lighthouse
lighthouse copied to clipboard
sigp
Support builds that are reproducible and do not require network access
Description
I want to build Lighthouse for NixOS. This requires that Lighthouse builds in a reproducible way without needing network access.
Version
2.4.0
Present Behaviour
In several places of the code, Lighthouse downloads files via HTTPS during build.
Expected Behaviour
Lighthouse should support finding the needed files on the filesystem (placed there by the packager) without using the network.
Steps to resolve
Follow the pattern in deposit_contract, which supports specifying a filename via an environment variable.
I had to work through the same issue and this was my solution:
https://gist.github.com/ralexstokes/e9e123ccc9386ad6de1470e3c9011d99
it just applies the result of what the network request would output
I think the output is static which suggests this could even be hardcoded into the repo -- I'd ask the maintainers to reconsider this aspect of the build at some point because it does complicate the build
That's a neat approach. Is anything keeping you from contributing this to Nixpkgs?
Is anything keeping you from contributing this to Nixpkgs?
lack of knowledge and somewhat time -- do I just make a PR to that repo? any links to docs etc? I'm relatively new to Nix world
You already did the hard part! Now the easy part is to just make a pull request to the Nixpkgs repo. Here's a chapter in the NixOS manual that describes the process: https://nixos.org/manual/nixpkgs/stable/#chap-submitting-changes
One difference I noticed between my approach and yours is that I am building the full package, while you seem to be omitting tests. Did you run into any particular difficulties patching the tests, or just didn't bother?
Did you run into any particular difficulties patching the tests, or just didn't bother?
yeah I skipped the stuff I did not need, feel free to take this and run w/ it if you want
if you improve what I had, I'd love to see it at some point!