diff --git a/.circleci/config.yml b/.circleci/config.yml index af42058a79300d3f562be9ebd42e012f4ed2b857..14fde59987757ba88639fe78fc5b9852b750b52f 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -140,13 +140,14 @@ jobs: - image: "nixorg/nix:circleci" environment: - # Specify a revision of NixOS/nixpkgs to run against. This essentially - # pins the majority of the software involved in the build. This - # revision is selected arbitrarily. It's somewhat current as of the - # time of this comment. We can bump it to a newer version when that - # makes sense. Meanwhile, the platform won't shift around beneath us - # unexpectedly. - NIXPKGS_REV: "8bf142e001b6876b021c8ee90c2c7cec385fe8e9" + # Specify a revision of PrivateStorageio/nixpkgs to run against. This + # essentially pins the majority of the software involved in the build. + # This revision is selected arbitrarily (it's just new enough to define + # all of the PrivateStorage stuff that ZKAPAuthorizer depends on). It's + # somewhat current as of the time of this comment. We can bump it to a + # newer version when that makes sense. Meanwhile, the platform won't + # shift around beneath us unexpectedly. + NIXPKGS_REV: "730129887a84a8f84f3b78ffac7add72aeb551b6" steps: - run: @@ -157,7 +158,7 @@ jobs: # the `BASE_ENV` feature as we do here. name: "Setup NIX_PATH Environment Variable" command: | - echo "export NIX_PATH=nixpkgs=https://github.com/NixOS/nixpkgs-channels/archive/$NIXPKGS_REV.tar.gz" >> $BASH_ENV + echo "export NIX_PATH=nixpkgs=https://github.com/PrivateStorageio/nixpkgs/archive/$NIXPKGS_REV.tar.gz" >> $BASH_ENV - "checkout" @@ -193,7 +194,8 @@ jobs: # If nixpkgs changes then potentially a lot of cached packages for # the base system will be invalidated so we may as well drop them # and make a new cache with the new packages. - - zkapauthorizer-nix-store-v4-{{ checksum "nixpkgs.rev" }} + - zkapauthorizer-nix-store-v4-{{ checksum "nixpkgs.rev" }}-ourdeps + - zkapauthorizer-nix-store-v4-{{ checksum "nixpkgs.rev" }}- - zkapauthorizer-nix-store-v4- - run: @@ -207,6 +209,13 @@ jobs: --arg callPackage '(import <nixpkgs> { }).callPackage' \ ./python-challenge-bypass-ristretto.nix + - save_cache: + name: "Cache Nix Store Paths" + when: "always" + key: zkapauthorizer-nix-store-v4-{{ checksum "nixpkgs.rev" }} + paths: + - "/nix" + - run: name: "Run Test Suite" command: | @@ -220,11 +229,15 @@ jobs: # # Further, we want the "doc" output built as well because that's # where the coverage data ends up. - nix-build --argstr hypothesisProfile ci --arg collectCoverage true --attr doc + nix-build \ + --argstr hypothesisProfile ci \ + --arg collectCoverage true \ + --attr doc - save_cache: name: "Cache Nix Store Paths" - key: zkapauthorizer-nix-store-v4-{{ checksum "nixpkgs.rev" }} + when: "always" + key: zkapauthorizer-nix-store-v4-{{ checksum "nixpkgs.rev" }}-ourdeps paths: - "/nix" diff --git a/default.nix b/default.nix index cc526bf34eaac576f52525637c2a524fc97f21f3..9910ed370f3e0a4562f94beddde68cb87e240120 100644 --- a/default.nix +++ b/default.nix @@ -8,11 +8,7 @@ let pkgs' = pkgs.extend (import ./overlays.nix); callPackage = pkgs'.python27Packages.callPackage; - tahoe-lafs' = ( - if tahoe-lafs != null - then tahoe-lafs - else callPackage ./tahoe-lafs.nix { } - ); + tahoe-lafs' = if tahoe-lafs == null then pkgs.python2Packages.tahoe-lafs-1_14 else tahoe-lafs; in callPackage ./zkapauthorizer.nix { challenge-bypass-ristretto = callPackage ./python-challenge-bypass-ristretto.nix { }; diff --git a/nixpkgs.nix b/nixpkgs.nix deleted file mode 100644 index 28889093ccc5ba3ac9feb2a099181fdea64b4dda..0000000000000000000000000000000000000000 --- a/nixpkgs.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ pkgs ? import <nixpkgs> { } }: -let - nixpkgs = pkgs.path; - args = - { overlays = [ (import ./overlays.nix) ]; - }; -in -pkgs.callPackage nixpkgs args diff --git a/tahoe-lafs-repo.nix b/tahoe-lafs-repo.nix deleted file mode 100644 index fc944e5739e7246a922761b2c7abaf05b62b8327..0000000000000000000000000000000000000000 --- a/tahoe-lafs-repo.nix +++ /dev/null @@ -1,9 +0,0 @@ -let - pkgs = import <nixpkgs> {}; -in - pkgs.fetchFromGitHub { - owner = "tahoe-lafs"; - repo = "tahoe-lafs"; - rev = "tahoe-lafs-1.14.0"; - sha256 = "1ahdiapg57g6icv7p2wbzgkwl9lzdlgrsvbm5485414m7z2d6las"; - } diff --git a/tahoe-lafs.nix b/tahoe-lafs.nix deleted file mode 100644 index 212439638fb54e1dfb57d5ae91784759e234d02e..0000000000000000000000000000000000000000 --- a/tahoe-lafs.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ python2Packages }: -let - # Manually assemble the tahoe-lafs build inputs because tahoe-lafs 1.14.0 - # eliot package runs the eliot test suite which is flaky. Doing this gives - # us a place to insert a `doCheck = false` (at the cost of essentially - # duplicating tahoe-lafs' default.nix). Not ideal but at least we can throw - # it away when we upgrade to the next tahoe-lafs version. - repo = ((import ./tahoe-lafs-repo.nix) + "/nix"); - nevow-drv = repo + "/nevow.nix"; - nevow = python2Packages.callPackage nevow-drv { }; - eliot-drv = repo + "/eliot.nix"; - eliot = (python2Packages.callPackage eliot-drv { }).overrideAttrs (old: { - doInstallCheck = false; - }); - tahoe-lafs-drv = repo + "/tahoe-lafs.nix"; - tahoe-lafs = python2Packages.callPackage tahoe-lafs-drv { - inherit nevow eliot; - }; -in - tahoe-lafs