Commit b3da944f authored by Valentin Reis's avatar Valentin Reis

testing TMPDIR strategy

parent 4ed4e791
Pipeline #5745 passed with stage
in 18 seconds
......@@ -258,7 +258,7 @@ setupSystem sa = do
vshell "sudo rm -rf nixtmpdir" empty >>= \case
ExitSuccess -> printInfo "removed ./result"
ExitFailure n -> die ("Failed to remove ./result " <> repr n)
liftIO $ createAndSetTMPDIR "./TMPDIR"
liftIO $ createAndSetTMPDIR "tmpdirname"
doVerbose $ printInfo "running nix-build for the containers attribute."
doVerbose $ printCommand $ "nix-build " <> pack
(unwords (nixArguments "containers" sa))
......@@ -283,16 +283,21 @@ setupSystem sa = do
void $ printInfo "Done setting the environment for nix-build up."
where
vshell = verboseShell verbose
verbose = verbosity sa == Verbose
doVerbose = when verbose
createAndSetTMPDIR name = do
path <- (</> fromText name) <$> pwd
b <- testpath path
when b $ rmtree path
{-localpath <- (</> fromText name) <$> pwd-}
let path = "/tmp" </> fromText name
testpath path >>= flip when (rmtree path)
mkdir path
sh $ inshell ("chmod 777 " <> name) empty
case toText path of
Right p -> export "TMPDIR" p
Right p -> sh $ do
inshell ("chmod 777 " <> p) empty
inshell ("ln -s " <> p <> name) empty
export "TMPDIR" p
Left _ -> die "Path error when setting TMPDIR"
nixArguments :: String -> ArgsCommon -> [String]
......@@ -307,15 +312,6 @@ toCommand :: IsString p => NixCommand -> p
toCommand NixBuild = "nix-build"
toCommand NixShell = "nix-shell"
wrap :: NixCommand -> String -> ArgsCommon -> IO ()
wrap nixCommand target sa@ArgsCommon {..} = sh $ do
when (verbosity == Verbose) $ liftIO $ print sa
_ <- setupSystem sa
printf "toto"
printCommand $ pack nixc <> " " <> pack (unwords arglist)
liftIO (executeFile nixc True arglist Nothing)
where
nixc = toCommand nixCommand
-- Sources of impurity for this build are: "/tmp/ /etc/argo/ /var/run/
-- /var/lock/. Moreover, sandboxing is disabled, in particular because of:
-- /tmp/nrm-* sockets, /etc/argo, /var/run/, /var/lock/ which all need read
......@@ -325,7 +321,15 @@ wrap nixCommand target sa@ArgsCommon {..} = sh $ do
{-, "build-use-sandbox"-}
{-, "--option"-}
{-, "extra-sandbox-paths"-}
{-, "/tmp/ /etc/argo/ /var/run/ /var/lock/"-}
{-, "/tmp/ /etc/argo/ /var/run/ /var/lock/"-}
wrap :: NixCommand -> String -> ArgsCommon -> IO ()
wrap nixCommand target sa@ArgsCommon {..} = sh $ do
when (verbosity == Verbose) $ liftIO $ print sa
_ <- setupSystem sa
printCommand $ pack nixc <> " " <> pack (unwords arglist)
liftIO (executeFile nixc True arglist Nothing)
where
nixc = toCommand nixCommand
arglist =
nixArguments target sa
++ [ "--pure"
......@@ -336,112 +340,5 @@ wrap nixCommand target sa@ArgsCommon {..} = sh $ do
]
++ [if sandboxing == Sandbox then "true" else "false"]
remotely :: String -> ArgsCommon -> ArgsRemote -> IO ()
remotely _ _ _ = putStrLn "unsupported in this version"
{-nixshell :: IO ()-}
{-nixshell = undefined-}
{-ArgsCommon {..} <- liftIO $ execParser opts-}
{--- building nixArguments (pure stuff) and shellArguments (impure stuff)-}
{-let nixArguments = ["-A", if enableApps then "expe" else "test"] ++ concat-}
{-[ ["--arg", longform <> "-src", encodeString p]-}
{-| (longform, p) <- overrides-}
{-]-}
{-sudo <- which "sudo" >>= \case-}
{-(Just sudo) -> printf ("Found sudo at " % fp % "\n") sudo >> return sudo-}
{-Nothing -> die "sudo not in $PATH."-}
{-export "SUDO" $ pack $ encodeString sudo-}
{-let shellArguments =-}
{-[unpack argopkgs]-}
{-++ [ "--keep"-}
{-, "SUDO"-}
{-, "--pure"-}
{-, "--allow-new-privileges"-}
{-, "--option"-}
{-, "build-extra-sandbox-paths"-}
{-, encodeString (directory sudo)-}
{-]-}
{-++ nixArguments-}
{-++ (case run of-}
{-Just cmd -> ["--run", unpack ("\"exec " <> cmd <> "\"")]-}
{-Nothing -> []-}
{-)-}
{-cachedir <- single $ inproc-}
{-"mktemp"-}
{-["-d", "--suffix=nixcache", "/tmp/deletable-nix-cache-XXXX"]-}
{-empty-}
{-export "XDG_CACHE_HOME" $ lineToText cachedir-}
{-case targetMachine of-}
{-Nothing -> do-}
{-printf s "Running nix-shell with the following arguments: \n"-}
{-liftIO $ print shellArguments-}
{-liftIO $ executeFile "nix-shell" True shellArguments Nothing-}
{-Just host -> do-}
{-export "NIX_SSHOPTS" "source .profile; source .bash_profile;"-}
{-printf s "argonix: creating a derivation in the local store:\n"-}
{-drv <- single $ inproc-}
{-"nix-instantiate"-}
{-(["--quiet", argopkgs, "-A", "test"] ++ fmap pack nixArguments)-}
{-empty-}
{-printf (s % "\n") $ lineToText drv-}
{-if remoteBuild-}
{-then do-}
{-printf-}
{-s-}
{-"argonix: copying the derivation's closure (without build output).\n"-}
{-proc "nix-copy-closure" ["--to", host, lineToText drv] empty-}
{-else do-}
{-printf s "argonix: building the derivation's output:\n"-}
{-proc "nix-store" ["--realize", lineToText drv, "--quiet"] empty-}
{-printf-}
{-s-}
{-"argonix: copying the derivation's closure (with build output).\n"-}
{-proc "nix-copy-closure"-}
{-["--include-outputs", "--to", host, lineToText drv]-}
{-empty-}
{-case run of-}
{-Just cmd -> do-}
{-_ <- proc-}
{-"ssh"-}
{-[ "-t"-}
{-, host-}
{-, "source .profile; source .bash_profile; SUDO=$(which sudo) exec nix-shell --keep SUDO --pure --allow-new-privileges --option build-extra-sandbox-paths $(which sudo | xargs dirname) "-}
{-<> lineToText drv-}
{-<> " --run "-}
{-<> "\""-}
{-<> cmd-}
{-<> "\""-}
{-]-}
{-empty-}
{-Prelude.mapM_-}
{-(\r -> proc "scp"-}
{-["-r", host <> ":" <> r, fromMaybe "." retreiveAs]-}
{-empty-}
{-)-}
{-retreive-}
{-Nothing -> liftIO $ executeFile-}
{-"ssh"-}
{-True-}
{-[ "-t"-}
{-, unpack host-}
{-, unpack-}
{-("source .profile; source .bash_profile; SUDO=$(which sudo) exec nix-shell --keep SUDO --pure --allow-new-privileges --option build-extra-sandbox-paths $(which sudo | xargs dirname) "-}
{-<> lineToText drv-}
{-)-}
{-]-}
{-Nothing-}
{-where-}
{-opts = info-}
{-(commonParser <**> helper)-}
{-( fullDesc-}
{-<> progDesc "Argo environment provisioning/deployment/execution."-}
{-<> header "argonix"-}
{-)-}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment