diff options
author | Luke Granger-Brown <git@lukegb.com> | 2021-06-06 21:29:00 +0000 |
---|---|---|
committer | Luke Granger-Brown <git@lukegb.com> | 2021-06-07 02:11:04 +0000 |
commit | 5b30dd9b1c6a62cd10f3854117cf61ed2c2d841a (patch) | |
tree | 0d9d323ba0083e9449307196498fa6fb1349b470 | |
parent | cfd38a4006163277e2de9cf0810c23ba5d6c7e1d (diff) | |
download | nixpkgs-5b30dd9b1c6a62cd10f3854117cf61ed2c2d841a.tar nixpkgs-5b30dd9b1c6a62cd10f3854117cf61ed2c2d841a.tar.gz nixpkgs-5b30dd9b1c6a62cd10f3854117cf61ed2c2d841a.tar.bz2 nixpkgs-5b30dd9b1c6a62cd10f3854117cf61ed2c2d841a.tar.lz nixpkgs-5b30dd9b1c6a62cd10f3854117cf61ed2c2d841a.tar.xz nixpkgs-5b30dd9b1c6a62cd10f3854117cf61ed2c2d841a.tar.zst nixpkgs-5b30dd9b1c6a62cd10f3854117cf61ed2c2d841a.zip |
gvisor: 2019-11-14 -> 20210518.0
This also now seems to depend on protoc, but we substitute out the version of protoc so that we don't download the binary artifacts, and instead compile protoc from support. TBD: using the Nixpkgs built version of protoc instead of building from source.
-rw-r--r-- | pkgs/applications/virtualization/gvisor/default.nix | 35 | ||||
-rw-r--r-- | pkgs/top-level/all-packages.nix | 2 |
2 files changed, 30 insertions, 7 deletions
diff --git a/pkgs/applications/virtualization/gvisor/default.nix b/pkgs/applications/virtualization/gvisor/default.nix index e6b83286c00..4cd043d4eb6 100644 --- a/pkgs/applications/virtualization/gvisor/default.nix +++ b/pkgs/applications/virtualization/gvisor/default.nix @@ -1,6 +1,8 @@ { lib , buildBazelPackage , fetchFromGitHub +, callPackage +, bash , cacert , git , glibcLocales @@ -9,6 +11,7 @@ , iptables , makeWrapper , procps +, protobuf , python3 }: @@ -16,9 +19,12 @@ let preBuild = '' patchShebangs . + substituteInPlace tools/defs.bzl \ + --replace "#!/bin/bash" "#!${bash}/bin/bash" + # Tell rules_go to use the Go binary found in the PATH sed -E -i \ - -e 's|go_version\s*=\s*"[^"]+",|go_version = "host",|g' \ + -e 's|go_version\s*=\s*"[^"]+"|go_version = "host"|g' \ WORKSPACE # The gazelle Go tooling needs CA certs @@ -31,20 +37,37 @@ let export GOPATH= ''; + # Patch the protoc alias so that it always builds from source. + rulesProto = fetchFromGitHub { + owner = "bazelbuild"; + repo = "rules_proto"; + rev = "f7a30f6f80006b591fa7c437fe5a951eb10bcbcf"; + sha256 = "10bcw0ir0skk7h33lmqm38n9w4nfs24mwajnngkbs6jb5wsvkqv8"; + extraPostFetch = '' + sed -i 's|name = "protoc"|name = "_protoc_original"|' $out/proto/private/BUILD.release + cat <<EOF >>$out/proto/private/BUILD.release + alias(name = "protoc", actual = "@com_github_protocolbuffers_protobuf//:protoc", visibility = ["//visibility:public"]) + EOF + ''; + }; + in buildBazelPackage rec { name = "gvisor-${version}"; - version = "2019-11-14"; + version = "20210518.0"; src = fetchFromGitHub { owner = "google"; repo = "gvisor"; - rev = "release-20191114.0"; - sha256 = "0kyixjjlws9iz2r2srgpdd4rrq94vpxkmh2rmmzxd9mcqy2i9bg1"; + rev = "release-${version}"; + sha256 = "15a6mlclnyfc9mx3bjksnnf4vla0xh0rv9kxdp34la4gw3c4hksn"; }; nativeBuildInputs = [ git glibcLocales go makeWrapper python3 ]; bazelTarget = "//runsc:runsc"; + bazelFlags = [ + "--override_repository=rules_proto=${rulesProto}" + ]; # gvisor uses the Starlark implementation of rules_cc, not the built-in one, # so we shouldn't delete it from our dependencies. @@ -76,14 +99,14 @@ in buildBazelPackage rec { rm -f "$bazelOut"/java.log "$bazelOut"/java.log.* ''; - sha256 = "0fhmlq0d2317gwhma2mz1anb69j4chybk90j71j88wpgw1hxbk34"; + sha256 = "13pahppm431m198v5bffrzq5iw8m79riplbfqp0afh384ln669hb"; }; buildAttrs = { inherit preBuild; installPhase = '' - install -Dm755 bazel-bin/runsc/*_pure_stripped/runsc $out/bin/runsc + install -Dm755 bazel-out/*/bin/runsc/runsc_/runsc $out/bin/runsc # Needed for the 'runsc do' subcomand wrapProgram $out/bin/runsc \ diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index c537b0545a3..72a53a99cb4 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -24160,7 +24160,7 @@ in gv = callPackage ../applications/misc/gv { }; gvisor = callPackage ../applications/virtualization/gvisor { - go = go_1_14; + go = go_1_16; }; gvisor-containerd-shim = callPackage ../applications/virtualization/gvisor/containerd-shim.nix { }; |