Nixpkgs/Create and debug packages: Difference between revisions
imported>Benediktbroich Add the more modern nixpkgs-review as alternative to nox, add "good practices" Formatting with alejandra, add "good practices" tests with nixpkgs-hammering (Some things i picked up during my first pr) |
imported>Mic92 nuke nox (no one uses this anymore) |
||
Line 376: | Line 376: | ||
== nix channels == | == nix channels == | ||
nix channels can be used in parallel with your new local repositories, see its [[install/remove software#nix-channels| nix-channel-documentation]] | nix channels can be used in parallel with your new local repositories, see its [[install/remove software#nix-channels| nix-channel-documentation]] | ||
== Testing Package Updates with nixpkgs-review == | == Testing Package Updates with nixpkgs-review == |
Revision as of 10:00, 13 December 2022
This article describes how to work with the nix related repositories to add new packages, edit and debug existing packages. For details on the NixOS module system see NixOS:Modules. NixOS:extend_NixOS explains how to write, test and debug your own modules.
There is a chapter about hacking packages and modules in the NixOS manual: development
Writing packages is covered in quick start and writing modules is covered in the manual
If you've read the manual and still don't know how to go about creating a package, read on.
The nix repositories are hosted at https://github.com/NixOS
Basics
The code for nix packages is managed in the nixpkgs/pkgs repository. NixOS services, and other system configuration options are managed in nixpkgs/nixos.
The steps to take for your first change should look something like this:
- Fork the repo (e.g. click the fork button on https://github.com/nixos/nixpkgs).
- Clone your fork
git clone --depth 1 https://github.com/YOURNAME/nixpkgs.git
- Hack hack hack
- Push your changes to your fork
- Open a pull request
- Profit!
This is pretty much the standard way to use github, so if you have trouble using git or github any general guide on these should get you going, or just ask on the NixOS IRC channel. The rest of this guide deals with the "Hack hack hack" step :)
Rough process for creating a package
There are different steps here depending on whether you're building from source or packaging an existing binary. There are some common steps too.
Packages from source code
- Read the repo build instructions. Many times the instructions won't be 100% clear in the README, but there might be some script for CI that will be more precise. This should give you a rough idea of how hard it will be to package it. For example, if it uses a standard, vanilla build (
./configure && make && make install
), it will probably be easy to package. If on the contrary there are no CI scripts, or no build instructions, or the build instructions are complicated, things could be rough. - Look in nixpkgs for a similar package to use as reference. Many times you can just copy/paste a similar package, change the
src
attribute and things will just work. E.g. if you're packaging a project written in Go, find a package for an existing Go application. Each language has its own supporting Nix functions and a more or less standard way of dealing with things. For example Go hasbuildGoModule
. Rust hasbuildRustPackage
. Python hasbuildPythonApplication
. Node.js hasnode2nix
,yarn2nix
, etc. The official documentation for these is generally good. These functions will typically do most of the heavy lifting and you probably just have to point them to the repo and they will do the rest. There are also specific functions for wrapping e.g. GNOME applications (wrapGAppsHook
), or Qt apps (libsForQt5
,wrapQtAppsHook
). It pays off to have a look at these functions in the language-support table in the NixOS manual. - If there isn't a specific function for the build/language you'll need to use stdenv.mkDerivation directly but don't despair (yet!). mkDerivation has built-in support for GNU make, CMake, and possibly others too (?) so you probably won't have to spell out every single command necessary to build the project.
- Figure out at least some dependencies from the project repo. Doesn't have to be perfect, but something to get you started. See if they're available in nixpkgs (
nix search some-library
ornix-locate lib/somelibrary.so
). If any dependency is missing you'll need to package that as well! Common libraries are usually available though. - Prototype / iterate the build with nix-shell. Run
nix-shell -p dep1 dep2 dep3...
then run the build manually on the command line. Hopefully this will let you quickly identify missing dependencies and maybe some build quirks. Again this doesn't need to be perfect, don't spend too much time on this. - Write the default.nix file, save it in some empty local directory.
- At the top of default.nix add
with import <nixpkgs> {};
. For now, don't worry too much about declaring every dependency as a parameter, as it will only slow you down. Again, use some similar package as reference. - Build the package with
nix build -L
. Iterate on tweaking default.nix and running nix build until it builds. - Instead of nix build, for large projects with long compile times, you can use nix-shell with
nix shell -L
(same arguments as nix build). Inside the nix-shell, run something likecd $(mktemp -d) && unpackPhase && cd * && configurePhase && buildPhase && checkPhase && installPhase && fixupPhase
(these are the phases of stdenv.mkDerivation) - At this stage, you may encounter some build-quirks of the project. Compile-time errors will hopefully explain what you're missing. For example micromamba needs a specialized build of libsolv.
- Read on below for further steps.
Packages from binaries
- There's probably a package for it for some other distro. Use that package definition to figure out the dependencies. For example, if you have a deb package you can view its dependencies by running
dpkg -I <package.deb>
. Arch packages can also be useful to look up for reference (view the package's PKGBUILD): - Sometimes the definitions for other distros won't be enough by nix's standards. If that's the case, use
ldd
and/orstrace
to find the rest of the dependencies. If you're not familiar withldd
/strace
see How to find out the dynamic libraries executables loads when run? - See how other nix binary packages deal with dependencies. For example nix packages based on deb packages.
- If the application contains some helper executable or vendored dlopen'd library you will probably need to give the nix treatment to it as well. For example, JetBrains Rider vendors dotnet so it needs to be replaced with the dotnet nix package.
- Because there's no real build step here you'll have to rely more on testing the actual execution of the package.
Both source code packages and binary packages
- Once you have the package building successfully, it's time to start testing the output. Run
nix run -L
, this will give you a shell where the application executable should be in the PATH. If the executable is not in the PATH, you might need to overrideinstallPhase
. Try to test as many functions of the application as you can. Most of the time only making sure that the application starts up will not be enough. - Now that your package builds and runs, it's time to move it to nixpkgs. Read nixpkgs/CONTRIBUTING.md, make sure your package is up to the standards e.g. add a suitable
meta
section. - Git clone https://github.com/NixOS/nixpkgs , figure out the best category / directory for the application (within https://github.com/NixOS/nixpkgs/tree/master/pkgs/ ), create the directory for your application, and move your default.nix there.
- If you used
with import <nixpkgs> {};
to iterate more quickly, now is the time to replace that with the actual dependencies as an attribute set at the beginning of the file e.g.{ lib, stdenv, fetchFromGitHub }:
- Add the package to the top level declaration of packages. Most of the time this will be https://github.com/NixOS/nixpkgs/blob/master/pkgs/top-level/all-packages.nix .
- If this is your first package in nixpkgs, add yourself in https://github.com/NixOS/nixpkgs/blob/master/maintainers/maintainer-list.nix
- Read on about the final steps of branching and sending your PR in https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md .
How to install from the local repository
For expediency just for this article, we'll shallow clone direct from the distribution repo and set an environment variable pointing to it.
$ mkdir -p ~/tmpdev && cd ~/tmpdev
$ git clone --depth=1 https://github.com/nixos/nixpkgs
$ export NIXPKGS=~/tmpdev/nixpkgs
$ ls $NIXPKGS
make some changes ...
example: list all available software from the local repository $NIXPKGS
$ nix-env -f $NIXPKGS -qaP '*'
example: update the system based on your local $NIXPKGS
$ nixos-rebuild -I nixpkgs=$NIXPKGS switch
example: build an expression and put the output in to `pwd`/results
$ nix-build $NIXPKGS -A irssi
example: get an environment which is used to build irssi (also see nix-shell)
$ nix-build $NIXPKGS --run-env -A irssi
example: get a persistent environment which is used to build irssi
$ nix-build $NIXPKGS --run-env -A irssi --add-root
Tracking upstream changes and avoiding extra rebuilding
You have forked the relevant nix repository, but you will want to track changes in the upstream nix repo too. You can add a remote, and a corresponding branch for this.
$ git remote add upstream https://github.com/NixOS/nixpkgs.git
You can create a branch to track the upstream master branch:
$ git fetch upstream
$ git checkout -b upstream-master upstream/master
$ git pull
This will put you into a branch with all the latest changes. Hydra, the build farm, regularly creates binaries, but, since people are constantly contributing to the nix repositories, it is usually the case that there are changes in the master branch which have not yet made it into the binary channel. To take advantage of available binaries you can switch to the revision which produced the binaries in your current system and apply your changes from there. You can use `nixos-version` to see the relevant short revision hash:
$ nixos-version
14.11pre52727.5d97886 (Caterpillar)
${NixOS release}.${nixpkgs revision}
(since the git-repo called nixos was merged into nixpkgs)
$ nixos-version
13.07pre4871_18de9f6-3c35dae (Aardvark)
${NixOS release}_${NixOS revision}-${nixpkgs revision}
This string shows the Nixos release number (13.07pre4871) followed by the nixos revision used to produce your current system (18de9f6) followed by the nixpkgs revision (3c35dae).
$ git branch
upstream-master
$ git checkout -b nixpkgs-channel 3c35dae
Switched to a new branch 'nixpkgs-channel'
$ git checkout -b my-new-pkg
Switched to a new branch 'my-new-pkg'
After making some changes you can commit them into your local repo:
$ git add foo
$ git commit
Then you push your changes to your fork:
$ git push origin my-new-pkg
You can use this to open a pull request on github.
If some time has passed since you have created your fork, you will want to merge your changes with upstream and test that it still works.
$ git fetch upstream
$ git merge upstream
If your merge then fails because someone else has made the same change (for example, someone else also packaged a library you have just packed for the program you want to get into nixpkgs), then you can do this:
$ git rebase -i HEAD~10
there select the edit mode for your commit and remove the your code which added the library. **Warning: only use 'git rebase' on your commits, which have not been pushed and nobody else is working with already!**
Next you have to test if your program works with the library packaged from someone else, then do:
$ git checkout master
$ git log --stat
and pick the commit where the library was added. Finally cherry-pick that commit into your branch:
$ git checkout my-new-pkg
$ git cherry-pick 5d97886a6a545fb20495e0837cc50fa63d2a80e1
Afterwards do your usual tests and if needed also make modifications to the library but keep in mind that this might break the other use-case of that library and if in doubt check that as well.
Using nix-shell for package development
nix-shell is a command which drops you into the build environment for a package. This is convenient for writing and debugging nix expressions. Nix-shell requires nix-1.6.x although running nix-build --run-env produces a similar environment.
$ mkdir -p ~/tmpdev/bc-build && cd ~/tmpdev/bc-build
$ nix-shell $NIXPKGS -A bc
You can also drop in the build environment for a package not in nixpkgs.
$ mkdir -p ~/tmpdev/bc-build && cd ~/tmpdev/bc-build
$ nix-shell -E "with import <nixpkgs> {}; callPackage /path/to/package.nix {}"
You would have seen the dependencies downloading, but the bc-build directory remains empty. The build system would next invoke a builder with some arguments. You can obtain the exact name of the builder (usually bash) and the arguments args of the builder (typically a shell script) by checking the corresponding value in:
$ nix show-derivation $(nix-instantiate .)
However, most of the time (for instance when using stdenv ) the default builder invokes first source $stdenv/setup to load the appropriate environment variables, and then genericBuild(). This is a shell function defined by stdenv that you can review like this...
$ typeset -f genericBuild | less
which shows when custom variables $buildCommandPath or $buildCommand are defined, those are evaluated exclusively. Otherwise, if no custom $phases variable is set, the standard build phase order is used as shown here...
$ typeset -f genericBuild | grep 'phases='
phases="$prePhases unpackPhase patchPhase $preConfigurePhases configurePhase $preBuildPhases buildPhase checkPhase $preInstallPhases installPhase fixupPhase installCheckPhase $preDistPhases distPhase $postPhases";
The phases can be defined either as a string to be eval'ed or as a shell function, this is how Nix invokes it.
So to observe a full build, you can do...
$ export out=~/tmpdev/bc-build/out
$ source $stdenv/setup
$ set -x # Optional: it prints all commands, can be practical to debug
$ set +e # Optional: do not quit the shell on simple errors, Ctrl-C,...
$ export NIX_ENFORCE_PURITY=0 # Optional: nix automatically skip absolute files not in /nix/, /tmp or NIX_BUILD_TOP. When building in a nix-shell this may be an issue as the source won't be in the above folders and you may get errors like Fatal error: blabla.h: No such file or directory. https://github.com/NixOS/nixpkgs/issues/204036
$ genericBuild
To only run some specific phases:
$ phases="buildPhase checkPhase" genericBuild
While developing your own package, you need to run these phases in order:
unpackPhase
patchPhase
configurePhase
buildPhase
checkPhase
installPhase
fixupPhase
installCheckPhase
distPhase
Phases can be both bash functions, or environment of identical name (when they are overridden). genericBuild
takes care of that distinction for you, invoking them appropriately. You can of course drop down to evaluating them yourself, for example to invoke an overridden phase (an environment variable) using eval instead:
eval "$checkPhase"
# etc..
To list all functions which are declared in set:
typeset -F
declare -f addCVars
declare -f addToCrossEnv
declare -f addToNativeEnv
declare -f addToSearchPath
declare -f addToSearchPathWithCustomDelimiter
declare -f buildPhase
declare -f checkPhase
declare -f closeNest
declare -f command_not_found_handle
declare -f configurePhase
declare -f distPhase
declare -f dumpVars
declare -f ensureDir
declare -f exitHandler
declare -f findInputs
declare -f fixLibtool
declare -f fixupPhase
declare -f genericBuild
declare -f header
declare -f installBin
declare -f installCheckPhase
declare -f installPhase
declare -f patchELF
declare -f patchPhase
declare -f patchShebangs
declare -f runHook
declare -f showPhaseHeader
declare -f startNest
declare -f stopNest
declare -f stripDirs
declare -f stripHash
declare -f substitute
declare -f substituteAll
declare -f substituteAllInPlace
declare -f substituteInPlace
declare -f unpackFile
declare -f unpackPhase
If the phase has been defined as a function, to list a particular function type:
typeset -f unpackPhase
Otherwise, if it was a string, simply echo the variable related to it
echo "$unpackPhase"
In either case, you can see the code that is about to be executed for each phase:
typeset -f unpackPhase
unpackPhase ()
{
runHook preUnpack;
if [ -z "$srcs" ]; then
if [ -z "$src" ]; then
echo 'variable $src or $srcs should point to the source';
exit 1;
fi;
srcs="$src";
fi;
local dirsBefore="";
for i in *;
do
if [ -d "$i" ]; then
dirsBefore="$dirsBefore $i ";
fi;
done;
for i in $srcs;
do
unpackFile $i;
done;
if [ -n "$setSourceRoot" ]; then
runHook setSourceRoot;
else
if [ -z "$sourceRoot" ]; then
sourceRoot=;
for i in *;
do
if [ -d "$i" ]; then
case $dirsBefore in
*\ $i\ *)
;;
*)
if [ -n "$sourceRoot" ]; then
echo "unpacker produced multiple directories";
exit 1;
fi;
sourceRoot="$i"
;;
esac;
fi;
done;
fi;
fi;
if [ -z "$sourceRoot" ]; then
echo "unpacker appears to have produced no directories";
exit 1;
fi;
echo "source root is $sourceRoot";
if [ "$dontMakeSourcesWritable" != 1 ]; then
chmod -R u+w "$sourceRoot";
fi;
runHook postUnpack
}
you can also modify the configureFlags prefix:
export configureFlags="--prefix=$out --with-readline"
Tip: A git repository can be used for snapshotting attempts at building the package. This also makes it easy to generate patches, should you need to.
nix channels
nix channels can be used in parallel with your new local repositories, see its nix-channel-documentation
Testing Package Updates with nixpkgs-review
You can also use nixpkgs-review to compile, review and merge packages and its dependencies. It claims to be faster than nox and provides a nix-shell where you can test the package.
First make sure it is available in your shell:
nix-shell -p nixpkgs-review
You can run nixpkgs-review against uncommitted/staged changes in a cloned nixpkgs repository:
cd ~/git/nixpkgs
nixpkgs-review wip [--staged]
It is also possible to review a specified commit:
cd ~/git/nixpkgs
nixpkgs-review rev HEAD
If you have already committed your changes and created a pull request, you can use the pr command:
cd ~/git/nixpkgs
nixpkgs-review pr 5341
You can post the build result, approve/merge or read the comments of a pull request inside the provided nix-shell:
# inside the provided shell
nixpkgs-review post-result
nixpkgs-review approve
nixpkgs-review merge
nixpkgs-review comments
If the pr provides a new package you can start it inside the nix-shell using its package name:
# inside the provided shell
packagename
Formatting Packages with alejandra
It is "good practice" to format packages in a way that following changed will create as minimal diffs as possible. The formatter alejandra can be used for that. The configuration can be found here. You can read the explanation of the formatting choices here.
Testing Packages with nixpkgs-hammering
You can test some "good practices" in a package with nixpkgs-hammering. But before applying the recommendations you should read the given explanations.
cd ~/git/nixpkgs
nix run -f https://github.com/jtojnar/nixpkgs-hammering/archive/master.tar.gz -c nixpkgs-hammer packagename # if you are using stable nix
nix run github:jtojnar/nixpkgs-hammering packagename # if you are using nix flake
See also
- Generic Algorithm on Doing Packaging
- Fundamentals of Stdenv in Nix Pills
- Developing with nix-shell in Nix Pills