So far, /examples was the only place with packages that are built in the CI pipeline.
This change allows us to add package build tests to individual modules at the location where the module is defined. This has several benefits:
- We are not forced to add unnecessary examples in order to maintain test coverage
- When modules get removed, their tests will be removed alongside
- It allows us to keep old modules around and assure they keep working without having to keep outdated examples in /examples
The goal is to reduce the flake inputs visible to the user
Still, the top-level flake re-exposes the outputs of the dev-flake, but
without exposing its inputs. This means a devShell is still available in
the top-level, for example.
This also removes the /modules/flake.nix. Its original purpose was
separating the modules inputs from the development inputs, but this is
now done the opposite way around by moving the dev inputs to
/dev-flake/flake.nix.
implement options:
- options.overrides
- options.groups.<name>.overrides
Having this, it should not be necessary anymore to override members of a group directly. Instead the logic can be bound to package names, either globally for all groups, or locally for a single group.
We should probably also rename :
- `options.commonModule` -> `options.overrideAll`
- `options.groups.<name>.commonModules` -> `options.groups.<name>.overrideAll`
The pip locker [sometimes created a URL without hash][1] to reflect that there was a local source.
This produced the following error when trying to evaluate that derivation:
… from call site
at /nix/store/qdzdi6qvrqxfqxhi3j70d5dsl9f5jpby-source/modules/dream2nix/pip/default.nix:86:28:
85| mkDerivation = {
86| src = l.mkDefault (fetchers.${metadata.sources.${config.name}.type} metadata.sources.${config.name});
| ^
87| doCheck = l.mkDefault false;
… while calling 'url'
at /nix/store/qdzdi6qvrqxfqxhi3j70d5dsl9f5jpby-source/modules/dream2nix/pip/default.nix:57:11:
56| fetchers = {
57| url = info: l.fetchurl {inherit (info) url sha256;};
| ^
58| git = info: config.deps.fetchgit {inherit (info) url sha256 rev;};
error: value is null while a string was expected
Of course, one cannot call `builtins.fetchurl` without a `sha256` argument.
Now, local dependencies are specified exactly like that in the lock file. Now, we'll fetch nothing when dealing with local dependencies.
Also, their evaluation when generating `preFixup` attribute is delayed until build time. This was a bigger problem due to the previous bug, but in any case it should still help to reduce evaluation overhead.
FWIW, sometimes local sources might not really exit in the derivation source tree until build time. For example, when building aggregated sources with meta-repo management tools such as Mr. Chef.
[1]: 40b65e4598/pkgs/fetchPipMetadata/src/fetch_pip_metadata/lock_file_from_report.py (L72C28-L72C28)
The suggested copy paste attribute path is often wrong as it depends on the individual repository setup that dream2nix doesn't control.
Instead now simply hint to `nix run` the .lock attribute
This allows updating the lock file via `nix run .#{package}.lock` instead of ` nix run .#{package}.config.lock.refresh`
This is better as it's shorter, and the keyword `lock` is widely understood to lock dependencies.
For many users not having a snapshot date is a valid use case.
Also many users will expect their lock file to be updated to the latest dependency versions via a nix run .#package.config.lock.refresh. so it can be the default behavior.
- nixpkgs-overrides are not lazy enough. They can lead to eval failures thrown in nixpkgs despite not being enabled. Therefore we better use the `import` as an enable mechanism instead of the `enable` option.
We keep the enable option to allow for users to disable the override module via mkForce
* Make pip lock script use its own python version
To make the lock script independent of the python version used in the
user's project, it needs to use its own python environment. This was
already the case for the mitm proxy, but not yet for the lock script
itself. This commit ensures that the lock script uses its own python
environment, independent of the user python version, and shares it with
the mitm proxy.
* Fix IOKit dependency in htop example
* Add hash for git based packages
* Support install git dependencies
* Add test for pip with git dependency
* Update lockfiles for python example projects
This does not change any of the hashes or versions, just adds the type:
"url" property.
---------
Co-authored-by: DavHau <hsngrmpf+github@gmail.com>
- add flake-module.nix
- remove custom logic to find the repo root
- use findRoot script to find repo root
- use gitMinimal instead of git
- use separate python version for lock script than the python version to lock for. This prevents rebuilds and allows defining a standalone fetchPipMetadata package
This prevents an error where mkDerivation.src is coerced to a string while it is null which leads to hard to debug scenarios
I don't think we need this default logic for the top-level. The logic is still kept for the dependencies.
This is to improve package location finding at eval time and script execution time.
Deprecates options lock.{repoRoot,lockFileRel} as well as option eval-cache.{repoRoot, cacheFileRel}
Instead the user must now set:
- paths.projectRoot: pointing to the repoRoot
- paths.package: pointing to the package directory
- paths.projectRootFile can be used to define a marker file to find the project root. The default is '.git' but it could be set to 'flake.nix' for example
- lock files are by default put in the same directory as the package definition