Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit6e2dc6f

Browse files
authored
fix(flake.nix): include dev buildInputs in dogfood nix image (#16325)
1 parent1aee589 commit6e2dc6f

File tree

3 files changed

+73
-21
lines changed

3 files changed

+73
-21
lines changed

‎dogfood/contents/nix.hash‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,2 @@
1-
91e81c240fcf9f72e4c67497b68ba247a3f901147b61736072eb234e03db87b5 flake.nix
2-
b43d86368a0d2713d646d57e964dc2ac49744f5e11b6395fabed2d49596c1615 flake.lock
1+
f41c80bd08bfef063a9cfe907d0ea1f377974ebe011751f64008a3a07a6b152a flake.nix
2+
32c441011f1f3054a688c036a85eac5e4c3dbef0f8cfa4ab85acd82da577dc35 flake.lock

‎flake.nix‎

Lines changed: 20 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -85,7 +85,7 @@
8585
drpc.defaultPackage.${system}
8686
formatter
8787
fzf
88-
gcc
88+
gcc13
8989
gdk
9090
getopt
9191
gh
@@ -174,7 +174,7 @@
174174
name="coder-${osArch}";
175175
# Updated with ./scripts/update-flake.sh`.
176176
# This should be updated whenever go.mod changes!
177-
vendorHash="sha256-hJBNmHz9ZJLS/QTu8w8y1w/Yi45aSoaSeZ//ysllp6c=";
177+
vendorHash="sha256-QjqF+QZ5JKMnqkpNh6ZjrJU2QcSqiT4Dip1KoicwLYc=";
178178
proxyVendor=true;
179179
src=./.;
180180
nativeBuildInputs=withpkgs;[
@@ -212,10 +212,9 @@
212212
devShells={
213213
default=pkgs.mkShell{
214214
buildInputs=devShellPackages;
215-
shellHook=''
216-
export PLAYWRIGHT_BROWSERS_PATH=${pkgs.playwright-driver.browsers}
217-
export PLAYWRIGHT_SKIP_VALIDATE_HOST_REQUIREMENTS=true
218-
'';
215+
216+
PLAYWRIGHT_BROWSERS_PATH=pkgs.playwright-driver.browsers;
217+
PLAYWRIGHT_SKIP_VALIDATE_HOST_REQUIREMENTS=true;
219218

220219
LOCALE_ARCHIVE=
221220
withpkgs;
@@ -239,21 +238,29 @@
239238
aarch64-windows=buildFat"windows_arm64.exe";
240239
}
241240
//(pkgs.lib.optionalAttrspkgs.stdenv.isLinux{
242-
dev_image=docker.buildNixShellImage{
241+
dev_image=docker.buildNixShellImagerec{
243242
name="codercom/oss-dogfood-nix";
244243
tag="latest-${system}";
245244

245+
# (ThomasK33): Workaround for images with too many layers (>64 layers) causing sysbox
246+
# to have issues on dogfood envs.
246247
maxLayers=32;
247248

249+
uname="coder";
250+
homeDirectory="/home/${uname}";
251+
248252
drv=devShells.default.overrideAttrs(oldAttrs:{
249-
# (ThomasK33): Workaround for images with too many layers (>64 layers) causing sysbox
250-
# to have issues on dogfood envs.
251253
buildInputs=
252-
oldAttrs.buildInputs
253-
++(withpkgs;[
254-
nix
254+
(withpkgs;[
255+
busybox
255256
coreutils
256-
]);
257+
nix
258+
curl.bin# Ensure the actual curl binary is included in the PATH
259+
glibc.bin# Ensure the glibc binaries are included in the PATH
260+
binutils# ld and strings
261+
filebrowser# Ensure that we're not redownloading filebrowser on each launch
262+
])
263+
++oldAttrs.buildInputs;
257264
});
258265
};
259266
});

‎nix/docker.nix‎

Lines changed: 51 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,8 @@
1717
storeDir ?builtins.storeDir,
1818
pigz,
1919
zstd,
20+
stdenv,
21+
glibc,
2022
}:
2123
let
2224
inherit(lib)
@@ -70,6 +72,7 @@ let
7072
command ?null,
7173
run ?null,
7274
maxLayers ?100,
75+
uname ?"nixbld",
7376
}:
7477
assertlib.assertMsg(!(drv.drvAttrs.__structuredAttrsorfalse))
7578
"streamNixShellImage: Does not work with the derivation${drv.name} because it uses __structuredAttrs";
@@ -83,7 +86,14 @@ let
8386
exec${lib.escapeShellArg(valueToStringdrv.drvAttrs.builder)}${lib.escapeShellArgs(mapvalueToStringdrv.drvAttrs.args)}
8487
'';
8588

86-
staticPath="${dirOfshell}:${lib.makeBinPath[builder]}";
89+
staticPath="${dirOfshell}:${
90+
lib.makeBinPath(
91+
lib.flatten[
92+
builder
93+
drv.buildInputs
94+
]
95+
)
96+
}";
8797

8898
# https://github.com/NixOS/nix/blob/2.8.0/src/nix-build/nix-build.cc#L493-L526
8999
rcfile=writeText"nix-shell-rc"''
@@ -109,6 +119,15 @@ let
109119
''}
110120
'';
111121

122+
nixConfFile=writeText"nix-conf"''
123+
experimental-features = nix-command flakes
124+
'';
125+
126+
etcNixConf=runCommand"etcd-nix-conf"{}''
127+
mkdir -p $out/etc/nix/
128+
ln -s${nixConfFile} $out/etc/nix/nix.conf
129+
'';
130+
112131
# https://github.com/NixOS/nix/blob/2.8.0/src/libstore/globals.hh#L464-L465
113132
sandboxBuildDir="/build";
114133

@@ -142,6 +161,8 @@ let
142161
# TODO: Make configurable?
143162
NIX_BUILD_CORES="1";
144163

164+
# Make sure we get the libraries for C and C++ in.
165+
LD_LIBRARY_PATH=lib.makeLibraryPath[stdenv.cc.cc];
145166
}
146167
//drvEnv
147168
//{
@@ -153,10 +174,10 @@ let
153174
TMPDIR=sandboxBuildDir;
154175
TEMPDIR=sandboxBuildDir;
155176
TMP=sandboxBuildDir;
156-
TEMP=sandboxBuildDir;
177+
TEMP="/tmp";
157178

158179
# https://github.com/NixOS/nix/blob/2.8.0/src/libstore/build/local-derivation-goal.cc#L1015-L1019
159-
PWD=sandboxBuildDir;
180+
PWD=homeDirectory;
160181

161182
# https://github.com/NixOS/nix/blob/2.8.0/src/libstore/build/local-derivation-goal.cc#L1071-L1074
162183
# We don't set it here because the output here isn't handled in any special way
@@ -172,16 +193,17 @@ let
172193
contents=[
173194
binSh
174195
usrBinEnv
196+
etcNixConf
175197
(fakeNss.override{
176198
# Allows programs to look up the build user's home directory
177199
# https://github.com/NixOS/nix/blob/ffe155abd36366a870482625543f9bf924a58281/src/libstore/build/local-derivation-goal.cc#L906-L910
178200
# Slightly differs however: We use the passed-in homeDirectory instead of sandboxBuildDir.
179201
# We're doing this because it's arguably a bug in Nix that sandboxBuildDir is used here: https://github.com/NixOS/nix/issues/6379
180202
extraPasswdLines=[
181-
"nixbld:x:${toStringuid}:${toStringgid}:Build user:${homeDirectory}:/noshell"
203+
"${toStringuname}:x:${toStringuid}:${toStringgid}:Build user:${homeDirectory}:${lib.escapeShellArgshell}"
182204
];
183205
extraGroupLines=[
184-
"nixbld:!:${toStringgid}:"
206+
"${toStringuname}:!:${toStringgid}:"
185207
];
186208
})
187209
];
@@ -197,6 +219,28 @@ let
197219
# Gives the user control over the build directory
198220
mkdir -p .${sandboxBuildDir}
199221
chown -R${toStringuid}:${toStringgid} .${sandboxBuildDir}
222+
223+
mkdir -p .${homeDirectory}
224+
chown -R${toStringuid}:${toStringgid} .${homeDirectory}
225+
226+
mkdir -p ./tmp
227+
chown -R${toStringuid}:${toStringgid} ./tmp
228+
229+
mkdir -p ./etc/skel
230+
chown -R${toStringuid}:${toStringgid} ./etc/skel
231+
232+
# Create traditional /lib or /lib64 as needed.
233+
# For aarch64 (arm64):
234+
if [ -e "${glibc}/lib/ld-linux-aarch64.so.1" ]; then
235+
mkdir -p ./lib
236+
ln -s "${glibc}/lib/ld-linux-aarch64.so.1" ./lib/ld-linux-aarch64.so.1
237+
fi
238+
239+
# For x86_64:
240+
if [ -e "${glibc}/lib64/ld-linux-x86-64.so.2" ]; then
241+
mkdir -p ./lib64
242+
ln -s "${glibc}/lib64/ld-linux-x86-64.so.2" ./lib64/ld-linux-x86-64.so.2
243+
fi
200244
'';
201245

202246
# Run this image as the given uid/gid
@@ -215,11 +259,12 @@ let
215259
shell
216260
rcfile
217261
];
218-
config.WorkingDir=sandboxBuildDir;
262+
config.WorkingDir=homeDirectory;
219263
config.Env=lib.mapAttrsToList(name:value:"${name}=${value}")envVars;
220264
};
221265
in
222266
{
267+
inheritstreamNixShellImage;
223268

224269
# This function streams a docker image that behaves like a nix-shell for a derivation
225270
# Docs: doc/build-helpers/images/dockertools.section.md

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp