depot/third_party/nixpkgs/pkgs/servers/http/envoy/default.nix
Default email 6d4aeb4377 Project import generated by Copybara.
GitOrigin-RevId: 0f213d0fee84280d8c3a97f7469b988d6fe5fcdf
2023-01-11 08:51:40 +01:00

182 lines
5.3 KiB
Nix

{ lib
, bazel_5
, bazel-gazelle
, buildBazelPackage
, fetchFromGitHub
, stdenv
, cmake
, gn
, go
, jdk
, ninja
, patchelf
, python3
, linuxHeaders
, nixosTests
# v8 (upstream default), wavm, wamr, wasmtime, disabled
, wasmRuntime ? "wamr"
}:
let
srcVer = {
# We need the commit hash, since Bazel stamps the build with it.
# However, the version string is more useful for end-users.
# These are contained in a attrset of their own to make it obvious that
# people should update both.
version = "1.23.3";
rev = "4801f5881893857fbc53a4061f0b20ef4ca91a5b";
};
in
buildBazelPackage rec {
pname = "envoy";
inherit (srcVer) version;
bazel = bazel_5;
src = fetchFromGitHub {
owner = "envoyproxy";
repo = "envoy";
inherit (srcVer) rev;
sha256 = "sha256-akAuFk+jESWWvLRCDQ0XDT1Eplutfj5uacAFQp714vM=";
postFetch = ''
chmod -R +w $out
rm $out/.bazelversion
echo ${srcVer.rev} > $out/SOURCE_VERSION
sed -i 's/GO_VERSION = ".*"/GO_VERSION = "host"/g' $out/bazel/dependency_imports.bzl
'';
};
postPatch = ''
sed -i 's,#!/usr/bin/env python3,#!${python3}/bin/python,' bazel/foreign_cc/luajit.patch
sed -i '/javabase=/d' .bazelrc
sed -i '/"-Werror"/d' bazel/envoy_internal.bzl
# Use system Python.
sed -i -e '/python_interpreter_target =/d' -e '/@python3_10/d' bazel/python_dependencies.bzl
'';
patches = [
# fix issues with brotli and GCC 11.2.0+ (-Werror=vla-parameter)
./bump-brotli.patch
# fix linux-aarch64 WAMR builds
# (upstream WAMR only detects aarch64 on Darwin, not Linux)
./fix-aarch64-wamr.patch
# use system Python, not bazel-fetched binary Python
./use-system-python.patch
];
nativeBuildInputs = [
cmake
python3
gn
go
jdk
ninja
patchelf
];
buildInputs = [
linuxHeaders
];
fetchAttrs = {
sha256 = {
x86_64-linux = "sha256-UXTh5sCN7PJxNbTaG47YnW7aQBBtu101UjfsWU1CtBw=";
aarch64-linux = "sha256-uynV2/RWBybR2bjErDjcfoacv5vsI4GJ3SL4OF1kFOE=";
}.${stdenv.system} or (throw "unsupported system ${stdenv.system}");
dontUseCmakeConfigure = true;
dontUseGnConfigure = true;
preInstall = ''
# Strip out the path to the build location (by deleting the comment line).
find $bazelOut/external -name requirements.bzl | while read requirements; do
sed -i '/# Generated from /d' "$requirements"
done
# Remove references to paths in the Nix store.
sed -i \
-e 's,${python3},__NIXPYTHON__,' \
-e 's,${stdenv.shellPackage},__NIXSHELL__,' \
$bazelOut/external/com_github_luajit_luajit/build.py \
$bazelOut/external/local_config_sh/BUILD \
$bazelOut/external/base_pip3/BUILD.bazel
rm -r $bazelOut/external/go_sdk
rm -r $bazelOut/external/local_jdk
rm -r $bazelOut/external/bazel_gazelle_go_repository_tools/bin
# Remove Unix timestamps from go cache.
rm -rf $bazelOut/external/bazel_gazelle_go_repository_cache/{gocache,pkg/mod/cache,pkg/sumdb}
'';
};
buildAttrs = {
dontUseCmakeConfigure = true;
dontUseGnConfigure = true;
dontUseNinjaInstall = true;
preConfigure = ''
# Make executables work, for the most part.
find $bazelOut/external -type f -executable | while read execbin; do
file "$execbin" | grep -q ': ELF .*, dynamically linked,' || continue
patchelf \
--set-interpreter $(cat ${stdenv.cc}/nix-support/dynamic-linker) \
"$execbin"
done
ln -s ${bazel-gazelle}/bin $bazelOut/external/bazel_gazelle_go_repository_tools/bin
sed -i 's,#!/usr/bin/env bash,#!${stdenv.shell},' $bazelOut/external/rules_foreign_cc/foreign_cc/private/framework/toolchains/linux_commands.bzl
# Add paths to Nix store back.
sed -i \
-e 's,__NIXPYTHON__,${python3},' \
-e 's,__NIXSHELL__,${stdenv.shellPackage},' \
$bazelOut/external/com_github_luajit_luajit/build.py \
$bazelOut/external/local_config_sh/BUILD \
$bazelOut/external/base_pip3/BUILD.bazel
'';
installPhase = ''
install -Dm0755 bazel-bin/source/exe/envoy-static $out/bin/envoy
'';
};
removeRulesCC = false;
removeLocalConfigCc = true;
removeLocal = false;
bazelTarget = "//source/exe:envoy-static";
bazelBuildFlags = [
"-c opt"
"--spawn_strategy=standalone"
"--noexperimental_strict_action_env"
"--cxxopt=-Wno-error"
# Force use of system Java.
"--extra_toolchains=@local_jdk//:all"
"--java_runtime_version=local_jdk"
"--tool_java_runtime_version=local_jdk"
"--define=wasm=${wasmRuntime}"
] ++ (lib.optionals stdenv.isAarch64 [
# external/com_github_google_tcmalloc/tcmalloc/internal/percpu_tcmalloc.h:611:9: error: expected ':' or '::' before '[' token
# 611 | : [end_ptr] "=&r"(end_ptr), [cpu_id] "=&r"(cpu_id),
# | ^
"--define=tcmalloc=disabled"
]);
bazelFetchFlags = [
"--define=wasm=${wasmRuntime}"
];
passthru.tests = {
envoy = nixosTests.envoy;
# tested as a core component of Pomerium
pomerium = nixosTests.pomerium;
};
meta = with lib; {
homepage = "https://envoyproxy.io";
description = "Cloud-native edge and service proxy";
license = licenses.asl20;
maintainers = with maintainers; [ lukegb ];
platforms = [ "x86_64-linux" "aarch64-linux" ];
};
}