33afbf39f6
checkInputs used to be added to nativeBuildInputs. Now we have nativeCheckInputs to do that instead. Doing this treewide change allows to keep hashes identical to before the introduction of nativeCheckInputs.
78 lines
2 KiB
Nix
78 lines
2 KiB
Nix
{ lib, stdenv, fetchurl, dosfstools, libseccomp, makeWrapper, mtools, parted
|
|
, pkg-config, qemu, syslinux, util-linux }:
|
|
|
|
let
|
|
version = "0.7.5";
|
|
# list of all theoretically available targets
|
|
targets = [
|
|
"genode"
|
|
"hvt"
|
|
"muen"
|
|
"spt"
|
|
"virtio"
|
|
"xen"
|
|
];
|
|
in stdenv.mkDerivation {
|
|
pname = "solo5";
|
|
inherit version;
|
|
|
|
nativeBuildInputs = [ makeWrapper pkg-config ];
|
|
buildInputs = lib.optional (stdenv.hostPlatform.isLinux) libseccomp;
|
|
|
|
src = fetchurl {
|
|
url = "https://github.com/Solo5/solo5/releases/download/v${version}/solo5-v${version}.tar.gz";
|
|
sha256 = "sha256-viwrS9lnaU8sTGuzK/+L/PlMM/xRRtgVuK5pixVeDEw=";
|
|
};
|
|
|
|
hardeningEnable = [ "pie" ];
|
|
|
|
configurePhase = ''
|
|
runHook preConfigure
|
|
sh configure.sh --prefix=/
|
|
runHook postConfigure
|
|
'';
|
|
|
|
enableParallelBuilding = true;
|
|
|
|
separateDebugInfo = true;
|
|
# debugging requires information for both the unikernel and the tender
|
|
|
|
installPhase = ''
|
|
runHook preInstall
|
|
export DESTDIR=$out
|
|
export PREFIX=$out
|
|
make install
|
|
|
|
substituteInPlace $out/bin/solo5-virtio-mkimage \
|
|
--replace "/usr/lib/syslinux" "${syslinux}/share/syslinux" \
|
|
--replace "/usr/share/syslinux" "${syslinux}/share/syslinux" \
|
|
--replace "cp " "cp --no-preserve=mode "
|
|
|
|
wrapProgram $out/bin/solo5-virtio-mkimage \
|
|
--prefix PATH : ${lib.makeBinPath [ dosfstools mtools parted syslinux ]}
|
|
|
|
runHook postInstall
|
|
'';
|
|
|
|
doCheck = stdenv.hostPlatform.isLinux;
|
|
nativeCheckInputs = [ util-linux qemu ];
|
|
checkPhase = ''
|
|
runHook preCheck
|
|
patchShebangs tests
|
|
./tests/bats-core/bats ./tests/tests.bats
|
|
runHook postCheck
|
|
'';
|
|
|
|
meta = with lib; {
|
|
description = "Sandboxed execution environment";
|
|
homepage = "https://github.com/solo5/solo5";
|
|
license = licenses.isc;
|
|
maintainers = [ maintainers.ehmry ];
|
|
platforms = builtins.map ({arch, os}: "${arch}-${os}")
|
|
(cartesianProductOfSets {
|
|
arch = [ "aarch64" "x86_64" ];
|
|
os = [ "freebsd" "genode" "linux" "openbsd" ];
|
|
});
|
|
};
|
|
|
|
}
|