Get rid of deep realisations entirely#15289
Conversation
9c3eabb to
b7a9a14
Compare
719c8e9 to
99353ea
Compare
e69a5a0 to
134f1b4
Compare
| * Callback type for querying realisations. The callback should return | ||
| * the realisation for the given DrvOutput, or nullptr if not found. | ||
| */ | ||
| using QueryRealisationFun = std::function<std::shared_ptr<const UnkeyedRealisation>(const DrvOutput &)>; |
There was a problem hiding this comment.
Could be fun<> now?
Makes your reference to nullptr trivially unambiguous :)
There was a problem hiding this comment.
Oh yes this is something to improve post the recent rebase :)
There was a problem hiding this comment.
Did you mean std::optional<fun<....>>?
| /** | ||
| * For internal use only. | ||
| */ |
There was a problem hiding this comment.
| /** | |
| * For internal use only. | |
| */ | |
| /** | |
| * For internal use only. Just here to be shared in the implementation of `Store::queryPartialDerivationOutputMap` and `deepQueryPartialDerivationOutputMap`. | |
| */ |
|
|
||
| static bool tryResolveInput( | ||
| Store & store, | ||
| const StoreDirConfig & store, |
There was a problem hiding this comment.
Love to see progress on CA. Would be great to add a release note!
9971ea9 to
30a9106
Compare
There was a problem hiding this comment.
Why are we removing this? What if one enables and then disables CA drvs?
There was a problem hiding this comment.
The check was moved to Store::queryRealisation, so it affects all implementations / no implementation can forget to check.
There was a problem hiding this comment.
This change was done in its own commit btw, it might be easier to read that way.
lovesegfault
left a comment
There was a problem hiding this comment.
one thing not in the diff — nix-build.cc:593 still uses store->queryPartialDerivationOutputMap(inputDrv). line 537 got migrated to deepQuery* but this one didn't. if inputDrv is a CA drv that needs resolution, i think *o at 596 could throw now that deep realisations are gone? pretty niche (nix-shell + __structuredAttrs + CA input) so maybe fine to punt.
not blocking — overall this looks good, happy to see deep realisations go
src/nix/copy.cc
Outdated
| } | ||
|
|
||
| copyPaths(*srcStore, *dstStore, stuffToCopy, NoRepair, checkSigs, substitute); | ||
| copyClosure(*srcStore, *dstStore, stuffToCopy, NoRepair, checkSigs, substitute); |
There was a problem hiding this comment.
Good question, maybe I did this because I needed to compute the shallow realisation build closure to send it over.
If so, that should be factored out. And longer term, we should stop implicitly copying realisations anyways.
There was a problem hiding this comment.
This makes the --no-recursive option ignored.
tests/functional/ca/build-cache.sh
Outdated
| # copyClosure copies unsigned input-addressed closure deps into the | ||
| # binary cache, so mark the substituter as trusted to skip the | ||
| # signature check in substitution-goal.cc. |
There was a problem hiding this comment.
Do we actually want this?
We don't want to only have build traces for objects we have in the store, anymore.
ece4def to
8ab8977
Compare
not that niche in my experience |
| if (!drv->type().isImpure()) { | ||
| Realisation newRealisation{ | ||
| realisation, | ||
| { | ||
| .drvPath = drvPath, | ||
| .outputName = wantedOutput, | ||
| }}; | ||
| newRealisation.signatures.clear(); | ||
| worker.store.signRealisation(newRealisation); | ||
| worker.store.registerDrvOutput(newRealisation); | ||
| } | ||
|
|
There was a problem hiding this comment.
Yup, this is the spot where it created deep realizations before.
| clearStore | ||
| # Check nothing gets built. | ||
| buildAttr "$derivationPath" 1 --option substituters "file://$cacheDir" --no-require-sigs |& grepQuietInverse " will be built:" | ||
| buildAttr "$derivationPath" 1 --option substituters "file://$cacheDir?trusted=1" --no-require-sigs -j0 |
There was a problem hiding this comment.
Discussed. Some weird existing problem that made ?trusted=1 needed, but it is just helping along with the existing --no-require-sigs flag. Not adding fundamentally new untrustedness.
| std::visit( | ||
| overloaded{ | ||
| [&](const Realisation & realisation) { | ||
| experimentalFeatureSettings.require(Xp::CaDerivations); | ||
| realisations.push_back(&realisation); | ||
| storePaths.insert(realisation.outPath); | ||
| }, | ||
| [&](const OpaquePath & op) { storePaths.insert(op.path); }, | ||
| }, | ||
| path.raw); |
There was a problem hiding this comment.
What's the effect of this?
There was a problem hiding this comment.
We no longer copy over out paths implicitly. If the thing wants to copy a realisation, we just copy that.
This morally goes with removing the foreign keys in the previous commit. It is necessary for copying a (shallow) realisation closure without also making it necessary to keep the build closure around.
There was a problem hiding this comment.
Eventually I think we will get rid of RealisedPath::Set because it is just better to manage the build trace explicitly and separately.
Motivation
Fix #11896
Context
Add 👍 to pull requests you find important.
The Nix maintainer team uses a GitHub project board to schedule and track reviews.