Reported by Christopher Baines <mail@cbaines.net>
at <https://issues.guix.gnu.org/45323#2>.
* guix/scripts/substitute.scm (call-with-cached-connection): Handle
'gnutls-error and ERROR/INVALID-SESSION.
* guix/scripts/hash.scm (guix-hash): When 'recursive? is true, use
'open-hash-port' instead of 'open-sha256-port'.
* tests/guix-hash.sh: Add test for 'guix hash -r -H sha512'.
This simplifies setup of build machines: no need to install Guile in
addition to Guix, no need to set 'GUILE_LOAD_PATH' & co., leading to
fewer failure modes.
* guix/ssh.scm (remote-run): New procedure.
(remote-daemon-channel): Use it instead of 'open-remote-pipe*'.
(store-import-channel)[import]: Remove check for module availability.
Add call to 'primitive-exit'.
Use 'remote-run' instead of 'open-remote-pipe'.
(store-export-channel)[export]: Remove check for module availability.
Add calls to 'primitive-exit'.
Use 'remote-run' instead of 'open-remote-pipe'.
(handle-import/export-channel-error): Remove 'module-error' clause.
(report-module-error): Remove.
* guix/scripts/offload.scm (assert-node-has-guix): Replace call to
'report-module-error' by 'leave'.
* doc/guix.texi (Daemon Offload Setup): Remove mention of Guile.
This significantly speeds up things like substituting the closure of a
.drv. This is a followup to 5ff521452b.
* guix/scripts/substitute.scm (http-multiple-get): Add #:open-connection
and #:keep-alive? and honor them.
(open-connection-for-uri/maybe): Use 'open-connection-for-uri/cached'
instead of 'guix:open-connection-for-uri'. Call 'http-multiple-get'
within 'call-with-cached-connection'.
(open-connection-for-uri/cached): Add #:timeout and #:verify-certificate?
and honor them.
(call-with-cached-connection): Add 'open-connection' parameter and
honor it.
* guix/import/cran.scm (%input-style): New parameter.
(format-inputs): Use it.
* guix/scripts/import/cran.scm (guix-import-cran): Set the %input-style
parameter.
(%options): Add "--style" option.
* doc/guix.texi (Invoking guix import): Document it.
* gnu/bootloader/grub.scm (grub-configuration-file): New parameter
store-crypto-devices.
[crypto-devices]: New helper function.
[builder]: Use crypto-devices.
* gnu/machine/ssh.scm (roll-back-managed-host): Use
boot-parameters-store-crypto-devices to provide its contents to the
bootloader configuration generation process.
* gnu/tests/install.scm (%encrypted-root-not-boot-os,
%encrypted-root-not-boot-os): New os declaration.
(%encrypted-root-not-boot-installation-script): New script, whose contents
were initially taken from %encrypted-root-installation-script.
(%test-encrypted-root-not-boot-os): New test.
* gnu/system.scm (define-module): Export
operating-system-bootoader-crypto-devices and
boot-parameters-store-crypto-devices.
(<boot-parameters>): Add field store-crypto-devices.
(read-boot-parameters): Parse store-crypto-devices field.
[uuid-sexp->uuid]: New helper function extracted from
device-sexp->device.
(operating-system-bootloader-crypto-devices): New function.
(operating-system-bootcfg): Use
operating-system-bootloader-crypto-devices to provide its contents to
the bootloader configuration generation process.
(operating-system-boot-parameters): Add store-crypto-devices to the
generated boot-parameters.
(operating-system-boot-parameters-file): Likewise to the file with
the serialized structure.
* guix/scripts/system.scm (reinstall-bootloader): Use
boot-parameters-store-crypto-devices to provide its contents to the
bootloader configuration generation process.
* tests/boot-parameters.scm (%default-store-crypto-devices): New
variable.
(%grub-boot-parameters, test-read-boot-parameters): Use
%default-store-crypto-devices.
(tests store-crypto-devices): New tests.
This removes the main source of latency between subsequent downloads.
* nix/libstore/build.cc (SubstitutionGoal::tryToRun): Add a
"deduplicate" key to ENV.
(SubstitutionGoal::finished): Remove call to 'optimisePath'.
* guix/scripts/substitute.scm (process-substitution)[destination-in-store?]
[dump-file/deduplicate*]: New variables.
Pass #:dump-file to 'restore-file'.
* guix/scripts/substitute.scm (guix-substitute)[deduplicate?]: New
variable.
Pass #:deduplicate? to 'process-substitution'.
* guix/serialization.scm (dump-file): Export and augment 'dump-file'.
This way, the hash of the store item can be computed as it is restored,
thereby avoiding an additional file tree traversal ('hashPath' call)
later on in the daemon. Consequently, it should reduce latency between
subsequent substitute downloads.
This is a followup to 5ff521452b.
* guix/scripts/substitute.scm (narinfo-hash-algorithm+value): New
procedure.
(process-substitution): Wrap INPUT into a hash input port, 'hashed', and
read from it. Compare the actual and expected hashes, and print a
"hash-mismatch" status line when they differ. When they match, print
not just "success" but also the nar hash and size.
* nix/libstore/build.cc (class SubstitutionGoal)[expectedHashStr]:
Remove.
(SubstitutionGoal::finished): Tokenize 'status'. Parse it and handle
"success" and "hash-mismatch" accordingly. Call 'hashPath' only when
the returned hash is not SHA256.
(SubstitutionGoal::handleChildOutput): Remove 'expectedHashStr'
handling.
* tests/substitute.scm ("substitute, invalid hash"): Rename to...
("substitute, invalid narinfo hash"): ... this.
("substitute, invalid hash"): New test.
Fixes <https://bugs.gnu.org/44760>.
Previously, the 'register-path' call would re-traverse ITEM to compute
its nar hash, even though that hash is already known in the initial
store. This patch also avoids repeated opening/closing of the
database.
* guix/store/database.scm (call-with-database): Export.
* guix/scripts/system.scm (copy-item): Add 'db' parameter. Call
'sqlite-register' instead of 'register-path'.
(copy-closure): Remove redundant call to 'references*'. Call
'call-with-database' and pass the database to 'copy-item'.
Partly fixes <https://bugs.gnu.org/44760>.
* guix/build/store-copy.scm (copy-store-item): New procedure.
(populate-store): Use it instead of the inline 'copy-recursively' call.
* guix/scripts/system.scm (copy-item): Likewise.
Pass #:reset-timestamps? and #:deduplicate? to 'register-path'.
It is now up to the caller to deduplicate store contents.
* guix/store/database.scm (register-items): Remove #:deduplicate?
parameter and call to 'deduplicate'.
(register-path): Call 'deduplicate' when #:deduplicate? is true.
* gnu/build/image.scm (register-closure): Adjust call accordingly.
* gnu/build/vm.scm (register-closure): Likewise.
* guix/nar.scm (finalize-store-file): Likewise.
* guix/scripts/pack.scm (store-database): Likewise.
Until now deduplication was performed as an additional pass after
copying files, which involve re-traversing all the files that had just
been copied.
* guix/store/deduplication.scm (copy-file/deduplicate): New procedure.
* tests/store-deduplication.scm ("copy-file/deduplicate"): New test.
* guix/build/store-copy.scm (populate-store): Add #:deduplicate?
parameter and honor it.
* tests/gexp.scm ("gexp->derivation, store copy"): Pass #:deduplicate? #f
to 'populate-store'.
* gnu/build/image.scm (initialize-root-partition): Pass #:deduplicate?
to 'populate-store'. Pass #:deduplicate? #f to 'register-closure'.
* gnu/build/vm.scm (root-partition-initializer): Likewise.
* gnu/build/install.scm (populate-single-profile-directory): Pass
#:deduplicate? #f to 'populate-store'.
* gnu/build/linux-initrd.scm (build-initrd): Likewise.
* guix/scripts/pack.scm (self-contained-tarball)[import-module?]: New
procedure.
[build]: Pass it as an argument to 'source-module-closure'.
* guix/scripts/pack.scm (squashfs-image)[build]: Wrap in
'with-extensions'.
* gnu/system/linux-initrd.scm (expression->initrd)[import-module?]: New
procedure.
[builder]: Pass it to 'source-module-closure'.
* gnu/system/install.scm (cow-store-service-type)[import-module?]: New
procedure. Pass it to 'source-module-closure'.
The assumption now is that the caller took care of resetting timestamps
and permissions.
* guix/store/database.scm (register-items): Remove #:reset-timestamps?
parameter and the call to 'reset-timestamps'.
(register-path): Adjust accordingly and add call to 'reset-timestamps'.
* gnu/build/image.scm (register-closure): Remove #:reset-timestamps?
parameter to 'register-items'.
* gnu/build/vm.scm (register-closure): Likewise.
* guix/nar.scm (finalize-store-file): Adjust accordingly.
* guix/scripts/pack.scm (store-database)[build]: Likewise.
* guix/serialization.scm (fold-archive): Call PROC with a
'directory-complete tag when done with a directory.
(restore-file): Handle it.
* guix/scripts/archive.scm (list-contents): Likewise.
* guix/scripts/challenge.scm (archive-contents): Likewise.
* tests/nar.scm ("write-file-tree + fold-archive"): Adjust accordingly.
Previously, after a failed recursive import "guix import" would signal
success.
* guix/import/cran.scm (cran->guix-package): Raise a condition when all
repositories have been exhausted.
* guix/scripts/import/cran.scm (guix-import-cran): Handle errors.
That way, when fetching a series of substitutes from the same server(s),
the connection is reused instead of being closed/opened for each
substitutes, which saves on network round trips and TLS handshakes.
* guix/http-client.scm (http-fetch): Add #:keep-alive? and honor it.
* guix/progress.scm (progress-report-port): Add #:close? parameter and
honor it.
* guix/scripts/substitute.scm (at-most): Return the tail as a second
value.
(fetch): Add #:port and #:keep-alive? and honor them.
(%max-cached-connections): New variable.
(open-connection-for-uri/cached, call-with-cached-connection): New
procedures.
(with-cached-connection): New macro.
(process-substitution): Wrap 'fetch' call in 'with-cached-connection'.
Pass #:close? to 'progress-report-port'.
This avoids spawning one substitute process per substitution.
* nix/libstore/build.cc (class Worker)[substituter]: New field.
[outPipe, logPipe, pid]: Remove.
(class SubstitutionGoal)[expectedHashStr, status, substituter]: New fields.
(SubstitutionGoal::timedOut): Adjust to check 'substituter'.
(SubstitutionGoal::tryToRun): Remove references to 'outPipe' and
'logPipe'. Run "guix substitute --substitute" as an 'Agent'. Send the
request with 'writeLine'.
(SubstitutionGoal::finished): Likewise.
(SubstitutionGoal::handleChildOutput): Change to fill in
'expectedHashStr' and 'status'.
(SubstitutionGoal::handleEOF): Call 'wakeUp' unconditionally.
(SubstitutionGoal::~SubstitutionGoal): Adjust to check 'substituter'.
* guix/scripts/substitute.scm (process-substitution): Write "success\n"
to stdout upon success.
(%error-to-file-descriptor-4?): New variable.
(guix-substitute): Set 'current-error-port' to file descriptor 4
unless (%error-to-file-descriptor-4?) is false.
Remove "--substitute" arguments. Loop reading line from stdin.
* tests/substitute.scm <top level>: Call '%error-to-file-descriptor-4?'.
(request-substitution): New procedure.
("substitute, no signature")
("substitute, invalid hash")
("substitute, unauthorized key")
("substitute, authorized key")
("substitute, unauthorized narinfo comes first")
("substitute, unsigned narinfo comes first")
("substitute, first narinfo is unsigned and has wrong hash")
("substitute, first narinfo is unsigned and has wrong refs")
("substitute, two invalid narinfos")
("substitute, narinfo with several URLs"): Adjust to new "guix
substitute --substitute" calling convention.
* nix/libstore/local-store.hh (RunningSubstituter): Remove.
(LocalStore)[runningSubstituter]: Change to unique_ptr<Agent>.
[setSubstituterEnv, didSetSubstituterEnv]: Remove.
[getLineFromSubstituter, getIntLineFromSubstituter]: Take an 'Agent'.
* nix/libstore/local-store.cc (LocalStore::~LocalStore): Remove
reference to 'runningSubstituter'.
(LocalStore::setSubstituterEnv, LocalStore::startSubstituter): Remove.
(LocalStore::getLineFromSubstituter): Adjust to 'run' being an 'Agent'.
(LocalStore::querySubstitutablePaths): Spawn substituter agent if
needed. Adjust to 'Agent' interface.
(LocalStore::querySubstitutablePathInfos): Likewise.
* nix/libstore/build.cc (SubstitutionGoal::tryToRun): Remove call to
'setSubstituterEnv' and add 'setenv' call for "_NIX_OPTIONS" instead.
(SubstitutionGoal::finished): Remove 'readLine' call for 'dummy'.
* guix/scripts/substitute.scm (%allow-unauthenticated-substitutes?):
Remove second argument to 'make-parameter'.
(process-query): Call 'warn-about-missing-authentication'
when (%allow-unauthenticated-substitutes?) is #t.
(guix-substitute): Wrap body in 'parameterize'. Set 'guix-warning-port'
too. No longer exit when 'substitute-urls' returns the empty list. No
longer print newline initially.
* tests/substitute.scm (test-quit): Parameterize 'current-error-port' to
account for the port changes in 'guix-substitute'.
* guix/scripts/import/opam.scm (guix-import-opam): Pass --repo argument
to recursive and non-recursive importers.
* guix/import/opam.scm (get-opam-repository): Select proper repository
location depending on a new repo argument.
(opam->guix-package): Use get-opam-repository in the procedure body.
The recursive crate importer will now include development dependencies only
for the top level package, but not for any of the recursively imported
packages. Also #:skip-build will be false for the top-most package.
* guix/import/crate.scm (make-crate-sexp): Add the key BUILD?.
(crate->guix-package): Add the key INCLUDE-DEV-DEPS?.
(crate-recursive-import): Likewise.
* guix/scripts/import/crate.scm (guix-import-crate): Likewise.
* tests/crate.scm (cargo-recursive-import): Likewise.
* guix/import/crate.scm: Add guile-semver as a soft dependency.
(make-crate-sexp): Don't allow other keys. Add '#:skip-build?' to build
system args. Pass a VERSION argument to 'cargo-inputs'.
(crate->guix-package): Use guile-semver to resolve the correct module
versions. Treat "build" dependencies as normal dependencies.
(crate-name->package-name): Reuse the procedure 'guix-name' instead of
duplicating its logic.
* guix/import/utils.scm (package-names->package-inputs): Implement
handling of (name version) pairs.
* guix/scripts/import/crate.scm (guix-import-crate): Use
crate-recursive-import instead of duplicate code.
* tests/crate.scm (recursive-import): Change test packages versions to be
distinguishable. Add version data to the test. Check created symbols, too.
Co-authored-by: Hartmut Goebel <h.goebel@crazy-compilers.com>
This adds a key VERSION to 'recursive-import' and moves the parameter REPO to
a key. This also changes all the places that rely on 'recursive-import'.
* guix/import/utils.scm (recursive-import): Add the VERSION key. Make REPO a
key.
(package->definition): Add optional 'append-version?'.
* guix/scripts/import/crate.scm (guix-import-crate): Add the VERSION key.
* guix/import/crate.scm (crate->guix-package): Add the VERSION key.
(crate-recursive-import): Pass VERSION to recursive-import, remove now
unnecessary code.
* guix/import/cran.scm (cran->guix-package, cran-recursive-import): Change the
REPO parameter to a key.
* guix/import/elpa.scm (elpa->guix-package, elpa-recursive-import): Likewise.
* guix/import/gem.scm (gem->guix-package, recursive-import): Likewise.
* guix/import/opam.scm (opam-recurive-import): Likewise.
* guix/import/pypi.scm (pypi-recursive-import): Likewise.
* guix/import/stackage.scm (stackage-recursive-import): Likewise.
* guix/scripts/import/cran.scm (guix-import-cran): Likewise.
* guix/scripts/import/elpa.scm (guix-import-elpa): Likewise.
* tests/elpa.scm (eval-test-with-elpa): Likewise.
* tests/import-utils.scm (recursive-import): Likewise.
Co-authored-by: Hartmut Goebel <h.goebel@crazy-compilers.com>
Fixes <https://bugs.gnu.org/44928>.
Reported by Luis Felipe <luis.felipe.la@protonmail.com>.
* guix/scripts/upgrade.scm (guix-upgrade): Allow several regexps and remove
"extraneous arguement" check.
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
* guix/scripts/processes.scm (lock->recutils): New procedure.
(daemon-session->recutils): Use it.
(daemon-sessions->recutils, session-key->recutils)
(session-scalars->normalized-record)
(child-process->normalized-record)
(daemon-sessions->normalized-record): New procedures.
(session-rec-type, lock-rec-type, child-process-rec-type)
(%available-formats): New variables.
(list-formats): New procedure.
(%options, show-help): Add '--format'.
(%default-options): New variable.
(guix-processes): Use 'parse-command-line' instead of 'args-fold*'.
Honor the 'format' value in OPTIONS.
* doc/guix.texi (Invoking guix processes): Document '--format'.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* guix/scripts/processes.scm (daemon-session->recutils): Put child
process information in separate fields.
* doc/guix.texi (Invoking guix processes): Document change in output of
'guix processes'.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* guix/scripts/publish.scm (%options): Add "--advertise" option.
(show-help): Document it.
(service-name): New procedure,
(publish-service-type): new variable.
(run-publish-server): Add "advertise?" and "port" parameters. Use them to publish
the server using Avahi.
(guix-publish): Pass the "advertise?" option to "run-publish-server".
* gnu/services/base.scm (<guix-publish-configuration>): Add "advertise?"
field.
(guix-publish-shepherd-service): Honor it.
Fixes <https://bugs.gnu.org/44574>.
Reported by Efraim Flashner <efraim@flashner.co.il>.
* guix/scripts/weather.scm (guix-weather): Fix when substitute-urls
is a list.
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
* guix/scripts/lint.scm (emit-warnings): Use 'current-output-port'
instead of 'current-error-port'.
Signed-off-by: Christopher Baines <mail@cbaines.net>
* guix/scripts/refresh.scm (list-dependents)[lst]: Use ~d for the
singular format string, as the argument jumping would trigger an error
during en@boldquot.mo generation.
And add a new '--volatile' option to have it volatile otherwise.
* guix/scripts/system.scm (%options)[volatile-root?]: New boolean option.
(%default-options): Set its default value to #f.
(show-help): Add help doc.
* guix/scripts/system.scm (perform-action): Propagate option...
(system-derivation-for-action): ...here. Use it to set the volatile-root?
field of the image object passed to SYSTEM-IMAGE.
* doc/guix.texi (Invoking guix system): Document it.
