-
Notifications
You must be signed in to change notification settings - Fork 98
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
deploy-rs builds derivations without considering flake attribute nixConfig
#204
Comments
Important clarification as some might not use the standard There may also exist a different method to make nix aware again of the One could also argue this could be a nix bug, but i do not have enough experience with how |
I'm not sure about all the reasons why |
From closer looking, there is no great solution for this. As an auto-accepting
All ways I have found to implement the remote-builder with |
deploy
command does not pull in flake attributes on build.nixConfig
Problem
Currently, deploy-rs runs its
nix build
command against a derivation path in/nix/store
. This style of running nix build misses any arguments in a defined flake.nix file, notablynixConfig
.Details
When running
deploy .#hostname
, deploy-rs will use thenix show-derivation
command to find the actual.drv
path of the NixOS configuration, and then later use it for the nix build step, for examplenix build /nix/store/[...]-nixos-system-[hostname]-[...].drv
.deploy-rs/src/push.rs
Lines 241 to 244 in 8c9ea96
deploy-rs/src/push.rs
Lines 71 to 73 in 8c9ea96
However, running
nix build
in this way will never make it aware of theflake.nix
file its from, and any extra arguments tonixConfig
it was expect to be run against. This is problematic as it lets build steps skip anyextra-substituters
that may be defined per repository.Attempted solutions
The simplest solution would be to target the flake file
/path/to/flake.nix#nixosConfigurations.[hostname].config.system.build.toplevel
instead as the argument fornix build
to let it be flake aware. But this causes us to have to re-evaluate our nix derivation for the build step. An example attempt at this was done in #206.Current best idea
This gets sadly quite complicated to avoid doing a 2nd evaluation. But it goes as follows:
Use
nix eval --json --file /path/to/flake.nix nixConfig
to quickly fetch nixConfig arguments, verify them against the running users~/.local/share/nix/trusted-settings.json
to then append the arguments tonix build
with--option key val
if they are set totrue
. Raise about missing trusted-settings or allow a user to answer y/n to append these into the json, also allow a--accept-flake-config
to avoid reading trusted settings and just append all settings without vaildation.This was discovered during debugging odd behavior in the latest nix 2.15.0 release in #203.
CC: @rvem
The text was updated successfully, but these errors were encountered: