test auto-select, docker support, optimizations

- fix auto runtime selection - add test to ensure automatic runtime selection works on all distros - bring back docker support - optimize nix backend to use shipped nix instead of dynamically loading it.
DavHau · Apr 12, 2024 · f0a4062 · f0a4062
1 parent 059add3
commit f0a4062
Show file tree

Hide file tree

Showing 4 changed files with 44 additions and 31 deletions.
diff --git a/.github/workflows/nix-portable.yml b/.github/workflows/nix-portable.yml
@@ -127,29 +127,29 @@ jobs:
   #   - run: 'nix run -L .#job-qemu-${{ matrix.qemu_os }}-nix-static'
 
 
-  # test_docker:
-  #   name: Test inside docker container
-  #   needs: build
-  #   if: true
-  #   runs-on: ubuntu-latest
-  #   steps:
+  test_docker:
+    name: Test inside docker container
+    needs: build
+    if: true
+    runs-on: ubuntu-latest
+    steps:
 
-  #   - uses: actions/checkout@v4
-  #     with:
-  #         # Nix Flakes doesn't work on shallow clones
-  #         fetch-depth: 0
+    - uses: actions/checkout@v4
+      with:
+          # Nix Flakes doesn't work on shallow clones
+          fetch-depth: 0
 
-  #   - uses: cachix/install-nix-action@v26
-  #     with:
-  #       extra_nix_config: |
-  #         experimental-features = nix-command flakes
+    - uses: cachix/install-nix-action@v26
+      with:
+        extra_nix_config: |
+          experimental-features = nix-command flakes
 
-  #   - uses: cachix/cachix-action@v14
-  #     with:
-  #       name: nix-portable
-  #       authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
+    - uses: cachix/cachix-action@v14
+      with:
+        name: nix-portable
+        authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
 
-  #   - run: nix run -L .#job-docker-debian
+    - run: nix run -L .#job-docker-debian
 
 
   test_github:

diff --git a/README.md b/README.md
@@ -12,18 +12,21 @@ For binary downloads check the [releases](https://github.com/DavHau/nix-portable
   - be able to use the official binary cache (by virtualizing the /nix/store)
   - make it easy to distribute nix as a dependency of other projects
 
-### Tested on the following systems/environments:
+### Tested continuously on the following systems/environments:
   * Distros (x86_64):
     - Arch Linux
     - CentOS 7
     - Debian
     - Fedora
     - NixOS
-    - Ubuntu
+    - Ubuntu 22.04
+    - Ubuntu 23.10
+    - Ubuntu 24.04
   * Distros (aarch64):
     - Debian
   * Other Environments:
     - Github Actions
+    - Docker (debian image)
 
 ### Under the hood:
   - The nix-portable executable is a self extracting archive, caching its contents in $HOME/.nix-portable

diff --git a/default.nix b/default.nix
@@ -16,7 +16,6 @@ with builtins;
   pkgs ? import <nixpkgs> {},
   xz ? pkgs.pkgsStatic.xz,
   zstd ? pkgs.pkgsStatic.zstd,
-  nixRev ? "master",
   nixStatic ? pkgs.pkgsStatic.nix,
 
   buildSystem ? builtins.currentSystem,
@@ -127,11 +126,14 @@ let
     store="\$dir/nix/store"
     # create /nix/var/nix to prevent nix from falling back to chroot store.
     mkdir -p \$dir/{bin,nix/var/nix,nix/store}
-    # santize the tmpbin directory
+    # sanitize the tmpbin directory
     rm -rf "\$dir/tmpbin"
     # create a directory to hold executable symlinks for overriding
     mkdir -p "\$dir/tmpbin"
 
+    # create minimal drv file for nix to spawn a nix shell
+    echo 'builtins.derivation {name="foo"; builder="/bin/sh"; args = ["-c" "echo hello \> \\\$out"]; system=builtins.currentSystem;}' > "\$dir/mini-drv.nix"
+
     # the fingerprint being present inside a file indicates that
     # this version of nix-portable has already been initialized
     if test -e \$dir/conf/fingerprint && [ "\$(cat \$dir/conf/fingerprint)" == "\$fingerprint" ]; then
@@ -337,13 +339,15 @@ let
       mkdir -p \$dir/tmp/
       touch \$dir/tmp/testfile
       debug "testing nix --store"
-      if "\$NP_NIX" store add-file --store $dir/tmp/__store \$dir/tmp/testfile >/dev/null 2>&3; then
-        chmod -R +w $dir/tmp/__store
-        rm -r $dir/tmp/__store
+      if "\$NP_NIX" --store "\$dir/tmp/__store" shell -f "\$dir/mini-drv.nix" -c "\$dir/bin/nix" store add-file --store "\$dir/tmp/__store" "\$dir/tmp/testfile" >/dev/null 2>&3; then
+        chmod -R +w \$dir/tmp/__store
+        rm -r \$dir/tmp/__store
         debug "nix --store works on this system -> will use nix as runtime"
         NP_RUNTIME=nix
       # check if bwrap works properly
-      elif \$NP_BWRAP --bind \$dir/emptyroot / --bind \$dir/ /nix --bind \$dir/busybox/bin/busybox "\$dir/true" "\$dir/true" 2>&3 ; then
+      elif \\
+          debug "nix --store failed -> testing bwrap" \\
+          && \$NP_BWRAP --bind \$dir/emptyroot / --bind \$dir/ /nix --bind \$dir/busybox/bin/busybox "\$dir/true" "\$dir/true" 2>&3 ; then
         debug "bwrap seems to work on this system -> will use bwrap"
         NP_RUNTIME=bwrap
       else
@@ -355,7 +359,8 @@ let
     fi
     debug "NP_RUNTIME: \$NP_RUNTIME"
     if [ "\$NP_RUNTIME" == "nix" ]; then
-      run="\$NP_NIX shell nix/${nixRev}#nix -c"
+      run="\$NP_NIX shell -f \$dir/mini-drv.nix -c"
+      export PATH="\$PATH:\$store${lib.removePrefix "/nix/store" nix}/bin"
       NP_CONF_STORE="\$dir"
       recreate_nix_conf
     elif [ "\$NP_RUNTIME" == "bwrap" ]; then
@@ -466,13 +471,13 @@ let
       # else
       # fi
       debug "Testing if nix can build stuff without sandbox"
-      if ! \$run "\$nixBin" build --no-link --impure --expr "(import <nixpkgs> {}).runCommand \\"test\\" {} \\"echo \$(date) > \\\$out\\"" --option sandbox false >&3 2>&3; then
+      if ! \$run "\$nixBin" build --no-link -f "\$dir/mini-drv.nix" --option sandbox false >&3 2>&3; then
         echo "Fatal error: nix is unable to build packages"
         exit 1
       fi
 
       debug "Testing if nix sandbox is functional"
-      if ! \$run "\$nixBin" build --no-link --impure --expr "(import <nixpkgs> {}).runCommand \\"test\\" {} \\"echo \$(date) > \\\$out\\"" --option sandbox true >&3 2>&3; then
+      if ! \$run "\$nixBin" build --no-link -f "\$dir/mini-drv.nix" --option sandbox true >&3 2>&3; then
         debug "Sandbox doesn't work -> disabling sandbox"
         NP_CONF_SANDBOX=false
         recreate_nix_conf

diff --git a/flake.nix b/flake.nix
@@ -143,7 +143,6 @@
             compression = "zstd -3 -T1";
 
             nix = inp.nix.packages.${system}.nix;
-            nixRev = inp.nix.rev;
             nixStatic = inp.nix.packages.${system}.nix-static;
 
             busybox = pkgs.pkgsStatic.busybox;
@@ -296,6 +295,12 @@
                       echo -e "\n\nstarting to test nix-portable"
                       # test some nix commands
                       NP_DEBUG=''${NP_DEBUG:-1}
+                      # test if automatic runtime selection works
+                      echo "testing automatic runtime selection..."
+                      if ! $ssh "NP_DEBUG=$NP_DEBUG /home/test/nix-portable nix-shell -p hello --run hello"; then
+                        echo "Error: automatic runtime selection failed"
+                        exit 1
+                      fi
                       ${concatStringsSep "\n\n" (forEach runtimes testCommands)}
                     ''}