This installs a statically linked busybox binary distribution for decompressing the gentoo stage3 tarball, since there is no native xz implementation.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This places configuration files with hardcoded content in /etc to silence test suites expecting them to be present.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This tool is a frontend for bootstrapping hakurei via internal/pkg. Named mbf for now for "maiden's best friend" as a tribute to the DOOM source port.
Signed-off-by: Ophestra <cat@gensokyo.uk>
Any fine-grained file-based locking here significantly hurts performance and is not part of the use case of the package. This change guarantees exclusive access to prevent inconsistent state on the filesystem.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This significantly improves scrubbing performance. Since the cache directory structure is friendly to simultaneous access, this is possible without synchronisation.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This eliminates duplicate identifier computations. The new implementation also significantly reduces allocations while computing identifier for a large dependency tree.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This is significantly more practical than keeping track of them in directory flattening format and setting this in every non-artifact implementation. Only tarArtifact can have meaningful deterministic checksums that are not zero and zeroing them still keeps autotools happy.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This proxies program output through msg with a name and fd prefix. This also avoids introducing additional information to the container via process stdout/stderr.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This does not have a reasonable way of inferring the underlying name. For zero value it falls back to base of executable pathname.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This result was mistakenly unused resulting in incorrect identifiers for artifacts with duplicate dependencies.
Signed-off-by: Ophestra <cat@gensokyo.uk>
The struct turned out not necessary during initial implementation but was not unwrapped into its single string field. This change replaces it with the underlying string and removes the indirection.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This makes overriding hakurei easier. Also avoids building hakurei twice since nix does that for some reason.
Signed-off-by: Ophestra <cat@gensokyo.uk>
An upcoming improvement in the container init makes the current host net check return the same result for both cases. This change
Signed-off-by: Ophestra <cat@gensokyo.uk>
This imposes a hard upper limit to concurrency during dependency satisfaction and moves all dependency-related code out of individual implementations of Artifact. This change also includes ctx and msg as part of Cache.
Signed-off-by: Ophestra <cat@gensokyo.uk>
The cure is condemned at the point of cancellation and all of its state is destroyed by the deferred cleanup, so it makes little sense to wait for it much.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This removes all but the /work/ auto overlay behaviour and enables much greater flexibility. This also renames ExecContainerPath to ExecPath so it is easier to type.
Signed-off-by: Ophestra <cat@gensokyo.uk>
These are not encoded in the format, they are rejected here to serve as a check for cache since checksum is computed for every directory.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This directly submits the upperdir to cache. It is primarily used in bootstrapping where tools are limited and should not be used unless there is a very good reason to.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This works around the fact that execArtifact always creates the work directory when setting up the bind mount.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This sets up the last Artifact to target /tmp as a writable overlay mount backed by the host side temp directory. This is useful for an Artifact containing source code to be built for another Artifact for example.
Signed-off-by: Ophestra <cat@gensokyo.uk>
Only write should be cleared here, clearing execute causes execArtifact to be unable to start anything since no Artifact is able to produce an executable file.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This makes it possible to use an Artifact as root without arranging for directory creation in the Artifact ahead of time.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This optionally attaches an output checksum to an execArtifact and enables host networking for the resulting container.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This was using the old pre-KnownChecksum function signature. It did not affect correctness since httpArtifact performs internal validation to avoid the strict mode vfs roundtrip, but it prevented content-addressed cache hits.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This runs a program in a container environment. Artifacts can be made available to the container, they are cured concurrently and mounted in order.
Signed-off-by: Ophestra <cat@gensokyo.uk>
