Commit Graph

34 Commits

Author SHA1 Message Date
zimbatm
f8d67ec135
buildRustPackage: add verifyCargoDeps option
One issue with cargoSha256 is that it's hard to detect when it needs to
be updated or not. It's possible to upgrade a package and forget to
update cargoSha256 and run with old versions of the program or
libraries.

This commit introduces `verifyCargoDeps` which, when enabled, will check
that the Cargo.lock is not out of date in the cargoDeps by comparing it
with the package source.
2019-09-30 17:09:52 +00:00
Mario Rodas
aed74e8284
cargo-vendor: drop
Cargo 1.37 imported `cargo-vendor` as built-in command [1]

[1] https://github.com/rust-lang/cargo/pull/6869
2019-09-22 20:20:20 -05:00
worldofpeace
3f4a353737 treewide: use dontUnpack 2019-07-01 04:23:51 -04:00
Alexander Krupenkin
451b181586
fetchcargo: fixed config installation path 2018-12-14 16:23:33 +03:00
Jörg Thalheim
dc8aca448d
Merge pull request #51028 from clefru/tmp-cargo-config
buildRustPackage: write cargo config to temporary file instead of source dir
2018-11-26 15:00:16 +00:00
Clemens Fruhwirth
8d4fbc55d8 Write cargo config to temporary file instead of source dir.
... as this fails if the source dir contains a "config" directory.
2018-11-25 15:26:31 +01:00
Jörg Thalheim
952f4fda86
makeRustPlatform: refactor to make it easier to understand
It is now clearer what is supposed to be in the rust attribute set
without having studied type theory. The amount of code is identically.
2018-11-21 12:44:58 +00:00
Silvan Mosberger
50578abfc5
fetchcargo: Fix cargo-vendor-normalise for darwin 2018-09-17 20:23:50 +02:00
Symphorien Gibol
a3e1da17cb cargo-vendor-normalise: add a small install check 2018-09-11 23:44:14 +02:00
Symphorien Gibol
f20b229aa1 fectchcargo: don't break old sha256 2018-09-11 23:44:14 +02:00
Symphorien Gibol
ccf72b8537 fetchcargo: normalise cargo config to ensure determinism 2018-09-11 23:44:14 +02:00
Justin Humm
b66ef28841 buildRustPackage, fetchcargo: optionally use vendor config from cargo-vendor
By setting useRealVendorConfig explicitly to true, the actual (slightly
modified) config generated by cargo-vendor is used.

This solves a problem, where the static vendor config in
pkgs/build-support/rust/default.nix would not sufficiently replace all
crates Cargo is looking for.

As useRealVendorConfig (and writeVendorConfig in fetchcargo) default to
false, there should be no breakage in existing cargoSha256 hashes.

Nethertheless, imho using this new feature should become standard. A
possible deprecation path could be:

- introduce this patch
- set useRealVendorConfig explicitly to false whereever cargoSha256 is
  set but migration is not wanted yet.
- after some time, let writeVendorConfig default to true
- when useRealVendorConfig is true everywhere cargoSha256 is set and
  enough time is passed, `assert cargoVendorDir == null ->
  useRealVendorConfig;`, remove old behaviour
- after some time, remove all appearences of useRealVendorConfig and the
  parameter itself
2018-09-11 23:44:14 +02:00
Léo Gaspard
48e5fbe8ee
buildRustPackage: allow patches to fix Cargo.lock 2018-08-13 22:07:58 +09:00
Yurii Rashkovskii
e1aecec4cd
build-support/rust: make use of abandoned cargoUpdateHook
Previously, cargoUpdateHook was meaningful as it was used
in
[`cargo-fetch-deps`](19d3cf81d3/pkgs/build-support/rust/fetch-cargo-deps (L71)).

However, this entire file was removed in
5f8cf0048e. As far as I can
tell, nothing in the code is using it, but it is still
being passed around:
https://github.com/NixOS/nixpkgs/search?q=cargoUpdateHook&type=Code&utf8=%E2%9C%93

There are, however, legitimate use cases for it. For example,
in some software, some dependencies are not locked in Cargo.toml
and this causes Cargo to try fetching another version of them.
This doesn't work well with vendoring crates.

This hook allows to inject patching or whatever necessary workarounds
in the crate vendoring process. I suppose that's what it was for
in there in the first place.

This patch restores this hook and makes it usable again.
2018-02-23 11:17:03 +07:00
Jörg Thalheim
2a2c8eab26 rust: fix evaluation 2018-02-04 00:09:00 +00:00
Tuomas Tynkkynen
6ed0fe7e45 Merge remote-tracking branch 'upstream/master' into staging
Conflicts:
	pkgs/build-support/fetchbower/default.nix
	pkgs/build-support/fetchdarcs/default.nix
	pkgs/build-support/fetchgx/default.nix
	pkgs/development/python-modules/botocore/default.nix
	pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix
	pkgs/tools/admin/awscli/default.nix
2018-01-14 21:18:27 +02:00
John Ericson
e017a027d5
Merge pull request #33681 from obsidiansystems/fixed-output-deps
Fixed output deps
2018-01-10 14:28:10 -05:00
John Ericson
888404f11b treewide: Fix deps in a few other fixed output derivations 2018-01-10 11:18:44 -05:00
Robin Gloster
7c5430c27c
Revert "rust: store the cargo-vendor config"
This reverts commit 0af2c5891b.

See 0af2c5891b (commitcomment-26737983)
This breaks the cargoSha256 hashes.
2018-01-09 15:03:03 +01:00
zimbatm
0af2c5891b rust: store the cargo-vendor config
cargo-vendor generates almost the right cargo config. Store it with the
vendored files and patch it on use.

This allows to re-use the generated config when using git dependencies.
2018-01-09 03:37:53 +01:00
Daiderd Jordan
091c2b9f04
cacert: cleanup exporting SSL_CERT_FILE 2017-12-27 21:36:32 +01:00
Kevin Cox
5f8cf0048e rust: update cargo builder to fetch registry dynamically
The biggest benefit is that we no longer have to update the registry
package. This means that just about any cargo package can be built by
nix. No longer does `cargo update` need to be feared because it will
update to packages newer then what is available in nixpkgs.

Instead of fetching the cargo registry this bundles all the source code
into a "vendor/" folder.

This also uses the new --frozen and --locked flags which is nice.

Currently cargo-vendor only provides binaries for Linux and
macOS 64-bit. This can be solved by building it for the other
architectures and uploading it somewhere (like the NixOS cache).

This also has the downside that it requires a change to everyone's deps
hash. And if the old one is used because it was cached it will fail to
build as it will attempt to use the old version. For this reason the
attribute has been renamed to `cargoSha256`.

Authors:
* Kevin Cox <kevincox@kevincox.ca>
* Jörg Thalheim <Mic92@users.noreply.github.com>
* zimbatm <zimbatm@zimbatm.com>
2017-10-23 00:30:47 +01:00
Profpatsch
61462c94e6 lib/fetchers.nix: factor out impure proxy vars (#18702)
Apparently everyone just copied those variables, instead of creating a
library constant for them. Some even removed the comment. -.-
2016-09-17 21:50:01 +02:00
David Craven
54f80775cb rust: Refactoring of rust and cargo packages 2016-06-15 12:47:13 +02:00
Nikolay Amiantov
4f74a4aacb fetch-cargo-deps: factor into fetchCargoDeps function 2016-02-25 14:05:44 +03:00
Nikolay Amiantov
34023d867d fetchcargo: set CA bundle path 2016-02-25 13:51:12 +03:00
Guillaume Maudoux
9f358f809d Configure a default trust store for openssl 2016-02-03 12:42:01 +01:00
Ricardo M. Correia
2b694c237b cargo, cargoSnapshot: add rustc runtime dependency
It turns out that cargo implicitly depends on rustc at runtime: even
`cargo help` will fail if rustc is not in the PATH.

This means that we need to wrap the cargo binary to add rustc to PATH.
However, I have opted into doing something slightly unusual: instead of
tying down a specific cargo to use a specific rustc (i.e., wrap cargo so
that "${rustc}/bin" is prefixed into PATH), instead I'm adding the rustc
used to build cargo as a fallback rust compiler (i.e., wrap cargo so
that "${rustc}/bin" is suffixed into PATH). This means that cargo will
prefer to use a rust compiler that is in the default path, but fallback
into the one used to build cargo only if there wasn't any rust compiler
in the default path.

The reason I'm doing this is that otherwise it could cause unexpected
effects. For example, if you had a build environment with the
rustcMaster and cargo derivations, you would expect cargo to use
rustcMaster to compile your project (since rustcMaster would be the only
compiler available in $PATH), but this wouldn't happen if we tied down
cargo to use the rustc that was used to compile it (because the default
cargo derivation gets compiled with the stable rust compiler).

That said, I have slightly modified makeRustPlatform so that a rust
platform will always use the rust compiler that was used to build cargo,
because this prevents mistakenly depending on two different versions of
the rust compiler (stable and unstable) in the same rust platform,
something which is usually undesirable.

Fixes #11053
2015-11-18 02:41:45 +01:00
Ricardo M. Correia
777c9c3768 buildRustPackage: fix erroneous /bin/sh reference
The fetch-cargo-deps script is written in bash syntax, but it
erroneously ran under the /bin/sh interpreter.

This wasn't noticed because /bin/sh is actually bash in NixOS, but on
some other systems this is not true.
2015-10-29 15:16:51 +01:00
William A. Kennington III
ffd0539eba cacert: store ca-bundle.crt in $out/etc/ssl/certs instead of $out 2015-06-05 13:00:52 -07:00
William A. Kennington III
14c1e0fa1f Fix ca-bundle paths 2015-05-29 14:03:34 -07:00
Ricardo M. Correia
d7ebe7a4f3 buildRustPackage: Accept srcs attribute as well
Add support for building Rust packages that have multiple sources, i.e.,
that use the `srcs` and `sourceRoot` attributes instead of just `src`.
2015-05-29 19:46:20 +02:00
Ricardo M. Correia
e42c17ee97 buildRustPackage: Fix Cargo.lock being ignored
It turns out that `cargo`, with respect to registry dependencies, was
ignoring the package versions locked in `Cargo.lock` because we changed
the registry index URL.

Therefore, every time `rustRegistry` would be updated, we'd always try
to use the latest version available for every dependency and as a result
the deps' SHA256 hashes would almost always have to be changed.

To fix this, now we do a string substitution in `Cargo.lock` of the
`crates.io` registry URL with our URL. This should be safe because our
registry is just a copy of the `crates.io` registry at a certain point
in time.

Since now we don't always use the latest version of every dependency,
the build of `cargo` actually started to fail because two of the
dependencies specified in its `Cargo.lock` file have build failures.

To fix the latter problem, I've added a `cargoUpdateHook` variable that
gets ran both when fetching dependencies and just before building the
program. The purpose of `cargoUpdateHook` is to do any ad-hoc updating
of dependencies necessary to get the package to build. The use of the
'--precise' flag is needed so that cargo doesn't try to fetch an even
newer version whenever `rustRegistry` is updated (and therefore have to
change depsSha256 as a consequence).
2015-04-23 02:58:07 +02:00
Georges Dubus
7d67efa3f2 Add support for building cargo'ed Rust programs 2015-04-21 19:46:29 +02:00