stdenv: don't discard string context from ContentAddressed derivations#214044
stdenv: don't discard string context from ContentAddressed derivations#214044trofi wants to merge 1 commit intoNixOS:stagingfrom
Conversation
Without the change build for packages that use `disallowedReferences`
fails in `contentAddressedByDefault = true` mode:
$ nix build -f. ruby_3_1 --arg config '{ contentAddressedByDefault = true; }'
...
error: derivation contains an illegal reference specifier '/0j3hif3ni7zl5zhlzzr5q2q23z66136mnzp75pyiqp5c72q14im2'
error: 1 dependencies of derivation '/nix/store/39ji7qp225pxvrm8cgvzmyjqsyis2n0h-ruby-3.1.2.drv' failed to build
Original intent of NixOS#211783 was to
avoid pulling in actual derivation for reference scanning purposes.
Unfortunately CA derivations's outputPath are placeholders until they
are instantiated.
Let's restore string context for CA derivations for now.
|
@r-vdp I hope that does not affect your current use case. |
|
Heh this is funny. I suppose one would need to do like an IFD to force the CA derivation to be built and get the store path. |
ofborg
bot
added
10.rebuild-darwin: 0
|
Hi @trofi, thanks for the heads-up! I am not currently using CA derivations so this will not directly affect me, but I guess that this should be an extra motivation to fix the underlying bug in nix, as it could bite us again if CA derivations would become more widely used. |
|
I'd rather just (or “in addition” for the time being) make the check here a bit more lenient and also allow CA-derivations placeholders (and possibly discard them) since we can't resolve them to store paths in the general case.
I'm not sure that would change much here unfortunately since that bug is just Nix being overzealous in checking that the references mentioned are valid. If anything it's actually nice that being a library-side thing we can easily work around it |
|
I think this PR is still valid with a comment that it can be removed after nix resolves this issue. Otherwise we have to do all kinds of workarounds in nixpkgs to temporarily solve this |
|
I'm not sure it's valid. But I find it good enough for local use. |
|
@gador Yes that's right. We should do this instead of those manual fixes. I am thinking about a longer-term solution. edit NixOS/nix#11954 and NixOS/nix#11955 is my thoughts. |
|
@gador Can you resurrect this, and revert/close all the other temp fixes? |
|
Yes, I'll do so tomorrow 👍 |
|
I've restored the PR as is if it helps. I'm using it since on my systems without problems: |
6 participants
Without the change build for packages that use
disallowedReferencesfails incontentAddressedByDefault = truemode:Original intent of #211783 was to avoid pulling in actual derivation for reference scanning purposes.
Unfortunately CA derivations's outputPath are placeholders until they are instantiated.
Let's restore string context for CA derivations for now.
Description of changes
Things done
sandbox = trueset innix.conf? (See Nix manual)nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/)nixos/doc/manual/md-to-db.shto update generated release notes