fix(3p/nix): Properly configure SANDBOX_SHELL

point the SANDBOX_SHELL macro at the actual path to busybox on the build
machine, or allow it to be configured at build-time with a cmake option.

Change-Id: I044a1315ba9baa3bc9ceddf29f36d14f9f9ccd96
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1632
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
This commit is contained in:
Griffin Smith 2020-08-03 20:20:30 -04:00 committed by glittershark
parent 26a59482d2
commit 09cb41b7ac
4 changed files with 23 additions and 2 deletions

View file

@ -47,6 +47,7 @@ let
buildGoPackage
buildPackages
buildkite-agent
busybox
bzip2
c-ares
cacert

View file

@ -40,6 +40,15 @@ if (CLANG_TIDY_PATH)
endif()
endif()
if (NOT SANDBOX_SHELL)
find_program(BUSYBOX busybox)
if (BUSYBOX)
set(SANDBOX_SHELL "${BUSYBOX}")
else()
message(FATAL_ERROR "Could not find busybox and SANDBOX_SHELL is not set")
endif()
endif()
# generate a configuration file (autoheader-style) to configure
# certain symbols that Nix depends on.
configure_file(config.h.in nix_config.h @ONLY)

View file

@ -23,7 +23,7 @@
#define NIX_LIBEXEC_DIR "@CMAKE_INSTALL_FULL_LIBEXECDIR@"
#define NIX_BIN_DIR "@CMAKE_INSTALL_FULL_BINDIR@"
#define NIX_MAN_DIR "@CMAKE_INSTALL_FULL_MANDIR@"
#define SANDBOX_SHELL "/nix/store/zq8biwi5mj2lrn68kx0lk0fkpbqypyxd-busybox-1.31.1-x86_64-unknown-linux-musl/bin/busybox"
#define SANDBOX_SHELL "@SANDBOX_SHELL@"
// Defines used only in tests (e.g. to access data)
#define NIX_SRC_DIR "@CMAKE_SOURCE_DIR@"

View file

@ -30,6 +30,14 @@ let
--plugin=protoc-gen-grpc=${pkgs.grpc}/bin/grpc_cpp_plugin --grpc_out=$out/libproto \
$PROTO_SRCS/*.proto
'';
# Derivation for busybox that just has the `busybox` binary in bin/, not all
# the symlinks, so cmake can find it
busybox = pkgs.runCommand "busybox" {} ''
mkdir -p $out/bin
cp ${pkgs.busybox}/bin/busybox $out/bin
'';
in lib.fix (self: pkgs.llvmPackages.libcxxStdenv.mkDerivation {
pname = "tvix";
version = "2.3.4";
@ -87,7 +95,8 @@ in lib.fix (self: pkgs.llvmPackages.libcxxStdenv.mkDerivation {
-DCMAKE_BUILD_TYPE=RelWithDebInfo \
-DCMAKE_FIND_USE_SYSTEM_PACKAGE_REGISTRY=OFF \
-DCMAKE_FIND_USE_PACKAGE_REGISTRY=OFF \
-DCMAKE_EXPORT_NO_PACKAGE_REGISTRY=ON
-DCMAKE_EXPORT_NO_PACKAGE_REGISTRY=ON \
-DSANDBOX_SHELL=${pkgs.busybox}/bin/busybox
'';
installCheckPhase = ''
@ -114,6 +123,8 @@ in lib.fix (self: pkgs.llvmPackages.libcxxStdenv.mkDerivation {
# Work around broken system header include flags in the cxx toolchain.
LIBCXX_INCLUDE = "${pkgs.llvmPackages.libcxx}/include/c++/v1";
SANDBOX_SHELL="${pkgs.busybox}/bin/busybox";
# Install the various symlinks to the Nix binary which users expect
# to exist.
postInstall = ''