From a43bde69fa6ae1517e5475f9bd4d228bad3b0fea Mon Sep 17 00:00:00 2001 From: Charles Hall Date: Mon, 29 Jan 2024 15:34:16 -0800 Subject: [PATCH] pass pkgsCrossStatic to mkOciImage, not pkgsHost This fixes a bug where the aarch64 OCI image had metadata saying it was an x86_64 OCI image. On top of that, I think the metadata was actually right (aside from Conduit's binary): since all other packages were being pulled from `pkgsHost`, an OCI image cross compiled for aarch64 from a different architecture would result in unexecutable binaries (e.g. tini) since they were compiled for the completely wrong architecture. --- .gitlab-ci.yml | 3 +++ flake.nix | 63 +++++++++++++++++++++++++++++--------------------- 2 files changed, 40 insertions(+), 26 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index f2438c8e..d4e49ce4 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -68,6 +68,9 @@ static:aarch64-unknown-linux-musl: paths: - conduit +# Note that although we have an `oci-image-x86_64-unknown-linux-musl` output, +# we don't build it because it would be largely redundant to this one since it's +# all containerized anyway. oci-image:x86_64-unknown-linux-gnu: stage: artifacts image: nixos/nix:2.19.2 diff --git a/flake.nix b/flake.nix index 94259685..e0bc6fbb 100644 --- a/flake.nix +++ b/flake.nix @@ -183,34 +183,45 @@ { packages = { default = package pkgsHost; - oci-image = mkOciImage pkgsHost self.packages.${system}.default; + } + // + builtins.listToAttrs + (builtins.concatLists + (builtins.map + (crossSystem: + let + binaryName = "static-${crossSystem}"; + pkgsCrossStatic = + (import nixpkgs { + inherit system; + crossSystem = { + config = crossSystem; + }; + }).pkgsStatic; + in + [ + # An output for a statically-linked binary + { + name = binaryName; + value = package pkgsCrossStatic; + } - # Build an OCI image from the musl aarch64 build so we don't have to - # build for aarch64 twice (to make a gnu version specifically for the - # OCI image) - oci-image-aarch64-unknown-linux-musl = mkOciImage - pkgsHost - self.packages.${system}.static-aarch64-unknown-linux-musl; - - # Don't build a musl x86_64 OCI image because that would be pointless. - # Just use the gnu one (i.e. `self.packages."x86_64-linux".oci-image`). - } // builtins.listToAttrs ( - builtins.map - (crossSystem: { - name = "static-${crossSystem}"; - value = package (import nixpkgs { - inherit system; - crossSystem = { - config = crossSystem; - }; - }).pkgsStatic; - }) - [ - "x86_64-unknown-linux-musl" - "aarch64-unknown-linux-musl" - ] - ); + # An output for an OCI image based on that binary + { + name = "oci-image-${crossSystem}"; + value = mkOciImage + pkgsCrossStatic + self.packages.${system}.${binaryName}; + } + ] + ) + [ + "x86_64-unknown-linux-musl" + "aarch64-unknown-linux-musl" + ] + ) + ); devShells.default = pkgsHost.mkShell { env = env pkgsHost // {