It was only used for #'-each, for which the built-in dolist is sufficient.
Change-Id: I326d8b733b36b2edfebd4e9384e70b8a570fee0f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1987
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Archiving notes is done by just changing the filename to an `archive-`
instead of `note-` prefix.
Unarchiving is not yet implemented and should be done by moving the
note to a *new note ID*.
Archiving is bound to 'a' in the note list.
Change-Id: I8c225a25bdac5147a26030f47f24edee497f69df
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1986
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
This mode displays the note's timestamp in its header line, and the
content in its body.
Some rudimentary key bindings are set up in the list view to view
notes in full (RET), and in both modes to quit the current buffer (q).
Change-Id: Icb35baec220a9efcfa2b86617b16178669df996f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1985
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Adds a very simple initial display of all notes in chronologically
descending order.
Currently this is a read-only view with no available actions.
Change-Id: I6d47363909f1a9ab8d1d18a1c44966883aa758ad
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1983
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
I'm writing a note taking system because I don't like any of the
existing ones.
This adds a note-taking function which prompts the user for note
content and persists it in a user-configurable directory.
Next steps are roughly:
* listing notes
* editing notes
* archiving notes
At which point I would consider this functional. The idea is to keep
adding incremental improvements that fit my workflows after that, and
if it ends up being useful for anyone else - great.
Change-Id: I7ae0eb4015511ebdbaeff92d8d32502726eb57c4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1981
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Since upgrading to Emacs 27 I have observed a strange behaviour where
this terminal switcher sometimes fails to select a valid buffer, in
which case it falls through to the case that just opens a new buffer
instead.
This is kind of annoying and to aid in debugging this change makes the
creation of new buffers explicit and fails if no matching buffer is
found.
Note that this is likely not a fix for the issue itself, but it will
help debug what is going on.
Change-Id: I906869aba7d25156aaf92c090b169ce02785b85e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1930
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
These projects, which are not currently included in CI runs, don't
build at the moment.
Upcoming logic changes would mean that we would start including them
in CI, which is undesirable until they're fixed - but I'm not going to
be doing that now.
Change-Id: I7c337e098be8bff00db6d99fc7236a695f5a85f5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1850
Tested-by: BuildkiteCI
Reviewed-by: kanepyork <rikingcoding@gmail.com>
This should actually just be an attribute set.
Change-Id: Idea1a9f7cfbb2eecd7e6342c6b5aeb66d3f3441a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1845
Tested-by: BuildkiteCI
Reviewed-by: kanepyork <rikingcoding@gmail.com>
You can now provide a list of Nix derivations to tvlc to get a git worktree + sparse-checkout containing only the paths needed to build the specified derivations.
Known bugs: even though //third_party is only passed to readdir(), git doesn't know this and includes all of //third_party/*.
Change-Id: I9dccebd3fbff4bb04ebd568175cf0a7e37d71ab3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1826
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
depot-scanner is a tool that runs Nix and parses the --trace-file-access output to deduce what files are necessary to evaluate a derivation.
Take DEPOT_ROOT from the environment. If depotRoot doesn't exist, print an error early.
Fix the build of the protobuf library. Switch to the GRPC build rule, as a service is in this proto file.
Create the PathType enum and parse it from cmdline flags.
Change-Id: I537b5c6bceecf76ca510f7ac04ab9dad7785feb1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1769
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: lukegb <lukegb@tvl.fyi>
tvlc is a tool for managing sparse git worktrees of the TVL depot.
It is still in development; near-term tasks include a setup script,
Nix dependency resolution, worktree removal, and the dispatch
script.
See cs.tvl.fyi/depot/docs/designs/SPARSE_CHECKOUTS.md for more info.
Change-Id: Iad96656f0206178980fe7dcadd3dffe70d690f8f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1760
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
This gives better overall results and may also prevent drift, which
was an issue I've had previously.
See also this upstream commit for NSFV:
34003bd9ab
Change-Id: I45534cb60130755949cdbfbc39aed2478a249c72
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1717
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Permission changes in the Travis CI Nix builders have caused this to
start failing, as the build user now has insufficient permissions to
use caches.
There may be a way to change the permissions instead, but in the
meantime we will just cause things to rebuild.
Channel serving has moved to a new subdomain, and the redirect
semantics have changed. Instead of serving temporary redirects,
permanent redirects are now issued.
I've reported this upstream as a bug, but this workaround will fix it
in the meantime.
This moves the pin from just being in the Travis configuration to also
being set in a nixpkgs-pin.nix file, which makes it trivial to build
at the right commit when performing local builds.
Similar to the source code highlighting endpoint, but for Markdown.
This is to be used by the bug tracker, as well as Sourcegraph in the
future.
Change-Id: I4bea5c46ba969ba9965b61409e1c19c2edf1246c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1424
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
This makes two main changes:
1) It disables profiling of things that aren't part of the invoked
process (-a). This isn't particularly useful in most cases because
it will show things like Chrome's VP9 decoding while you're
profiling something else.
2) It tells perf about the debug symbol format, which for some reason
isn't DWARF2 by default.
Change-Id: Ida6a54b74f1ec635fec930db7e2a2aa039dd1443
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1185
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
Add tools.perf-flamegraph, which collects the base case execution of
perf piped through stackcollapse-perf and flamegraph to flamegraph the
execution of an external command via perf.
Change-Id: I671fe254dc374b6cd7deca2d3bdea266164de025
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1176
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
Now that we're requiring CI to verify all changes (yay) it's not
actually possible to push and submit in one go - this repurposes the
rubberstamp command to push and self-+2, which is still useful for
self-owned things like system config etc.
Change-Id: Ie064adb6b7b0c1fd6bffdf4583a201ea02d4f8ac
Reviewed-on: https://cl.tvl.fyi/c/depot/+/939
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
This wrapper script correctly invokes slappasswd for generating ARGON2
hashes.
People without Nix will need to figure this out on their own.
Change-Id: I264715ba4932855b868bef70cc9102515b3d129e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/833
Tested-by: BuildkiteCI
Reviewed-by: BuildkiteCI
Reviewed-by: Kane York <rikingcoding@gmail.com>
This program can be used for noise-cancelling in arbitrary audio
streams. See CL/576 and CL/577 for more details.
This moves the script out of my users folder and to //tools, and adds
two changes:
* Existing sinks will be removed & reinitialised
* The sink is changed from stereo->mono (which seems to make little
difference but is more reliable)
* The parameter has changed from 50 to 42 because I felt like it
Change-Id: Id9ff285fefd682ccc4d9f18e46b5fde9cd056aa7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/578
Reviewed-by: glittershark <grfn@gws.fyi>
P W, to push as a work-in-progress CL
Change-Id: Ibc6973512e8dcd3ce77b2f1064906a98e9a3a182
Reviewed-on: https://cl.tvl.fyi/c/depot/+/575
Reviewed-by: tazjin <mail@tazj.in>
Sourcegraph uses a component called syntect_server to syntax-highlight
source files.
Since we already have custom syntaxes, overrides and configuration we
might as well use them with Sourcegraph!
This implements the syntect_server "protocol" (it's just a single
endpoint) so that we can swap out the syntect_server component with
cheddar.
Note: There's a few clippy lints here, but they're being solved in a
followup commit because I wanted to take care of all of them at
once (not just the ones introduced in this change).
Change-Id: Ib518a2fa1b9fee299fe599482403599583cac479
Reviewed-on: https://cl.tvl.fyi/c/depot/+/509
Reviewed-by: lukegb <lukegb@tvl.fyi>
This function opens the depot in magit. By default the depot path is
assumed to be `/depot`, but that is made available as a customise
option that users can override.
Change-Id: Iefc127cad515dbae330d7af3aa69a0c53aa02015
Reviewed-on: https://cl.tvl.fyi/c/depot/+/504
Reviewed-by: glittershark <grfn@gws.fyi>
Introduces two new shortcuts in the magit popup for pushing:
* R: Push for review
* S: Push to submit
The existing "P" command remains, but has been renamed to
"rubberstamp" and documented with a warning.
To make this work across people's different setups, customisation
options for TVL-specific code are being added.
Change-Id: I48e75db55b5f793342fc898093629e437f58dcb2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/503
Reviewed-by: glittershark <grfn@gws.fyi>
Add a simple tvl.el, with only one magit transient command to push and
submit in one go to Gerrit
Change-Id: If02065797a8db39669b85acf87a1c4b43d1482ee
Reviewed-on: https://cl.tvl.fyi/c/depot/+/494
Reviewed-by: tazjin <mail@tazj.in>
This paves the way for using other things than stdin/stdout as
sources/sinks, which is required for example for implementing a
syntect_server replacement based on cheddar.
Change-Id: I5779db8dbf7b7ced109c26b940f721d237d60785
Reviewed-on: https://cl.tvl.fyi/c/depot/+/491
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: lukegb <lukegb@tvl.fyi>
The complexity of the arg parsing is increasing somewhat because we're
adding more features to cheddar, so to set us up for that this
switches the arg parsing to the somewhat more flexible clap.
Change-Id: I187bc0c1b6c6bd596fa0f6bb494b04e335262ba9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/445
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: tazjin <mail@tazj.in>
We can always revert this if we want it back.
Change-Id: I1332b6dd541199584b7b5b94a8651172d79e53a9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/442
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: lukegb <lukegb@tvl.fyi>
This was actually executing ssh, which was kinda silly - we really just
want to check the return code of the `which` invocation
Change-Id: I8a4b277a2be3b0c6a43d2da830cb82a32f9ee51e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/428
Reviewed-by: tazjin <mail@tazj.in>
Add a script to run gerrit commands on the depot host, which reads the
gerrit username from the TVL_USERNAME env var or $(whoami) by default.
At some point this may want to solve the configuration problem in a more
general fashion, but for now this seems relatively obvious.
Change-Id: Ied91c1d26daf4770aef74b2e755d1760c486bb7b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/396
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: glittershark <grfn@gws.fyi>
Assuming you're in `/depot/fun/clbot`, you can do this:
tazjin@frog /d/f/clbot (master)> depot-build
Building //fun/clbot
/nix/store/i1zc6g58wa4819kyhaqi12zsh3hr31ph-clbot
It is automatically added to the $PATH using direnv, too.
Change-Id: Ia3341704e6317c2b8de40a3fa1be3b680d21a42d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/388
Reviewed-by: eta <eta@theta.eu.org>
Adds a mechanism for per-filename overrides of the chosen language
syntax and configures it for Gerrit's submit rule file.
This also switches the syntax set used to the one from
//third_party/bat_syntaxes, which contains custom additions such as
Prolog support.
Change-Id: I2023dbad5b326305ef2ef0ecf34ef66a3f7575ab
Reviewed-on: https://cl.tvl.fyi/c/depot/+/349
Reviewed-by: riking <rikingcoding@gmail.com>
Reviewed-by: lukegb <lukegb@tvl.fyi>
This enables half of the shortcuts for switching keyboard languages
when EXWM launches.
The cyrillic ones are commented out because Emacs doesn't start
otherwise, I've no idea why and don't care at the moment.
These records have so many fields that it's difficult to track what's
what in a long list. For convenience they're now specified in plist
format (see the example).
There isn't really a point to this because the SOA record is the one I
care the *least* about practically as Cloud DNS sets it for me, but
whatever.
vauxhall (my laptop) now has an additional screen connected at home,
but sometimes I use that screen for my desktop computer (nugget).
This refactors the randr configuration for EXWM to support somewhat
more dynamic, multi-monitor layouts and adds key bindings to toggle
between some of the different configurations I want.
Modifies notmuch-show-open-or-close-subthread to take a parameter
instead of using prefix to toggle the argument, and binds that
function to C-, and C-. in notmuch-show-mode-map to enable convenient
collapsing/uncollapsing of subthreads from point.
Configures org-journal to store journal files on camden and encrypt
them to my GPG key.
Journal entries are weekly, with weeks starting Saturday (yes, there's
a reason for this).
This uses the built-in chart.el library to create a quick graph of the
number of unread emails in each notmuch tag. Some generic tags are
excluded from the overview.
Previously, this was failing as follows:
```
these derivations will be built:
/nix/store/7rbrf06phkiyz31dwpq88x920zjhnw0c-nixery-popcount.drv
building '/nix/store/7rbrf06phkiyz31dwpq88x920zjhnw0c-nixery-popcount.drv'...
building
warning: GOPATH set to GOROOT (/nix/store/4859cp1v7zqcqh43jkqsayl4wrz3g6hp-go-1.13.4/share/go) has no effect
failed to initialize build cache at /homeless-shelter/.cache/go-build: mkdir /homeless-shelter: permission denied
builder for '/nix/store/7rbrf06phkiyz31dwpq88x920zjhnw0c-nixery-popcount.drv' failed with exit code 1
error: build of '/nix/store/7rbrf06phkiyz31dwpq88x920zjhnw0c-nixery-popcount.drv' failed
```
Cheddar now needs to be passed the --about-filter flag to toggle the
behaviour for rendering Markdown into HTML.
By default Markdown will be highlighted like normal source code (i.e.
cgit source-filtering is the default behaviour).
This advice is potentially defined before the autoloads for telega
have run, which means that the macro-expansion fails and
`telega-ins-fmt` is looked up as a function.
With this setup the initialisation works as expected.
The lambda that acts as the sentinel for building SBCL with packages
needs to be able to capture variables if lexical binding is enabled,
which is made possible by the lexical-let form.
Adds a function that can launch Sly with a pre-configured SBCL for a
Lisp derivation in the depot.
This makes it convenient to spin up development environments for Lisp
libraries and programs by simply calling `M-x nix/sly-from-depot RET
tools.something`.
This relies on `nix-depot-path` being configured currently as I have
not yet reliably added the depot to my NIX_PATH on all machines.
Sets up Lisp modes in Sly REPL and points at the local hyperspec
checkout.
In fact the Hyperspec bit should probably be managed by Nix, but one
step at a time.
Implements support for tagging paragraphs that begin with a callout
word (TODO, WARNING, QUESTION, TIP) with an additional `cheddar-*`
class that makes it possible to render these callouts specially.
This is currently not the nicest implementation, but it works.
Since I am going down the path of adding additional Markdown
extensions it makes sense to avoid letting `format_markdown` turn into
a giant beast of a function.
Therefore this commit extracts the logic for rendering code blocks via
syntect and changes the innards of `format_markdown` to instead
provide arbitrary AST value replacements.
Instead of splitting below and moving the target buffer into the new
split, split and move the buffer into the active window.
The other way around does (for some reason I don't fully understand)
not work because `split-window-below` may return invalid windows.
Configures edwina using `s-w` as the key prefix (in line with my other
EXWM-related commands).
An additional function is added that switches to a buffer (borrowing
the implementation from `ivy-switch-buffer`) but splitting it into a
new window instead.
Implements fully static (i.e. no JavaScript!) highlighting of code
blocks when rendering Markdown.
This works by walking through the Comrak AST and replacing any code
blocks with pre-rendered HTML blocks.
Syntaxes are chosen based on the "block info", which is the string
users put after the block's opening fence. This can either be
a (case-insensitive) name of a syntax, or alternatively a file
extension associated with the desired syntax.
The theme is set to one that imitates GitHub.
Renders any ".md" file by pushing it through the Comrak rendering
pipeline.
This does not yet implement syntax highlighting of fenced blocks, but
we're getting there.
Generalises the two bits of the program that will be required either
way (extension parsing and syntax loading).
A dependency on Comrak is introduced as I think GitHub-flavoured
Markdown (with all its fancy extensions) is desirable!
This uses Nix to inject the path to the syntax highlighting assets
that ship with the bat source code into the cheddar build at compile
time, where the Rust compiler then inserts it into the binary via
macros.
bat has a lot of custom syntax highlighting definitions that they
collected from all over the place (including for languages like Nix!)
and this makes them accessible to cheddar.
Also if you're reading this, can you just take a moment to appreciate
how incredible it is that Nix just lets us do something like this?!
The first step with this tool will be to use it as a source-filter for
cgit. The second step is to use it as the Markdown renderer by
depending on one of the Markdown libraries, with integration for
rendering code snippets directly.
This moves the various projects from "type-based" folders (such as
"services" or "tools") into more appropriate semantic folders (such as
"nix", "ops" or "web").
Deprecated projects (nixcon-demo & gotest) which only existed for
testing/demonstration purposes have been removed.
(Note: *all* builds are broken with this commit)
Packages the telega-server binary and adds the required mode into
Emacs.
Unread message count is displayed in the modeline, which is neat.
Probably need to figure out some key bindings for this.
Adds an Emacs library with so far a grand total of one helper function
that can prefetch and insert a git repository at point.
This is very useful for the various Go repo imports I am doing at the
moment.
This makes it possible to quickly adjust the size of text in all
frames using one keyboard shortcut. Each of these functions
understands a prefix argument to mean "please only operate on the
current buffer", hence the following bindings and effects:
Global:
* `C-=`: Increase the global font size (chosen because `+` lies on the
`=` key)
* `C--`: Decrease the global font size
* `C-x C-0`: Restore the global default font size
Local:
* `C-u C-=`: Increase the local font size
* `C-u C--`: Decrease the local font size
* `C-u C-x C-0`: Restore the local default font size
This function makes it possible to build an Emacs instance that,
instead of launching an Emacs built by Nix, configures an Emacs
already present on the system to use the packages built by Nix.
This **requires** that the versions of the two Emacsen (i.e. the one
used by Nix to build and the one used to run the packages) are kept in
sync, otherwise byte-code incompatibilities may lead to undefined
behaviour.
Exposes an `overrideEmacs` which can take a package function that
receives the current package list and can make arbitrary modifications
to it.
This makes it possible for me to maintain a private overlay for e.g.
work purposes with packages that should not be visible in my public
repos.
This was set to my old home directory name from a different machine
and I had low-key been wondering why it didn't work, but not enough to
go do something about it.
This incredible package provides a fully functional, libvterm based
terminal emulator inside of Emacs.
Killer feature: It's possible to switch the buffer into a full Emacs
text mode (read-only) for selections and such.
Adds a "do what I mean" multiple-cursor selection with the logic that
I find most useful:
* If there is no active region, mark the next line (or lines, based on
prefix argument)
* If there is an active region that spans multiple lines, call
`mc/edit-lines`
* If there is an active region on a single line, trigger a custom
selection hydra with functionality equivalent to
`mc/mark-more-like-this-extended` but a slightly improved user
experience
Hopefully this will make it easier to get into the habit of actually
using multiple-cursors without calling the mc commands via M-x
This enables usage of __dispatch.sh from anywhere, even outside of the
depot.
Specifically this means I can add `~/depot/bin` to my $PATH and all
the registered tools work from anywhere.
Configures Emacs' `customize` to write directly to my Emacs
configuration. This comes with the caveat that the new config will
only be loaded if my Emacs is rebuilt.
Builds an Emacs that is not only configured with the required packages
but with the entire Emacs configuration for my personal setup.
This means that `nix-env -iA tools.emacs` will install a
fully-configured Emacs that can be launched as the window manager from
my ~/.xsession.
This is not the final layout yet, but makes it so that my top-level
attribute set is no longer overlaid into nixpkgs itself.
This is useful for other people who are importing my monorepo.
This gets rid of the package called "server" and instead moves
everything into the project root, such that Go actually builds us a
binary called `nixery`.
This is the first step towards factoring out CLI-based functionality
for Nixery.
The previous logic failed because single meta-packages such as
"nixery.dev/shell" would not end up removing the meta-package itself
from the list of packages passed to Nix, causing a build failure.
This was a regression introduced in 827468a.
This is a tiny program that does nothing but exists to demonstrate
pkgs.buildGo by building a program that depends on a local library as
well as a protobuf definition.
Broadly speaking, the following things are included:
* there is now a uniform `args` struct that is passed to all
derivations, package headers have been changed appropriately
* overrides are now loaded from a separate `override` folder just
using read-tree.nix
* third-party packages have moved into the `third_party` attribute set
Nixery itself is built with the buildLayeredImage system, which takes
some time to create large numbers of layers.
This adjusts the default number of image layers from 96 to 20.
Additionally Nixery's image is often loaded with `docker load -i`,
which ignores layer cache hits anyways.
Additionaly the CI build is configured to use only 1, which speeds up
CI runs.
Imports the package set twice in the builder expression: Once
configured for the target system, once configured for the native
system.
This makes it possible to fetch the actual image contents for the
required architecture, but use local tools to assemble the symlink
layer and metadata.
Specifying this meta-package toggles support for ARM64 images, for
example:
# Pull a default x86_64 image
docker pull nixery.dev/hello
# Pull an ARM64 image
docker pull nixery.dev/arm64/hello
Adds an implementation of popcount that, instead of realising
derivations locally, just queries the cache's narinfo files.
The downside of this is that calculating popularity for arbitrary Nix
package sets is not possible with this implementation. The upside is
that calculating the popularity for an entire Nix channel can now be
done in ~10 seconds[0].
This fixes#65.
[0]: Assuming a /fast/ internet connection.
This case should not be possible unless something manually constructs
a logrus entry with a non-error value in the log.ErrorKey field, but
it's better to be safe than sorry.
Previously background contexts where created where necessary (e.g. in
GCS interactions). Should I begin to use request timeouts or other
context-dependent things in the future, it's useful to have the actual
HTTP request context around.
This threads the request context through the application to all places
that need it.
The point at which files are moved happens to also (initially) be the
point where the `layers` directory is created. For this reason
renaming must ensure that all path components exist, which this commit
takes care of.
The filesystem storage backend can be enabled by setting
`NIXERY_STORAGE_BACKEND` to `filesystem` and `STORAGE_PATH` to a disk
location from which Nixery can serve files.
This abstracts over the functionality of Google Cloud Storage and
other potential underlying storage backends to make it possible to
replace these in Nixery.
The GCS backend is not yet reimplemented.
The JSON file generated for service account keys already contains the
required information for signing URLs in GCS, thus the environment
variables for toggling signing behaviour have been removed.
Signing is now enabled automatically in the presence of service
account credentials (i.e. `GOOGLE_APPLICATION_CREDENTIALS`).
Some Nix download mechanisms will add a second hash in the store path,
which had been added to the source hash output (breaking argument
interpolation).
Instead of compressing & decompressing again to get the underlying tar
hash, use a similar mechanism as for store path layers for the symlink
layer and only compress it once while uploading.
Docker expects hashes of compressed tarballs in the manifest (as these
are used to fetch from the content-addressable layer store), but for
some reason it expects hashes in the configuration layer to be of
uncompressed tarballs.
To achieve this an additional SHA256 hash is calculcated while
creating the layer tarballs, but before passing them to the gzip
writer.
In the current constellation the symlink layer is first compressed and
then decompressed again to calculate its hash. This can be refactored
in a future change.
This has become an issue recently with changes such as GZIP
compression, where CI runs no longer work because they conflict with
the production bucket for the public instance.
Makes use of the `.WithError` and `.WithField` convenience functions
in logrus to simplify log statement construction.
This has the added benefit of making it easier to correctly log
errors.
