mdebray/tvl-depot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tvl-depot/default.nix
Vincent Ambo a2be05faa4 refactor(readTree): Move copy of 'fix' into readTree 
This is often used when bootstrapping a repository with readTree,
before lib is available. Having this definition in readTree is more
convenient than copy&pasting it around to callsites.

Change-Id: I6d5d27ed142bea704843fe289ad2674be8c4d360
2021-11-23 12:02:53 +00:00

136 lines
4.4 KiB
Nix
Raw Blame History

# This file sets up the top-level package set by traversing the package tree
# (see //nix/readTree for details) and constructing a matching attribute set
# tree.
{ nixpkgsBisectPath ? null, ... }@args:
let
inherit (builtins)
concatMap
filter
;
readTree = import ./nix/readTree {};
# Disallow access to //users from other depot parts.
usersFilter = readTree.restrictFolder {
folder = "users";
reason = ''
Code under //users is not considered stable or dependable in the
wider depot context. If a project under //users is required by
something else, please move it to a different depot path.
'';
exceptions = [
# whitby is allowed to access //users for several reasons:
#
# 1. User SSH keys are set in //users.
# 2. Some personal websites or demo projects are served from it.
[ "ops" "machines" "whitby" ]
# Due to evaluation order this also affects these targets.
# TODO(tazjin): Can this one be removed somehow?
[ "ops" "nixos" ]
[ "ops" "machines" "all-systems" ]
];
};
# Disallow access to //corp from other depot parts.
corpFilter = readTree.restrictFolder {
folder = "corp";
reason = ''
Code under //corp may use incompatible licensing terms with
other depot parts and should not be used anywhere else.
'';
exceptions = [
# For the same reason as above, whitby is exempt to serve the
# corp website.
[ "ops" "machines" "whitby" ]
[ "ops" "nixos" ]
[ "ops" "machines" "all-systems" ]
];
};
readDepot = depotArgs: readTree {
args = depotArgs;
path = ./.;
filter = parts: args: corpFilter parts (usersFilter parts args);
scopedArgs = {
__findFile = _: _: throw "Do not import from NIX_PATH in the depot!";
};
};
# To determine build targets, we walk through the depot tree and
# fetch attributes that were imported by readTree and are buildable.
#
# Any build target that contains `meta.ci = false` will be skipped.
# Is this tree node eligible for build inclusion?
eligible = node: (node ? outPath) && (node.meta.ci or true);
# Walk the tree starting with 'node', recursively extending the list
# of build targets with anything that looks buildable.
#
# Any tree node can specify logical targets by exporting a
# 'meta.targets' attribute containing a list of keys in itself. This
# enables target specifications that do not exist on disk directly.
gather = node:
if node ? __readTree then
# Include the node itself if it is eligible.
(if eligible node then [ node ] else [])
# Include eligible children of the node
++ concatMap gather (map (attr: node."${attr}") node.__readTreeChildren)
# Include specified sub-targets of the node
++ filter eligible (map
(k: (node."${k}" or {}) // {
# Keep the same tree location, but explicitly mark this
# node as a subtarget.
__readTree = node.__readTree;
__readTreeChildren = [];
__subtarget = k;
})
(node.meta.targets or []))
else [];
in readTree.fix(self: (readDepot {
depot = self;
# Pass third_party as 'pkgs' (for compatibility with external
# imports for certain subdirectories)
pkgs = self.third_party.nixpkgs;
# Expose lib attribute to packages.
lib = self.third_party.nixpkgs.lib;
# Pass arguments passed to the entire depot through, for packages
# that would like to add functionality based on this.
#
# Note that it is intended for exceptional circumstance, such as
# debugging by bisecting nixpkgs.
externalArgs = args;
}) // {
# Make the path to the depot available for things that might need it
# (e.g. NixOS module inclusions)
path = self.third_party.nixpkgs.lib.cleanSource ./.;
# List of all buildable targets, for CI purposes.
#
# Note: To prevent infinite recursion, this *must* be a nested
# attribute set (which does not have a __readTree attribute).
ci.targets = gather (self // {
# remove the pipelines themselves from the set over which to
# generate pipelines because that also leads to infinite
# recursion.
ops = self.ops // { pipelines = null; };
# remove nixpkgs from the set, for obvious reasons.
third_party = self.third_party // { nixpkgs = null; };
});
# Derivation that gcroots all depot targets.
ci.gcroot = self.third_party.nixpkgs.symlinkJoin {
name = "depot-gcroot";
paths = self.ci.targets;
};
})
Reference in a new issue View git blame Copy permalink