hydra-queue-runner: Support generating a signed binary cache
[?]
Feb 16, 2016, 3:41 PM
32HHP5CWAWJB2Q3Q6HYEC66YFGQAV6ESU7VEQ5ENBAQ5ZCRP4KGACDependencies
- [2]
3FQ65IXOhydra-queue-runner: Compress binary cache NARs using xz - [3]
24BMQDZAStart of single-process hydra-queue-runner - [4]
5AIYUMTBBasic remote building - [5]
73YR46NJhydra-queue-runner: Write directly to a binary cache
Change contents
- replacement in src/hydra-queue-runner/hydra-queue-runner.cc at line 36
return make_ref<LocalBinaryCache>(getLocalStore(), "/tmp/binary-cache");return make_ref<LocalBinaryCache>(getLocalStore(),"/tmp/binary-cache","/home/eelco/Misc/Keys/test.nixos.org/secret","/home/eelco/Misc/Keys/test.nixos.org/public"); - edit in src/hydra-queue-runner/local-binary-cache.cc at line 7
#include "nar-info.hh" - replacement in src/hydra-queue-runner/local-binary-cache.cc at line 12
LocalBinaryCache::LocalBinaryCache(ref<Store> localStore, const Path & binaryCacheDir): localStore(localStore), binaryCacheDir(binaryCacheDir)LocalBinaryCache::LocalBinaryCache(ref<Store> localStore, const Path & binaryCacheDir,const Path & secretKeyFile, const Path & publicKeyFile): localStore(localStore), binaryCacheDir(binaryCacheDir) - edit in src/hydra-queue-runner/local-binary-cache.cc at line 18
Path cacheInfoFile = binaryCacheDir + "/nix-cache-info";if (!pathExists(cacheInfoFile))writeFile(cacheInfoFile, "StoreDir: " + settings.nixStore + "\n");if (secretKeyFile != "")secretKey = std::unique_ptr<SecretKey>(new SecretKey(readFile(secretKeyFile)));if (publicKeyFile != "") {publicKeys = std::unique_ptr<PublicKeys>(new PublicKeys);auto key = PublicKey(readFile(publicKeyFile));publicKeys->emplace(key.name, key);} - edit in src/hydra-queue-runner/local-binary-cache.cc at line 54
NarInfo narInfo(info); - replacement in src/hydra-queue-runner/local-binary-cache.cc at line 57
size_t narSize = nar.size();Hash narHash = hashString(htSHA256, nar);narInfo.narSize = nar.size();narInfo.narHash = hashString(htSHA256, nar); - replacement in src/hydra-queue-runner/local-binary-cache.cc at line 60
if (info.hash.type != htUnknown && info.hash != narHash)if (info.narHash.type != htUnknown && info.narHash != narInfo.narHash) - replacement in src/hydra-queue-runner/local-binary-cache.cc at line 64
% info.path % narSize);% info.path % info.narSize); - edit in src/hydra-queue-runner/local-binary-cache.cc at line 67
narInfo.compression = "xz"; - replacement in src/hydra-queue-runner/local-binary-cache.cc at line 69
Hash narXzHash = hashString(htSHA256, narXz);narInfo.fileHash = hashString(htSHA256, narXz);narInfo.fileSize = narXz.size(); - replacement in src/hydra-queue-runner/local-binary-cache.cc at line 73
string narFileRel = "nar/" + printHash32(narXzHash) + ".nar.xz";Path narFile = binaryCacheDir + "/" + narFileRel;narInfo.url = "nar/" + printHash32(narInfo.fileHash) + ".nar.xz";Path narFile = binaryCacheDir + "/" + narInfo.url; - replacement in src/hydra-queue-runner/local-binary-cache.cc at line 78[3.3431]→[2.366:460](∅→∅),[2.460]→[3.3481:3482](∅→∅),[3.3481]→[3.3481:3482](∅→∅),[3.3482]→[2.461:944](∅→∅)
Strings refs;for (auto & r : info.references)refs.push_back(baseNameOf(r));std::string narInfo;narInfo += "StorePath: " + info.path + "\n";narInfo += "URL: " + narFileRel + "\n";narInfo += "Compression: xz\n";narInfo += "FileHash: sha256:" + printHash32(narXzHash) + "\n";narInfo += "FileSize: " + std::to_string(narXz.size()) + "\n";narInfo += "NarHash: sha256:" + printHash32(narHash) + "\n";narInfo += "NarSize: " + std::to_string(narSize) + "\n";narInfo += "References: " + concatStringsSep(" ", refs) + "\n";if (secretKey) narInfo.sign(*secretKey); - replacement in src/hydra-queue-runner/local-binary-cache.cc at line 80[3.3519]→[2.945:973](∅→∅),[2.973]→[3.4136:4137](∅→∅),[3.4136]→[3.4136:4137](∅→∅),[3.4137]→[2.974:1013](∅→∅)
// FIXME: add signatureatomicWrite(narInfoFile, narInfo);atomicWrite(narInfoFile, narInfo.to_string()); - replacement in src/hydra-queue-runner/local-binary-cache.cc at line 83
LocalBinaryCache::NarInfo LocalBinaryCache::readNarInfo(const Path & storePath)NarInfo LocalBinaryCache::readNarInfo(const Path & storePath) - edit in src/hydra-queue-runner/local-binary-cache.cc at line 85
NarInfo res; - replacement in src/hydra-queue-runner/local-binary-cache.cc at line 86
if (!pathExists(narInfoFile))abort();std::string narInfo = readFile(narInfoFile);auto corrupt = [&]() {throw Error(format("corrupt NAR info file ‘%1%’") % narInfoFile);};size_t pos = 0;while (pos < narInfo.size()) {size_t colon = narInfo.find(':', pos);if (colon == std::string::npos) corrupt();std::string name(narInfo, pos, colon - pos);size_t eol = narInfo.find('\n', colon + 2);if (eol == std::string::npos) corrupt();std::string value(narInfo, colon + 2, eol - colon - 2);if (name == "StorePath") {res.info.path = value;if (value != storePath) corrupt();res.info.path = value;}else if (name == "References") {auto refs = tokenizeString<Strings>(value, " ");if (!res.info.references.empty()) corrupt();for (auto & r : refs)res.info.references.insert(settings.nixStore + "/" + r);}else if (name == "URL") {res.narUrl = value;}else if (name == "Compression") {res.compression = value;}NarInfo narInfo = NarInfo(readFile(narInfoFile), narInfoFile);assert(narInfo.path == storePath); - replacement in src/hydra-queue-runner/local-binary-cache.cc at line 89
pos = eol + 1;if (publicKeys) {if (!narInfo.checkSignature(*publicKeys))throw Error(format("invalid signature on NAR info file ‘%1%’") % narInfoFile); - edit in src/hydra-queue-runner/local-binary-cache.cc at line 93
if (res.info.path.empty() || res.narUrl.empty()) corrupt(); - replacement in src/hydra-queue-runner/local-binary-cache.cc at line 94
return res;return narInfo; - replacement in src/hydra-queue-runner/local-binary-cache.cc at line 99
Path narInfoFile = narInfoFileFor(storePath);printMsg(lvlDebug, format("checking %1% -> %2%") % storePath % narInfoFile);return pathExists(narInfoFile);return pathExists(narInfoFileFor(storePath)); - replacement in src/hydra-queue-runner/local-binary-cache.cc at line 108
auto nar = readFile(binaryCacheDir + "/" + res.narUrl);auto nar = readFile(binaryCacheDir + "/" + res.url); - replacement in src/hydra-queue-runner/local-binary-cache.cc at line 127
sink << exportMagic << storePath << res.info.references << res.info.deriver << 0;sink << exportMagic << storePath << res.references << res.deriver << 0; - replacement in src/hydra-queue-runner/local-binary-cache.cc at line 192
return readNarInfo(storePath).info;return ValidPathInfo(readNarInfo(storePath)); - edit in src/hydra-queue-runner/local-binary-cache.hh at line 3
#include "crypto.hh" - edit in src/hydra-queue-runner/local-binary-cache.hh at line 7
struct NarInfo; - edit in src/hydra-queue-runner/local-binary-cache.hh at line 15
std::unique_ptr<SecretKey> secretKey;std::unique_ptr<PublicKeys> publicKeys; - replacement in src/hydra-queue-runner/local-binary-cache.hh at line 21
LocalBinaryCache(ref<Store> localStore, const Path & binaryCacheDir);LocalBinaryCache(ref<Store> localStore, const Path & binaryCacheDir,const Path & secretKeyFile, const Path & publicKeyFile); - edit in src/hydra-queue-runner/local-binary-cache.hh at line 29[3.9630]→[3.9630:9712](∅→∅),[3.9712]→[2.1399:1441](∅→∅),[2.1441]→[3.9712:9719](∅→∅),[3.9712]→[3.9712:9719](∅→∅)
struct NarInfo{ValidPathInfo info;std::string narUrl;std::string compression = "none";};