At Thu, 01 Apr 2010 22:47:26 +0200, Ludovic Courtès wrote: > Changing ‘gnu’ in mirrors.nix would allow us to fetch packages locally, > for instance; it wouldn’t allow us to select package versions, though, > since that’s what individual Nix expressions like > pkgs/tools/misc/coreutils/default.nix do.
Yes, by pointing to a local directory with our candidate set of tarballs we can at least catch the cases where the version is wrong (as the file will not be found) and fix them. For the signature verification I was thinking about adding an assertion in fetchurl which tests that the checksum is present in a separate trusted set of checksums provided by the user. The trusted set can be generated offline. This is a lot easier than running gpg during the build process. > I suggest looking at the job sets in the ‘gnu’ project > <http://hydra.nixos.org/project/gnu>, which are available at > <https://svn.nixos.org/repos/nix/hydra-config/gnu/trunk>. > > So, a Hydra job set is an attribute set in the Nix language. Each > attribute is evaluated by Hydra and corresponds to a Hydra job. Most of > the type, a job takes parameters, which are passed by Hydra, at least > the system type (e.g., ‘i686-linux’); in the case of hydra-config/gnu, > jobs also typically take a fresh checkout as a parameter. Thanks, I'll take a look at it. -- Brian Gough
