Re: Problem bootstrapping Guix - "make update-guix-package" result: no c

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Problem bootstrapping Guix - "make update-guix-package" result: no c

From:	Danny Milosavljevic
Subject:	Re: Problem bootstrapping Guix - "make update-guix-package" result: no code for module (gcrypt hash)
Date:	Mon, 12 Oct 2020 10:22:25 +0200

Hi Ludo,

On Mon, 05 Oct 2020 14:20:08 +0200
Ludovic Courtès <ludo@gnu.org> wrote:

> Danny Milosavljevic <dannym@scratchpost.org> skribis:
> 
> > I'm trying to bootstrap current Guix (master) from Guix past (1.1.0 binary
> > tarball).
> >
> > The goal is: I want to have only guix-the-package-manager at a specific guix
> > commit (!) available inside a Docker image.  
> 
> Why build Guix from source?  I guess it’s enough to do:
> 
>   guix pull --commit=XYZ
> 
> if all you want is Guix at commit XYZ.  Or am I missing something?

I'm doing a project for Heads where we are trying to switch over their build
system to something that makes their builds more reproducible (for example
Guix).

They are using github and gitlab test runners for a lot of things, so one of
the ways we are trying to do continuous integration is to do the following:

(1) Have guix-the-package-manager be built and published on
repository.gitlab.com.  It eventually does "./pre-inst-env guix pack guix"
and then puts the result into a new docker container.  I can't see how to do 
that
after a guix pull.  Note that I don't want to also carry garbage (this entire
thing has to be verified for security eventually, so...).  Currently, guix
is being bootstrapped from Alpine, and I don't want Alpine to remain in there.

(2) Use the result in order to build boards using tiny Dockerfiles
which would just say

  FROM repository.gitlab.com/guix-on-docker
  RUN guix build heads-kgpe-d16

and throw away the derivation (or publish it, too?)--but keep the log file
and exit status.

Note that (1) should pin a specific Guix commit for a long time since Heads
does not want to build on a moving target since they do hash verification
on bootup, and firmware is hard to keep working (i.e. someone has to
manually verify, on real hardware, whether stuff still works after an
update of the toolchain).  And Heads basically is ONLY security-relevant
stuff.

But you are right--I'll now instead just guix gc and then copy /gnu and
/var/guix and /etc/guix into a "FROM scratch" Docker image.

pgpQdY6eYmGJm.pgp
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Problem bootstrapping Guix - "make update-guix-package" result: no code for module (gcrypt hash), Ludovic Courtès, 2020/10/05
- Re: Problem bootstrapping Guix - "make update-guix-package" result: no code for module (gcrypt hash), Danny Milosavljevic <=
  - Re: Problem bootstrapping Guix - "make update-guix-package" result: no code for module (gcrypt hash), Ludovic Courtès, 2020/10/13

Prev by Date: Re: Guix Europe yearly assembly minutes
Next by Date: Re: Translating the web site
Previous by thread: Re: Problem bootstrapping Guix - "make update-guix-package" result: no code for module (gcrypt hash)
Next by thread: Re: Problem bootstrapping Guix - "make update-guix-package" result: no code for module (gcrypt hash)
Index(es):
- Date
- Thread