WIP: make: Support Nix and Guix with reproducible builds

[xelxebar]

Building on Nix and Guix require a reproduible build process. The auto-download feature of our build process violates this constraint. Furthermore, Nix and Guix builds typically occur in a network-isolated environment.

[xelxebar]

Initial discussion started here: https://github.com/yaml/yamlscript/issues/22.

[xelxebar]

You can see how I took a different approach than IS_NIX. By defining LEIN and GRAALVM_PATH appropriately, as well as clearing GRAALVM_DOWNLOAD, the builder can circumvent auto-downloads. Probably should document these kinds of details, once this PR settles out.

Also, note that we introduce a host dependency of pkg-config to detect libz, replacing the ldconfig hack because Nix/Guix can't maintain a global /etc/ld.so.cache.

[xelxebar]

@ingydotnet What's your dev process around updating/changing dependencies? Almost certainly we will have to introduce some kind of dependency lockfile a la package-lock.json _etc. Whatever this turns out to be, I'd like to make lockfile generation as transparent to your current dev process as possible.

BTW, Nix/Guix don't really have off-the-shelf support for packaging Clojure projects at the moment, so this PR will require more time and work than anticipated.

[stigtsp]

There is a PR for yamlscript for nixpkgs here:

• https://github.com/NixOS/nixpkgs/pull/291472

As a first step, it packages the standalone jar from the release page as a native binary using GraalVM. We could update this derivation to be a source build later of course.