gexp: Add #:disallowed-references.
* guix/gexp.scm (gexp->derivation): Add #:disallowed-references and honor it. * tests/gexp.scm ("gexp->derivation #:disallowed-references, allowed") ("gexp->derivation #:disallowed-references"): New tests. * doc/guix.texi (G-Expressions): Adjust accordingly.
This commit is contained in:
parent
35b5ca7869
commit
3f4ecf3229
@ -3670,6 +3670,7 @@ information about monads.)
|
||||
[#:recursive? #f] [#:env-vars '()] [#:modules '()] @
|
||||
[#:module-path @var{%load-path}] @
|
||||
[#:references-graphs #f] [#:allowed-references #f] @
|
||||
[#:disallowed-references #f] @
|
||||
[#:leaked-env-vars #f] @
|
||||
[#:script-name (string-append @var{name} "-builder")] @
|
||||
[#:local-build? #f] [#:substitutable? #t] [#:guile-for-build #f]
|
||||
@ -3707,6 +3708,8 @@ text format.
|
||||
@var{allowed-references} must be either @code{#f} or a list of output names and packages.
|
||||
In the latter case, the list denotes store items that the result is allowed to
|
||||
refer to. Any reference to another store item will lead to a build error.
|
||||
Similarly for @var{disallowed-references}, which can list items that must not be
|
||||
referenced by the outputs.
|
||||
|
||||
The other arguments are as for @code{derivation} (@pxref{Derivations}).
|
||||
@end deffn
|
||||
|
@ -463,7 +463,7 @@ names and file names suitable for the #:allowed-references argument to
|
||||
(guile-for-build (%guile-for-build))
|
||||
(graft? (%graft?))
|
||||
references-graphs
|
||||
allowed-references
|
||||
allowed-references disallowed-references
|
||||
leaked-env-vars
|
||||
local-build? (substitutable? #t)
|
||||
(script-name (string-append name "-builder")))
|
||||
@ -497,6 +497,8 @@ text format.
|
||||
ALLOWED-REFERENCES must be either #f or a list of output names and packages.
|
||||
In the latter case, the list denotes store items that the result is allowed to
|
||||
refer to. Any reference to another store item will lead to a build error.
|
||||
Similarly for DISALLOWED-REFERENCES, which can list items that must not be
|
||||
referenced by the outputs.
|
||||
|
||||
The other arguments are as for 'derivation'."
|
||||
(define %modules modules)
|
||||
@ -557,6 +559,11 @@ The other arguments are as for 'derivation'."
|
||||
#:system system
|
||||
#:target target)
|
||||
(return #f)))
|
||||
(disallowed (if disallowed-references
|
||||
(lower-references disallowed-references
|
||||
#:system system
|
||||
#:target target)
|
||||
(return #f)))
|
||||
(guile (if guile-for-build
|
||||
(return guile-for-build)
|
||||
(default-guile-derivation system))))
|
||||
@ -585,6 +592,7 @@ The other arguments are as for 'derivation'."
|
||||
#:hash hash #:hash-algo hash-algo #:recursive? recursive?
|
||||
#:references-graphs (and=> graphs graphs-file-names)
|
||||
#:allowed-references allowed
|
||||
#:disallowed-references disallowed
|
||||
#:leaked-env-vars leaked-env-vars
|
||||
#:local-build? local-build?
|
||||
#:substitutable? substitutable?))))
|
||||
|
@ -600,6 +600,30 @@
|
||||
(build-derivations %store (list drv))
|
||||
#f)))
|
||||
|
||||
(test-assertm "gexp->derivation #:disallowed-references, allowed"
|
||||
(mlet %store-monad ((drv (gexp->derivation "disallowed-refs"
|
||||
#~(begin
|
||||
(mkdir #$output)
|
||||
(chdir #$output)
|
||||
(symlink #$output "self")
|
||||
(symlink #$%bootstrap-guile
|
||||
"guile"))
|
||||
#:disallowed-references '())))
|
||||
(built-derivations (list drv))))
|
||||
|
||||
|
||||
(test-assert "gexp->derivation #:disallowed-references"
|
||||
(let ((drv (run-with-store %store
|
||||
(gexp->derivation "disallowed-refs"
|
||||
#~(begin
|
||||
(mkdir #$output)
|
||||
(chdir #$output)
|
||||
(symlink #$%bootstrap-guile "guile"))
|
||||
#:disallowed-references (list %bootstrap-guile)))))
|
||||
(guard (c ((nix-protocol-error? c) #t))
|
||||
(build-derivations %store (list drv))
|
||||
#f)))
|
||||
|
||||
(define shebang
|
||||
(string-append "#!" (derivation->output-path (%guile-for-build))
|
||||
"/bin/guile --no-auto-compile"))
|
||||
|
Loading…
Reference in New Issue
Block a user