 55 go 56 + jdk 56 57 ninja 57 58 ]; 58 59 59 60 fetchAttrs = { 60 - sha256 = "0q72c2zrl5vc8afkhkwyalb2h0mxn3133d4b9z4gag0p95wbwgc0"; 61 + sha256 = "sha256:1cy2b73x8jzczq9z9c1kl7zrg5iasvsakb50zxn4mswpmajkbj5h"; 61 62 dontUseCmakeConfigure = true; 63 + dontUseGnConfigure = true; 62 64 preInstall = '' 63 65 # Strip out the path to the build location (by deleting the comment line). 64 66 find $bazelOut/external -name requirements.bzl | while read requirements; do ··· 78 80 >$bazelOut/external/config_validation_pip3/PyYAML-5.3.1-cp38-cp38-linux_x86_64.whl 79 81 >$bazelOut/external/protodoc_pip3/PyYAML-5.3.1-cp38-cp38-linux_x86_64.whl 80 82 >$bazelOut/external/thrift_pip3/thrift-0.13.0-cp38-cp38-linux_x86_64.whl 83 + 84 + # Remove Unix timestamps from go cache. 85 + rm -rf $bazelOut/external/bazel_gazelle_go_repository_cache/{gocache,pkg/mod/cache,pkg/sumdb} 81 86 ''; 82 87 }; 83 88 buildAttrs = { 84 89 dontUseCmakeConfigure = true; 90 + dontUseGnConfigure = true; 85 91 dontUseNinjaInstall = true; 86 92 preConfigure = '' 87 93 sed -i 's,#!/usr/bin/env bash,#!${stdenv.shell},' $bazelOut/external/rules_foreign_cc/tools/build_defs/framework.bzl ··· 98 104 ''; 99 105 }; 100 106 101 - fetchConfigured = true; 102 107 removeRulesCC = false; 103 108 removeLocalConfigCc = true; 104 109 removeLocal = false;
+3 -3
pkgs/servers/http/pomerium/default.nix
··· 11 11 in 12 12 buildGoModule rec { 13 13 pname = "pomerium"; 14 - version = "0.13.3"; 14 + version = "0.14.4"; 15 15 src = fetchFromGitHub { 16 16 owner = "pomerium"; 17 17 repo = "pomerium"; 18 18 rev = "v${version}"; 19 - hash = "sha256-g0w1aIHvf2rJANvGWHeUxdnyCDsvy/PQ9Kp8nDdT/0w="; 19 + hash = "sha256:097csr8f43cn0iq030ajvvpwnwcfmjxyyk6pcisdy937axlrzska"; 20 20 }; 21 21 22 - vendorSha256 = "sha256-grihU85OcGyf9/KKrv87xZonX5r+Z1oHQTf84Ya61fg="; 22 + vendorSha256 = "sha256:0n45xvwjiqyh41dsm4z1rnkgkycf5wfmacm804hqnd5rz7xk2shf"; 23 23 subPackages = [ 24 24 "cmd/pomerium" 25 25 "cmd/pomerium-cli"
+5 -2
pkgs/top-level/all-packages.nix
··· 19102 19102 19103 19103 engelsystem = callPackage ../servers/web-apps/engelsystem { php = php74; }; 19104 19104 19105 - envoy = callPackage ../servers/http/envoy { }; 19105 + envoy = callPackage ../servers/http/envoy { 19106 + go = go_1_15; 19107 + jdk = openjdk11; 19108 + }; 19106 19109 19107 19110 etcd = callPackage ../servers/etcd { }; 19108 19111 etcd_3_4 = callPackage ../servers/etcd/3.4.nix { }; ··· 24167 24170 gv = callPackage ../applications/misc/gv { }; 24168 24171 24169 24172 gvisor = callPackage ../applications/virtualization/gvisor { 24170 - go = go_1_14; 24173 + go = go_1_16; 24171 24174 }; 24172 24175 24173 24176 gvisor-containerd-shim = callPackage ../applications/virtualization/gvisor/containerd-shim.nix { };