| 25 Sep 2022 |
 @rendakuenthusiast:imperishable.name | and when colmena tries to deploy from my laptop, I have /usr/bin/pgrep installed at that path in my normal OS | 05:40:37 |
| @rendakuenthusiast:imperishable.name | I was able to work around this by renaming /usr/bin/pgrep on my system and then building locally | 05:40:56 |
| @rendakuenthusiast:imperishable.name | I'm not sure what the principled way to solve this is | 05:41:05 |
| @rendakuenthusiast:imperishable.name | this is basically a failure of hermeticism, right? the redis build was happening on my system and it has one bit of source code that looks at /usr/bin/pgrep. is there a principled way in nix to make that not visible to derivations being built? | 05:41:49 |
 @yuka:yuka.dev | In reply to @yuka:yuka.dev
I have another request: In flake-enabled deployments, can we pass the nixpkgs flake so that the hive expression can use nixpkgs.lib.nixosSystem and get the proper system.nixos.(revision|versionSuffix)? I guess this is issue https://github.com/zhaofengli/colmena/issues/60 | 08:15:39 |
| 26 Sep 2022 |
| @rendakuenthusiast:imperishable.name | where does colmena cache tarballs? I think it is failing to register that a tarball has been updated | 00:41:15 |
 Winter (she/her) | what tarballs? | 01:03:12 |
 jhillyerd | In reply to @rendakuenthusiast:imperishable.name
this is basically a failure of hermeticism, right? the redis build was happening on my system and it has one bit of source code that looks at /usr/bin/pgrep. is there a principled way in nix to make that not visible to derivations being built? Typically you would patch/rewrite the package to not point at /usr/bin, example for regular grep: https://github.com/NixOS/nixpkgs/blob/4e62b94df308e197c1f107564ebdb4318bb80e27/pkgs/development/libraries/nss/generic.nix#L61 | 04:59:20 |
| @rendakuenthusiast:imperishable.name | Winter (she/her): I'm using builtins.fetchTarball to fetch an additional module with some custom modifications I made, from a server I control | 05:00:44 |
| @rendakuenthusiast:imperishable.name | jhillyerd: where does that substituteInPlace function come from? is that supposed to be shell code? | 05:01:59 |
| jhillyerd | I believe it is one of the shell functions that mkDerivation provides | 05:05:43 |
 Zhaofeng Li | In reply to @rendakuenthusiast:imperishable.name
and when colmena tries to deploy from my laptop, I have /usr/bin/pgrep installed at that path in my normal OS Hmm, pgrep should have been added when the tests were enabled in https://github.com/NixOS/nixpkgs/commit/835c3419d9b9 | 19:42:12 |
| Zhaofeng Li | In reply to @rendakuenthusiast:imperishable.name
Winter (she/her): I'm using builtins.fetchTarball to fetch an additional module with some custom modifications I made, from a server I control I recommend adding a sha256 to the fetchTarball call so it's pinned to the specific version of the module and cached correctly. If you don't have a sha256, Nix itself has some time-based caching (need to look at the expiration - don't know offhand) | 19:44:50 |
| Zhaofeng Li | (it's 1 hour and can be controlled with tarball-ttl) | 19:46:53 |
| 27 Sep 2022 |
| @rendakuenthusiast:imperishable.name | In reply to @zhaofeng:zhaofeng.li
I recommend adding a sha256 to the fetchTarball call so it's pinned to the specific version of the module and cached correctly. If you don't have a sha256, Nix itself has some time-based caching (need to look at the expiration - don't know offhand) so I updated the file at the url and wanted it to get refetched | 00:58:54 |
| @rendakuenthusiast:imperishable.name | I tried doing the trick of wiping out the sha256, but it just said that the hash of the previously-downloaded version was what the hash had to be | 00:59:16 |
| @rendakuenthusiast:imperishable.name | not the new version I uploaded | 00:59:21 |
