diff options
| author | aszlig <aszlig@nix.build> | 2020-06-23 23:05:46 +0200 |
|---|---|---|
| committer | aszlig <aszlig@nix.build> | 2020-06-23 23:27:18 +0200 |
| commit | 6314fe724c31c54bc53bf15ebcc9c2ce9769583c (patch) | |
| tree | fb04447d9306680ec210e98211ee4e019a448b36 /pkgs/build-support | |
| parent | e4860ac4b1787577ad5fece81169f8ca807e6cfa (diff) | |
sandbox: Use closureInfo for getting runtime deps
A while ago[1], @Profpatsch added this comment above the definition of the $runtimeDeps variable: # Reads the dependency closures and does ? something? TODO: explain I just recently (yesterday as of the date of this commit) found out about that comment by accident. While this should probably be better of as an issue instead, the comment does have a point, since not everybody enjoys reading/writing sed expressions. In a nutshell, what the implementation actually does is parsing the output of the files generated by exportReferencesGraph. At the time of writing the implementation, we didn't have a JSON-based interface in Nix for doing the same, nor did we have something like pkgs.closureInfo. There was only a small Perl script[2], which did something like this, but given that it can be easily done via sed, I opted to instead use the latter. Nevertheless however, using closureInfo is not only more concise in its implementation, it also makes our implementation much more concise as well and also obvious on what we're doing here. [1]: 09dc1d8ad625b9a1d5b89593b184d316837ba1cc [2]: https://github.com/NixOS/nixpkgs/blob/8747190024205a5a3534b4e9a18dbaf3f3ee7b39/pkgs/build-support/kernel/paths-from-graph.pl Signed-off-by: aszlig <aszlig@nix.build>
Diffstat (limited to 'pkgs/build-support')
| -rw-r--r-- | pkgs/build-support/build-sandbox/default.nix | 30 |
1 files changed, 5 insertions, 25 deletions
diff --git a/pkgs/build-support/build-sandbox/default.nix b/pkgs/build-support/build-sandbox/default.nix index 4e5cffe9..0e1d4a4d 100644 --- a/pkgs/build-support/build-sandbox/default.nix +++ b/pkgs/build-support/build-sandbox/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, pkgconfig, nix, boost, dash }: +{ stdenv, lib, pkgconfig, closureInfo, nix, boost, dash }: drv: { paths ? {}, ... }@attrs: @@ -30,31 +30,11 @@ in stdenv.mkDerivation ({ inherit drv; - # writes files "sandbox-*" to the builder (see nix manual) - exportReferencesGraph = - [ "sandbox-closure" drv ] ++ - lib.optionals allowBinSh [ "sandbox-binsh" dash ]; + closureInfo = closureInfo { + rootPaths = lib.singleton drv ++ lib.optional allowBinSh dash; + }; configurePhase = '' - # Reads the dependency closures and does … something? TODO: explain - runtimeDeps="$(sed -ne ' - p; n; n - - :cdown - /^0*$/b - :l; s/0\(X*\)$/X\1/; tl - - s/^\(X*\)$/9\1/; tdone - ${lib.concatMapStrings (num: '' - s/${toString num}\(X*\)$/${toString (num - 1)}\1/; tdone - '') (lib.range 1 9)} - - :done - y/X/9/ - x; n; p; x - bcdown - ' ../sandbox-* | sort -u)" - echo '#include "setup.h"' > params.c echo 'bool setup_app_paths(void) {' >> params.c @@ -66,7 +46,7 @@ in stdenv.mkDerivation ({ >> params.c '' else '' - for dep in $runtimeDeps; do + for dep in $(< "$closureInfo/store-paths"); do echo 'if (!bind_mount("'"$dep"'", true, true, true)) return false;' \ >> params.c done |