Commit graph

21 commits

Author SHA1 Message Date
Vincent Ambo
4b2f3c5454 chore(3p/sources): bump to OpenSSH vulnerability hotfix
See https://github.com/NixOS/nixpkgs/pull/323753 for details.

Changes:

* git: temporarily comment out dottime patch (it doesn't apply, but it's not critical)
* third-party/cgit: use an older git version where dottime patch still applies
* 3p/crate2nix: remove crate2nix patches included in latest release
* tvix: remove unneeded defaultCrateOverrides (upstreamed to nixpkgs)
* tvix: regenerate Cargo.nix
* tvix/nix-compat: remove unnused AtermWriteable::aterm_bytes pub(crate) function
* tvix/nix-compat: remove redundant trait bounds
* tvix/glue: use clone_into() to set drv.{builder,system}
* tools/crate2nix: apply workaround for https://github.com/numtide/treefmt/issues/327
* toold/depotfmt: expose treefmt config as passthru
* tools/crate2nix: undo some more hacks in the crate2nix-check drv

Change-Id: Ifbcedeb3e8f81b2f6ec1dbf10189bfa6dfd9c75c
Co-Authored-By: Florian Klink <flokli@flokli.de>
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11907
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
2024-07-01 17:42:30 +00:00
Ilan Joselevich
9fd601e53d chore(tvix): patch crate2nix to drop darwin dontStrip
This patch has already been applied on upstream but there hasn't been an
official release yet so we patch it ourselves.

Upstreamed patch: 0209f258cd

Follow-up of: https://cl.tvl.fyi/c/depot/+/11856

Change-Id: If56071ce5753fd26e2b4c203cd831bbe5d329009
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11858
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
2024-06-18 14:13:11 +00:00
Florian Klink
fd4c7c10a8 chore(3p/overlays/patches): vendor cbtemulator UDS patch
I updated https://github.com/googleapis/google-cloud-go/pull/9665 in the
meantime, and GH decided to GC the patches.

Vendor the patch in for now (manually stripping the `bigtable/` prefix
in the path). Hopefully the PR itself gets merged soon.

Change-Id: I5b7ba78ccaf5c792c1445818b23b52d6f17155a2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11402
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
2024-04-13 10:02:13 +00:00
Vincent Ambo
fa8e706b9b fix(3p/overlays): upgrade tpm2-pkcs11, but add unmerged patch
Instead of pinning to an old version, move forward but with a fix for
the critical bug that's been preventing me from upgrading.

The project seems to be unmaintained upstream, but I took the fix from
the open pull requests.

Change-Id: I85c8f780b1e363bac4060dd89b1930a6e59ce2a3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11145
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: flokli <flokli@flokli.de>
2024-03-17 11:30:00 +00:00
Florian Klink
8b06566d43 fix(third_party/nixpkgs/crate2nix): reintroduce tests in debug patch
This is was dropped accidentially, but we actually want to run tests in
debug mode, to check for overflows.

Change-Id: Ic0cf2d4a263bfd71f3453ed335d8be9dacd945e8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10932
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
2024-02-16 11:11:08 +00:00
Vincent Ambo
c397aaceef fix(3p/overlays): pin specific version of tpm2-pkcs11
Newer versions broke compatibility with who knows whatever part of the
stack is required for correct TVM + OpenVPN interaction, but I need
this to work.

This was previously picked from stable, but we've bumped stable and it
has advanced to a version where this is also broken.

I believe this is a known issue, but right now I don't have the time
to look into it.

Change-Id: I1060f3ecfd7b43ebe5e1860f59f7574ca094570a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10743
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2024-02-05 21:10:19 +00:00
Florian Klink
850a4bfc7b chore(third_party/crate2nix): run tests in /build/source
Cherry-pick of https://github.com/nix-community/crate2nix/pull/328. This
should fix rstest runs inside crate2nix-generated derivations.

Change-Id: I9d393768f7f764e33c5938bd8fa14bd1bb0b72e1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10650
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
Tested-by: BuildkiteCI
2024-01-17 07:33:12 +00:00
Florian Klink
62b10cac44 chore(third_party/patches): drop unused crate2nix patch
Change-Id: I4adaca20a7efffc0a98d880f15fcbe9340419971
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10649
Tested-by: BuildkiteCI
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
2024-01-17 07:33:12 +00:00
Vincent Ambo
eba5c1757a chore(3p/sources): bump channels & overlays (2023-12-29)
* all: update wasm-bindgen to 0.2.89 in WASM projects
* users/grfn: explicitly set pinentry for gpg-agent
* 3p/crate2nix: drop patches that were merged upstream
* 3p/rust-crates: fix one more package name that was broken by crates.io
* 3p/overlays: bump telega backend to new required version

The update for agenix has been dropped. It caused strange build errors
with messages like these:

    patching script interpreter paths in /nix/store/0g0wpa3vxfb4w461s6ny3s1wr08faj73-agenix-0.15.0
    /nix/store/0g0wpa3vxfb4w461s6ny3s1wr08faj73-agenix-0.15.0/bin/agenix: interpreter directive changed from "#!/usr/bin/env bash" to "/nix/store/q8qq40xg2grfh9ry1d9x4g7lq4ra7n81-bash-5.2-p21/bin/bash"
    stripping (with command strip and flags -S -p) in  /nix/store/0g0wpa3vxfb4w461s6ny3s1wr08faj73-agenix-0.15.0/bin
    Running phase: installCheckPhase
    no Makefile or custom installCheckPhase, doing nothing
    agenix version: 0.15.0
    error: creating directory '/nix/var': Permission denied
    There is no rule for secret1.age in ./secrets.nix.
    /nix/store/d4jf1cbbk494zwgbqz31pxgigpsbh6w2-stdenv-linux/setup: line 138: test: =: unary operator expected
    /nix/store/d4jf1cbbk494zwgbqz31pxgigpsbh6w2-stdenv-linux/setup: line 131: pop_var_context: head of shell_variables not a function context
    builder for '/nix/store/0ivvf44hxy0zv4gg8nvchdkp895xw5ri-agenix-0.15.0.drv' failed with exit code 2

I can't be bothered to deal with that right now.

Change-Id: Ia052af0d97dbe9ef0c0d4f3e2214ac00ca8645a2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10458
Reviewed-by: aspen <root@gws.fyi>
Tested-by: BuildkiteCI
2023-12-29 21:52:10 +00:00
Florian Klink
9322d29ea9 chore(third_party/nixpkgs): add more patches to crate2nix
Change-Id: I2c2c3d4722a69a1ce5a4f144d0c450d88f40856a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10082
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
Tested-by: BuildkiteCI
2023-11-19 22:06:06 +00:00
edef
3fe455cd4a chore(3p/nixpkgs/clickhouse): 23.3.13.6 -> 23.10.3.5
Change-Id: I3e4c43690fcaf50965152bf40e1ca2b027010fcf
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9997
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
2023-11-12 14:57:35 +00:00
edef
14849829fd feat(third_party/overlays): support LargeListArray in Clickhouse
Link: https://github.com/ClickHouse/ClickHouse/pull/56118
Change-Id: I41339ce662b8a169746237eb1d0aad34453bc0a8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9986
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
2023-11-06 21:46:30 +00:00
Florian Klink
ceca00a866 chore(third_party/crate2nix): apply patches to fix cross
Together with temporarily pointing nixpkgs past
b10994c38c61038970a19fa60bfbec21a61755cc, this now fixes cross-
compilation for tvix.

This incorporates the changes proposed in https://cl.tvl.fyi/9888 and
https://cl.tvl.fyi/9889, but by fixing it in crate2nix, and using the
(re-)generated version of it.

Changes were sent upstream at
https://github.com/nix-community/crate2nix/pull/309,
this pulls in a minimal patch for now.

Change-Id: I70bb6f003bbc3e89de9c4eb4985ea4708ac3a9fd
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9890
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
Tested-by: BuildkiteCI
2023-11-02 09:32:54 +00:00
edef
d38e6502ad fix(third_party/crate2nix): run tests in debug mode
Behave like `cargo test` rather than `cargo test --release`.

Change-Id: Ie013d04ac68d7dec2a3b870fa9f0060a70a9635d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9621
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
2023-10-10 20:33:52 +00:00
Florian Klink
d1adefc9f9 feat(third_party/overlays): support unix domain sockets in evans
This applies a patch adding support for unix domain sockets to evans,
which was also sent upstream at
https://github.com/ktr0731/evans/pull/680.

Change-Id: I6e483ace45428a7526a200f885aa92c2de88b650
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9563
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: flokli <flokli@flokli.de>
2023-10-08 11:11:52 +00:00
Vincent Ambo
e3c5eb3313 chore(3p/sources): bump nixpkgs channels & overlays
* 3p/buzz: delete package

  This is unused, old, and uses an insecure version of OpenSSL which
  broke eval.

* 3p/overlays: remove nvd patch

  Newer versions of nvd are compatible with Nix 2.3 by default.

* users/grfn/system/home: remove explicit rust-analyser package

  This conflicts with `rustup`, causing eval failures, as the wrapper
  seems to now be included in `rustup` by default.

* users/grfn/system: temporarily disable ISO builds

  They were broken upstream in nixpkgs by a change to stdenv/setup.sh,
  being fixed in https://github.com/NixOS/nixpkgs/pull/234883

Change-Id: I0eea99ec98f4e73e615c012ffae1d0e37122e73b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8585
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: tazjin <tazjin@tvl.su>
2023-05-30 13:27:52 +00:00
sterni
0b64577702 chore(3p/sources): Bump channels & overlays
* //3p/sources: temporarily switch to nixos-unstable-small, since it
  includes:

  - evans update we are interested in, allowing us to drop our evans
    patches.
  - awscli2 update that unbreaks //users/grfn

* //3p/overlays/tvl:

  - drop evans patches
  - update tdlib to 1.8.11 to make tazjin's emacs happy
  - drop obsolete mullvad workaround

* //users/grfn/keyboard: disable -Werror for array-bounds warnings.
  Seems like a non-trivial job to resolve the warning properly,
  hopefully GCC 12 still generates the same working code as GCC 11 used
  to.

* //users/grfn/system/home: remove yubikey-manager-qt.
  Yubico can't seem to keep that on pace with yubikey-manager. It
  requires a <5 version of the latter which is incompatible with the
  recently released cryptography >= 39.

* //3p/gerrit: update changed FOD hash for the fetch step

Change-Id: I590ab996247e69b0ab5059cd173840ef4ebfe939
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8133
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
2023-03-02 14:35:49 +00:00
Florian Klink
2403871bed fix(third_party/nixpkgs): add support for --bytes-as-base64 in evans
This is very helpful when calling an RPC method that accepts bytes.

Upstreamed to https://github.com/ktr0731/evans/pull/611.

Change-Id: Ibdaa1e3ff2aed9c86816e81de6f7652042c9fb11
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7436
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2022-12-26 11:38:52 +00:00
sterni
2de80c8c33 fix(3p/overlays/tvl): fix nvd with Nix 2.3
If more of these issues crop up, we should consider making a patch for
our Nix fork that ignores the --experimental-features flag.

Change-Id: If146804f2c9f9375f2035985a6fd99f72b0fdcc7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7165
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
2022-11-03 23:08:56 +00:00
sterni
57cf952ea9 chore(3p/sources): Bump channels & overlays (OpenSSL edition)
* //ops/machines/whitby: Disable grafana, since the grafana module was
  changed upstream in a way that our configuration no longer works.
  Since the OpenSSL security update is relatively pressing, adapting the
  grafana configuration beforehand is not a hard requirement. See
  https://github.com/NixOS/nixpkgs/pull/191768.

* //tools/depotfmt: keep Go at version 1.18 to forgo a reformat of the
  tree.

* //nix/buildGo: keep Go at version 1.18, as 1.19 changed the CLI
  interface (?) in a way that breaks buildGo.

* //3p/overlays/tvl: drop upstreamed tdlib upgrade.

* //3p/overlays/tvl: patch buf to work around breakage due to git 2.38.1

TODO items for Go are tracked in b/215.

Change-Id: Ie08fef49cf3db12e6b5225a8b992a990ddc5b642
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7141
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <tazjin@tvl.su>
2022-11-03 15:10:39 +00:00
Vincent Ambo
885b6d9bb8 refactor(3p/notmuch): Simplify setup
The backported fix is no longer required and we can just apply the
patch in the overlay, this makes everything a little easier.

Change-Id: I654a1bb002eef5c578b8e576e133a159bde3f850
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3483
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2021-09-01 12:27:31 +00:00