10/10: system: bootstrap: Compute and print the result's hash.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

10/10: system: bootstrap: Compute and print the result's hash.

From:	guix-commits
Subject:	10/10: system: bootstrap: Compute and print the result's hash.
Date:	Sun, 5 Jan 2020 05:51:33 -0500 (EST)

civodul pushed a commit to branch wip-system-bootstrap
in repository guix.

commit 3bccc5edacbef0204ca1d261da9621a044906028
Author: Ludovic Courtès <address@hidden>
Date:   Wed Dec 11 23:54:35 2019 +0100

    system: bootstrap: Compute and print the result's hash.
    
    * gnu/packages/commencement.scm (%bootstrap-guile+guild): Make public.
    [properties]: New field.
    * gnu/system/bootstrap.scm (hash-script): New procedure.
    (bootstrapping-os): Wrap OBJ in 'hash-script'.
---
 gnu/packages/commencement.scm |  5 +--
 gnu/system/bootstrap.scm      | 83 ++++++++++++++++++++++++++++++++++++++++---
 2 files changed, 81 insertions(+), 7 deletions(-)

diff --git a/gnu/packages/commencement.scm b/gnu/packages/commencement.scm
index 34584fb..bec91f3 100644
--- a/gnu/packages/commencement.scm
+++ b/gnu/packages/commencement.scm
@@ -84,7 +84,7 @@
 ;;;
 ;;; Code:
 
-(define %bootstrap-guile+guild
+(define-public %bootstrap-guile+guild
   ;; This package combines %bootstrap-guile with guild, which is not included
   ;; in %bootstrap-guile.  Guild is needed to build gash-boot and
   ;; gash-core-utils-boot because it is dependency of the Guile build system.
@@ -133,7 +133,8 @@
     (synopsis "Bootstrap Guile plus Guild")
     (description "Bootstrap Guile with added Guild")
     (home-page #f)
-    (license (package-license guile-2.0))))
+    (license (package-license guile-2.0))
+    (properties '((hidden? . #t)))))
 
 (define mes-boot
   (package
diff --git a/gnu/system/bootstrap.scm b/gnu/system/bootstrap.scm
index c6eb106..19f309d 100644
--- a/gnu/system/bootstrap.scm
+++ b/gnu/system/bootstrap.scm
@@ -21,7 +21,13 @@
   #:use-module (guix modules)
   #:use-module ((guix packages) #:select (default-guile))
   #:use-module ((guix self) #:select (make-config.scm))
-  #:use-module (gnu packages bootstrap)
+  #:use-module ((guix utils)
+                #:select (version-major+minor substitute-keyword-arguments))
+  #:use-module (guix packages)
+  #:use-module (guix build-system trivial)
+  #:use-module (gnu packages commencement)
+  #:use-module (gnu packages guile)
+  #:use-module (gnu packages guile-xyz)
   #:use-module (gnu system)
   #:use-module (gnu system shadow)
   #:use-module (gnu system file-systems)
@@ -44,6 +50,73 @@
 ;;;
 ;;; Code:
 
+(define* (hash-script obj #:key (guile (default-guile)))
+  "Return a derivation that computes the SHA256 hash of OBJ, using Guile and
+only pure Guile code."
+  (define hashing
+    (package
+      (inherit guile-hashing)
+      (arguments
+       `(#:guile ,guile
+         ,@(package-arguments guile-hashing)))
+      (native-inputs `(("guile" ,guile)))))
+
+  (define build
+    ;; Compute and display the SHA256 of OBJ.  Do that in pure Scheme: it's
+    ;; slower, but removes the need for a full-blown C compiler and GNU
+    ;; userland to get libgcrypt, etc.
+    (with-extensions (list hashing)
+      (with-imported-modules (source-module-closure
+                              '((guix serialization)))
+        #~(begin
+            (use-modules (hashing sha-2)
+                         (guix serialization)
+                         (rnrs io ports)
+                         (rnrs bytevectors)
+                         (ice-9 match))
+
+            (define (port-sha256 port)
+              ;; Return the SHA256 of the data read from PORT.
+              (define bv (make-bytevector 65536))
+              (define hash (make-sha-256))
+
+              (let loop ()
+                (match (get-bytevector-n! port bv 0
+                                          (bytevector-length bv))
+                  ((? eof-object?)
+                   (sha-256-finish! hash)
+                   hash)
+                  (n
+                   (sha-256-update! hash bv 0 n)
+                   (loop)))))
+
+            (define (file-sha256 file)
+              ;; Return the SHA256 of FILE.
+              (call-with-input-file file port-sha256))
+
+            ;; Serialize OBJ as a nar.  XXX: We should avoid writing to disk
+            ;; as this might be a tmpfs.
+            (call-with-output-file "nar"
+              (lambda (port)
+                (write-file #$obj port)))
+
+            ;; Compute, display, and store the hash of OBJ.
+            (let ((hash (file-sha256 "nar")))
+              (call-with-output-file #$output
+                (lambda (result)
+                  (for-each (lambda (port)
+                              (format port "~a\t~a~%"
+                                      (sha-256->string hash)
+                                      #$obj))
+                            (list (current-output-port)
+                                  result)))))))))
+
+  (computed-file "build-result-hashes" build
+                 #:guile guile
+                 #:options
+                 `(#:effective-version
+                   ,(version-major+minor (package-version guile)))))
+
 (define* (build-script obj #:key (guile (default-guile)))
   "Return a build script that builds OBJ, an arbitrary lowerable object such
 as a package, and all its dependencies.  The script essentially unrolls the
@@ -143,7 +216,6 @@ build loop normally performed by 'guix-daemon'."
                                     (format #t "~%Congratulations!~%")
                                     (sleep 3600)))
                             port)
-              ;; TODO: Print a hash or something at the end?
               (chmod port #o555))))))
 
   (computed-file "build.scm" emit-script
@@ -181,9 +253,10 @@ dependencies, from scratch, as it boots."
     ;; includes all the source code (tarballs) necessary to build them.
     (initrd (lambda (fs . rest)
               (expression->initrd
-               #~(execl #$(build-script obj #:guile %bootstrap-guile)
-                        "build")
-               #:guile %bootstrap-guile)))))
+               (let ((obj (hash-script obj #:guile %bootstrap-guile+guild)))
+                 #~(execl #$(build-script obj #:guile %bootstrap-guile+guild)
+                          "build"))
+               #:guile %bootstrap-guile+guild)))))
 
 ;; This operating system builds MES-BOOT from scratch.  That currently
 ;; requires ~5 GiB of RAM.  TODO: Should we mount a root file system on a hard

[Prev in Thread]

Current Thread

[Next in Thread]

branch wip-system-bootstrap created (now 3bccc5e), guix-commits, 2020/01/05
- 03/10: store: Add #:cut? parameter to 'topologically-sorted'., guix-commits, 2020/01/05
- 01/10: utils: 'version-compare' delays 'dynamic-link' code., guix-commits, 2020/01/05
- 04/10: derivations: Add #:skip-dependencies? parameter to 'derivation-input-fold'., guix-commits, 2020/01/05
- 05/10: DRAFT gexp: Add 'raw-derivation-closure'., guix-commits, 2020/01/05
- 02/10: monads: Add portability to Guile 2.0., guix-commits, 2020/01/05
- 06/10: DRAFT gexp: Add 'object-sources'., guix-commits, 2020/01/05
- 09/10: DRAFT serialization: Avoid 'define-values', for the sake of Guile 2.0., guix-commits, 2020/01/05
- 08/10: bootstrap: Add %bootstrap-guile+guild., guix-commits, 2020/01/05
- 10/10: system: bootstrap: Compute and print the result's hash., guix-commits <=
- 07/10: DRAFT system: Add (gnu system bootstrap)., guix-commits, 2020/01/05

Prev by Date: 08/10: bootstrap: Add %bootstrap-guile+guild.
Next by Date: 07/10: DRAFT system: Add (gnu system bootstrap).
Previous by thread: 08/10: bootstrap: Add %bootstrap-guile+guild.
Next by thread: 07/10: DRAFT system: Add (gnu system bootstrap).
Index(es):
- Date
- Thread