New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
gitlab: 11.10.8 -> 12.0.3 #64550
gitlab: 11.10.8 -> 12.0.3 #64550
Conversation
I have no idea why this is failing; it builds without any trouble locally. |
3e80a8a
to
60357af
Compare
name = "gitaly-env"; | ||
inherit ruby; | ||
gemdir = ./.; | ||
gemset = | ||
let x = import "${gemdir}/gemset.nix"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This causes your failure.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why in particular?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IFD.
The build fails for me locally with the same as the eval check from the borg. |
name = "gitlab-env-${version}"; | ||
inherit ruby; | ||
gemdir = ./rubyEnv- + "${if gitlabEnterprise then "ee" else "ce"}"; | ||
gemset = | ||
let x = import "${gemdir}/gemset.nix"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
let x = import "${gemdir}/gemset.nix"; | |
let x = import (gemdir + "/gemset.nix"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should pass strict eval.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry for maybe offtopic, but do you know why? I don't understand it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When gemdir
is used inside the string interpolation, the directory gets copied into the nix store.
If we then try to import gemset.nix
from there, that's an import from derivation (IFD).
By assembling the path outside a string interpolation, we avoid that (because it stays just a path until x
is used).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would think the derivation is still in the "string context" of gemdir + "/gemset.nix
so this is still IFD and still prohibited by strict mode.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All I can say is that
HOME=/homeless-shelter NIX_PATH=nixpkgs=$(pwd) nix-instantiate ./pkgs/top-level/release.nix -A gitlab --option restrict-eval true --option build-timeout 1800 --argstr system thesystem --show-trace
does work with the suggested change, but doesn't with what's currently in the PR ;-)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh nevermind I thought we are computing something from a "real" derivation. IMO this is just working around a nix inconsistency.
This is a major version bump but things were generally straightforward save two wrinkles: * it is necessary to ignore collisions in the gitlab bundler environment as both `omniauth_oauth2_generic` and `apollo_upload_server` provide a `console` executable. * grpc had to be patched since its build system expects the `AR` environment variable to contain not just the path to `ar` but also the `rpc` flags (see the discussion in nixpkgs NixOS#63056).
@GrahamcOfBorg test gitlab |
Sorry, @flokli; I should have mentioned that after opening I realized that the |
This is WIP to get rid of PermissionsStartOnly=true
Fixed gitaly, added gem groups that appear to be necessary now and cleaned up the dir/link creation/permission handling |
@GrahamcOfBorg test gitlab |
Thank you @globin! |
@GrahamcOfBorg test gitlab |
So this won't be cleaned up by removing config/*
Fixed some gitlab-shell issues not caught by the nixos test |
Has been running in production for 2 days without any complaints, so I guess this should be fine for master at least. |
Thanks! |
I am unable to build Gitaly using these changes. I receive errors that all of the hashes of the Go dependencies (specified in I have tried checking out both |
It seems the hashes of I opened #65468 to fix that. |
This is a major version bump but things were generally straightforward
save two wrinkles:
it is necessary to ignore collisions in the gitlab bundler
environment as both
omniauth_oauth2_generic
andapollo_upload_server
provide aconsole
executable.grpc had to be patched since its build system expects the
AR
environment variable to contain not just the path to
ar
butalso the
rpc
flags (see the discussion in nixpkgs [WIP] gitlab: 11.10.4 -> 11.11.3 #63056).Things done
sandbox
innix.conf
on non-NixOS)nix-shell -p nix-review --run "nix-review wip"
./result/bin/
)nix path-info -S
before and after)