From 4d372404efa344b4dfe612278760b9d7a90d5c5d Mon Sep 17 00:00:00 2001 From: Sylvain Bellemare Date: Fri, 16 Oct 2020 16:53:29 +0100 Subject: [PATCH 1/2] Add shell.nix and pin down nixpkgs revision --- linux/reproducibility/Dockerfile | 55 +------------------------------- linux/reproducibility/shell.nix | 39 ++++++++++++++++++++++ 2 files changed, 40 insertions(+), 54 deletions(-) create mode 100644 linux/reproducibility/shell.nix diff --git a/linux/reproducibility/Dockerfile b/linux/reproducibility/Dockerfile index a6b0cb8f9..4ebd03859 100644 --- a/linux/reproducibility/Dockerfile +++ b/linux/reproducibility/Dockerfile @@ -14,65 +14,12 @@ USER user ENV USER user WORKDIR /home/user -#create the shell config -RUN echo "{ pkgs ? import {} }: \n\ -with pkgs; \n\ -\n\ -stdenvNoCC.mkDerivation { \n\ -\tname = \"sgx-build-nix\"; \n\ -\tbuildInputs = [ \n\ -\t\t/nix/store/raiq8qv61rc66arg3vzyfr9kw83s7dwv-autoconf-2.69 \n\ -\t\t/nix/store/7bsq9c4z657hddv60hpks48ws699y0fc-automake-1.16.1 \n\ -\t\t/nix/store/idj0yrdlk8x49f3gyl4sb8divwhfgjvp-libtool-2.4.6 \n\ -\t\t/nix/store/68yb6ams241kf5pjyxiwd7a98xxcbx0r-ocaml-4.06.1 \n\ -\t\t/nix/store/ncqmw9iybd6iwxd4yk1x57gvs76k1sq4-ocamlbuild-0.12.0 \n\ -\t\t/nix/store/9dkhfaw1qsmvw4rv1z1fqgwhfpbdqrn0-file-5.35 \n\ -\t\t/nix/store/vs700jsqx2465qr0x78zcmgiii0890n3-cmake-3.15.5 \n\ -\t\t/nix/store/d0fv0g4vcv4s0ysa81pn9sf6fy4zzjcv-gnum4-1.4.18 \n\ -\t\t/nix/store/ljvpvjh36h9x2aaqzaby5clclq4mgdmc-openssl-1.1.1b \n\ -\t\t/nix/store/0klr6d4k2g0kabkamfivg185wpx8biqv-openssl-1.1.1b-dev \n\ -\t\t/nix/store/yg76yir7rkxkfz6p77w4vjasi3cgc0q6-gnumake-4.2.1 \n\ -\t\t/nix/store/5lyvydxv0w4f2s1ba84pjlbpvqkgn1ni-linux-headers-4.19.16 \n\ -\t\t/nix/store/681354n3k44r8z90m35hm8945vsp95h1-glibc-2.27 \n\ -\t\t/nix/store/1kl6ms8x56iyhylb2r83lq7j3jbnix7w-binutils-2.31.1 \n\ -\t\t/nix/store/lvwq3g3093injr86lm0kp0f61k5cbpay-gcc-wrapper-8.3.0 \n\ -\t\t/nix/store/dmxxhhl5yr92pbl17q1szvx34jcbzsy8-texinfo-6.5 \n\ -\t\t/nix/store/g6c80c9s2hmrk7jmkp9przi83jpcs8c6-bison-3.5.4 \n\ -\t\t/nix/store/qh2ppjlz4yq65cl0vs0m2h57x2cjlwm4-flex-2.6.4 \n\ -\t]; \n\ -\n\ -\tshellHook = '' \n\ -\techo \"SGX build enviroment\" \n\ -\t''; \n\ -} \n\ -" > /home/user/shell.nix - #install the required software RUN touch .bash_profile \ && curl https://nixos.org/releases/nix/nix-2.2.1/install | sh \ && . /home/user/.nix-profile/etc/profile.d/nix.sh \ -&& nix-env -i /nix/store/raiq8qv61rc66arg3vzyfr9kw83s7dwv-autoconf-2.69 \ -&& nix-env -i /nix/store/7bsq9c4z657hddv60hpks48ws699y0fc-automake-1.16.1 \ -&& nix-env -i /nix/store/idj0yrdlk8x49f3gyl4sb8divwhfgjvp-libtool-2.4.6 \ -&& nix-env -i /nix/store/68yb6ams241kf5pjyxiwd7a98xxcbx0r-ocaml-4.06.1 \ -&& nix-env -i /nix/store/ncqmw9iybd6iwxd4yk1x57gvs76k1sq4-ocamlbuild-0.12.0 \ -&& nix-env -i /nix/store/9dkhfaw1qsmvw4rv1z1fqgwhfpbdqrn0-file-5.35 \ -&& nix-env -i /nix/store/vs700jsqx2465qr0x78zcmgiii0890n3-cmake-3.15.5 \ -&& nix-env -i /nix/store/d0fv0g4vcv4s0ysa81pn9sf6fy4zzjcv-gnum4-1.4.18 \ -&& nix-env -i /nix/store/ljvpvjh36h9x2aaqzaby5clclq4mgdmc-openssl-1.1.1b \ -&& nix-env -i /nix/store/0klr6d4k2g0kabkamfivg185wpx8biqv-openssl-1.1.1b-dev \ -&& nix-env -i /nix/store/yg76yir7rkxkfz6p77w4vjasi3cgc0q6-gnumake-4.2.1 \ -&& nix-env -i /nix/store/5lyvydxv0w4f2s1ba84pjlbpvqkgn1ni-linux-headers-4.19.16 \ -&& nix-env -i /nix/store/681354n3k44r8z90m35hm8945vsp95h1-glibc-2.27 \ -&& nix-env -i /nix/store/1kl6ms8x56iyhylb2r83lq7j3jbnix7w-binutils-2.31.1 \ -&& nix-env --set-flag priority 10 binutils-2.31.1 \ -&& nix-env -i /nix/store/lvwq3g3093injr86lm0kp0f61k5cbpay-gcc-wrapper-8.3.0 \ -&& nix-env -i /nix/store/dmxxhhl5yr92pbl17q1szvx34jcbzsy8-texinfo-6.5 \ -&& nix-env -i /nix/store/g6c80c9s2hmrk7jmkp9przi83jpcs8c6-bison-3.5.4 \ -&& nix-env -i /nix/store/qh2ppjlz4yq65cl0vs0m2h57x2cjlwm4-flex-2.6.4 - +&& nix-env -i /nix/store/681354n3k44r8z90m35hm8945vsp95h1-glibc-2.27 #config nix-shell RUN . /home/user/.nix-profile/etc/profile.d/nix.sh \ && nix-shell - diff --git a/linux/reproducibility/shell.nix b/linux/reproducibility/shell.nix new file mode 100644 index 000000000..f73fec91d --- /dev/null +++ b/linux/reproducibility/shell.nix @@ -0,0 +1,39 @@ +{ pkgs ? import (fetchTarball "https://github.com/NixOS/nixpkgs/archive/10e61bf5be57736035ec7a804cb0bf3d083bf2cf.tar.gz") {} }: +with pkgs; + +stdenvNoCC.mkDerivation { + inherit ipp_crypto asldobjdump; + name = "sgx-build-nix"; + buildInputs = [ + autoconf + automake + libtool + ocaml + ocamlPackages.ocamlbuild + file + cmake + gnum4 + openssl + gnumake + linuxHeaders + #glibc + /nix/store/681354n3k44r8z90m35hm8945vsp95h1-glibc-2.27 + binutils-unwrapped + #/nix/store/1kl6ms8x56iyhylb2r83lq7j3jbnix7w-binutils-2.31.1 + gcc8 + #/nix/store/lvwq3g3093injr86lm0kp0f61k5cbpay-gcc-wrapper-8.3.0 + texinfo + bison + flex + perl + python3 + which + git + ]; + dontBuild = true; + dontInstall = true; + dontFixup = true; + shellHook = '' + echo "SGX build enviroment" + ''; +} From 5f6f7babe39041d66a2b67dcfc1f0840de8f5270 Mon Sep 17 00:00:00 2001 From: Sylvain Bellemare Date: Mon, 19 Oct 2020 16:25:01 +0100 Subject: [PATCH 2/2] Add missing shell.nix in docker image Remove unused line in shell.nix --- linux/reproducibility/Dockerfile | 1 + linux/reproducibility/shell.nix | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/linux/reproducibility/Dockerfile b/linux/reproducibility/Dockerfile index 4ebd03859..b30ed33ae 100644 --- a/linux/reproducibility/Dockerfile +++ b/linux/reproducibility/Dockerfile @@ -20,6 +20,7 @@ RUN touch .bash_profile \ && . /home/user/.nix-profile/etc/profile.d/nix.sh \ && nix-env -i /nix/store/681354n3k44r8z90m35hm8945vsp95h1-glibc-2.27 +COPY shell.nix /home/user/ #config nix-shell RUN . /home/user/.nix-profile/etc/profile.d/nix.sh \ && nix-shell diff --git a/linux/reproducibility/shell.nix b/linux/reproducibility/shell.nix index f73fec91d..9bcd7e083 100644 --- a/linux/reproducibility/shell.nix +++ b/linux/reproducibility/shell.nix @@ -2,7 +2,6 @@ with pkgs; stdenvNoCC.mkDerivation { - inherit ipp_crypto asldobjdump; name = "sgx-build-nix"; buildInputs = [ autoconf