lib, stdenv: Check meta.platforms
against host platform and be open world
First, we need check against the host platform, not the build platform. That's simple enough. Second, we move away from exahustive finite case analysis (i.e. exhaustively listing all platforms the package builds on). That only work in a closed-world setting, where we know all platforms we might build one. But with cross compilation, we may be building for arbitrary platforms, So we need fancier filters. This is the closed world to open world change. The solution is instead of having a list of systems (strings in the form "foo-bar"), we have a list of of systems or "patterns", i.e. attributes that partially match the output of the parsers in `lib.systems.parse`. The "check meta" logic treats the systems strings as an exact whitelist just as before, but treats the patterns as a fuzzy whitelist, intersecting the actual `hostPlatform` with the pattern and then checking for equality. (This is done using `matchAttrs`). The default convenience lists for `meta.platforms` are now changed to be lists of patterns (usually a single pattern) in `lib/systems/for-meta.nix` for maximum flexibility under this new system. Fixes #30902
This commit is contained in:
parent
4c52e34ca6
commit
c26252af3e
@ -47,7 +47,7 @@ let
|
||||
filesystem = callLibs ./filesystem.nix;
|
||||
|
||||
# back-compat aliases
|
||||
platforms = systems.doubles;
|
||||
platforms = systems.forMeta;
|
||||
|
||||
inherit (builtins) add addErrorContext attrNames
|
||||
concatLists deepSeq elem elemAt filter genericClosure genList
|
||||
|
@ -3,6 +3,7 @@
|
||||
|
||||
rec {
|
||||
doubles = import ./doubles.nix { inherit lib; };
|
||||
forMeta = import ./for-meta.nix { inherit lib; };
|
||||
parse = import ./parse.nix { inherit lib; };
|
||||
inspect = import ./inspect.nix { inherit lib; };
|
||||
platforms = import ./platforms.nix { inherit lib; };
|
||||
|
@ -30,14 +30,14 @@ in rec {
|
||||
aarch64 = filterDoubles predicates.isAarch64;
|
||||
x86 = filterDoubles predicates.isx86;
|
||||
i686 = filterDoubles predicates.isi686;
|
||||
mips = filterDoubles predicates.isMips;
|
||||
x86_64 = filterDoubles predicates.isx86_64;
|
||||
mips = filterDoubles predicates.isMips;
|
||||
|
||||
cygwin = filterDoubles predicates.isCygwin;
|
||||
darwin = filterDoubles predicates.isDarwin;
|
||||
freebsd = filterDoubles predicates.isFreeBSD;
|
||||
# Should be better, but MinGW is unclear, and HURD is bit-rotted.
|
||||
gnu = filterDoubles (matchAttrs { kernel = parse.kernels.linux; abi = parse.abis.gnu; });
|
||||
gnu = filterDoubles (matchAttrs { kernel = parse.kernels.linux; abi = parse.abis.gnu; });
|
||||
illumos = filterDoubles predicates.isSunOS;
|
||||
linux = filterDoubles predicates.isLinux;
|
||||
netbsd = filterDoubles predicates.isNetBSD;
|
||||
|
27
lib/systems/for-meta.nix
Normal file
27
lib/systems/for-meta.nix
Normal file
@ -0,0 +1,27 @@
|
||||
{ lib }:
|
||||
let
|
||||
inherit (lib.systems) parse;
|
||||
inherit (lib.systems.inspect) patterns;
|
||||
|
||||
in rec {
|
||||
inherit (lib.systems.doubles) all mesaPlatforms;
|
||||
none = [];
|
||||
|
||||
arm = [ patterns.Arm ];
|
||||
aarch64 = [ patterns.Aarch64 ];
|
||||
x86 = [ patterns.x86 ];
|
||||
i686 = [ patterns.i686 ];
|
||||
x86_64 = [ patterns.x86_64 ];
|
||||
mips = [ patterns.Mips ];
|
||||
|
||||
cygwin = [ patterns.Cygwin ];
|
||||
darwin = [ patterns.Darwin ];
|
||||
freebsd = [ patterns.FreeBSD ];
|
||||
# Should be better, but MinGW is unclear, and HURD is bit-rotted.
|
||||
gnu = [ { kernel = parse.kernels.linux; abi = parse.abis.gnu; } ];
|
||||
illumos = [ patterns.SunOS ];
|
||||
linux = [ patterns.Linux ];
|
||||
netbsd = [ patterns.NetBSD ];
|
||||
openbsd = [ patterns.OpenBSD ];
|
||||
unix = patterns.Unix; # Actually a list
|
||||
}
|
@ -1,7 +1,7 @@
|
||||
# Checks derivation meta and attrs for problems (like brokenness,
|
||||
# licenses, etc).
|
||||
|
||||
{ lib, config, system, meta }:
|
||||
{ lib, config, hostPlatform, meta }:
|
||||
|
||||
let
|
||||
# See discussion at https://github.com/NixOS/nixpkgs/pull/25304#issuecomment-298385426
|
||||
@ -144,7 +144,7 @@ let
|
||||
license = either (listOf lib.types.attrs) (either lib.types.attrs str);
|
||||
maintainers = listOf str;
|
||||
priority = int;
|
||||
platforms = listOf str;
|
||||
platforms = listOf (either str lib.systems.parsed.types.system);
|
||||
hydraPlatforms = listOf str;
|
||||
broken = bool;
|
||||
|
||||
@ -173,6 +173,11 @@ let
|
||||
else "key '${k}' is unrecognized; expected one of: \n\t [${lib.concatMapStringsSep ", " (x: "'${x}'") (lib.attrNames metaTypes)}]";
|
||||
checkMeta = meta: if shouldCheckMeta then lib.remove null (lib.mapAttrsToList checkMetaAttr meta) else [];
|
||||
|
||||
checkPlatform = attrs: let
|
||||
raw = attrs.meta.platforms;
|
||||
uniform = map (x: if builtins.isString x then { system = x; } else { parsed = x; }) raw;
|
||||
in lib.any (pat: lib.matchAttrs pat hostPlatform) uniform;
|
||||
|
||||
# Check if a derivation is valid, that is whether it passes checks for
|
||||
# e.g brokenness or license.
|
||||
#
|
||||
@ -186,8 +191,8 @@ let
|
||||
{ valid = false; reason = "blacklisted"; errormsg = "has a blacklisted license (‘${showLicense attrs.meta.license}’)"; }
|
||||
else if !allowBroken && attrs.meta.broken or false then
|
||||
{ valid = false; reason = "broken"; errormsg = "is marked as broken"; }
|
||||
else if !allowUnsupportedSystem && !allowBroken && attrs.meta.platforms or null != null && !lib.lists.elem system attrs.meta.platforms then
|
||||
{ valid = false; reason = "broken"; errormsg = "is not supported on ‘${system}’"; }
|
||||
else if !allowUnsupportedSystem && !allowBroken && attrs.meta.platforms or null != null && !(checkPlatform attrs) then
|
||||
{ valid = false; reason = "broken"; errormsg = "is not supported on ‘${hostPlatform.config}’"; }
|
||||
else if !(hasAllowedInsecure attrs) then
|
||||
{ valid = false; reason = "insecure"; errormsg = "is marked as insecure"; }
|
||||
else let res = checkMeta (attrs.meta or {}); in if res != [] then
|
||||
|
@ -207,7 +207,7 @@ rec {
|
||||
inherit lib config meta;
|
||||
# Nix itself uses the `system` field of a derivation to decide where
|
||||
# to build it. This is a bit confusing for cross compilation.
|
||||
inherit (stdenv) system;
|
||||
inherit (stdenv) hostPlatform;
|
||||
} attrs;
|
||||
|
||||
# The meta attribute is passed in the resulting attribute set,
|
||||
|
Loading…
Reference in New Issue
Block a user