From 7904fffeefcdb673753defbc03564e9627f50531 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Domen=20Ko=C5=BEar?= Date: Tue, 6 Jul 2021 13:05:32 +0200 Subject: [PATCH 1/2] GHA: add basic eval checks --- .github/workflows/basic-eval.yml | 20 +++++++ pkgs/top-level/make-tarball.nix | 54 +++---------------- .../nixpkgs-basic-release-checks.nix | 53 ++++++++++++++++++ 3 files changed, 80 insertions(+), 47 deletions(-) create mode 100644 .github/workflows/basic-eval.yml create mode 100644 pkgs/top-level/nixpkgs-basic-release-checks.nix diff --git a/.github/workflows/basic-eval.yml b/.github/workflows/basic-eval.yml new file mode 100644 index 000000000000..3d12eda314f1 --- /dev/null +++ b/.github/workflows/basic-eval.yml @@ -0,0 +1,20 @@ +name: Basic evaluation checks + +on: + pull_request: + branches: + - master + - release-** + push: + branches: + - master + - release-** +jobs: + tests: + runs-on: ubuntu-latest + # we don't limit this action to only NixOS repo since the checks are cheap and useful developer feedback + steps: + - uses: actions/checkout@v2 + - uses: cachix/install-nix-action@v13 + # explicit list of supportedSystems is needed until aarch64-darwin becomes part of the trunk jobset + - run: nix-build pkgs/top-level/release.nix -A tarball.nixpkgs-basic-release-checks --arg supportedSystems '[ "aarch64-darwin" "aarch64-linux" "x86_64-linux" "x86_64-darwin" ]' diff --git a/pkgs/top-level/make-tarball.nix b/pkgs/top-level/make-tarball.nix index d0728c5d1b2c..ac6648374ab1 100644 --- a/pkgs/top-level/make-tarball.nix +++ b/pkgs/top-level/make-tarball.nix @@ -10,9 +10,7 @@ , lib-tests ? import ../../lib/tests/release.nix { inherit pkgs; } }: -with pkgs; - -releaseTools.sourceTarball { +pkgs.releaseTools.sourceTarball { name = "nixpkgs-tarball"; src = nixpkgs; @@ -23,7 +21,7 @@ releaseTools.sourceTarball { then builtins.substring 0 8 (nixpkgs.lastModifiedDate or nixpkgs.lastModified) else toString nixpkgs.revCount}.${nixpkgs.shortRev or "dirty"}"; - buildInputs = [ nix.out jq lib-tests pkgs.brotli ]; + buildInputs = with pkgs; [ nix.out jq lib-tests pkgs.brotli ]; configurePhase = '' eval "$preConfigure" @@ -34,6 +32,9 @@ releaseTools.sourceTarball { echo "git-revision is $(cat .git-revision)" ''; + nixpkgs-basic-release-checks = import ./nixpkgs-basic-release-checks.nix + { inherit nix pkgs nixpkgs supportedSystems; }; + dontBuild = false; doCheck = true; @@ -46,47 +47,6 @@ releaseTools.sourceTarball { opts=(--option build-users-group "") nix-store --init - echo 'abort "Illegal use of in Nixpkgs."' > $TMPDIR/barf.nix - - # Make sure that Nixpkgs does not use . - badFiles=$(find pkgs -type f -name '*.nix' -print | xargs grep -l '^[^#]* to refer to itself." - echo "The offending files: $badFiles" - exit 1 - fi - - # Make sure that derivation paths do not depend on the Nixpkgs path. - mkdir $TMPDIR/foo - ln -s $(readlink -f .) $TMPDIR/foo/bar - p1=$(nix-instantiate ./. --dry-run -A firefox --show-trace) - p2=$(nix-instantiate $TMPDIR/foo/bar --dry-run -A firefox --show-trace) - if [ "$p1" != "$p2" ]; then - echo "Nixpkgs evaluation depends on Nixpkgs path ($p1 vs $p2)!" - exit 1 - fi - - # Check that all-packages.nix evaluates on a number of platforms without any warnings. - for platform in ${pkgs.lib.concatStringsSep " " supportedSystems}; do - header "checking Nixpkgs on $platform" - - nix-env -f . \ - --show-trace --argstr system "$platform" \ - -qa --drv-path --system-filter \* --system \ - "''${opts[@]}" 2>&1 >/dev/null | tee eval-warnings.log - - if [ -s eval-warnings.log ]; then - echo "Nixpkgs on $platform evaluated with warnings, aborting" - exit 1 - fi - rm eval-warnings.log - - nix-env -f . \ - --show-trace --argstr system "$platform" \ - -qa --drv-path --system-filter \* --system --meta --xml \ - "''${opts[@]}" > /dev/null - done - header "checking eval-release.nix" nix-instantiate --eval --strict --show-trace ./maintainers/scripts/eval-release.nix > /dev/null @@ -104,7 +64,7 @@ releaseTools.sourceTarball { header "generating packages.json" mkdir -p $out/nix-support echo -n '{"version":2,"packages":' > tmp - nix-env -f . -I nixpkgs=${src} -qa --json --arg config 'import ${./packages-config.nix}' "''${opts[@]}" >> tmp + nix-env -f . -I nixpkgs=$src -qa --json --arg config 'import ${./packages-config.nix}' "''${opts[@]}" >> tmp echo -n '}' >> tmp packages=$out/packages.json.br < tmp sed "s|$(pwd)/||g" | jq -c | brotli -9 > $packages @@ -121,6 +81,6 @@ releaseTools.sourceTarball { ''; meta = { - maintainers = [ lib.maintainers.all ]; + maintainers = [ pkgs.lib.maintainers.all ]; }; } diff --git a/pkgs/top-level/nixpkgs-basic-release-checks.nix b/pkgs/top-level/nixpkgs-basic-release-checks.nix new file mode 100644 index 000000000000..ffd92d587ba1 --- /dev/null +++ b/pkgs/top-level/nixpkgs-basic-release-checks.nix @@ -0,0 +1,53 @@ +{ supportedSystems, nixpkgs, pkgs, nix }: + +pkgs.runCommand "nixpkgs-release-checks" { src = nixpkgs; buildInputs = [nix]; } '' + set -o pipefail + + export NIX_STATE_DIR=$TMPDIR + export NIX_PATH=nixpkgs=$TMPDIR/barf.nix + opts=(--option build-users-group "") + nix-store --init + + echo 'abort "Illegal use of in Nixpkgs."' > $TMPDIR/barf.nix + + # Make sure that Nixpkgs does not use . + badFiles=$(find $src/pkgs -type f -name '*.nix' -print | xargs grep -l '^[^#]* to refer to itself." + echo "The offending files: $badFiles" + exit 1 + fi + + # Make sure that derivation paths do not depend on the Nixpkgs path. + mkdir $TMPDIR/foo + ln -s $(readlink -f $src) $TMPDIR/foo/bar + p1=$(nix-instantiate $src --dry-run -A firefox --show-trace) + p2=$(nix-instantiate $TMPDIR/foo/bar --dry-run -A firefox --show-trace) + if [ "$p1" != "$p2" ]; then + echo "Nixpkgs evaluation depends on Nixpkgs path ($p1 vs $p2)!" + exit 1 + fi + + # Check that all-packages.nix evaluates on a number of platforms without any warnings. + for platform in ${pkgs.lib.concatStringsSep " " supportedSystems}; do + header "checking Nixpkgs on $platform" + + nix-env -f $src \ + --show-trace --argstr system "$platform" \ + -qa --drv-path --system-filter \* --system \ + "''${opts[@]}" 2>&1 >/dev/null | tee eval-warnings.log + + if [ -s eval-warnings.log ]; then + echo "Nixpkgs on $platform evaluated with warnings, aborting" + exit 1 + fi + rm eval-warnings.log + + nix-env -f $src \ + --show-trace --argstr system "$platform" \ + -qa --drv-path --system-filter \* --system --meta --xml \ + "''${opts[@]}" > /dev/null + done + + touch $out +'' From 81a35d65500707f87d884cf156ac2bde70881cdd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Domen=20Ko=C5=BEar?= Date: Thu, 8 Jul 2021 13:03:57 +0200 Subject: [PATCH 2/2] Update pkgs/top-level/make-tarball.nix Co-authored-by: Sandro --- pkgs/top-level/make-tarball.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/top-level/make-tarball.nix b/pkgs/top-level/make-tarball.nix index ac6648374ab1..c5a5a4376999 100644 --- a/pkgs/top-level/make-tarball.nix +++ b/pkgs/top-level/make-tarball.nix @@ -21,7 +21,7 @@ pkgs.releaseTools.sourceTarball { then builtins.substring 0 8 (nixpkgs.lastModifiedDate or nixpkgs.lastModified) else toString nixpkgs.revCount}.${nixpkgs.shortRev or "dirty"}"; - buildInputs = with pkgs; [ nix.out jq lib-tests pkgs.brotli ]; + buildInputs = with pkgs; [ nix.out jq lib-tests brotli ]; configurePhase = '' eval "$preConfigure"