mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-01-27 07:47:02 -05:00
bff8bce88f
* ci: test reproducability with different dependency installation methods * nix: mitigate nix store optimisiation * docs: reproducible builds Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * ci: upgrade ubuntu runners for reproducible builds --------- Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
19 lines
705 B
Nix
19 lines
705 B
Nix
{ pkgs, pkgsLinux, buildEnv, closureInfo }:
|
|
let
|
|
lib = pkgs.lib;
|
|
cc = pkgsLinux.stdenv.cc;
|
|
packages = [ pkgsLinux.cryptsetup.out pkgsLinux.cryptsetup.dev ];
|
|
closure = builtins.toString (lib.strings.splitString "\n" (builtins.readFile "${closureInfo {rootPaths = packages;}}/store-paths"));
|
|
rpath = pkgs.lib.makeLibraryPath [ pkgsLinux.cryptsetup pkgsLinux.glibc pkgsLinux.libgcc.lib ];
|
|
in
|
|
pkgs.symlinkJoin {
|
|
name = "cryptsetup";
|
|
paths = packages;
|
|
buildInputs = packages;
|
|
postBuild = ''
|
|
tar -cf $out/closure.tar --mtime="@$SOURCE_DATE_EPOCH" --sort=name --hard-dereference ${closure}
|
|
echo "${rpath}" > $out/rpath
|
|
cp ${cc}/nix-support/dynamic-linker $out/dynamic-linker
|
|
'';
|
|
}
|