Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NixOS 23.11 #67

Merged
merged 9 commits into from
May 23, 2024
Merged

NixOS 23.11 #67

merged 9 commits into from
May 23, 2024

Conversation

minijackson
Copy link
Collaborator

This switches nixpkgs from the nixos-23.05 branch to nixos-23.11.

Several new things:

  • NixOS 23.11 has the quartoMinimal packages, which is way smaller, because it does not depend on Java, Python, R. With dependencies, its 434MiB vs 2.7GiB

  • NixOS uses _FORTIFY_SOURCE=3 by default for extra buffer checks, but this caused an issue with epics-base (see commit)

  • Some upstream Kafka options changed, and also now support Kraft mode. We use that for the integration test, and as a recommended way in the documentation. This removes the need for Zookeeper, and so frees port 8080.

cc @Rider128

@minijackson
flake: upgrade NixOS 23.05 -> 23.11
9e2e006 
in flake, in template, and in documentation

also add poetry2nix overlay, since it was removed from nixpkgs in 23.11

Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/e5f018cf150e29aac26c61dac0790ea023c46b24' (2023-09-12)
  → 'github:NixOS/nixpkgs/809cca784b9f72a5ad4b991e0e7bcf8890f9c3a6' (2024-02-11)
• Added input 'poetry2nix':
    'github:nix-community/poetry2nix/4eb2ac54029af42a001c9901194e9ce19cbd8a40' (2024-02-06)
• Added input 'poetry2nix/flake-utils':
    'github:numtide/flake-utils/ff7b65b44d01cf9ba6a71320833626af21126384' (2023-09-12)
• Added input 'poetry2nix/flake-utils/systems':
    'github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e' (2023-04-09)
• Added input 'poetry2nix/nix-github-actions':
    'github:nix-community/nix-github-actions/4bb5e752616262457bc7ca5882192a564c0472d2' (2023-11-03)
• Added input 'poetry2nix/nix-github-actions/nixpkgs':
    follows 'poetry2nix/nixpkgs'
• Added input 'poetry2nix/nixpkgs':
    follows 'nixpkgs'
• Added input 'poetry2nix/systems':
    'github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e' (2023-04-09)
• Added input 'poetry2nix/treefmt-nix':
    'github:numtide/treefmt-nix/e82f32aa7f06bbbd56d7b12186d555223dc399d1' (2023-11-12)
• Added input 'poetry2nix/treefmt-nix/nixpkgs':
    follows 'poetry2nix/nixpkgs'
@minijackson
pkgs/epics-base: fix "buffer overflow detected" runtime issue
c1de3d7 
it seems that _FORTIFY_SOURCE=3 caused a miscompilation,
fall back to _FORTIFY_SOURCE=2
@minijackson
pkgs/book: switch quarto -> quartoMinimal
90a984b 
has a lot less dependencies, we didn't use any of them
@minijackson
gitignore: add some history files
56f1caa
@minijackson
templates/top: fix wrong commented overlay option
64e8185
@minijackson
nixos/phoebus/alarm: don't set kafka address by default
81121ca
@minijackson
nixos/tests/phoebus/alarm: use Kraft-mode Kafka
e97802d
@minijackson
doc/nixos/phoebus-alarm: use kraft mode Kafka
0eba5e1
@minijackson minijackson self-assigned this Apr 5, 2024
@minijackson
pkgs/psu-simulator: keep meta.mainProgram
f6b9a09 
This fixes a warning in the StreamDevice check:

> Package psu_simulator does not have the meta.mainProgram attribute
stephane-cea
stephane-cea approved these changes Apr 8, 2024
View reviewed changes
Copy link
Collaborator

@stephane-cea stephane-cea left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good to me!

@Synthetica9
Copy link
Contributor

NixOS uses _FORTIFY_SOURCE=3 by default for extra buffer checks, but this caused an issue with epics-base (see commit)

Is this issue known about upstream? Is it a false positive added by the compiler or a real issue that just doesn't happen to give unwanted results?

@minijackson
Copy link
Collaborator Author

@Synthetica9 I have submitted a mail to the core mailing list, but didn't get any response. I haven't had the time to investigate the origin of the issue, but since all tests pass, and we haven't detected any issue prior to trying _FORTIFY_SOURCE=3, I'm more on the side of "false positive".

@Synthetica9
Copy link
Contributor

Been using this in this test environment for some time and didn't run into any issues yet

@minijackson
Copy link
Collaborator Author

@Synthetica9 great, thanks for testing! I've been pondering having a branching system similar to nixpkgs: to have nixos-23.05, nixos-23.11, master branches. So I'm holding off merging this PR while we work out the details.

@Synthetica9 Synthetica9 mentioned this pull request Apr 29, 2024
Open
lcaouen
lcaouen approved these changes May 22, 2024
View reviewed changes
Copy link
Collaborator

@lcaouen lcaouen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Kafka Kraft-mode tested.
It works.

@minijackson minijackson merged commit 2ec05c0 into master May 23, 2024
4 checks passed
@minijackson minijackson deleted the nixos-23.11 branch May 23, 2024 06:44
@minijackson
Copy link
Collaborator Author

@Synthetica9 FYI the _FORTIFY_SOURCE=3 issue is being tracked in epics-base/epics-base#514 and hopefully fixed in epics-base/epics-base#517

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stephane-cea stephane-cea stephane-cea approved these changes

@lcaouen lcaouen lcaouen approved these changes

@agaget agaget Awaiting requested review from agaget

Assignees

@minijackson minijackson

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@minijackson @Synthetica9 @lcaouen @stephane-cea