#pragma once #include "types.hh" #include "hash.hh" #include namespace nix { /* Extension of derivations in the Nix store. */ const string drvExtension = ".drv"; /* Abstract syntax of derivations. */ struct DerivationOutput { Path path; string hashAlgo; /* hash used for expected hash computation */ string hash; /* expected hash, may be null */ DerivationOutput() { } DerivationOutput(Path path, string hashAlgo, string hash) { this->path = path; this->hashAlgo = hashAlgo; this->hash = hash; } void parseHashInfo(bool & recursive, HashType & hashType, Hash & hash) const; }; typedef std::map DerivationOutputs; /* For inputs that are sub-derivations, we specify exactly which output IDs we are interested in. */ typedef std::map DerivationInputs; typedef std::map StringPairs; struct Derivation { DerivationOutputs outputs; /* keyed on symbolic IDs */ DerivationInputs inputDrvs; /* inputs that are sub-derivations */ PathSet inputSrcs; /* inputs that are sources */ string platform; Path builder; Strings args; StringPairs env; }; class StoreAPI; /* Write a derivation to the Nix store, and return its path. */ Path writeDerivation(StoreAPI & store, const Derivation & drv, const string & name, bool repair = false); /* Read a derivation from a file. */ Derivation readDerivation(const Path & drvPath); /* Print a derivation. */ string unparseDerivation(const Derivation & drv); /* Check whether a file name ends with the extensions for derivations. */ bool isDerivation(const string & fileName); /* Return true iff this is a fixed-output derivation. */ bool isFixedOutputDrv(const Derivation & drv); Hash hashDerivationModulo(StoreAPI & store, Derivation drv); /* Memoisation of hashDerivationModulo(). */ typedef std::map DrvHashes; extern DrvHashes drvHashes; /* Split a string specifying a derivation and a set of outputs (/nix/store/hash-foo!out1,out2,...) into the derivation path and the outputs. */ typedef std::pair > DrvPathWithOutputs; DrvPathWithOutputs parseDrvPathWithOutputs(const string & s); Path makeDrvPathWithOutputs(const Path & drvPath, const std::set & outputs); bool wantOutput(const string & output, const std::set & wanted); PathSet outputPaths(const Derivation & drv); } cm
AgeCommit message (Expand)Author
2020-09-29secret-service: Add proper logging procedure and log to syslog....* gnu/build/secret-service.scm (log): New macro. (secret-service-send-secrets, secret-service-receive-secrets): Use it instead of raw 'format' calls. Ludovic Courtès
2020-09-29services: secret-service: Add initial client/server handshake....This allows the client running on the host to know when it's actually connect to the server running in the guest. Failing that, the client would connect right away to QEMU and send secrets even though the server is not running yet in the guest, which is unreliable. * gnu/build/secret-service.scm (secret-service-send-secrets): Add #:handshake-timeout. Read from SOCK an initial message from the server. Return #f on error. (secret-service-receive-secrets): Send 'secret-service-server' message to the client. Close SOCK upon timeout. * gnu/services/virtualization.scm (hurd-vm-shepherd-service): 'start' method returns #f when 'secret-service-send-secrets' returns #f. Ludovic Courtès
2020-09-29secret-service: Fix file port leak in 'secret-service-send-secrets'....* gnu/build/secret-service.scm (secret-service-send-secrets): Use 'call-with-input-file' instead of 'open-input-file'. Ludovic Courtès
2020-09-29secret-service: Add a timeout when waiting for a client....* gnu/build/secret-service.scm (secret-service-receive-secrets) [wait-for-client]: Call 'select' with a 60s timeout before 'accept'. Return #f upon timeout. [read-secrets]: Return FILES on success. Adjust caller of 'wait-for-client' to handle #f. Ludovic Courtès
2020-09-29secret-service: Clarify the origin of messages....* gnu/build/secret-service.scm (secret-service-send-secrets) (secret-service-receive-secrets): Prefix messages by "secret service". Ludovic Courtès
2020-09-01services: Add secret-service-type....This adds a "secret-service" that can be added to a Childhurd VM to receive out-of-band secrets (keys) sent from the host. Co-authored-by: Ludovic Courtès <ludo@gnu.org> * gnu/services/virtualization.scm (secret-service-activation): New procedure. (secret-service-type): New variable. * gnu/build/secret-service.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. Jan (janneke) Nieuwenhuizen