commit 25f227fc67c7ca2929babcfa17977619c21971a2 · pyrox.dev/nixpkgs

+1 -1

nixos/modules/security/wrappers/default.nix

···

       283
       283
        
               '';

     

       284
       284
        
       

     

       285
       285
        
           ###### wrappers consistency checks

     

       286
       286
       -
           system.extraDependencies = lib.singleton (pkgs.runCommandLocal

     

       286
       286
       +
           system.checks = lib.singleton (pkgs.runCommandLocal

     

       287
       287
        
             "ensure-all-wrappers-paths-exist" { }

     

       288
       288
        
             ''

     

       289
       289
        
               # make sure we produce output

+1 -1

nixos/modules/services/databases/postgresql.nix

···

       489
       489
        
            "/share/postgresql"

     

       490
       490
        
           ];

     

       491
       491
        
       

     

       492
       492
       -
           system.extraDependencies = lib.optional (cfg.checkConfig && pkgs.stdenv.hostPlatform == pkgs.stdenv.buildPlatform) configFileCheck;

     

       492
       492
       +
           system.checks = lib.optional (cfg.checkConfig && pkgs.stdenv.hostPlatform == pkgs.stdenv.buildPlatform) configFileCheck;

     

       493
       493
        
       

     

       494
       494
        
           systemd.services.postgresql =

     

       495
       495
        
             { description = "PostgreSQL Server";

+1 -1

nixos/modules/services/web-servers/varnish/default.nix

···

       99
       99
        
           environment.systemPackages = [ cfg.package ];

     

       100
       100
        
       

     

       101
       101
        
           # check .vcl syntax at compile time (e.g. before nixops deployment)

     

       102
       102
       -
           system.extraDependencies = mkIf cfg.enableConfigCheck [

     

       102
       102
       +
           system.checks = mkIf cfg.enableConfigCheck [

     

       103
       103
        
             (pkgs.runCommand "check-varnish-syntax" {} ''

     

       104
       104
        
               ${cfg.package}/bin/varnishd -C ${commandLine} 2> $out || (cat $out; exit 1)

     

       105
       105
        
             '')

+1 -1

nixos/modules/services/x11/xserver.nix

···

       776
       776
        
               xorg.xf86inputevdev.out

     

       777
       777
        
             ];

     

       778
       778
        
       

     

       779
       779
       -
           system.extraDependencies = singleton (pkgs.runCommand "xkb-validated" {

     

       779
       779
       +
           system.checks = singleton (pkgs.runCommand "xkb-validated" {

     

       780
       780
        
             inherit (cfg) xkbModel layout xkbVariant xkbOptions;

     

       781
       781
        
             nativeBuildInputs = with pkgs.buildPackages; [ xkbvalidate ];

     

       782
       782
        
             preferLocalBuild = true;

+29 -3

nixos/modules/system/activation/top-level.nix

···

       263
       263
        
             default = [];

     

       264
       264
        
             description = lib.mdDoc ''

     

       265
       265
        
               A list of packages that should be included in the system

     

       266
       266
       -
               closure but not otherwise made available to users. This is

     

       267
       267
       -
               primarily used by the installation tests.

     

       266
       266
       +
               closure but generally not visible to users.

     

       267
       267
       +
       

     

       268
       268
       +
               This option has also been used for build-time checks, but the

     

       269
       269
       +
               `system.checks` option is more appropriate for that purpose as checks

     

       270
       270
       +
               should not leave a trace in the built system configuration.

     

       271
       271
       +
             '';

     

       272
       272
       +
           };

     

       273
       273
       +
       

     

       274
       274
       +
           system.checks = mkOption {

     

       275
       275
       +
             type = types.listOf types.package;

     

       276
       276
       +
             default = [];

     

       277
       277
       +
             description = lib.mdDoc ''

     

       278
       278
       +
               Packages that are added as dependencies of the system's build, usually

     

       279
       279
       +
               for the purpose of validating some part of the configuration.

     

       280
       280
       +
       

     

       281
       281
       +
               Unlike `system.extraDependencies`, these store paths do not

     

       282
       282
       +
               become part of the built system configuration.

     

       268
       283
        
             '';

     

       269
       284
        
           };

     

       270
       285
        
       

     
···

       363
       378
        
                 fi

     

       364
       379
        
               '';

     

       365
       380
        
       

     

       366
       366
       -
           system.systemBuilderArgs = lib.optionalAttrs (config.system.forbiddenDependenciesRegex != "") {

     

       381
       381
       +
           system.systemBuilderArgs = {

     

       382
       382
       +
             # Not actually used in the builder. `passedChecks` is just here to create

     

       383
       383
       +
             # the build dependencies. Checks are similar to build dependencies in the

     

       384
       384
       +
             # sense that if they fail, the system build fails. However, checks do not

     

       385
       385
       +
             # produce any output of value, so they are not used by the system builder.

     

       386
       386
       +
             # In fact, using them runs the risk of accidentally adding unneeded paths

     

       387
       387
       +
             # to the system closure, which defeats the purpose of the `system.checks`

     

       388
       388
       +
             # option, as opposed to `system.extraDependencies`.

     

       389
       389
       +
             passedChecks = concatStringsSep " " config.system.checks;

     

       390
       390
       +
           }

     

       391
       391
       +
           // lib.optionalAttrs (config.system.forbiddenDependenciesRegex != "") {

     

       367
       392
        
             inherit (config.system) forbiddenDependenciesRegex;

     

       368
       393
        
             closureInfo = pkgs.closureInfo { rootPaths = [

     

       369
       394
        
               # override to avoid  infinite recursion (and to allow using extraDependencies to add forbidden dependencies)

     

       370
       395
        
               (config.system.build.toplevel.overrideAttrs (_: { extraDependencies = []; closureInfo = null; }))

     

       371
       396
        
             ]; };

     

       372
       397
        
           };

     

       398
       398
       +
       

     

       373
       399
        
       

     

       374
       400
        
           system.build.toplevel = if config.system.includeBuildDependencies then systemWithBuildDeps else system;

     

       375
       401