2021-02-05 17:12:51 +00:00
{ lib
2023-05-24 13:37:59 +00:00
, bazel_6
2022-09-11 13:49:41 +00:00
, bazel-gazelle
2021-02-05 17:12:51 +00:00
, buildBazelPackage
2021-01-17 00:15:33 +00:00
, fetchFromGitHub
, stdenv
, cmake
2021-06-28 23:13:55 +00:00
, gn
2021-01-17 00:15:33 +00:00
, go
2021-06-28 23:13:55 +00:00
, jdk
2021-01-17 00:15:33 +00:00
, ninja
2022-09-09 14:08:57 +00:00
, patchelf
2021-01-17 00:15:33 +00:00
, python3
2022-03-05 16:20:37 +00:00
, linuxHeaders
2021-04-05 15:23:46 +00:00
, nixosTests
2022-04-27 09:35:20 +00:00
2023-11-16 04:20:00 +00:00
# v8 (upstream default), wavm, wamr, wasmtime, disabled
2022-04-27 09:35:20 +00:00
, wasmRuntime ? " w a m r "
2021-01-17 00:15:33 +00:00
} :
let
srcVer = {
# We need the commit hash, since Bazel stamps the build with it.
# However, the version string is more useful for end-users.
# These are contained in a attrset of their own to make it obvious that
# people should update both.
2024-04-26 17:01:46 +00:00
version = " 1 . 3 0 . 1 " ;
rev = " 8 1 6 1 8 8 b 8 6 a 0 a 5 2 0 9 5 b 1 1 6 b 1 0 7 f 5 7 6 3 2 4 0 8 2 c 7 c 0 2 " ;
hash = " s h a 2 5 6 - G 0 r T + O f M k 2 n i t T X c x M r 0 4 j w U M Y T f b 4 V B E V 1 z f t a l g F U = " ;
2021-01-17 00:15:33 +00:00
} ;
2024-01-25 14:12:00 +00:00
# these need to be updated for any changes to fetchAttrs
depsHash = {
2024-05-15 15:35:15 +00:00
x86_64-linux = " s h a 2 5 6 - S 2 q f g a K y B S g C U 6 C k h L w e z b g V q q q a F Y A H Q M C b Y j w Y R x Y = " ;
aarch64-linux = " s h a 2 5 6 - G e 6 q f z j w d h 9 0 7 8 L E 5 k 9 h q F M K x 7 y c 2 b u o Y O p B 9 I I B S / s = " ;
2024-01-25 14:12:00 +00:00
} . ${ stdenv . system } or ( throw " u n s u p p o r t e d s y s t e m ${ stdenv . system } " ) ;
2021-01-17 00:15:33 +00:00
in
2024-01-25 14:12:00 +00:00
buildBazelPackage {
2021-01-17 00:15:33 +00:00
pname = " e n v o y " ;
2022-03-05 16:20:37 +00:00
inherit ( srcVer ) version ;
2023-05-24 13:37:59 +00:00
bazel = bazel_6 ;
2021-01-17 00:15:33 +00:00
src = fetchFromGitHub {
owner = " e n v o y p r o x y " ;
repo = " e n v o y " ;
2024-01-25 14:12:00 +00:00
inherit ( srcVer ) hash rev ;
2021-01-17 00:15:33 +00:00
2022-06-16 17:23:12 +00:00
postFetch = ''
2021-01-17 00:15:33 +00:00
chmod - R + w $ out
rm $ out/.bazelversion
2022-03-05 16:20:37 +00:00
echo $ { srcVer . rev } > $ out/SOURCE_VERSION
2021-01-17 00:15:33 +00:00
'' ;
} ;
postPatch = ''
sed - i ' s , #!/usr/bin/env python3,#!${python3}/bin/python,' bazel/foreign_cc/luajit.patch
2021-06-28 23:13:55 +00:00
sed - i ' /javabase = /d ' . bazelrc
2022-09-11 13:49:41 +00:00
sed - i ' / " - W e r r o r " /d ' bazel/envoy_internal.bzl
2022-09-09 14:08:57 +00:00
2024-04-26 17:01:46 +00:00
cp $ { ./dd_trace_cpp.patch } bazel/dd_trace_cpp.patch
2021-01-17 00:15:33 +00:00
'' ;
2022-03-05 16:20:37 +00:00
patches = [
2022-09-09 14:08:57 +00:00
# use system Python, not bazel-fetched binary Python
2023-02-19 20:43:05 +00:00
./0001-nixpkgs-use-system-Python.patch
# use system Go, not bazel-fetched binary Go
./0002-nixpkgs-use-system-Go.patch
2023-10-19 13:55:26 +00:00
# use system C/C++ tools
./0003-nixpkgs-use-system-C-C-toolchains.patch
2024-01-25 14:12:00 +00:00
2024-04-26 17:01:46 +00:00
# apply patch to dd-trace-cpp
# remove once a version of dd-trace-cpp is released and adopted by envoy
# that contains https://github.com/DataDog/dd-trace-cpp/commit/3a8e1e9a3cf4e87ef053e954a39dc7a967ac6965
./0004-nixpkgs-add-cstdint-in-dd-trace-cpp.patch
2022-03-05 16:20:37 +00:00
] ;
2021-01-17 00:15:33 +00:00
nativeBuildInputs = [
cmake
python3
2021-06-28 23:13:55 +00:00
gn
2021-01-17 00:15:33 +00:00
go
2021-06-28 23:13:55 +00:00
jdk
2021-01-17 00:15:33 +00:00
ninja
2022-09-09 14:08:57 +00:00
patchelf
2021-01-17 00:15:33 +00:00
] ;
2022-03-05 16:20:37 +00:00
buildInputs = [
linuxHeaders
] ;
2021-01-17 00:15:33 +00:00
fetchAttrs = {
2024-01-25 14:12:00 +00:00
sha256 = depsHash ;
2021-01-17 00:15:33 +00:00
dontUseCmakeConfigure = true ;
2021-06-28 23:13:55 +00:00
dontUseGnConfigure = true ;
2021-01-17 00:15:33 +00:00
preInstall = ''
# Strip out the path to the build location (by deleting the comment line).
find $ bazelOut/external - name requirements . bzl | while read requirements ; do
sed - i ' / # Generated from /d' "$requirements"
done
# Remove references to paths in the Nix store.
sed - i \
- e ' s , $ { python3 } , __NIXPYTHON__ , ' \
- e ' s , $ { stdenv . shellPackage } , __NIXSHELL__ , ' \
$ bazelOut/external/com_github_luajit_luajit/build.py \
2022-09-11 13:49:41 +00:00
$ bazelOut/external/local_config_sh/BUILD \
2023-10-09 19:29:22 +00:00
$ bazelOut/external /* _ p i p 3 / B U I L D . b a z e l
2022-09-11 13:49:41 +00:00
2021-01-17 00:15:33 +00:00
rm - r $ bazelOut/external/go_sdk
2022-09-11 13:49:41 +00:00
rm - r $ bazelOut/external/local_jdk
rm - r $ bazelOut/external/bazel_gazelle_go_repository_tools/bin
2021-01-17 00:15:33 +00:00
2023-10-09 19:29:22 +00:00
# Remove compiled python
find $ bazelOut - name ' * . pyc' - delete
2021-06-28 23:13:55 +00:00
# Remove Unix timestamps from go cache.
rm - rf $ bazelOut/external/bazel_gazelle_go_repository_cache / { gocache , pkg/mod/cache , pkg/sumdb }
2024-01-25 14:12:00 +00:00
# fix tcmalloc failure https://github.com/envoyproxy/envoy/issues/30838
sed - i ' /TCMALLOC_GCC_FLAGS = \ [ /a " - W n o - c h a n g e s - m e a n i n g " , ' $ bazelOut/external/com_github_google_tcmalloc/tcmalloc/copts.bzl
2021-01-17 00:15:33 +00:00
'' ;
} ;
buildAttrs = {
dontUseCmakeConfigure = true ;
2021-06-28 23:13:55 +00:00
dontUseGnConfigure = true ;
2021-01-17 00:15:33 +00:00
dontUseNinjaInstall = true ;
preConfigure = ''
2022-09-11 13:49:41 +00:00
# Make executables work, for the most part.
find $ bazelOut/external - type f - executable | while read execbin ; do
file " $ e x e c b i n " | grep - q ' : ELF . * , dynamically linked , ' || continue
patchelf \
- - set-interpreter $ ( cat $ { stdenv . cc } /nix-support/dynamic-linker ) \
" $ e x e c b i n "
done
ln - s $ { bazel-gazelle } /bin $ bazelOut/external/bazel_gazelle_go_repository_tools/bin
2022-03-05 16:20:37 +00:00
sed - i ' s , #!/usr/bin/env bash,#!${stdenv.shell},' $bazelOut/external/rules_foreign_cc/foreign_cc/private/framework/toolchains/linux_commands.bzl
2021-01-17 00:15:33 +00:00
# Add paths to Nix store back.
sed - i \
- e ' s , __NIXPYTHON__ , $ { python3 } , ' \
- e ' s , __NIXSHELL__ , $ { stdenv . shellPackage } , ' \
$ bazelOut/external/com_github_luajit_luajit/build.py \
2022-09-11 13:49:41 +00:00
$ bazelOut/external/local_config_sh/BUILD \
2023-10-09 19:29:22 +00:00
$ bazelOut/external /* _ p i p 3 / B U I L D . b a z e l
2021-01-17 00:15:33 +00:00
'' ;
installPhase = ''
install - Dm0755 bazel-bin/source/exe/envoy-static $ out/bin/envoy
'' ;
} ;
removeRulesCC = false ;
removeLocalConfigCc = true ;
removeLocal = false ;
2023-04-12 12:48:02 +00:00
bazelTargets = [ " / / s o u r c e / e x e : e n v o y - s t a t i c " ] ;
2021-01-17 00:15:33 +00:00
bazelBuildFlags = [
" - c o p t "
" - - s p a w n _ s t r a t e g y = s t a n d a l o n e "
" - - n o e x p e r i m e n t a l _ s t r i c t _ a c t i o n _ e n v "
2022-09-11 13:49:41 +00:00
" - - c x x o p t = - W n o - e r r o r "
2023-02-16 17:41:37 +00:00
" - - l i n k o p t = - W l , - z , n o e x e c s t a c k "
2022-09-09 14:08:57 +00:00
# Force use of system Java.
" - - e x t r a _ t o o l c h a i n s = @ l o c a l _ j d k / / : a l l "
" - - j a v a _ r u n t i m e _ v e r s i o n = l o c a l _ j d k "
" - - t o o l _ j a v a _ r u n t i m e _ v e r s i o n = l o c a l _ j d k "
2022-04-27 09:35:20 +00:00
2024-04-26 17:01:46 +00:00
# undefined reference to 'grpc_core::*Metadata*::*Memento*
#
# During linking of the final binary, we see undefined references to grpc_core related symbols.
# The missing symbols would be instantiations of a template class from https://github.com/grpc/grpc/blob/v1.59.4/src/core/lib/transport/metadata_batch.h
# "ParseMemento" and "MementoToValue" are only implemented for some types
# and appear unused and unimplemented for the undefined cases reported by the linker.
" - - l i n k o p t = - W l , - - u n r e s o l v e d - s y m b o l s = i g n o r e - i n - o b j e c t - f i l e s "
2022-04-27 09:35:20 +00:00
" - - d e f i n e = w a s m = ${ wasmRuntime } "
2022-09-11 13:49:41 +00:00
] ++ ( lib . optionals stdenv . isAarch64 [
# external/com_github_google_tcmalloc/tcmalloc/internal/percpu_tcmalloc.h:611:9: error: expected ':' or '::' before '[' token
# 611 | : [end_ptr] "=&r"(end_ptr), [cpu_id] "=&r"(cpu_id),
# | ^
" - - d e f i n e = t c m a l l o c = d i s a b l e d "
] ) ;
2024-04-26 17:01:46 +00:00
2022-04-27 09:35:20 +00:00
bazelFetchFlags = [
" - - d e f i n e = w a s m = ${ wasmRuntime } "
2024-04-26 17:01:46 +00:00
# https://github.com/bazelbuild/rules_go/issues/3844
" - - r e p o _ e n v = G O P R O X Y = h t t p s : / / p r o x y . g o l a n g . o r g , d i r e c t "
" - - r e p o _ e n v = G O S U M D B = s u m . g o l a n g . o r g "
2021-01-17 00:15:33 +00:00
] ;
2021-04-05 15:23:46 +00:00
passthru . tests = {
2022-04-15 01:41:22 +00:00
envoy = nixosTests . envoy ;
# tested as a core component of Pomerium
pomerium = nixosTests . pomerium ;
2021-04-05 15:23:46 +00:00
} ;
2021-02-05 17:12:51 +00:00
meta = with lib ; {
2021-01-17 00:15:33 +00:00
homepage = " h t t p s : / / e n v o y p r o x y . i o " ;
2024-02-29 20:09:43 +00:00
changelog = " h t t p s : / / g i t h u b . c o m / e n v o y p r o x y / e n v o y / r e l e a s e s / t a g / v ${ version } " ;
2021-01-17 00:15:33 +00:00
description = " C l o u d - n a t i v e e d g e a n d s e r v i c e p r o x y " ;
2024-04-21 15:54:59 +00:00
mainProgram = " e n v o y " ;
2021-01-17 00:15:33 +00:00
license = licenses . asl20 ;
maintainers = with maintainers ; [ lukegb ] ;
2022-04-27 09:35:20 +00:00
platforms = [ " x 8 6 _ 6 4 - l i n u x " " a a r c h 6 4 - l i n u x " ] ;
2021-01-17 00:15:33 +00:00
} ;
}