| 29 Jul 2025 |
 emily | looks like IfState needs jsonschema, pyroute2, pyyaml, setproctitle, and pyroute2 has no further deps… I think plausible it'll work with python3Minimal since it is systems programmy and presumably has no use for a TLS library or such | 14:36:43 |
| emily | please, this PR exists because of a conversation I had with DavHau and mweinelt in the staging room about using python3Minimal for stdenv hooks… | 14:37:09 |
| emily | and it says that's the motivation in the description | 14:37:12 |
| emily | I'm not just making up that being the plan :P | 14:37:34 |
 Sandro 🐧 | as long as you don't leak them in nix-shell | 14:37:40 |
| Sandro 🐧 | * as long as you don't leak it in nix-shell | 14:37:46 |
| emily | we had regressions from overfancy Bash optimizations and agreed that slimming down Python to allow its use in hooks would be better | 14:37:52 |
| emily | the hooks can just be Bash stubs that call out to a wrapped Python | 14:38:02 |
| emily | (and that can be abstracted) | 14:38:10 |
| emily | shouldn't be any leak | 14:38:11 |
| emily | I wouldn't want to use python3Minimal for a random stage 2 application but I think "not bloating initrd by 100 MiB" is a fair use case if it works | 14:38:35 |
| Sandro 🐧 | lucky, those deps are pretty minimal and don't do import * | 14:39:04 |
| Sandro 🐧 | yeah, exactly | 14:39:27 |
| emily | (looks like pyroute2 does have Netlink-over-TLS support but uh, I hope IfState isn't using that) | 14:39:40 |
| emily | (it would need an import ssl making conditional I suppose, so not zero effort) | 14:39:53 |
 hexa | when would you use Netlink-over-TLS? | 14:40:13 |
| emily | 0.1.4
netlink: remote netlink access
netlink: SSL/TLS server/client auth support
netlink: tcp and unix transports
| 14:40:24 |
| hexa | that sounds like exposing it cross host or something weird | 14:40:25 |
| emily | I mean I guess it's just a protocol… | 14:40:27 |
| emily | nothing's stopping you | 14:40:30 |
| emily | if you're nuts | 14:40:32 |
| emily | I bet some HPC cluster is doing crimes like that | 14:40:48 |
| Sandro 🐧 | but do you then want to run the normal ifstate also with python3Minimal? You kinda want to do that as otherwise you have bugs that only exist in initrd and then we have a random application in userland running python3Minimal which we don't really want to 😅 | 14:40:52 |
| emily | it's like the management port on DSA switches! | 14:40:56 |
| hexa | as long as it doesn't require any features not covered by it, why not | 14:41:13 |
| emily | stage 1 environment is already moderately different tbf, but yeah I'm not sure. I wouldn't be super mad about python3Minimal in stage 2 for something core like this | 14:41:22 |
| hexa | the use case of having it in initrd makes it preferable | 14:41:25 |
| emily | I mean really the answer is don't use Python for this layer of the stack | 14:41:28 |
| emily | but sounds like upstream already knows/is working on that | 14:41:32 |
| Sandro 🐧 | python has nothing for such inbuilt things, so we also need to run all tests and everything with python3Minimal as otherwise we might sneak some bug by | 14:41:45 |
