Migrate to callPackage syntax (#1193)

* Upgrade toolchains - Bump flake - Regenerate LRE toolchains - Update native-cli pulumi build - Bump nightly Rust and fix exposed issues - Fix a misplaced aarch64-linux system configuration in flake (typo fix, doesn't add support for any new targets) * Migrate to callPackage syntax This somewhat subtle change opens up a lot of flexibility for toolchain (re)configuration. Instead of making packages dependent on `pkgs` we now allow individual overrides for every input. Towards crosscompilation.
TraceMachina · Jul 26, 2024 · 534a102 · 534a102
1 parent 97135e9
commit 534a102
Show file tree

Hide file tree

Showing 12 changed files with 171 additions and 143 deletions.
diff --git a/flake.nix b/flake.nix
@@ -76,14 +76,11 @@
 
         llvmPackages = pkgs.llvmPackages_18;
 
-        customStdenv = import ./tools/llvmStdenv.nix {inherit pkgs llvmPackages;};
+        customStdenv = pkgs.callPackage ./tools/llvmStdenv.nix {inherit llvmPackages;};
 
         # TODO(aaronmondal): This doesn't work with rules_rust yet.
         # Tracked in https://github.com/TraceMachina/nativelink/issues/477.
-        customClang = pkgs.callPackage ./tools/customClang.nix {
-          inherit pkgs;
-          stdenv = customStdenv;
-        };
+        customClang = pkgs.callPackage ./tools/customClang.nix {stdenv = customStdenv;};
 
         craneLib =
           if pkgs.stdenv.isDarwin
@@ -132,15 +129,15 @@
             cargoExtraArgs = "--features enable_tokio_console";
           });
 
-        hooks = import ./tools/pre-commit-hooks.nix {inherit pkgs nightly-rust;};
+        publish-ghcr = pkgs.callPackage ./tools/publish-ghcr.nix {};
 
-        publish-ghcr = import ./tools/publish-ghcr.nix {inherit pkgs;};
+        local-image-test = pkgs.callPackage ./tools/local-image-test.nix {};
 
-        local-image-test = import ./tools/local-image-test.nix {inherit pkgs nativelink;};
+        nativelink-is-executable-test = pkgs.callPackage ./tools/nativelink-is-executable-test.nix {inherit nativelink;};
 
-        nativelink-is-executable-test = import ./tools/nativelink-is-executable-test.nix {inherit pkgs nativelink;};
+        rbe-configs-gen = pkgs.callPackage ./local-remote-execution/rbe-configs-gen.nix {};
 
-        generate-toolchains = import ./tools/generate-toolchains.nix {inherit pkgs;};
+        generate-toolchains = pkgs.callPackage ./tools/generate-toolchains.nix {inherit rbe-configs-gen;};
 
         native-cli = pkgs.callPackage ./native-cli/default.nix {};
 
@@ -174,8 +171,11 @@
 
         nativelink-worker-init = pkgs.callPackage ./tools/nativelink-worker-init.nix {inherit buildImage self nativelink-image;};
 
-        rbe-autogen = import ./local-remote-execution/rbe-autogen.nix {inherit pkgs nativelink buildImage llvmPackages;};
-        createWorker = import ./tools/create-worker.nix {inherit pkgs buildImage self;};
+        rbe-autogen = pkgs.callPackage ./local-remote-execution/rbe-autogen.nix {
+          inherit buildImage;
+          stdenv = customStdenv;
+        };
+        createWorker = pkgs.callPackage ./tools/create-worker.nix {inherit buildImage self;};
         siso-chromium = buildImage {
           name = "siso-chromium";
           fromImage = pullImage {
@@ -187,7 +187,10 @@
             os = "linux";
           };
         };
-        lre-cc = import ./local-remote-execution/lre-cc.nix {inherit pkgs buildImage llvmPackages;};
+        lre-cc = pkgs.callPackage ./local-remote-execution/lre-cc.nix {
+          inherit customClang buildImage;
+          stdenv = customStdenv;
+        };
         toolchain-drake = buildImage {
           name = "toolchain-drake";
           # imageDigest and sha256 are generated by toolchain-drake.sh for non-reproducible builds.
@@ -232,7 +235,7 @@
 
           rbe-autogen-lre-cc = rbe-autogen lre-cc;
           nativelink-worker-lre-cc = createWorker lre-cc;
-          lre-java = import ./local-remote-execution/lre-java.nix {inherit pkgs buildImage;};
+          lre-java = pkgs.callPackage ./local-remote-execution/lre-java.nix {inherit buildImage;};
           rbe-autogen-lre-java = rbe-autogen lre-java;
           nativelink-worker-lre-java = createWorker lre-java;
           nativelink-worker-siso-chromium = createWorker siso-chromium;
@@ -249,7 +252,11 @@
           #   partitionType = "count";
           # });
         };
-        pre-commit.settings = {inherit hooks;};
+        pre-commit.settings = {
+          hooks = import ./tools/pre-commit-hooks.nix {
+            inherit pkgs nightly-rust;
+          };
+        };
         local-remote-execution.settings = {
           Env =
             if pkgs.stdenv.isDarwin

diff --git a/local-remote-execution/lre-cc.nix b/local-remote-execution/lre-cc.nix
@@ -1,14 +1,9 @@
 {
-  pkgs,
   buildImage,
-  llvmPackages,
+  customClang,
+  stdenv,
+  pkgs,
 }: let
-  customStdenv = import ../tools/llvmStdenv.nix {inherit pkgs llvmPackages;};
-  customClang = pkgs.callPackage ../tools/customClang.nix {
-    inherit pkgs;
-    stdenv = customStdenv;
-  };
-
   # This environment is shared between toolchain autogen images and the final
   # toolchain image.
   Env = [
@@ -17,9 +12,9 @@
     # binary identical toolchains during local and remote execution.
     ("PATH="
       + (pkgs.lib.strings.concatStringsSep ":" [
-        "${customStdenv.cc.bintools}/bin"
+        "${stdenv.cc.bintools}/bin"
         "${customClang}/bin"
-        "${customStdenv}/bin"
+        "${stdenv}/bin"
         "${pkgs.coreutils}/bin"
         "${pkgs.findutils}/bin"
         "${pkgs.gnutar}/bin"

diff --git a/local-remote-execution/lre-java.nix b/local-remote-execution/lre-java.nix
@@ -1,6 +1,10 @@
 {
-  pkgs,
   buildImage,
+  coreutils,
+  findutils,
+  gnutar,
+  jdk17_headless,
+  lib,
   ...
 }: let
   # This config is shared between toolchain autogen images and the final
@@ -10,12 +14,12 @@
     # paths instead of `/bin` or `/usr/bin`. This way we're guaranteed to use
     # binary identical toolchains during local and remote execution.
     ("PATH="
-      + (pkgs.lib.strings.concatStringsSep ":" [
-        "${pkgs.coreutils}/bin"
-        "${pkgs.findutils}/bin"
-        "${pkgs.gnutar}/bin"
+      + (lib.strings.concatStringsSep ":" [
+        "${coreutils}/bin"
+        "${findutils}/bin"
+        "${gnutar}/bin"
       ]))
-    "JAVA_HOME=${pkgs.jdk17_headless}/lib/openjdk"
+    "JAVA_HOME=${jdk17_headless}/lib/openjdk"
   ];
 in
   buildImage {

diff --git a/local-remote-execution/rbe-autogen.nix b/local-remote-execution/rbe-autogen.nix
@@ -1,34 +1,40 @@
 {
-  pkgs,
+  bash,
+  bazel_7,
+  buildEnv,
   buildImage,
-  llvmPackages,
-  ...
+  cacert,
+  coreutils,
+  findutils,
+  gnutar,
+  lib,
+  runCommand,
+  runtimeShell,
+  stdenv,
 }: let
-  customStdenv = import ../tools/llvmStdenv.nix {inherit pkgs llvmPackages;};
-
   # These dependencies are needed to generate the toolchain configurations but
   # aren't required during remote execution.
   autogenDeps = [
     # Required to generate toolchain configs.
-    pkgs.bazel_7
+    bazel_7
 
     # Required for communication with trusted sources.
-    pkgs.cacert
+    cacert
 
     # Tools that we would usually forward from the host.
-    pkgs.bash
-    pkgs.coreutils
+    bash
+    coreutils
 
     # We need these tools to generate the RBE autoconfiguration.
-    pkgs.findutils
-    pkgs.gnutar
+    findutils
+    gnutar
 
-    customStdenv.cc.bintools
+    stdenv.cc.bintools
   ];
 
   # A temporary directory. Note that this doesn't set any permissions. Those
   # need to be added explicitly in the final image arguments.
-  mkTmp = pkgs.runCommand "mkTmp" {} ''
+  mkTmp = runCommand "mkTmp" {} ''
     mkdir -p $out/tmp
   '';
 
@@ -42,7 +48,7 @@
   };
 
   # Enable the shebang `#!/usr/bin/env bash`.
-  mkEnvSymlink = pkgs.runCommand "mkEnvSymlink" {} ''
+  mkEnvSymlink = runCommand "mkEnvSymlink" {} ''
     mkdir -p $out/usr/bin
     ln -s /bin/env $out/usr/bin/env
   '';
@@ -52,10 +58,10 @@
   uid = "1000";
   gid = "1000";
 
-  mkUser = pkgs.runCommand "mkUser" {} ''
+  mkUser = runCommand "mkUser" {} ''
     mkdir -p $out/etc/pam.d
 
-    echo "root:x:0:0::/root:${pkgs.runtimeShell}" > $out/etc/passwd
+    echo "root:x:0:0::/root:${runtimeShell}" > $out/etc/passwd
     echo "${user}:x:${uid}:${gid}:::" >> $out/etc/passwd
 
     echo "root:!x:::::::" > $out/etc/shadow
@@ -83,8 +89,8 @@
     path = mkUser;
     regex = "/home/${user}";
     mode = "0755";
-    uid = pkgs.lib.toInt uid;
-    gid = pkgs.lib.toInt gid;
+    uid = lib.toInt uid;
+    gid = lib.toInt gid;
     uname = user;
     gname = group;
   };
@@ -98,7 +104,7 @@ in
         mkUser
         mkTmp
         mkEnvSymlink
-        (pkgs.buildEnv {
+        (buildEnv {
           name = "${image.imageName}-buildEnv";
           paths = autogenDeps;
           pathsToLink = ["/bin"];

diff --git a/local-remote-execution/rbe-configs-gen.nix b/local-remote-execution/rbe-configs-gen.nix
@@ -1,13 +1,17 @@
-{pkgs, ...}:
-pkgs.buildGoModule rec {
+{
+  buildGoModule,
+  fetchFromGitHub,
+  lib,
+}:
+buildGoModule rec {
   pname = "bazel-toolchains";
   version = "5.1.3-rc1";
 
   patches = [
     ./rbe_configs_gen_adjustments.diff
   ];
 
-  src = pkgs.fetchFromGitHub {
+  src = fetchFromGitHub {
     owner = "bazelbuild";
     repo = "bazel-toolchains";
     rev = "v${version}";
@@ -16,7 +20,7 @@ pkgs.buildGoModule rec {
 
   vendorHash = "sha256-E6PylI2prXCXqOUYgYi5nZ4qptqOqbcaOquDfEkhaQ4=";
 
-  meta = with pkgs.lib; {
+  meta = with lib; {
     description = "Generate Bazel toolchain configs for remote execution.";
     homepage = "https://github.com/bazelbuild/bazel-toolchains";
     license = licenses.asl20;

diff --git a/tools/create-worker.nix b/tools/create-worker.nix
@@ -1,12 +1,16 @@
 {
-  pkgs,
+  bash,
+  buildEnv,
   buildImage,
+  coreutils,
+  lib,
+  runCommand,
+  runtimeShell,
   self,
-  ...
 }: let
   # A temporary directory. Note that this doesn't set any permissions. Those
   # need to be added explicitly in the final image arguments.
-  mkTmp = pkgs.runCommand "mkTmp" {} ''
+  mkTmp = runCommand "mkTmp" {} ''
     mkdir -p $out/tmp
   '';
 
@@ -20,7 +24,7 @@
   };
 
   # Enable the shebang `#!/usr/bin/env bash`.
-  mkEnvSymlink = pkgs.runCommand "mkEnvSymlink" {} ''
+  mkEnvSymlink = runCommand "mkEnvSymlink" {} ''
     mkdir -p $out/usr/bin
     ln -s /bin/env $out/usr/bin/env
   '';
@@ -30,10 +34,10 @@
   uid = "1000";
   gid = "1000";
 
-  mkUser = pkgs.runCommand "mkUser" {} ''
+  mkUser = runCommand "mkUser" {} ''
     mkdir -p $out/etc/pam.d
 
-    echo "root:x:0:0::/root:${pkgs.runtimeShell}" > $out/etc/passwd
+    echo "root:x:0:0::/root:${runtimeShell}" > $out/etc/passwd
     echo "${user}:x:${uid}:${gid}:::" >> $out/etc/passwd
 
     echo "root:!x:::::::" > $out/etc/shadow
@@ -61,8 +65,8 @@
     path = mkUser;
     regex = "/home/${user}";
     mode = "0755";
-    uid = pkgs.lib.toInt uid;
-    gid = pkgs.lib.toInt gid;
+    uid = lib.toInt uid;
+    gid = lib.toInt gid;
     uname = user;
     gname = group;
   };
@@ -79,9 +83,9 @@ in
         mkUser
         mkTmp
         mkEnvSymlink
-        (pkgs.buildEnv {
+        (buildEnv {
           name = "${image.imageName}-buildEnv";
-          paths = [pkgs.coreutils pkgs.bash];
+          paths = [coreutils bash];
           pathsToLink = ["/bin"];
         })
       ];

diff --git a/tools/customClang.nix b/tools/customClang.nix
@@ -1,14 +1,14 @@
 {
-  pkgs,
   stdenv,
+  writeShellScriptBin,
 }:
 # Bazel expects a single frontend for both C and C++. That works for GCC but
 # not for clang. This wrapper selects `clang` or `clang++` depending on file
 # ending.
 # TODO(aaronmondal): The necessity of this is a bug.
 #                    See: https://github.com/NixOS/nixpkgs/issues/216047
 #                    and https://github.com/NixOS/nixpkgs/issues/150655
-pkgs.writeShellScriptBin "customClang" ''
+writeShellScriptBin "customClang" ''
   #! ${stdenv.shell}
   function isCxx() {
      if [ $# -eq 0 ]; then false