guix-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: git-fetch without a hash

From: Ludovic Courtès
Subject: Re: git-fetch without a hash
Date: Wed, 21 Dec 2022 23:49:47 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) 
Hi,

Stephen Paul Weber <singpolyma@singpolyma.net> skribis:

> It seem that url-fetch will work without a hash (that is, with (sha256
> #f)) but git-fetch will not.

(sha256 #f) is not a documented use case.  :-)

> As near as I can tell this is because git-fetch uses a fixed
> derivation build going via nix/build.cc stuff which contains this
> line:
>
>       if (i.second.hash == "") fixedOutput = false;
>
> And this results in /etc/resolv.conf not getting written and DNS
> resolution failing.
>
> Now, I *think* by my reading that it is intended for *only*
> fixed-output derivations to have network access, because otherwise the
> operation would be impure?

Yes, exactly.

> And then url-fetch is just not actually ending up in a build container
> and so it works even when it isn't fixed-output?

If an origin has (sha256 #f), it is *not* lowered to a fixed-output
derivation; consequently, its build environment lacks network access,
etc.

> However, there's no real reason that git-fetch *needs* to be
> fixed-output in terms of having a hash pre-defined, at least for local
> development and other purposes.  So is there a way around this?

What’s your use case?

If you want a package to refer to, say, the tip of the “main” branch of
some Git repo, then you can:

  • use ‘--with-branch=PKG=main’, or

  • write (package (source (git-checkout …)) …)

Both are actually equivalent.  ‘git-checkout’ represents a checkout made
on the client side, without knowing in advance what you’ll get out of
this checkout.  (So use with care, too.)

> If having a way around it is not desirable should url-fetch consider
> this an error as well?

I’m not sure; do you have an example where it’s not behaving as
expected?

> Finally, *if* git-fetch should not allow this, the current error
> message is beyond confusing (DNS resolution fails during git fetch and
> it tries to fall back to SWH).  So should git-fetch check for hash of
> #f and raise at that point with a better error message in that case?

Ideally, ‘origin’ would prevent a hash of #f altogether.  However, there
are a couple of weird use cases in (gnu packages …) that need to be
supported.  We should probably consider using a different trick there,
such as using a computed-file instead of an origin; we’ll have to check
what’s feasible.

Thanks,
Ludo’.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]