2021-02-05 17:12:51 +00:00
{ lib
2023-05-24 13:37:59 +00:00
, bazel_6
2022-09-11 13:49:41 +00:00
, bazel-gazelle
2021-02-05 17:12:51 +00:00
, buildBazelPackage
2021-01-17 00:15:33 +00:00
, fetchFromGitHub
, stdenv
, cmake
2021-06-28 23:13:55 +00:00
, gn
2021-01-17 00:15:33 +00:00
, go
2021-06-28 23:13:55 +00:00
, jdk
2021-01-17 00:15:33 +00:00
, ninja
2022-09-09 14:08:57 +00:00
, patchelf
2021-01-17 00:15:33 +00:00
, python3
2022-03-05 16:20:37 +00:00
, linuxHeaders
2021-04-05 15:23:46 +00:00
, nixosTests
2022-04-27 09:35:20 +00:00
# v8 (upstream default), wavm, wamr, wasmtime, disabled
, wasmRuntime ? " w a m r "
2021-01-17 00:15:33 +00:00
} :
let
srcVer = {
# We need the commit hash, since Bazel stamps the build with it.
# However, the version string is more useful for end-users.
# These are contained in a attrset of their own to make it obvious that
# people should update both.
2023-08-04 22:07:22 +00:00
version = " 1 . 2 6 . 3 " ;
rev = " e a 9 d 2 5 e 9 3 c e f 7 4 b 0 2 3 c 9 5 c a 1 a 3 f 7 9 4 4 9 c d f 7 f a 9 a " ;
2021-01-17 00:15:33 +00:00
} ;
in
buildBazelPackage rec {
pname = " e n v o y " ;
2022-03-05 16:20:37 +00:00
inherit ( srcVer ) version ;
2023-05-24 13:37:59 +00:00
bazel = bazel_6 ;
2021-01-17 00:15:33 +00:00
src = fetchFromGitHub {
owner = " e n v o y p r o x y " ;
repo = " e n v o y " ;
2022-04-27 09:35:20 +00:00
inherit ( srcVer ) rev ;
2023-08-04 22:07:22 +00:00
sha256 = " s h a 2 5 6 - Z Z A V u e l c P z F Q R q h 9 S w R x t + o d E j F 0 j T N h / K k L W H K i Z 3 o = " ;
2021-01-17 00:15:33 +00:00
2022-06-16 17:23:12 +00:00
postFetch = ''
2021-01-17 00:15:33 +00:00
chmod - R + w $ out
rm $ out/.bazelversion
2022-03-05 16:20:37 +00:00
echo $ { srcVer . rev } > $ out/SOURCE_VERSION
2021-01-17 00:15:33 +00:00
'' ;
} ;
postPatch = ''
sed - i ' s , #!/usr/bin/env python3,#!${python3}/bin/python,' bazel/foreign_cc/luajit.patch
2021-06-28 23:13:55 +00:00
sed - i ' /javabase = /d ' . bazelrc
2022-09-11 13:49:41 +00:00
sed - i ' / " - W e r r o r " /d ' bazel/envoy_internal.bzl
2022-09-09 14:08:57 +00:00
2023-02-19 20:43:05 +00:00
cp $ { ./protobuf.patch } bazel/protobuf.patch
2021-01-17 00:15:33 +00:00
'' ;
2022-03-05 16:20:37 +00:00
patches = [
2022-09-09 14:08:57 +00:00
# use system Python, not bazel-fetched binary Python
2023-02-19 20:43:05 +00:00
./0001-nixpkgs-use-system-Python.patch
# use system Go, not bazel-fetched binary Go
./0002-nixpkgs-use-system-Go.patch
2022-03-05 16:20:37 +00:00
] ;
2021-01-17 00:15:33 +00:00
nativeBuildInputs = [
cmake
python3
2021-06-28 23:13:55 +00:00
gn
2021-01-17 00:15:33 +00:00
go
2021-06-28 23:13:55 +00:00
jdk
2021-01-17 00:15:33 +00:00
ninja
2022-09-09 14:08:57 +00:00
patchelf
2021-01-17 00:15:33 +00:00
] ;
2022-03-05 16:20:37 +00:00
buildInputs = [
linuxHeaders
] ;
2023-02-19 20:43:05 +00:00
# external/com_github_grpc_grpc/src/core/ext/transport/binder/transport/binder_transport.cc:756:29: error: format not a string literal and no format arguments [-Werror=format-security]
hardeningDisable = [ " f o r m a t " ] ;
2021-01-17 00:15:33 +00:00
fetchAttrs = {
2022-04-27 09:35:20 +00:00
sha256 = {
2023-08-22 20:05:09 +00:00
x86_64-linux = " s h a 2 5 6 - I y k w w j R W I x r u V 7 k S U 1 E Y x 6 s Q o U t F c t c V q s 2 2 d C Q u E D A = " ;
aarch64-linux = " s h a 2 5 6 - Y t I I 4 h S V p 9 C F W v l R g j Q 3 l 7 / n H v k V K J O I m t m B x Y w l e O Q = " ;
2022-04-27 09:35:20 +00:00
} . ${ stdenv . system } or ( throw " u n s u p p o r t e d s y s t e m ${ stdenv . system } " ) ;
2021-01-17 00:15:33 +00:00
dontUseCmakeConfigure = true ;
2021-06-28 23:13:55 +00:00
dontUseGnConfigure = true ;
2021-01-17 00:15:33 +00:00
preInstall = ''
# Strip out the path to the build location (by deleting the comment line).
find $ bazelOut/external - name requirements . bzl | while read requirements ; do
sed - i ' / # Generated from /d' "$requirements"
done
# Remove references to paths in the Nix store.
sed - i \
- e ' s , $ { python3 } , __NIXPYTHON__ , ' \
- e ' s , $ { stdenv . shellPackage } , __NIXSHELL__ , ' \
$ bazelOut/external/com_github_luajit_luajit/build.py \
2022-09-11 13:49:41 +00:00
$ bazelOut/external/local_config_sh/BUILD \
$ bazelOut/external/base_pip3/BUILD.bazel
2021-01-17 00:15:33 +00:00
rm - r $ bazelOut/external/go_sdk
2022-09-11 13:49:41 +00:00
rm - r $ bazelOut/external/local_jdk
rm - r $ bazelOut/external/bazel_gazelle_go_repository_tools/bin
2021-01-17 00:15:33 +00:00
2021-06-28 23:13:55 +00:00
# Remove Unix timestamps from go cache.
rm - rf $ bazelOut/external/bazel_gazelle_go_repository_cache / { gocache , pkg/mod/cache , pkg/sumdb }
2021-01-17 00:15:33 +00:00
'' ;
} ;
buildAttrs = {
dontUseCmakeConfigure = true ;
2021-06-28 23:13:55 +00:00
dontUseGnConfigure = true ;
2021-01-17 00:15:33 +00:00
dontUseNinjaInstall = true ;
preConfigure = ''
2022-09-11 13:49:41 +00:00
# Make executables work, for the most part.
find $ bazelOut/external - type f - executable | while read execbin ; do
file " $ e x e c b i n " | grep - q ' : ELF . * , dynamically linked , ' || continue
patchelf \
- - set-interpreter $ ( cat $ { stdenv . cc } /nix-support/dynamic-linker ) \
" $ e x e c b i n "
done
ln - s $ { bazel-gazelle } /bin $ bazelOut/external/bazel_gazelle_go_repository_tools/bin
2022-03-05 16:20:37 +00:00
sed - i ' s , #!/usr/bin/env bash,#!${stdenv.shell},' $bazelOut/external/rules_foreign_cc/foreign_cc/private/framework/toolchains/linux_commands.bzl
2021-01-17 00:15:33 +00:00
# Add paths to Nix store back.
sed - i \
- e ' s , __NIXPYTHON__ , $ { python3 } , ' \
- e ' s , __NIXSHELL__ , $ { stdenv . shellPackage } , ' \
$ bazelOut/external/com_github_luajit_luajit/build.py \
2022-09-11 13:49:41 +00:00
$ bazelOut/external/local_config_sh/BUILD \
$ bazelOut/external/base_pip3/BUILD.bazel
2021-01-17 00:15:33 +00:00
'' ;
installPhase = ''
install - Dm0755 bazel-bin/source/exe/envoy-static $ out/bin/envoy
'' ;
} ;
removeRulesCC = false ;
removeLocalConfigCc = true ;
removeLocal = false ;
2023-04-12 12:48:02 +00:00
bazelTargets = [ " / / s o u r c e / e x e : e n v o y - s t a t i c " ] ;
2021-01-17 00:15:33 +00:00
bazelBuildFlags = [
" - c o p t "
" - - s p a w n _ s t r a t e g y = s t a n d a l o n e "
" - - n o e x p e r i m e n t a l _ s t r i c t _ a c t i o n _ e n v "
2022-09-11 13:49:41 +00:00
" - - c x x o p t = - W n o - e r r o r "
2023-02-16 17:41:37 +00:00
" - - l i n k o p t = - W l , - z , n o e x e c s t a c k "
2022-09-09 14:08:57 +00:00
# Force use of system Java.
" - - e x t r a _ t o o l c h a i n s = @ l o c a l _ j d k / / : a l l "
" - - j a v a _ r u n t i m e _ v e r s i o n = l o c a l _ j d k "
" - - t o o l _ j a v a _ r u n t i m e _ v e r s i o n = l o c a l _ j d k "
2022-04-27 09:35:20 +00:00
" - - d e f i n e = w a s m = ${ wasmRuntime } "
2022-09-11 13:49:41 +00:00
] ++ ( lib . optionals stdenv . isAarch64 [
# external/com_github_google_tcmalloc/tcmalloc/internal/percpu_tcmalloc.h:611:9: error: expected ':' or '::' before '[' token
# 611 | : [end_ptr] "=&r"(end_ptr), [cpu_id] "=&r"(cpu_id),
# | ^
" - - d e f i n e = t c m a l l o c = d i s a b l e d "
] ) ;
2022-04-27 09:35:20 +00:00
bazelFetchFlags = [
" - - d e f i n e = w a s m = ${ wasmRuntime } "
2021-01-17 00:15:33 +00:00
] ;
2021-04-05 15:23:46 +00:00
passthru . tests = {
2022-04-15 01:41:22 +00:00
envoy = nixosTests . envoy ;
# tested as a core component of Pomerium
pomerium = nixosTests . pomerium ;
2021-04-05 15:23:46 +00:00
} ;
2021-02-05 17:12:51 +00:00
meta = with lib ; {
2021-01-17 00:15:33 +00:00
homepage = " h t t p s : / / e n v o y p r o x y . i o " ;
description = " C l o u d - n a t i v e e d g e a n d s e r v i c e p r o x y " ;
license = licenses . asl20 ;
maintainers = with maintainers ; [ lukegb ] ;
2022-04-27 09:35:20 +00:00
platforms = [ " x 8 6 _ 6 4 - l i n u x " " a a r c h 6 4 - l i n u x " ] ;
2021-01-17 00:15:33 +00:00
} ;
}