Commit graph

2789 commits

Author SHA1 Message Date
Jules Aguillon
f25a13212b types.singleLineStr: Disallow \r 2022-01-18 23:56:50 +01:00
Jules Aguillon
df590070b0 types.singleLineStr: strings that don't contain '\n'
Add a new type, inheriting 'types.str' but checking whether the value
doesn't contain any newline characters.

The motivation comes from a problem with the
'users.users.${u}.openssh.authorizedKeys' option.
It is easy to unintentionally insert a newline character at the end of a
string, or even in the middle, for example:

    restricted_ssh_keys = command: keys:
      let
        prefix = ''
          command="${command}",no-pty,no-agent-forwarding,no-port-forwarding,no-X11-forwarding
        '';
      in map (key: "${prefix} ${key}") keys;

The 'prefix' string ends with a newline, which ends up in the middle of
a key entry after a few manipulations.

This is problematic because the key file is built by concatenating all
the keys with 'concatStringsSep "\n"', with result in two entries for
the faulty key:

    ''
      command="...",options...
      MY_KEY
    ''

This is hard to debug and might be dangerous. This is now caught at
build time.
2022-01-18 22:06:34 +01:00
Robert Hensing
c253b04a2f
Merge pull request #151748 from hercules-ci/check-nixpkgs-overlays-type
Check nixpkgs overlays argument types
2022-01-05 12:40:51 +01:00
pennae
fc614c37c6 nixos/documentation: split options doc build
most modules can be evaluated for their documentation in a very
restricted environment that doesn't include all of nixpkgs. this
evaluation can then be cached and reused for subsequent builds, merging
only documentation that has changed into the cached set. since nixos
ships with a large number of modules of which only a few are used in any
given config this can save evaluation a huge percentage of nixos
options available in any given config.

in tests of this caching, despite having to copy most of nixos/, saves
about 80% of the time needed to build the system manual, or about two
second on the machine used for testing. build time for a full system
config shrank from 9.4s to 7.4s, while turning documentation off
entirely shortened the build to 7.1s.
2022-01-02 19:46:13 +01:00
Robert Hensing
f2c5c706f4 lib.throwIfNot: init 2021-12-22 13:13:50 +01:00
Graham Christensen
06edb74413
Merge pull request #148785 from pennae/more-option-doc-staticizing
treewide: more defaultText for options
2021-12-17 11:14:08 -05:00
sternenseemann
9066c52e5a lib.systems.supported: remove aarch64-darwin from Tier 3 list
While it is a fact of life that aarch64-darwin is built on Hydra, it has
never formally been elevated from the Tier 7 state it was originally
assigned in RFC 0046. Since platform Tier status is not only
descriptive, but also normative, a consensus to commit to supporting
aarch64-darwin would need to be reached.
2021-12-16 17:51:21 +01:00
zimbatm
22991521eb
lib: fix flake check
`builtins.currentSystem` is not available in pure eval. For this
particular test, we don't really care since it's all about generating
.drv files.

Fixes the following error:

    $ nix flake check
    warning: unknown flake output 'lib'
    error: attribute 'currentSystem' missing

           at /nix/store/8wvnlbjxlr90kq2qa6d9zjpj8rqkilr5-source/lib/tests/misc.nix:499:73:

              498|     let
              499|       deriv = derivation { name = "test"; builder = "/bin/sh"; system = builtins.currentSystem; };
                 |                                                                         ^
              500|     in {
    (use '--show-trace' to show detailed location informat
2021-12-13 12:03:40 +01:00
Jörg Thalheim
108ca3d04b
Merge pull request #149924 from Mic92/aarch64be-embedded
pkgsCross.aarch64be-embedded: fix eval
2021-12-09 22:11:37 +00:00
Jörg Thalheim
a8c277c8a8 pkgsCross.x86_64-netbsd-llvm: mark as broken 2021-12-09 23:08:40 +01:00
Jörg Thalheim
41a1e7fc36 pkgsCross.ppcle-embedded: fix eval 2021-12-09 22:23:15 +01:00
Jörg Thalheim
ce33ed7545 pkgsCross.aarch64be-embedded: fix eval 2021-12-09 21:49:19 +01:00
Silvan Mosberger
6d80d3c964 nixos/modules: Allow options to be coerced to a string for convenience 2021-12-08 21:41:17 +01:00
Silvan Mosberger
ae0b7d6db0
Merge pull request #144022 from hercules-ci/lib-modules-optimize-unmatchedDefns
lib/modules: Short-circuit unmatchedDefns when configs is empty
2021-12-07 19:38:43 +01:00
Silvan Mosberger
d2c50190b7
Merge pull request #141856 from ShamrockLee/lib-spdx-license
lib/meta: add getLicenseFromSpdxId function (resumed)
2021-12-07 18:37:13 +01:00
Robert Hensing
260b941dd0 lib/modules: Deprecate args and check 2021-12-02 18:23:43 +00:00
Robert Hensing
b37f099ae7 lib/modules: Pass legacy args argument along through extendModules 2021-12-02 17:45:48 +00:00
Shamrock Lee
60950f739e lib/meta: add getLicenseFromSpdxId function
Move function spdxLicense, internally used in yarn2nix
to lib/meta.nix, and
rename to getLicenseFromSpdxId

A similar function is implemented in poetry2nix,
but the one originally in yarn2nix seems beter.
since it falls back to an license-like attrset
for mismatched case
instead of a plain string
2021-12-02 18:33:48 +08:00
Victor Engmark
44a15ab801 lib/tests: Use standard test syntax
For consistency.
2021-11-26 11:03:40 +13:00
Victor Engmark
b8f8589e9a lib/tests: Anchor config output regexes
Strengthens the tests by making sure the whole line is matched.
2021-11-26 11:02:41 +13:00
Victor Engmark
989f034ff1 lib/tests: Set hardening pragmas
Makes any programming errors more likely to show up early.

Non-obvious changes because of this:

- Ignore the `evalConfig` result in `reportFailure`; we're not checking
  it at that point.
- Pre-increment `$fail` and `$pass` to make sure the arithmetic doesn't
  result in a zero, which would result in a non-zero exit code for the
  expression.
2021-11-26 10:55:14 +13:00
Victor Engmark
bfc580f54f lib/tests: Don't return non-zero values from checks
The exit codes aren't used for anything.
2021-11-26 10:52:28 +13:00
Victor Engmark
40ae711f73 lib/tests: Avoid assigning an array to a string
As per <https://github.com/koalaman/shellcheck/wiki/SC2124>.
2021-11-26 10:52:27 +13:00
Victor Engmark
04223a0d43 lib/tests: Remove redundant semicolons 2021-11-26 10:51:56 +13:00
Victor Engmark
41fd1d8626 lib/tests: Clarify assignment
The extra equal sign was confusing, and doesn't seem to be relevant.
2021-11-26 10:51:12 +13:00
Victor Engmark
5e85cd86af lib/tests: Use correct shebang line
The script uses plenty of non-POSIX features, such as referencing
`$BASH_SOURCE`.
2021-11-26 10:51:12 +13:00
Victor Engmark
40d1c87bea lib/tests: Quote variable references 2021-11-26 10:51:12 +13:00
Victor Engmark
6d53055cb7 lib/tests: export separately from assignment
Avoids hiding the exit code from the assignment. See
<https://github.com/koalaman/shellcheck/wiki/SC2155>.
2021-11-26 09:30:10 +13:00
Timothy DeHerrera
2768bc07f7
add release notes for 22.05 and update codename 2021-11-22 15:10:53 -07:00
Robert Hensing
d464ccfdd9 modules: Add moduleType to module arguments 2021-11-22 16:50:50 +01:00
Robert Hensing
426ab31fde modules: Document that extendModules is also a module argument 2021-11-22 16:10:18 +01:00
Taeer Bar-Yam
0bef0c38f7 lib.modules: add mkDerivedConfig
mkDerivedConfig : Option a -> (a -> Definition b) -> Definition b

Create config definitions with the same priority as the definition of another option.
This should be used for option definitions where one option sets the value of another as a convenience.
For instance a config file could be set with a `text` or `source` option, where text translates to a `source`
value using `mkDerivedConfig options.text (pkgs.writeText "filename.conf")`.

It takes care of setting the right priority using `mkOverride`.
2021-11-15 07:03:41 -05:00
Jonathan Ringer
dbe6e96d0a
lib/systems: add x86_64-darwin hostPlatform 2021-11-10 11:37:34 -08:00
Bernardo Meurer
90c1cdd93f
lib/tests/sources: update to Nix 2.4 cli syntax 2021-11-09 10:47:20 -08:00
Bernardo Meurer
fd4390146e
lib/tests/modules.sh: update to Nix 2.4 syntax 2021-11-09 10:47:19 -08:00
Robert Hensing
844a9e746f lib/modules: Use strict fold' as recursiveUpdate is also strict
recursiveUpdate does not produce an attrset until it has evaluated
both its arguments to weak head normal form.

    nix-repl> lib.recursiveUpdate (throw "a") (throw "b")
    error: b

    nix-repl> lib.recursiveUpdate (throw "a") {}
    error: a
2021-11-03 19:47:03 +01:00
Robert Hensing
541ce53a3b lib/modules: Fix import* comments
Very confusing otherwise.
2021-11-03 19:39:31 +01:00
Robert Hensing
8b584158a5 lib/modules: Remove a lib.flip
In hot code, the overhead (envs, applies) can matter.
2021-11-03 19:34:27 +01:00
Robert Hensing
e8d61a25fc lib/tests/modules: Test non-strictness some more
Doesn't seem to have been a problem actually, but now it won't
regress.
2021-11-03 19:19:41 +01:00
Robert Hensing
bfaa9426c0 lib/modules: Short-circuit unmatchedDefns earlier 2021-11-03 19:05:26 +01:00
Robert Helgesson
c7678aff1b
lib: fix escapeXML example in documentation
The previous example output was forgotten copy-paste from some other
function.
2021-11-02 22:43:25 +01:00
Ben Siraphob
481afad265
Merge pull request #144072 from polykernel/lib-lists-mutuallyexclusive-optimization 2021-11-02 02:46:27 -05:00
polykernel
cd6397519f lib/lists: mutuallyExclusive function optimization
The current implementation of `mutuallyExclusive` builds a new list with
length subtracted by one on every recursive call which is expensive. When
b is empty, the function still traverses a in its entirety before returning
a result.

The new implementation uses `any` to check if each element of list b is in
list a using `elem`. This maintains short circuiting when list a or b is empty
and has a worst case time complexity of O(nm).
2021-11-01 16:29:01 -04:00
Robert Hensing
86f5136baf modules: Update evalModules doc 2021-11-01 09:38:51 +01:00
Robert Hensing
64dfd983df modules: Add visible = "shallow" to hide only sub-options 2021-11-01 09:34:07 +01:00
Robert Hensing
27644a82a9 modules: Add extendModules to module args 2021-11-01 09:34:07 +01:00
Robert Hensing
dece37b83a lib.evalModules: Add extendModules and type to result
Allows the simultaneous construction of top-level invocations and
submodule types.

This helps structure configuration systems integration code.
2021-11-01 09:34:07 +01:00
Robert Hensing
d6ebd537e5 lib/modules: Short-circuit unmatchedDefns when configs is empty 2021-10-31 22:28:42 +01:00
Ryan Burns
81ee86a2c6
Merge pull request #139284 from r-burns/powernv-kernel-config
lib/systems: update powernv kernel config
2021-10-28 13:53:16 -07:00
Silvan Mosberger
98f82e9c35
Merge pull request #141789 from pennae/eval-opt
lib: make extendDerivation lighter on eval
2021-10-21 20:17:32 +02:00