Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[20.09] git: 2.28.0 -> 2.29.2 #104896

Merged
merged 5 commits into from Nov 29, 2020
Merged

Conversation

freezeboy
Copy link
Contributor

The install step for the darwin specific $out/etc/gitconfig file
assumed that $out/etc already existed. This assumption is no longer
true after f5e2ff1 in #103421. This
change makes make sure the directory exists before adding to it.

(cherry picked from commit d686ded)

Motivation for this change

Gitaly service from Gitlab has been updated to a version to fix some CVEs, but requires git > 2.29

I cherry picked these commits to have darwin build working also

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

NeQuissimus and others added 5 commits November 25, 2020 13:59
(cherry picked from commit 6f2e993)
Asciidoc is severely outdated and is replaced by asciidoctor.
Eliminating asciidoc gets rid of a python2 dependency, see
NixOS#101964

(cherry picked from commit bbf96d8)
(cherry picked from commit 6a17829)
The install step for the darwin specific $out/etc/gitconfig file
assumed that $out/etc already existed. This assumption is no longer
true after f5e2ff1 in NixOS#103421. This
change makes make sure the directory exists before adding to it.

(cherry picked from commit d686ded)
@primeos
Copy link
Member

primeos commented Nov 25, 2020

Gitaly service from Gitlab has been updated to a version to fix some CVEs, but requires git > 2.29

So basically GitLab is broken since #104587 (or is it less severe)?:

Gitaly is the service that provides high-level RPC access to Git repositories. Without it, no GitLab components can read or write Git data. (https://docs.gitlab.com/ee/administration/gitaly/)

If that's the case this would seem to justify a Git backport (given Git's stability / backward compatibility it should be fine).

cc @NixOS/backports

@freezeboy
Copy link
Contributor Author

Well ... gitlab works ... for everything that is not using a git repository, so I guess we can call it broken

Projets, issues, etc can be configured but nothing related to the repository content (MR, CI, ...)

@flokli
Copy link
Contributor

flokli commented Nov 29, 2020

I successfully ran the gitolite tests, with this PR applied, so am fairly confident this shouldn't break git substantially. Let's get this in!

@flokli flokli merged commit c85c23a into NixOS:staging-20.09 Nov 29, 2020
@flokli flokli mentioned this pull request Nov 29, 2020
10 tasks
@freezeboy freezeboy deleted the backport-git branch November 30, 2020 00:13
@ghost ghost mentioned this pull request Dec 4, 2020
10 tasks
hswong3i added a commit to alvistack/containers-crun that referenced this pull request Dec 20, 2020
This PR introduce 3 changes:

  - Upgrade Nix stable channel from 20.03 to 20.09.

    NixOS 20.09 released at 2020-10-27, see
    <https://nixos.org/manual/nixos/stable/release-notes.html#sec-release-20.09>
    for more information.

  - Replace `git` with `gitMinimal`.

    All 6 projects (i.e. crun/conmon/skopeo/buildah/podman/cri-o) are
    having `git` as dependency for failsafe during bootstrap. BTW
    <NixOS/nixpkgs#104896> replace `asciidoc`
    with `asciidoctor` so trigger the dependency chain to `glib` and so
    failed (see below). Switching to `gitMinimal` skip this dependency
    chain to `glib`, which also speed up overall build process.

  - Adding `-pthread` for `glib`

    Since `glib` trigger error message "undefined reference to
    'pthread\_create'", therefore adding `pthread` to `CFLAGS` could
    solve the problem.

Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
hswong3i added a commit to alvistack/containers-crun that referenced this pull request Dec 20, 2020
This PR introduce 3 changes:

  - Upgrade Nix stable channel from 20.03 to 20.09.

    NixOS 20.09 released at 2020-10-27, see
    <https://nixos.org/manual/nixos/stable/release-notes.html#sec-release-20.09>
    for more information.

  - Replace `git` with `gitMinimal`.

    All 6 projects (i.e. crun/conmon/skopeo/buildah/podman/cri-o) are
    having `git` as dependency for failsafe during bootstrap. BTW
    <NixOS/nixpkgs#104896> replace `asciidoc`
    with `asciidoctor` so trigger the dependency chain to `glib` and so
    failed (see below). Switching to `gitMinimal` skip this dependency
    chain to `glib`, which also speed up overall build process.

  - Adding `-pthread` for `glib`

    Since `glib` trigger error message "undefined reference to
    'pthread\_create'", therefore adding `pthread` to `CFLAGS` could
    solve the problem.

Also see:

  - <containers#550>
  - <containers/conmon#218>
  - <containers/skopeo#1120>
  - <containers/buildah#2831>
  - <containers/podman#8526>
  - <cri-o/cri-o#4395>

Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
hswong3i added a commit to alvistack/containers-crun that referenced this pull request Dec 20, 2020
This PR introduce 3 changes:

  - Upgrade Nix stable channel from 20.03 to 20.09.

    NixOS 20.09 released at 2020-10-27, see
    <https://nixos.org/manual/nixos/stable/release-notes.html#sec-release-20.09>
    for more information.

  - Replace `git` with `gitMinimal`.

    All 6 projects (i.e. crun/conmon/skopeo/buildah/podman/cri-o) are
    having `git` as dependency for failsafe during bootstrap. BTW
    <NixOS/nixpkgs#104896> replace `asciidoc`
    with `asciidoctor` so trigger the dependency chain to `glib` and so
    failed (see below). Switching to `gitMinimal` skip this dependency
    chain to `glib`, which also speed up overall build process.

  - Adding `-pthread` for `glib`

    `conmon` couldn't skip the error by replacing `git` with
    `gitMinimal` since it do depend on `glib`. Since `glib` trigger
    error message "undefined reference to 'pthread\_create'", therefore
    adding `pthread` to `CFLAGS` could solve the problem.

Also see:

  - <containers#550>
  - <containers/conmon#218>
  - <containers/skopeo#1120>
  - <containers/buildah#2831>
  - <containers/podman#8526>
  - <cri-o/cri-o#4395>

Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
hswong3i added a commit to alvistack/containers-conmon that referenced this pull request Dec 20, 2020
This PR introduce 3 changes:

  - Upgrade Nix stable channel from 20.03 to 20.09.

    NixOS 20.09 released at 2020-10-27, see
    <https://nixos.org/manual/nixos/stable/release-notes.html#sec-release-20.09>
    for more information.

  - Replace `git` with `gitMinimal`.

    All 6 projects (i.e. crun/conmon/skopeo/buildah/podman/cri-o) are
    having `git` as dependency for failsafe during bootstrap. BTW
    <NixOS/nixpkgs#104896> replace `asciidoc`
    with `asciidoctor` so trigger the dependency chain to `glib` and so
    failed (see below). Switching to `gitMinimal` skip this dependency
    chain to `glib`, which also speed up overall build process.

  - Adding `-pthread` for `glib`

    `conmon` couldn't skip the error by replacing `git` with
    `gitMinimal` since it do depend on `glib`. Since `glib` trigger
    error message "undefined reference to 'pthread\_create'", therefore
    adding `pthread` to `CFLAGS` could solve the problem.

Also see:

  - <containers/crun#550>
  - <containers#218>
  - <containers/skopeo#1120>
  - <containers/buildah#2831>
  - <containers/podman#8526>
  - <cri-o/cri-o#4395>

Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
hswong3i added a commit to alvistack/containers-skopeo that referenced this pull request Dec 20, 2020
This PR introduce 3 changes:

  - Upgrade Nix stable channel from 20.03 to 20.09.

    NixOS 20.09 released at 2020-10-27, see
    <https://nixos.org/manual/nixos/stable/release-notes.html#sec-release-20.09>
    for more information.

  - Replace `git` with `gitMinimal`.

    All 6 projects (i.e. crun/conmon/skopeo/buildah/podman/cri-o) are
    having `git` as dependency for failsafe during bootstrap. BTW
    <NixOS/nixpkgs#104896> replace `asciidoc`
    with `asciidoctor` so trigger the dependency chain to `glib` and so
    failed (see below). Switching to `gitMinimal` skip this dependency
    chain to `glib`, which also speed up overall build process.

  - Adding `-pthread` for `glib`

    `conmon` couldn't skip the error by replacing `git` with
    `gitMinimal` since it do depend on `glib`. Since `glib` trigger
    error message "undefined reference to 'pthread\_create'", therefore
    adding `pthread` to `CFLAGS` could solve the problem.

Also see:

  - <containers/crun#550>
  - <containers/conmon#218>
  - <containers#1120>
  - <containers/buildah#2831>
  - <containers/podman#8526>
  - <cri-o/cri-o#4395>

Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
hswong3i added a commit to alvistack/containers-buildah that referenced this pull request Dec 20, 2020
This PR introduce 3 changes:

  - Upgrade Nix stable channel from 20.03 to 20.09.

    NixOS 20.09 released at 2020-10-27, see
    <https://nixos.org/manual/nixos/stable/release-notes.html#sec-release-20.09>
    for more information.

  - Replace `git` with `gitMinimal`.

    All 6 projects (i.e. crun/conmon/skopeo/buildah/podman/cri-o) are
    having `git` as dependency for failsafe during bootstrap. BTW
    <NixOS/nixpkgs#104896> replace `asciidoc`
    with `asciidoctor` so trigger the dependency chain to `glib` and so
    failed (see below). Switching to `gitMinimal` skip this dependency
    chain to `glib`, which also speed up overall build process.

  - Adding `-pthread` for `glib`

    `conmon` couldn't skip the error by replacing `git` with
    `gitMinimal` since it do depend on `glib`. Since `glib` trigger
    error message "undefined reference to 'pthread\_create'", therefore
    adding `pthread` to `CFLAGS` could solve the problem.

Also see:

  - <containers/crun#550>
  - <containers/conmon#218>
  - <containers/skopeo#1120>
  - <containers#2831>
  - <containers/podman#8526>
  - <cri-o/cri-o#4395>

Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
hswong3i added a commit to alvistack/containers-podman that referenced this pull request Dec 20, 2020
This PR introduce 3 changes:

  - Upgrade Nix stable channel from 20.03 to 20.09.

    NixOS 20.09 released at 2020-10-27, see
    <https://nixos.org/manual/nixos/stable/release-notes.html#sec-release-20.09>
    for more information.

  - Replace `git` with `gitMinimal`.

    All 6 projects (i.e. crun/conmon/skopeo/buildah/podman/cri-o) are
    having `git` as dependency for failsafe during bootstrap. BTW
    <NixOS/nixpkgs#104896> replace `asciidoc`
    with `asciidoctor` so trigger the dependency chain to `glib` and so
    failed (see below). Switching to `gitMinimal` skip this dependency
    chain to `glib`, which also speed up overall build process.

  - Adding `-pthread` for `glib`

    `conmon` couldn't skip the error by replacing `git` with
    `gitMinimal` since it do depend on `glib`. Since `glib` trigger
    error message "undefined reference to 'pthread\_create'", therefore
    adding `pthread` to `CFLAGS` could solve the problem.

Also see:

  - <containers/crun#550>
  - <containers/conmon#218>
  - <containers/skopeo#1120>
  - <containers/buildah#2831>
  - <containers#8526>
  - <cri-o/cri-o#4395>

Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
hswong3i added a commit to alvistack/cri-o-cri-o that referenced this pull request Dec 20, 2020
This PR introduce 3 changes:

  - Upgrade Nix stable channel from 20.03 to 20.09.

    NixOS 20.09 released at 2020-10-27, see
    <https://nixos.org/manual/nixos/stable/release-notes.html#sec-release-20.09>
    for more information.

  - Replace `git` with `gitMinimal`.

    All 6 projects (i.e. crun/conmon/skopeo/buildah/podman/cri-o) are
    having `git` as dependency for failsafe during bootstrap. BTW
    <NixOS/nixpkgs#104896> replace `asciidoc`
    with `asciidoctor` so trigger the dependency chain to `glib` and so
    failed (see below). Switching to `gitMinimal` skip this dependency
    chain to `glib`, which also speed up overall build process.

  - Adding `-pthread` for `glib`

    `conmon` couldn't skip the error by replacing `git` with
    `gitMinimal` since it do depend on `glib`. Since `glib` trigger
    error message "undefined reference to 'pthread\_create'", therefore
    adding `pthread` to `CFLAGS` could solve the problem.

Also see:

  - <containers/crun#550>
  - <containers/conmon#218>
  - <containers/skopeo#1120>
  - <containers/buildah#2831>
  - <containers/podman#8526>
  - <cri-o#4395>

Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
hswong3i added a commit to alvistack/cri-o-cri-o that referenced this pull request Dec 29, 2020
This PR introduce 3 changes:

  - Upgrade Nix stable channel from 20.03 to 20.09.

    NixOS 20.09 released at 2020-10-27, see
    <https://nixos.org/manual/nixos/stable/release-notes.html#sec-release-20.09>
    for more information.

  - Replace `git` with `gitMinimal`.

    All 6 projects (i.e. crun/conmon/skopeo/buildah/podman/cri-o) are
    having `git` as dependency for failsafe during bootstrap. BTW
    <NixOS/nixpkgs#104896> replace `asciidoc`
    with `asciidoctor` so trigger the dependency chain to `glib` and so
    failed (see below). Switching to `gitMinimal` skip this dependency
    chain to `glib`, which also speed up overall build process.

  - Adding `-pthread` for `glib`

    `conmon` couldn't skip the error by replacing `git` with
    `gitMinimal` since it do depend on `glib`. Since `glib` trigger
    error message "undefined reference to 'pthread\_create'", therefore
    adding `pthread` to `CFLAGS` could solve the problem.

Also see:

  - <containers/crun#550>
  - <containers/conmon#218>
  - <containers/skopeo#1120>
  - <containers/buildah#2831>
  - <containers/podman#8526>
  - <cri-o#4395>

Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
hswong3i added a commit to alvistack/cri-o-cri-o that referenced this pull request Jan 5, 2021
This PR introduce 3 changes:

  - Upgrade Nix stable channel from 20.03 to 20.09.

    NixOS 20.09 released at 2020-10-27, see
    <https://nixos.org/manual/nixos/stable/release-notes.html#sec-release-20.09>
    for more information.

  - Replace `git` with `gitMinimal`.

    All 6 projects (i.e. crun/conmon/skopeo/buildah/podman/cri-o) are
    having `git` as dependency for failsafe during bootstrap. BTW
    <NixOS/nixpkgs#104896> replace `asciidoc`
    with `asciidoctor` so trigger the dependency chain to `glib` and so
    failed (see below). Switching to `gitMinimal` skip this dependency
    chain to `glib`, which also speed up overall build process.

  - Adding `-pthread` for `glib`

    `conmon` couldn't skip the error by replacing `git` with
    `gitMinimal` since it do depend on `glib`. Since `glib` trigger
    error message "undefined reference to 'pthread\_create'", therefore
    adding `pthread` to `CFLAGS` could solve the problem.

Also see:

  - <containers/crun#550>
  - <containers/conmon#218>
  - <containers/skopeo#1120>
  - <containers/buildah#2831>
  - <containers/podman#8526>
  - <cri-o#4395>

Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

6 participants