Commit Graph

2426 Commits

Author SHA1 Message Date
Michael Weiss
337380ea1d gitRepo: Fix an error due to missing TLS certificates
This was a problem when run inside a sandbox, e.g. via
"fetchRepoProject". The error message from repo seems unrelated:

fatal: Cannot get https://gerrit.googlesource.com/git-repo/clone.bundle
fatal: error no host given

But the exception is actually thrown due to missing certificates
(/etc/ssl/certs). It should be possible to provide another location via
environment variables (e.g. SSL_CERT_FILE, REQUESTS_CA_BUNDLE or
CURL_CA_BUNDLE) but apparently that doesn't actually work for some
reason (would have to study our Python packaging).

Now "fetchRepoProject" works without the "--no-clone-bundle" option.
2017-09-16 22:13:56 +02:00
Michael Weiss
62b9d78b18 fetchRepoProject: Fix the GnuPG verification
The verification was failing with the following error:
gpg: keyblock resource '/tmp/nix-build-XYZ.drv-0/.repo/repo/./.repoconfig/gnupg/pubring.kbx': No such file or directory

Using an absolute path for $HOME fixes this.

And since 175ecbab91 the dependencies on
"git" and "gnupg" aren't required anymore as "gitRepo" already covers
them.
2017-09-16 17:57:14 +02:00
Michael Weiss
50ce8abccf fetchRepoProject: Refactor the code
Should hopefully make it a bit more readable and less redundant.
2017-09-16 17:25:25 +02:00
Frederik Rietdijk
03fa6965ad Merge remote-tracking branch 'upstream/master' into HEAD 2017-09-16 12:34:32 +02:00
John Ericson
12452178e8 Merge pull request #29381 from obsidiansystems/autoreconf-hook
autoreconfHook: Simplify by avoiding `findInputs`
2017-09-14 13:16:53 -04:00
John Ericson
d242978671 autoreconfHook: Simplify by avoiding findInputs
`findInputs` is a stdenv/setup helper we should strive not to call
elsewhere. Using normal deps is more idiomatic anyways.
2017-09-14 13:16:12 -04:00
Frederik Rietdijk
87f757e834 Merge pull request #27780 from tilpner/overridable-buildenv
Make buildEnv overridable
2017-09-14 17:26:33 +02:00
Domen Kožar
f49b7d3c88
vm: remove trusty-updates hash as it changes too often 2017-09-14 11:29:10 +02:00
Jörg Thalheim
9e7db9a9f9 Merge pull request #28963 from nlewo/docker-readiness
dockerTools.pullImage: change the docker deamon readiness mechanism
2017-09-13 10:39:16 +01:00
Frederik Rietdijk
628b6c0e9d Merge remote-tracking branch 'upstream/master' into HEAD 2017-09-11 22:52:53 +02:00
Domen Kožar
c7a152e5d0
vm: bump trusty-updates hash
In future we might just not use the updates if hash changes too
often.
2017-09-11 13:02:19 +02:00
Eelco Dolstra
ec8d41f08c
Revert "Merge pull request #28557 from obsidiansystems/binutils-wrapper"
This reverts commit 0a944b345e, reversing
changes made to 61733ed6cc.

I dislike these massive stdenv changes with unclear motivation,
especially when they involve gratuitous mass renames like NIX_CC ->
NIX_BINUTILS. The previous such rename (NIX_GCC -> NIX_CC) caused
months of pain, so let's not do that again.
2017-09-07 12:51:21 +02:00
John Ericson
eb326c9cb7 macos-sierra-shared: Fix, after binutils-wrapper broke it
cctool's as needs to be told use to use gnu as, or else we'd need a
dependency cycle between cctools and clang for this case.

In general, this is not a problem because clang uses its own integrated
assembler where possible, and gnu as otherwise.
2017-09-06 14:28:14 -04:00
John Ericson
3601a97e3c binutils-wrapper: Accidentally deleted macOS Sierra reexport hack
Did this when spliting off binutils-wrapper from cc-wrapper in
40e9b2a7e6: I deleted the file instead of
moving it.
2017-09-04 11:26:41 -04:00
Antoine Eiche
132e790735 dockerTools.pullImage: change the docker deamon readiness mechanism
To wait for the docker deamon, curl requests are sent. However, if a
http proxy is set, it will respond instead of the docker daemon.
To avoid this, we send docker ps command instead of curl command.
2017-09-04 10:52:16 +02:00
John Ericson
0a944b345e Merge pull request #28557 from obsidiansystems/binutils-wrapper
Binutils-wrapper: Init by refactoring out of cc-wrapper
2017-09-03 10:37:27 -04:00
Vladimír Čunát
51d6d27e90
Merge #28227: set-source-date-epoch-to-latest.sh: ignore generated files 2017-09-02 21:36:34 +02:00
Frederik Rietdijk
d0dab8a330 Merge remote-tracking branch 'upstream/master' into HEAD 2017-09-02 11:10:52 +02:00
John Ericson
dbf6d20d64 binutils-wrapper: Import separately from cc-wrapper 2017-09-01 11:44:56 -04:00
John Ericson
40e9b2a7e6 binutils-wrapper: Init
Factor a binutils wrapper out of cc-wrapper. While only LD is wrapped,
the setup hook defines environment variables on behalf of other
utilites.
2017-09-01 11:44:55 -04:00
John Ericson
fbb7d335db cc-wrapper: Use separate mangler for "bool" variables
This avoids any `NIX_FOOBAR=1 1` not triggering conditions.
2017-09-01 11:44:54 -04:00
John Ericson
1f5807d760 cc-wrapper: Pull variable mangler into utils.sh
In preparation for splitting out binutils-wrapper
2017-09-01 11:44:54 -04:00
John Ericson
94c0267fc1 cc-wrapper: Clean up dynamic linking with x86 multilib
It's better layering to do everything in ld-wrapper.
2017-09-01 11:44:54 -04:00
John Ericson
3d3a6e0fac cc-wrapper: Remove support for NIX_LDFLAGS_HARDEN
It has long been deprecated
2017-08-31 13:54:32 -04:00
John Ericson
46fd4bcb14 cc-wrapper: Remove {START,EXEC}_HOOK
These are no longer used by anything
2017-08-31 13:54:07 -04:00
Frederik Rietdijk
6d4bd78fad Merge commit '2858c41' into HEAD 2017-08-30 21:07:07 +02:00
John Ericson
97a48835b7 mkDerivation, cc-wrapper: Check hardening flag validity in Nix
This becomes necessary if more wrappers besides cc-wrapper start
supporting hardening flags. Also good to make the warning into an
error.

Also ensure interface is being used right: Not as a string, not just in
bash.
2017-08-30 17:53:42 +02:00
John Ericson
822a8d0148 cc-wrapper: Remove redundant hardening
GCC just passes `-z ...` flags to ld unaltered, and they are already
passed to LD anyways. On the other hand, `-pie` affects gcc behavior
too.
2017-08-30 17:53:42 +02:00
Antoine Eiche
d4b0883ad2 vm: Add trusty-updates to the packages list 2017-08-30 02:18:56 +02:00
Daiderd Jordan
5a28fd660a
darwin-frameworks: move fixup setup-hook 2017-08-28 23:25:11 +02:00
Daiderd Jordan
92652b4d79
darwin-CF: use @rpath for library id and add an rpath entry for CF based on NIX_COREFOUNDATION_RPATH 2017-08-28 23:24:58 +02:00
John Ericson
42e639066b Merge pull request #28556 from obsidiansystems/cc-wrapper-nix-cleanup
cc-wrapper: Cleanup of Nix
2017-08-26 17:48:34 -04:00
John Ericson
df7c305c4c cc-wrapper: Leverage the setup script instead of buildCommand 2017-08-25 15:10:05 -04:00
John Ericson
dc47e763c1 cc-wrapper: Use set -u for better maintainability 2017-08-25 15:10:05 -04:00
John Ericson
a470be5a16 expand-response-params: Build more normally 2017-08-25 15:10:02 -04:00
Frederik Rietdijk
656e14f64f Merge remote-tracking branch 'upstream/python-wip' into HEAD 2017-08-25 19:37:57 +02:00
John Ericson
287fce6402 expand-response-params: Pull out of cc-wrapper
No hashes were changed
2017-08-25 11:21:09 -04:00
Daniel Peebles
4f7f48fb1a Merge pull request #28521 from obsidiansystems/cc-wrapper-dead-code
cc-wrapper: Remove dead code
2017-08-24 16:05:51 -04:00
volth
0d80fabbf9 mirrors: update apache and cpan mirrors
removed dead mirrors, added new
2017-08-24 04:22:07 +00:00
Tuomas Tynkkynen
0c0fad6141 treewide: Consistently call ARM 'arm'
No need for silly differences.
2017-08-24 01:17:01 +03:00
John Ericson
08f3a60e7b cc-wrapper: Remove dead code
ccPath is only defined below, so this condition would never be true.

Worse, that's not quite true: what if somebody happend to have `/clang`
and no sandboxing. Boy, wouldn't that be annoying to debug!
2017-08-23 17:09:47 -04:00
John Ericson
0135e61b4c Merge remote-tracking branch 'upstream/master' into staging
That way the tarball job succeeds
2017-08-21 18:42:57 -04:00
John Ericson
c035711072 cc-wrapper: Remove unused params
Ensured hashes unchanged and eval succeeds in tarball job
2017-08-21 18:40:41 -04:00
Bojan Nikolic
ad8d5649a2 set +u workaround for empty arrays
libDirs can be empty, which in combination with "set -u" of
9f1e009975 will cause a variable unbound
error on old bash versions
2017-08-21 12:27:26 +01:00
Daiderd Jordan
5d3527c148
cc-wrapper: don't export CPP
CPP defaults to $(CC) -E and setting it explicitly seems to cause
issues in a number of packages like gcc and gdb.

https://www.gnu.org/software/make/manual/html_node/Implicit-Variables.html
2017-08-16 21:38:32 +02:00
John Ericson
3c9cf282bb cc-wrapper: Improve set -u compliance 2017-08-14 14:44:32 -04:00
Eelco Dolstra
9eb901b70d
Merge remote-tracking branch 'origin/gcc-6' into staging 2017-08-14 11:38:00 +02:00
Frederik Rietdijk
62dac1bdd9 Merge remote-tracking branch 'upstream/master' into HEAD 2017-08-14 09:34:10 +02:00
Frederik Rietdijk
13bbaee21d Merge pull request #27881 from mimadrid/fix/http-https
Update homepage attributes: http -> https
2017-08-13 21:53:20 +02:00
volth
4ebeb7d782 use \0 instead of \n 2017-08-13 14:03:05 +00:00