diff options
Diffstat (limited to 'nixos/modules/system/activation/top-level.nix')
-rw-r--r-- | nixos/modules/system/activation/top-level.nix | 32 |
1 files changed, 29 insertions, 3 deletions
diff --git a/nixos/modules/system/activation/top-level.nix b/nixos/modules/system/activation/top-level.nix index f2e7413547828..c28e530cdc777 100644 --- a/nixos/modules/system/activation/top-level.nix +++ b/nixos/modules/system/activation/top-level.nix @@ -263,8 +263,23 @@ in default = []; description = lib.mdDoc '' A list of packages that should be included in the system - closure but not otherwise made available to users. This is - primarily used by the installation tests. + closure but generally not visible to users. + + This option has also been used for build-time checks, but the + `system.checks` option is more appropriate for that purpose as checks + should not leave a trace in the built system configuration. + ''; + }; + + system.checks = mkOption { + type = types.listOf types.package; + default = []; + description = lib.mdDoc '' + Packages that are added as dependencies of the system's build, usually + for the purpose of validating some part of the configuration. + + Unlike `system.extraDependencies`, these store paths do not + become part of the built system configuration. ''; }; @@ -363,7 +378,17 @@ in fi ''; - system.systemBuilderArgs = lib.optionalAttrs (config.system.forbiddenDependenciesRegex != "") { + system.systemBuilderArgs = { + # Not actually used in the builder. `passedChecks` is just here to create + # the build dependencies. Checks are similar to build dependencies in the + # sense that if they fail, the system build fails. However, checks do not + # produce any output of value, so they are not used by the system builder. + # In fact, using them runs the risk of accidentally adding unneeded paths + # to the system closure, which defeats the purpose of the `system.checks` + # option, as opposed to `system.extraDependencies`. + passedChecks = concatStringsSep " " config.system.checks; + } + // lib.optionalAttrs (config.system.forbiddenDependenciesRegex != "") { inherit (config.system) forbiddenDependenciesRegex; closureInfo = pkgs.closureInfo { rootPaths = [ # override to avoid infinite recursion (and to allow using extraDependencies to add forbidden dependencies) @@ -371,6 +396,7 @@ in ]; }; }; + system.build.toplevel = if config.system.includeBuildDependencies then systemWithBuildDeps else system; }; |