From 97aea57818c23a475e9378a5da5572958f262e51 Mon Sep 17 00:00:00 2001 From: jkachmar Date: Sat, 18 Sep 2021 15:44:53 -0400 Subject: [PATCH 01/18] Removes existing build setup --- Dockerfile | 134 --------------------------------- Makefile | 164 ----------------------------------------- Setup.hs | 2 - alpine-haskell.cabal | 40 ---------- docker/build-gmp.mk | 14 ---- docker/build-simple.mk | 14 ---- executables/Main.hs | 5 -- flake.lock | 27 +++++++ flake.nix | 16 ++++ package.yaml | 31 -------- policy.json | 11 +++ shell.nix | 12 +++ stack.yaml | 8 -- stack.yaml.lock | 12 --- 14 files changed, 66 insertions(+), 424 deletions(-) delete mode 100644 Dockerfile delete mode 100644 Makefile delete mode 100644 Setup.hs delete mode 100644 alpine-haskell.cabal delete mode 100644 docker/build-gmp.mk delete mode 100644 docker/build-simple.mk delete mode 100644 executables/Main.hs create mode 100644 flake.lock create mode 100644 flake.nix delete mode 100644 package.yaml create mode 100644 policy.json create mode 100644 shell.nix delete mode 100644 stack.yaml delete mode 100644 stack.yaml.lock diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 65385a2..0000000 --- a/Dockerfile +++ /dev/null @@ -1,134 +0,0 @@ -################################################################################ -# Set up environment variables, OS packages, and scripts that are common to the -# build and distribution layers in this Dockerfile -FROM alpine:3.9 AS base - -# Must be one of 'gmp' or 'simple'; used to build GHC with support for either -# 'integer-gmp' (with 'libgmp') or 'integer-simple' -# -# Default to building with 'integer-gmp' and 'libgmp' support -ARG GHC_BUILD_TYPE - -# Must be a valid GHC version number, only tested with 8.4.4, 8.6.4, and 8.6.5 -# -# Default to GHC version 8.6.5 (latest at the time of writing) -ARG GHC_VERSION=8.6.5 - -# Add ghcup's bin directory to the PATH so that the versions of GHC it builds -# are available in the build layers -ENV GHCUP_INSTALL_BASE_PREFIX=/ -ENV PATH=/.ghcup/bin:$PATH - -# Use the latest version of ghcup (at the time of writing) -ENV GHCUP_VERSION=0.0.7 -ENV GHCUP_SHA256="b4b200d896eb45b56c89d0cfadfcf544a24759a6ffac029982821cc96b2faedb ghcup" - -# Install the basic required dependencies to run 'ghcup' and 'stack' -RUN apk upgrade --no-cache &&\ - apk add --no-cache \ - curl \ - gcc \ - git \ - libc-dev \ - xz &&\ - if [ "${GHC_BUILD_TYPE}" = "gmp" ]; then \ - echo "Installing 'libgmp'" &&\ - apk add --no-cache gmp-dev; \ - fi - -# Download, verify, and install ghcup -RUN echo "Downloading and installing ghcup" &&\ - cd /tmp &&\ - wget -P /tmp/ "https://gitlab.haskell.org/haskell/ghcup/raw/${GHCUP_VERSION}/ghcup" &&\ - if ! echo -n "${GHCUP_SHA256}" | sha256sum -c -; then \ - echo "ghcup-${GHCUP_VERSION} checksum failed" >&2 &&\ - exit 1 ;\ - fi ;\ - mv /tmp/ghcup /usr/bin/ghcup &&\ - chmod +x /usr/bin/ghcup - -################################################################################ -# Intermediate layer that builds GHC -FROM base AS build-ghc - -# Carry build args through to this stage -ARG GHC_BUILD_TYPE=gmp -ARG GHC_VERSION=8.6.5 - -RUN echo "Install OS packages necessary to build GHC" &&\ - apk add --no-cache \ - autoconf \ - automake \ - binutils-gold \ - build-base \ - coreutils \ - cpio \ - ghc \ - linux-headers \ - libffi-dev \ - llvm5 \ - musl-dev \ - ncurses-dev \ - perl \ - python3 \ - py3-sphinx \ - zlib-dev - -COPY docker/build-gmp.mk /tmp/build-gmp.mk -COPY docker/build-simple.mk /tmp/build-simple.mk -RUN if [ "${GHC_BUILD_TYPE}" = "gmp" ]; then \ - echo "Using 'integer-gmp' build config" &&\ - apk add --no-cache gmp-dev &&\ - mv /tmp/build-gmp.mk /tmp/build.mk && rm /tmp/build-simple.mk; \ - elif [ "${GHC_BUILD_TYPE}" = "simple" ]; then \ - echo "Using 'integer-simple' build config" &&\ - mv /tmp/build-simple.mk /tmp/build.mk && rm tmp/build-gmp.mk; \ - else \ - echo "Invalid argument \[ GHC_BUILD_TYPE=${GHC_BUILD_TYPE} \]" && exit 1; \ -fi - -RUN echo "Compiling and installing GHC" &&\ - LD=ld.gold \ - SPHINXBUILD=/usr/bin/sphinx-build-3 \ - ghcup -v compile -j $(nproc) -c /tmp/build.mk ${GHC_VERSION} ghc-8.4.3 &&\ - rm /tmp/build.mk &&\ - echo "Uninstalling GHC bootstrapping compiler" &&\ - apk del ghc &&\ - ghcup set ${GHC_VERSION} - -################################################################################ -# Intermediate layer that assembles 'stack' tooling -FROM base AS build-tooling - -ENV STACK_VERSION=2.1.3 -ENV STACK_SHA256="4e937a6ad7b5e352c5bd03aef29a753e9c4ca7e8ccc22deb5cd54019a8cf130c stack-${STACK_VERSION}-linux-x86_64-static.tar.gz" - -# Download, verify, and install stack -RUN echo "Downloading and installing stack" &&\ - cd /tmp &&\ - wget -P /tmp/ "https://github.com/commercialhaskell/stack/releases/download/v${STACK_VERSION}/stack-${STACK_VERSION}-linux-x86_64-static.tar.gz" &&\ - if ! echo -n "${STACK_SHA256}" | sha256sum -c -; then \ - echo "stack-${STACK_VERSION} checksum failed" >&2 &&\ - exit 1 ;\ - fi ;\ - tar -xvzf /tmp/stack-${STACK_VERSION}-linux-x86_64-static.tar.gz &&\ - cp -L /tmp/stack-${STACK_VERSION}-linux-x86_64-static/stack /usr/bin/stack &&\ - rm /tmp/stack-${STACK_VERSION}-linux-x86_64-static.tar.gz &&\ - rm -rf /tmp/stack-${STACK_VERSION}-linux-x86_64-static - -################################################################################ -# Assemble the final image -FROM base - -# Carry build args through to this stage -ARG GHC_BUILD_TYPE=gmp -ARG GHC_VERSION=8.6.5 - -COPY --from=build-ghc /.ghcup /.ghcup -COPY --from=build-tooling /usr/bin/stack /usr/bin/stack - -# NOTE: 'stack --docker' needs bash + usermod/groupmod (from shadow) -RUN apk add --no-cache bash shadow openssh-client tar - -RUN ghcup set ${GHC_VERSION} &&\ - stack config set system-ghc --global true diff --git a/Makefile b/Makefile deleted file mode 100644 index a7ef7a0..0000000 --- a/Makefile +++ /dev/null @@ -1,164 +0,0 @@ -################################################################################ -# https://www.gnu.org/software/make/manual/html_node/Special-Variables.html -# https://ftp.gnu.org/old-gnu/Manuals/make-3.80/html_node/make_17.html -ALPINE_HASKELL_MKFILE_PATH := $(word $(words $(MAKEFILE_LIST)),$(MAKEFILE_LIST)) -ALPINE_HASKELL_ROOT_DIR := $(shell cd $(shell dirname $(ALPINE_HASKELL_MKFILE_PATH)); pwd) - -# Common aliases lifted from other Makefiles -package = alpine-haskell -main_exe = demo - -# Use GHC options informed by this blog post: -# https://rybczak.net/2016/03/26/how-to-reduce-compilation-times-of-haskell-projects/ -ghc_opts = -j +RTS -A128m -RTS -stack_yaml = STACK_YAML="stack.yaml" -stack = $(stack_yaml) stack - -# Stack commands that will be executed in the Docker container -stack_docker = $(stack) --docker - -# GHC version to build -TARGET_GHC_VERSION ?= 8.6.5 - -################################################################################ -# Standard build (runs in the Docker container) -.PHONY: build -build: - $(stack_docker) build $(package) \ - --ghc-options='$(ghc_opts)' - -# Static build (runs in the Docker container) -.PHONY: build-static -build-static: - $(stack_docker) build $(package) --flag $(package):static \ - --ghc-options='$(ghc_opts)' - -# Fast build (-O0) (runs in the Docker container) -.PHONY: build-fast -build-fast: - $(stack_docker) build $(package) \ - --ghc-options='$(ghc_opts)' \ - --fast - -# Clean up all build artifacts -clean: - $(stack_docker) clean - -# Run ghcid (runs in the Docker container) -ghcid: - $(stack) exec -- ghcid \ - --command "$(stack_docker) ghci \ - --ghci-options='-fobject-code $(ghc_opts)' \ - --main-is $(package):$(main_exe)" - -################################################################################ -# Convenience targets for building GHC locally -# -# The intermediate layers of the multi-stage Docker build file are cached so -# that changes to the Dockerfile don't force us to rebuild GHC when developing - -# Build GHC with support for 'integer-gmp' and 'libgmp' -.PHONY: docker-build-gmp -docker-build-gmp: docker-base-gmp docker-ghc-gmp docker-tooling-gmp docker-image-gmp - -.PHONY: docker-base-gmp -docker-base-gmp: - docker build \ - --build-arg GHC_BUILD_TYPE=gmp \ - --build-arg GHC_VERSION=$(TARGET_GHC_VERSION) \ - --target base \ - --tag alpine-haskell-gmp:base \ - --cache-from alpine-haskell-gmp:base \ - --file $(ALPINE_HASKELL_ROOT_DIR)/Dockerfile \ - $(ALPINE_HASKELL_ROOT_DIR) - -.PHONY: docker-ghc-gmp -docker-ghc-gmp: - docker build \ - --build-arg GHC_BUILD_TYPE=gmp \ - --build-arg GHC_VERSION=$(TARGET_GHC_VERSION) \ - --target build-ghc \ - --tag alpine-haskell-gmp:build-ghc-$(TARGET_GHC_VERSION) \ - --cache-from alpine-haskell-gmp:build-ghc-$(TARGET_GHC_VERSION) \ - --cache-from alpine-haskell-gmp:base \ - --file $(ALPINE_HASKELL_ROOT_DIR)/Dockerfile \ - $(ALPINE_HASKELL_ROOT_DIR) - -.PHONY: docker-tooling-gmp -docker-tooling-gmp: - docker build \ - --build-arg GHC_BUILD_TYPE=gmp \ - --build-arg GHC_VERSION=$(TARGET_GHC_VERSION) \ - --target build-tooling \ - --tag alpine-haskell-gmp:build-tooling \ - --cache-from alpine-haskell-gmp:build-tooling\ - --cache-from alpine-haskell-gmp:build-ghc-$(TARGET_GHC_VERSION) \ - --cache-from alpine-haskell-gmp:base \ - --file $(ALPINE_HASKELL_ROOT_DIR)/Dockerfile \ - $(ALPINE_HASKELL_ROOT_DIR) - -.PHONY: docker-image-gmp -docker-image-gmp: - docker build \ - --build-arg GHC_BUILD_TYPE=gmp \ - --build-arg GHC_VERSION=$(TARGET_GHC_VERSION) \ - --tag alpine-haskell-gmp:$(TARGET_GHC_VERSION) \ - --cache-from alpine-haskell-gmp:$(TARGET_GHC_VERSION) \ - --cache-from alpine-haskell-gmp:build-tooling \ - --cache-from alpine-haskell-gmp:build-ghc-$(TARGET_GHC_VERSION) \ - --cache-from alpine-haskell-gmp:base \ - --file $(ALPINE_HASKELL_ROOT_DIR)/Dockerfile \ - $(ALPINE_HASKELL_ROOT_DIR) - -# Build GHC with support for 'integer-simple' -.PHONY: docker-build-simple -docker-build-simple: docker-base-simple docker-ghc-simple docker-tooling-simple docker-image-simple - -.PHONY: docker-base-simple -docker-base-simple: - docker build \ - --build-arg GHC_BUILD_TYPE=simple \ - --build-arg GHC_VERSION=$(TARGET_GHC_VERSION) \ - --target base \ - --tag alpine-haskell-simple:base \ - --cache-from alpine-haskell-simple:base \ - --file $(ALPINE_HASKELL_ROOT_DIR)/Dockerfile \ - $(ALPINE_HASKELL_ROOT_DIR) - -.PHONY: docker-ghc-simple -docker-ghc-simple: - docker build \ - --build-arg GHC_BUILD_TYPE=simple \ - --build-arg GHC_VERSION=$(TARGET_GHC_VERSION) \ - --target build-ghc \ - --tag alpine-haskell-simple:build-ghc-$(TARGET_GHC_VERSION) \ - --cache-from alpine-haskell-simple:build-ghc-$(TARGET_GHC_VERSION) \ - --cache-from alpine-haskell-simple:base \ - --file $(ALPINE_HASKELL_ROOT_DIR)/Dockerfile \ - $(ALPINE_HASKELL_ROOT_DIR) - -.PHONY: docker-tooling-simple -docker-tooling-simple: - docker build \ - --build-arg GHC_BUILD_TYPE=simple \ - --build-arg GHC_VERSION=$(TARGET_GHC_VERSION) \ - --target build-tooling \ - --tag alpine-haskell-simple:build-tooling \ - --cache-from alpine-haskell-simple:build-tooling\ - --cache-from alpine-haskell-simple:build-ghc-$(TARGET_GHC_VERSION) \ - --cache-from alpine-haskell-simple:base \ - --file $(ALPINE_HASKELL_ROOT_DIR)/Dockerfile \ - $(ALPINE_HASKELL_ROOT_DIR) - -.PHONY: docker-image-simple -docker-image-simple: - docker build \ - --build-arg GHC_BUILD_TYPE=simple \ - --build-arg GHC_VERSION=$(TARGET_GHC_VERSION) \ - --tag alpine-haskell-simple:$(TARGET_GHC_VERSION) \ - --cache-from alpine-haskell-simple:$(TARGET_GHC_VERSION) \ - --cache-from alpine-haskell-simple:build-tooling \ - --cache-from alpine-haskell-simple:build-ghc-$(TARGET_GHC_VERSION) \ - --cache-from alpine-haskell-simple:base \ - --file $(ALPINE_HASKELL_ROOT_DIR)/Dockerfile \ - $(ALPINE_HASKELL_ROOT_DIR) diff --git a/Setup.hs b/Setup.hs deleted file mode 100644 index 9a994af..0000000 --- a/Setup.hs +++ /dev/null @@ -1,2 +0,0 @@ -import Distribution.Simple -main = defaultMain diff --git a/alpine-haskell.cabal b/alpine-haskell.cabal deleted file mode 100644 index 2e5748d..0000000 --- a/alpine-haskell.cabal +++ /dev/null @@ -1,40 +0,0 @@ -cabal-version: 1.12 - --- This file has been generated from package.yaml by hpack version 0.31.2. --- --- see: https://github.com/sol/hpack --- --- hash: 505d4249f4963f666cdbe5b35aaadf879681abe857624407f240142dad22129b - -name: alpine-haskell -version: 0.1.0.0 -category: Web -homepage: https://github.com/githubuser/alpine-haskell#readme -author: Author name here -maintainer: example@example.com -copyright: 2019 Author name here -license: BSD3 -license-file: LICENSE -build-type: Simple -extra-source-files: - README.md - -flag static - description: Statically link executables. - manual: True - default: False - -executable demo - main-is: Main.hs - other-modules: - Paths_alpine_haskell - hs-source-dirs: - executables - build-depends: - base >=4.7 && <5 - if flag(static) - ghc-options: -rtsopts -threaded -optc-Os -optl=-pthread -optl=-static -fPIC - ld-options: -static - else - ghc-options: -rtsopts -threaded - default-language: Haskell2010 diff --git a/docker/build-gmp.mk b/docker/build-gmp.mk deleted file mode 100644 index 6b107a5..0000000 --- a/docker/build-gmp.mk +++ /dev/null @@ -1,14 +0,0 @@ -SRC_HC_OPTS = -O -H64m -BuildFlavour = perf-llvm -GhcStage1HcOpts = -O -GhcStage2HcOpts = -O2 -GhcLibHcOpts = -O2 -GhcWithLlvmCodeGen = YES -BUILD_PROF_LIBS = YES -SplitObjs = NO -SplitSections = YES -BUILD_MAN = NO -BUILD_SPHINX_HTML = YES -BUILD_SPHINX_PDF = NO -HADDOCK_DOCS = YES -EXTRA_HADDOCK_OPTS += --quickjump --hyperlinked-source diff --git a/docker/build-simple.mk b/docker/build-simple.mk deleted file mode 100644 index d853f1e..0000000 --- a/docker/build-simple.mk +++ /dev/null @@ -1,14 +0,0 @@ -INTEGER_LIBRARY = integer-simple -BuildFlavour = perf-llvm -SRC_HC_OPTS = -O -H64m -GhcStage1HcOpts = -O -GhcStage2HcOpts = -O2 -GhcLibHcOpts = -O2 -GhcWithLlvmCodeGen = YES -BUILD_PROF_LIBS = YES -SplitObjs = NO -SplitSections = YES -BUILD_SPHINX_HTML = YES -BUILD_SPHINX_PDF = NO -HADDOCK_DOCS = YES -EXTRA_HADDOCK_OPTS += --quickjump --hyperlinked-source diff --git a/executables/Main.hs b/executables/Main.hs deleted file mode 100644 index b2c71a6..0000000 --- a/executables/Main.hs +++ /dev/null @@ -1,5 +0,0 @@ -module Main where - -main :: IO () -main = do - putStrLn "hello world!" diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..f2daf6c --- /dev/null +++ b/flake.lock @@ -0,0 +1,27 @@ +{ + "nodes": { + "nixpkgs": { + "locked": { + "lastModified": 1631966106, + "narHash": "sha256-2cG+Md9A3WHc5pEG4BdYoMXLuxfUb7T+sjsq0ATBTpo=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "89882817b71fe0bce05146aa5c1ad9563c928f8d", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-21.05-small", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..3f7a2c9 --- /dev/null +++ b/flake.nix @@ -0,0 +1,16 @@ +{ + description = "TODO: Summary"; + + inputs = { + # Stable Nix package set; pinned to the latest 21.05 release. + nixpkgs.url = "github:nixos/nixpkgs/nixos-21.05-small"; + }; + + outputs = { self, nixpkgs }: { + devShell.x86_64-linux = import ./shell.nix { + pkgs = import nixpkgs { + system = "x86_64-linux"; + }; + }; + }; +} diff --git a/package.yaml b/package.yaml deleted file mode 100644 index 076ed6f..0000000 --- a/package.yaml +++ /dev/null @@ -1,31 +0,0 @@ -name: alpine-haskell -version: 0.1.0.0 -homepage: https://github.com/githubuser/alpine-haskell#readme -license: BSD3 -author: Author name here -maintainer: example@example.com -copyright: 2019 Author name here -category: Web -extra-source-files: -- README.md - -dependencies: - - base >= 4.7 && < 5 - -flags: - static: - description: Statically link executables. - manual: true - default: false - -executables: - demo: - source-dirs: executables - main: Main.hs - when: - - condition: flag(static) - then: - ld-options: -static - ghc-options: "-rtsopts -threaded -optc-Os -optl=-pthread -optl=-static -fPIC" - else: - ghc-options: "-rtsopts -threaded" diff --git a/policy.json b/policy.json new file mode 100644 index 0000000..be42b42 --- /dev/null +++ b/policy.json @@ -0,0 +1,11 @@ +{ + "default": [{"type": "reject"}], + "transports": { + "docker": { + "docker.io/library/alpine": [{"type": "insecureAcceptAnything"}] + }, + "dir": { + "": [{"type": "insecureAcceptAnything"}] + } + } +} diff --git a/shell.nix b/shell.nix new file mode 100644 index 0000000..35f23a8 --- /dev/null +++ b/shell.nix @@ -0,0 +1,12 @@ +{ pkgs ? import { } }: + +pkgs.mkShell { + buildInputs = with pkgs; [ + buildah + skopeo + + # Misc. other dependencies. + nixpkgs-fmt + shellcheck + ]; +} diff --git a/stack.yaml b/stack.yaml deleted file mode 100644 index d2590fa..0000000 --- a/stack.yaml +++ /dev/null @@ -1,8 +0,0 @@ -resolver: lts-13.24 -packages: - - . - -docker: - enable: false - repo: "alpine-haskell-gmp:8.6.5" - stack-exe: image diff --git a/stack.yaml.lock b/stack.yaml.lock deleted file mode 100644 index 852eaae..0000000 --- a/stack.yaml.lock +++ /dev/null @@ -1,12 +0,0 @@ -# This file was autogenerated by Stack. -# You should not edit this file by hand. -# For more information, please see the documentation at: -# https://docs.haskellstack.org/en/stable/lock_files - -packages: [] -snapshots: -- completed: - size: 498402 - url: https://raw.githubusercontent.com/commercialhaskell/stackage-snapshots/master/lts/13/24.yaml - sha256: 33e96adfe24f112b62f6edd22565cdbaa13155703bbfbfdc3d0a9bc6138ae7bf - original: lts-13.24 From 1bffef271a60736ac70cd54988951f3e682cd45c Mon Sep 17 00:00:00 2001 From: jkachmar Date: Sat, 18 Sep 2021 15:45:11 -0400 Subject: [PATCH 02/18] Adds base build script --- 0_base/builder.sh | 79 +++++++++++++++++++++++++++++++++++++ 0_base/validate_checksum.sh | 10 +++++ 2 files changed, 89 insertions(+) create mode 100755 0_base/builder.sh create mode 100644 0_base/validate_checksum.sh diff --git a/0_base/builder.sh b/0_base/builder.sh new file mode 100755 index 0000000..32dcbe1 --- /dev/null +++ b/0_base/builder.sh @@ -0,0 +1,79 @@ +#!/usr/bin/env sh +set -eu + +# Start the script in the top-level repository directory no matter what. +cd "$( git rev-parse --show-toplevel )" + +# XXX: Would it make sense to pull from an existing image if one exists? +image="alpine-ghc-base" +container="alpine-ghc-base-builder" + +################################################################################ +# Attempt to create a new image using the container name defined above. +# +# If the container already exists, assume that it's been created by a previous +# run of this script and just use that. +buildah \ + --signature-policy=./policy.json \ + --name "${container}" \ + from --pull docker.io/library/alpine:3.14 \ + || true + +# Upgrade the currently installed packages. +# +# NOTE: This breaks reproducibility. +buildah run "${container}" \ + apk upgrade --no-cache + +# Install basic dependencies required by 'ghcup', 'stack', and 'cabal-install'. +buildah run "${container}" \ + apk add --no-cache \ + curl \ + gcc \ + git \ + libc-dev \ + xz + +# TODO: Guard this behind some argument that can toggle GMP-based builds. +echo "Installing 'libgmp'." +buildah run "${container}" \ + apk add --no-cache gmp-dev + +################################################################################ +ghcup_version="0.1.9" +ghcup_expected_checksum="d779ada6156b08da21e40c5bf218ec21d1308d5a9e48f7b9533f56b5d063a41c" + +# Fetch `ghcup`. +buildah run "${container}" \ + wget \ + -O "/tmp/ghcup-${ghcup_version}" \ + "https://downloads.haskell.org/~ghcup/0.1.9/x86_64-linux-ghcup-${ghcup_version}" + +# Copy the checksum validation script into the container... +buildah copy --chmod 111 ${container} \ + ./0_base/validate_checksum.sh \ + /tmp/validate_checksum.sh + +# ...and verify that the expected and actual actual `ghcup` checksums match. +buildah run "${container}" \ + ./tmp/validate_checksum.sh \ + "/tmp/ghcup-${ghcup_version}" \ + "${ghcup_expected_checksum}" + +# Relocate `ghcup`... +buildah run "${container}" \ + mv /tmp/"ghcup-${ghcup_version}" /usr/bin/ghcup + +# ...set it to be executable... +buildah run "${container}" \ + chmod +x /usr/bin/ghcup + +# ...and clean up after ourselves. +buildah run "${container}" \ + rm -rf /tmp/validate_checksum.sh + +################################################################################ +# Write the final `alpine-ghc-base` image from this container. +buildah \ + --signature-policy=./policy.json \ + commit "${container}" "${image}" diff --git a/0_base/validate_checksum.sh b/0_base/validate_checksum.sh new file mode 100644 index 0000000..a9180a1 --- /dev/null +++ b/0_base/validate_checksum.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env sh +set -eu + +ghcup_path=$1 +ghcup_expected_checksum="$2" + +if ! echo "${ghcup_expected_checksum} ${ghcup_path}" | sha256sum -c -; then + echo "${ghcup_path} checksum failed" >&2 + echo "expected '${ghcup_expected_checksum}', but got '$( sha256sum "${ghcup_path}" )'" >&2 +fi; From 1501381c254089f4415d763935cf0da49ace882a Mon Sep 17 00:00:00 2001 From: jkachmar Date: Sat, 18 Sep 2021 21:07:11 -0400 Subject: [PATCH 03/18] Adds build settings from terrorjack's example --- 1_ghc/build-gmp.mk | 14 ++++++++++++++ 1_ghc/build-simple.mk | 14 ++++++++++++++ 2 files changed, 28 insertions(+) create mode 100644 1_ghc/build-gmp.mk create mode 100644 1_ghc/build-simple.mk diff --git a/1_ghc/build-gmp.mk b/1_ghc/build-gmp.mk new file mode 100644 index 0000000..6b107a5 --- /dev/null +++ b/1_ghc/build-gmp.mk @@ -0,0 +1,14 @@ +SRC_HC_OPTS = -O -H64m +BuildFlavour = perf-llvm +GhcStage1HcOpts = -O +GhcStage2HcOpts = -O2 +GhcLibHcOpts = -O2 +GhcWithLlvmCodeGen = YES +BUILD_PROF_LIBS = YES +SplitObjs = NO +SplitSections = YES +BUILD_MAN = NO +BUILD_SPHINX_HTML = YES +BUILD_SPHINX_PDF = NO +HADDOCK_DOCS = YES +EXTRA_HADDOCK_OPTS += --quickjump --hyperlinked-source diff --git a/1_ghc/build-simple.mk b/1_ghc/build-simple.mk new file mode 100644 index 0000000..d853f1e --- /dev/null +++ b/1_ghc/build-simple.mk @@ -0,0 +1,14 @@ +INTEGER_LIBRARY = integer-simple +BuildFlavour = perf-llvm +SRC_HC_OPTS = -O -H64m +GhcStage1HcOpts = -O +GhcStage2HcOpts = -O2 +GhcLibHcOpts = -O2 +GhcWithLlvmCodeGen = YES +BUILD_PROF_LIBS = YES +SplitObjs = NO +SplitSections = YES +BUILD_SPHINX_HTML = YES +BUILD_SPHINX_PDF = NO +HADDOCK_DOCS = YES +EXTRA_HADDOCK_OPTS += --quickjump --hyperlinked-source From d00576632a22ce94e18b3192f5e22d230dba9348 Mon Sep 17 00:00:00 2001 From: jkachmar Date: Sat, 18 Sep 2021 22:25:38 -0400 Subject: [PATCH 04/18] Updates base builder scripts --- 0_base/builder.sh | 109 +++++++++++++++++++++++++++++------- 0_base/validate_checksum.sh | 1 + 2 files changed, 91 insertions(+), 19 deletions(-) diff --git a/0_base/builder.sh b/0_base/builder.sh index 32dcbe1..d4d5489 100755 --- a/0_base/builder.sh +++ b/0_base/builder.sh @@ -1,56 +1,127 @@ #!/usr/bin/env sh set -eu +################################################################################ +# Pre-flight checks. +################################################################################ + +command -v git >/dev/null 2>&1 || { echo >&2 "git is not installed, aborting."; exit 1; } +command -v buildah >/dev/null 2>&1 || { echo >&2 "buildah is not installed, aborting."; exit 1; } + # Start the script in the top-level repository directory no matter what. cd "$( git rev-parse --show-toplevel )" -# XXX: Would it make sense to pull from an existing image if one exists? -image="alpine-ghc-base" -container="alpine-ghc-base-builder" +################################################################################ +# Argument parsing. +# +# cf. https://sookocheff.com/post/bash/parsing-bash-script-arguments-with-shopts/ +################################################################################ + +container="base" +image="base" +# NOTE: The logic associated with this will have to change for GHC 9.x and up to +# support the changes introduced with the switch to `ghc-bignum`. +numeric="gmp" + +usage="USAGE: $0 + -h show this help text + -c CONTAINER override the default container name + default: ${container} + -i IMAGE override the default image name + default: ${image} + -n NUMERIC override the numeric library GHC is built against; either 'gmp' or 'simple' + default: ${numeric}" + +while getopts "c:i:n:h" opt; do + case ${opt} in + c ) { + container="${OPTARG}" + };; + i ) { + image="${OPTARG}" + };; + n ) { + if [ "${OPTARG}" = "gmp" ] || [ "${OPTARG}" = "simple" ]; then + numeric="${OPTARG}" + else + echo "Invalid NUMERIC argument (i.e. '-n')." >&2 + echo "Expected either 'gmp' or 'simple', got '${OPTARG}'" >&2 + exit 1 + fi; + };; + h ) { + echo "${usage}" + exit 0 + };; + \? ) { + echo "${usage}" + exit 1 + };; + esac +done +shift $((OPTIND -1)) + +if [ "$#" -ne 0 ]; then + exit 1 +fi + +# Add the numeric library to container and image names. +container="${container}-${numeric}" +image="${image}-${numeric}" ################################################################################ -# Attempt to create a new image using the container name defined above. +# Container and basic dependencies. +################################################################################ + +# Create the "base" container that will be used elsewhere in the project. # -# If the container already exists, assume that it's been created by a previous -# run of this script and just use that. +# NOTE: Alternatively: `buildah commit --rm` (at the end of the script) removes +# the working container. +# +# XXX: Reusing the container by name if it exists seems like not the best idea +# but it's convenient for development. buildah \ --signature-policy=./policy.json \ --name "${container}" \ from --pull docker.io/library/alpine:3.14 \ || true -# Upgrade the currently installed packages. +# Update index files and upgrade the currently installed packages. # # NOTE: This breaks reproducibility. buildah run "${container}" \ - apk upgrade --no-cache + apk -U upgrade # Install basic dependencies required by 'ghcup', 'stack', and 'cabal-install'. buildah run "${container}" \ - apk add --no-cache \ + apk add \ curl \ gcc \ git \ libc-dev \ xz -# TODO: Guard this behind some argument that can toggle GMP-based builds. -echo "Installing 'libgmp'." -buildah run "${container}" \ - apk add --no-cache gmp-dev +if [ "${numeric}" = "gmp" ]; then + echo "Installing 'libgmp'." + buildah run "${container}" \ + apk add gmp-dev +fi; ################################################################################ -ghcup_version="0.1.9" -ghcup_expected_checksum="d779ada6156b08da21e40c5bf218ec21d1308d5a9e48f7b9533f56b5d063a41c" +# Download and install `ghcup`. +################################################################################ + +ghcup_version="0.1.16.2" +ghcup_expected_checksum="d5e43b95ce1d42263376e414f7eb7c5dd440271c7c6cd9bad446fdeff3823893" # Fetch `ghcup`. buildah run "${container}" \ wget \ -O "/tmp/ghcup-${ghcup_version}" \ - "https://downloads.haskell.org/~ghcup/0.1.9/x86_64-linux-ghcup-${ghcup_version}" + "https://downloads.haskell.org/~ghcup/${ghcup_version}/x86_64-linux-ghcup-${ghcup_version}" # Copy the checksum validation script into the container... -buildah copy --chmod 111 ${container} \ +buildah copy --chmod 111 "${container}" \ ./0_base/validate_checksum.sh \ /tmp/validate_checksum.sh @@ -68,12 +139,12 @@ buildah run "${container}" \ buildah run "${container}" \ chmod +x /usr/bin/ghcup -# ...and clean up after ourselves. +# ...clean up any scripts. buildah run "${container}" \ rm -rf /tmp/validate_checksum.sh ################################################################################ -# Write the final `alpine-ghc-base` image from this container. +# Write the final image from this container. buildah \ --signature-policy=./policy.json \ commit "${container}" "${image}" diff --git a/0_base/validate_checksum.sh b/0_base/validate_checksum.sh index a9180a1..3017cd0 100644 --- a/0_base/validate_checksum.sh +++ b/0_base/validate_checksum.sh @@ -7,4 +7,5 @@ ghcup_expected_checksum="$2" if ! echo "${ghcup_expected_checksum} ${ghcup_path}" | sha256sum -c -; then echo "${ghcup_path} checksum failed" >&2 echo "expected '${ghcup_expected_checksum}', but got '$( sha256sum "${ghcup_path}" )'" >&2 + exit 1 fi; From 9b91ae9e5d73e86ae4e885ba2ee41d4f5f0800a4 Mon Sep 17 00:00:00 2001 From: jkachmar Date: Sat, 18 Sep 2021 22:25:54 -0400 Subject: [PATCH 05/18] Adds GHC builder scripts --- 1_ghc/build-gmp.mk | 2 +- 1_ghc/build-simple.mk | 2 +- 1_ghc/builder.sh | 171 ++++++++++++++++++ 1_ghc/compile_ghc.sh | 15 ++ 1_ghc/patches/0-buildpath-abi-stability.patch | 25 +++ 5 files changed, 213 insertions(+), 2 deletions(-) create mode 100755 1_ghc/builder.sh create mode 100644 1_ghc/compile_ghc.sh create mode 100644 1_ghc/patches/0-buildpath-abi-stability.patch diff --git a/1_ghc/build-gmp.mk b/1_ghc/build-gmp.mk index 6b107a5..4e9cfa2 100644 --- a/1_ghc/build-gmp.mk +++ b/1_ghc/build-gmp.mk @@ -1,5 +1,5 @@ SRC_HC_OPTS = -O -H64m -BuildFlavour = perf-llvm +BuildFlavour = perf GhcStage1HcOpts = -O GhcStage2HcOpts = -O2 GhcLibHcOpts = -O2 diff --git a/1_ghc/build-simple.mk b/1_ghc/build-simple.mk index d853f1e..33b27b7 100644 --- a/1_ghc/build-simple.mk +++ b/1_ghc/build-simple.mk @@ -1,5 +1,5 @@ INTEGER_LIBRARY = integer-simple -BuildFlavour = perf-llvm +BuildFlavour = perf SRC_HC_OPTS = -O -H64m GhcStage1HcOpts = -O GhcStage2HcOpts = -O2 diff --git a/1_ghc/builder.sh b/1_ghc/builder.sh new file mode 100755 index 0000000..422f51e --- /dev/null +++ b/1_ghc/builder.sh @@ -0,0 +1,171 @@ +#!/usr/bin/env sh +set -eu + +################################################################################ +# Pre-flight checks. +################################################################################ + +command -v git >/dev/null 2>&1 || { echo >&2 "git is not installed, aborting."; exit 1; } +command -v buildah >/dev/null 2>&1 || { echo >&2 "buildah is not installed, aborting."; exit 1; } + +# Start the script in the top-level repository directory no matter what. +cd "$( git rev-parse --show-toplevel )" + +################################################################################ +# Argument parsing. +# +# cf. https://sookocheff.com/post/bash/parsing-bash-script-arguments-with-shopts/ +################################################################################ + +container="builder-ghc" +image="builder-ghc" +ghc_ver="8.10.7" +# NOTE: The logic associated with this will have to change for GHC 9.x and up to +# support the changes introduced with the switch to `ghc-bignum`. +numeric="gmp" + +usage="USAGE: $0 + -h show this help text + -c CONTAINER override the default container name + default: ${container} + -g GHC_VER override the numeric library GHC is built against; either 'gmp' or 'simple' + default: ${ghc_ver} + -i IMAGE override the default image name + default: ${image} + -n NUMERIC override the numeric library GHC is built against; either 'gmp' or 'simple' + default: ${numeric}" + +while getopts "c:g:i:n:h" opt; do + case ${opt} in + c ) { + container="${OPTARG}" + };; + g ) { + ghc_ver="${OPTARG}" + };; + i ) { + image="${OPTARG}" + };; + n ) { + if [ "${OPTARG}" = "gmp" ] || [ "${OPTARG}" = "simple" ]; then + numeric="${OPTARG}" + else + echo "Invalid NUMERIC argument (i.e. '-n')." >&2 + echo "Expected either 'gmp' or 'simple', got '${OPTARG}'" >&2 + exit 1 + fi; + };; + h ) { + echo "${usage}" + exit 0 + };; + \? ) { + echo "${usage}" + exit 1 + };; + esac +done +shift $((OPTIND -1)) + +if [ "$#" -ne 0 ]; then + exit 1 +fi + +# Add the GHC version and numeric library to container and image names. +container="${container}-${numeric}-${ghc_ver}" +image="${image}-${numeric}:${ghc_ver}" + +################################################################################ +# Container and dependencies. +################################################################################ + +# Create the container that will be used to compile GHC from source. +# +# NOTE: Alternatively: `buildah commit --rm` (at the end of the script) removes +# the working container. +# +# XXX: Reusing the container by name if it exists seems like not the best idea +# but it's convenient for development. +buildah \ + --signature-policy=./policy.json \ + --name "${container}" \ + from --pull "base-${numeric}" \ + || true + +buildah run "${container}" \ + apk add --no-cache \ + autoconf \ + automake \ + binutils-gold \ + build-base \ + coreutils \ + cpio \ + ghc \ + linux-headers \ + libffi-dev \ + musl-dev \ + ncurses-dev \ + perl \ + python3 \ + py3-sphinx \ + zlib-dev + +# Copy the appropriate build file, depending on the chosen numeric library. +if [ "${numeric}" = "gmp" ]; then + buildah copy --chmod 444 "${container}" \ + ./1_ghc/build-gmp.mk \ + /tmp/build.mk +elif [ "${numeric}" = "simple" ]; then + buildah copy --chmod 444 "${container}" \ + ./1_ghc/build-simple.mk \ + /tmp/build.mk +else # Should be impossible... + echo "This code path should be unreachable!" >&2 + echo "Invalid NUMERIC argument (i.e. '-n')" >&2 + echo "Expected either 'gmp' or 'simple', got '${numeric}'" >&2 + exit 1 +fi; + +# Copy all patches that will be applied to the GHC source tree. +buildah copy --chmod 444 "${container}" \ + ./1_ghc/patches \ + /tmp/patches + +# Copy wrapper script that will invoke `ghcup` to compile GHC. +buildah copy --chmod 111 "${container}" \ + ./1_ghc/compile_ghc.sh \ + /tmp/compile_ghc.sh + +################################################################################ +# Compile GHC. +################################################################################ + +# Compile GHC. +buildah run "${container}" \ + ./tmp/compile_ghc.sh "${ghc_ver}" + +# Uninstall the bootstrapping compiler. +buildah run "${container}" \ + apk del ghc + +# Clean up the build files, build scripts, and patches. +buildah run "${container}" \ + rm -rf "/tmp/{build.mk,compile_ghc.sh,patches}" + +################################################################################ +# Generate the final image. +################################################################################ + +# NOTE: Using images for all of these intermediate stages is sort of a +# carry-over from multi-stage Docker builds. +# +# It might be preferable to keep this container around for future build steps +# and just mount it to copy the files over manually. +# +# The tradeoff with this is that the image building process stops being +# "declarative", since it depends on the intermediate state of a particular +# container on the host builder's system. + +buildah \ + --signature-policy=./policy.json \ + commit "${container}" "${image}" diff --git a/1_ghc/compile_ghc.sh b/1_ghc/compile_ghc.sh new file mode 100644 index 0000000..e78254c --- /dev/null +++ b/1_ghc/compile_ghc.sh @@ -0,0 +1,15 @@ +#!/usr/bin/env sh +set -eu + +ghc_ver=$1 + +LD=ld.gold \ +SPHINXBUILD=/usr/bin/sphinx-build-3 \ + ghcup \ + --verbose \ + compile ghc \ + --jobs "$(nproc)" \ + --config /tmp/build.mk \ + --patchdir /tmp/patches \ + --bootstrap-ghc /usr/bin/ghc \ + --version "${ghc_ver}" diff --git a/1_ghc/patches/0-buildpath-abi-stability.patch b/1_ghc/patches/0-buildpath-abi-stability.patch new file mode 100644 index 0000000..8add0fc --- /dev/null +++ b/1_ghc/patches/0-buildpath-abi-stability.patch @@ -0,0 +1,25 @@ +Forwarded to https://ghc.haskell.org/trac/ghc/ticket/10424 + +Index: ghc/compiler/iface/MkIface.hs +=================================================================== +--- ghc.orig/compiler/iface/MkIface.hs 2016-04-19 09:26:40.075170754 +0200 ++++ ghc/compiler/iface/MkIface.hs 2016-04-19 09:26:40.071170684 +0200 +@@ -556,7 +556,7 @@ + iface_hash <- computeFingerprint putNameLiterally + (mod_hash, + ann_fn (mkVarOcc "module"), -- See mkIfaceAnnCache +- mi_usages iface0, ++ usages, + sorted_deps, + mi_hpc iface0) + +@@ -589,6 +589,9 @@ + (non_orph_fis, orph_fis) = mkOrphMap ifFamInstOrph (mi_fam_insts iface0) + fix_fn = mi_fix_fn iface0 + ann_fn = mkIfaceAnnCache (mi_anns iface0) ++ -- Do not allow filenames to affect the interface ++ usages = [ case u of UsageFile _ fp -> UsageFile "" fp; _ -> u | u <- mi_usages iface0 ] ++ + + getOrphanHashes :: HscEnv -> [Module] -> IO [Fingerprint] + getOrphanHashes hsc_env mods = do From ef7bc9a1079a8143a284274f2c275079ad25e24c Mon Sep 17 00:00:00 2001 From: jkachmar Date: Sat, 18 Sep 2021 22:51:22 -0400 Subject: [PATCH 06/18] Small comment changes --- 0_base/builder.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/0_base/builder.sh b/0_base/builder.sh index d4d5489..76d1a49 100755 --- a/0_base/builder.sh +++ b/0_base/builder.sh @@ -144,7 +144,9 @@ buildah run "${container}" \ rm -rf /tmp/validate_checksum.sh ################################################################################ -# Write the final image from this container. +# Generate the final image. +################################################################################ + buildah \ --signature-policy=./policy.json \ commit "${container}" "${image}" From a066310f48e4c49ac03f1d6a65003007e72990c7 Mon Sep 17 00:00:00 2001 From: jkachmar Date: Sun, 3 Oct 2021 16:02:22 -0400 Subject: [PATCH 07/18] Refactoring a bit... --- .envrc | 1 + .gitignore | 4 +- {1_ghc => ghc}/build-gmp.mk | 0 {1_ghc => ghc}/build-simple.mk | 0 {1_ghc => ghc}/builder.sh | 74 +++++++++++-------- {1_ghc => ghc}/compile_ghc.sh | 1 + ghc/copy_ghcup.sh | 13 ++++ .../patches/0-buildpath-abi-stability.patch | 0 {0_base => ghcup}/builder.sh | 62 +++++----------- {0_base => ghcup}/validate_checksum.sh | 2 +- 10 files changed, 76 insertions(+), 81 deletions(-) create mode 100644 .envrc rename {1_ghc => ghc}/build-gmp.mk (100%) rename {1_ghc => ghc}/build-simple.mk (100%) rename {1_ghc => ghc}/builder.sh (72%) rename {1_ghc => ghc}/compile_ghc.sh (95%) create mode 100755 ghc/copy_ghcup.sh rename {1_ghc => ghc}/patches/0-buildpath-abi-stability.patch (100%) rename {0_base => ghcup}/builder.sh (66%) rename {0_base => ghcup}/validate_checksum.sh (94%) diff --git a/.envrc b/.envrc new file mode 100644 index 0000000..1d953f4 --- /dev/null +++ b/.envrc @@ -0,0 +1 @@ +use nix diff --git a/.gitignore b/.gitignore index e83ad75..92b2793 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1 @@ -.stack-work -# JetBrains' IDEs -.idea +.direnv diff --git a/1_ghc/build-gmp.mk b/ghc/build-gmp.mk similarity index 100% rename from 1_ghc/build-gmp.mk rename to ghc/build-gmp.mk diff --git a/1_ghc/build-simple.mk b/ghc/build-simple.mk similarity index 100% rename from 1_ghc/build-simple.mk rename to ghc/build-simple.mk diff --git a/1_ghc/builder.sh b/ghc/builder.sh similarity index 72% rename from 1_ghc/builder.sh rename to ghc/builder.sh index 422f51e..80a2d42 100755 --- a/1_ghc/builder.sh +++ b/ghc/builder.sh @@ -17,26 +17,32 @@ cd "$( git rev-parse --show-toplevel )" # cf. https://sookocheff.com/post/bash/parsing-bash-script-arguments-with-shopts/ ################################################################################ -container="builder-ghc" -image="builder-ghc" +alpine_ver="3.14" +container="ghc" +image="ghc" ghc_ver="8.10.7" # NOTE: The logic associated with this will have to change for GHC 9.x and up to # support the changes introduced with the switch to `ghc-bignum`. numeric="gmp" usage="USAGE: $0 - -h show this help text - -c CONTAINER override the default container name - default: ${container} - -g GHC_VER override the numeric library GHC is built against; either 'gmp' or 'simple' - default: ${ghc_ver} - -i IMAGE override the default image name - default: ${image} - -n NUMERIC override the numeric library GHC is built against; either 'gmp' or 'simple' - default: ${numeric}" - -while getopts "c:g:i:n:h" opt; do + -h show this help text + -a ALPINE_VER override the default Alpine version + default: ${alpine_ver} + -c CONTAINER override the default container name + default: ${container} + -g GHC_VER override the numeric library GHC is built against; either 'gmp' or 'simple' + default: ${ghc_ver} + -i IMAGE override the default image name + default: ${image} + -n NUMERIC override the numeric library GHC is built against; either 'gmp' or 'simple' + default: ${numeric}" + +while getopts "a:c:g:i:n:h" opt; do case ${opt} in + a ) { + alpine_ver="${OPTARG}" + };; c ) { container="${OPTARG}" };; @@ -76,7 +82,7 @@ container="${container}-${numeric}-${ghc_ver}" image="${image}-${numeric}:${ghc_ver}" ################################################################################ -# Container and dependencies. +# Container. ################################################################################ # Create the container that will be used to compile GHC from source. @@ -89,8 +95,19 @@ image="${image}-${numeric}:${ghc_ver}" buildah \ --signature-policy=./policy.json \ --name "${container}" \ - from --pull "base-${numeric}" \ - || true + from --pull "docker.io/library/alpine:${alpine_ver}" + +################################################################################ +# Copy `ghcup` from another container. +################################################################################ + +# XXX: Maybe the `"ghcup"` image name should be fully qualified (i.e. +# "localhost/ghcup" for an image built locally)...? +buildah unshare ./ghc/copy_ghcup.sh "ghcup" "${container}" + +################################################################################ +# Dependencies. +################################################################################ buildah run "${container}" \ apk add --no-cache \ @@ -98,9 +115,11 @@ buildah run "${container}" \ automake \ binutils-gold \ build-base \ + curl \ coreutils \ cpio \ ghc \ + git \ linux-headers \ libffi-dev \ musl-dev \ @@ -108,16 +127,17 @@ buildah run "${container}" \ perl \ python3 \ py3-sphinx \ - zlib-dev + zlib-dev \ + xz # Copy the appropriate build file, depending on the chosen numeric library. if [ "${numeric}" = "gmp" ]; then buildah copy --chmod 444 "${container}" \ - ./1_ghc/build-gmp.mk \ + ./ghc/build-gmp.mk \ /tmp/build.mk elif [ "${numeric}" = "simple" ]; then buildah copy --chmod 444 "${container}" \ - ./1_ghc/build-simple.mk \ + ./ghc/build-simple.mk \ /tmp/build.mk else # Should be impossible... echo "This code path should be unreachable!" >&2 @@ -128,12 +148,12 @@ fi; # Copy all patches that will be applied to the GHC source tree. buildah copy --chmod 444 "${container}" \ - ./1_ghc/patches \ + ./ghc/patches \ /tmp/patches # Copy wrapper script that will invoke `ghcup` to compile GHC. buildah copy --chmod 111 "${container}" \ - ./1_ghc/compile_ghc.sh \ + ./ghc/compile_ghc.sh \ /tmp/compile_ghc.sh ################################################################################ @@ -156,16 +176,6 @@ buildah run "${container}" \ # Generate the final image. ################################################################################ -# NOTE: Using images for all of these intermediate stages is sort of a -# carry-over from multi-stage Docker builds. -# -# It might be preferable to keep this container around for future build steps -# and just mount it to copy the files over manually. -# -# The tradeoff with this is that the image building process stops being -# "declarative", since it depends on the intermediate state of a particular -# container on the host builder's system. - buildah \ --signature-policy=./policy.json \ - commit "${container}" "${image}" + commit --rm "${container}" "${image}" diff --git a/1_ghc/compile_ghc.sh b/ghc/compile_ghc.sh similarity index 95% rename from 1_ghc/compile_ghc.sh rename to ghc/compile_ghc.sh index e78254c..9dde1ed 100644 --- a/1_ghc/compile_ghc.sh +++ b/ghc/compile_ghc.sh @@ -12,4 +12,5 @@ SPHINXBUILD=/usr/bin/sphinx-build-3 \ --config /tmp/build.mk \ --patchdir /tmp/patches \ --bootstrap-ghc /usr/bin/ghc \ + --set \ --version "${ghc_ver}" diff --git a/ghc/copy_ghcup.sh b/ghc/copy_ghcup.sh new file mode 100755 index 0000000..8a0b5b1 --- /dev/null +++ b/ghc/copy_ghcup.sh @@ -0,0 +1,13 @@ +#!/usr/bin/env sh + +ghcup_img="$1" +builder_cnt="$2" + +ghcup_cnt=$(buildah from --signature-policy=./policy.json "${ghcup_img}") +ghcup_mnt=$(buildah mount "${ghcup_cnt}") +builder_mnt=$(buildah mount "${builder_cnt}") + +cp "${ghcup_mnt}/usr/bin/ghcup" "${builder_mnt}/usr/bin/ghcup" + +# Clean up intermediate container. +buildah rm "${ghcup_cnt}" diff --git a/1_ghc/patches/0-buildpath-abi-stability.patch b/ghc/patches/0-buildpath-abi-stability.patch similarity index 100% rename from 1_ghc/patches/0-buildpath-abi-stability.patch rename to ghc/patches/0-buildpath-abi-stability.patch diff --git a/0_base/builder.sh b/ghcup/builder.sh similarity index 66% rename from 0_base/builder.sh rename to ghcup/builder.sh index 76d1a49..eac6f50 100755 --- a/0_base/builder.sh +++ b/ghcup/builder.sh @@ -17,38 +17,30 @@ cd "$( git rev-parse --show-toplevel )" # cf. https://sookocheff.com/post/bash/parsing-bash-script-arguments-with-shopts/ ################################################################################ -container="base" -image="base" -# NOTE: The logic associated with this will have to change for GHC 9.x and up to -# support the changes introduced with the switch to `ghc-bignum`. -numeric="gmp" +alpine_ver="3.14" +container="ghcup" +image="ghcup" usage="USAGE: $0 -h show this help text + -a ALPINE_VER override the default Alpine version + default: ${alpine_ver} -c CONTAINER override the default container name default: ${container} - -i IMAGE override the default image name - default: ${image} - -n NUMERIC override the numeric library GHC is built against; either 'gmp' or 'simple' - default: ${numeric}" + -i IMAGE override the default image name + default: ${image}" -while getopts "c:i:n:h" opt; do +while getopts "a:c:i:h" opt; do case ${opt} in + a ) { + alpine_ver="${OPTARG}" + };; c ) { container="${OPTARG}" };; i ) { image="${OPTARG}" };; - n ) { - if [ "${OPTARG}" = "gmp" ] || [ "${OPTARG}" = "simple" ]; then - numeric="${OPTARG}" - else - echo "Invalid NUMERIC argument (i.e. '-n')." >&2 - echo "Expected either 'gmp' or 'simple', got '${OPTARG}'" >&2 - exit 1 - fi; - };; h ) { echo "${usage}" exit 0 @@ -65,26 +57,14 @@ if [ "$#" -ne 0 ]; then exit 1 fi -# Add the numeric library to container and image names. -container="${container}-${numeric}" -image="${image}-${numeric}" - ################################################################################ # Container and basic dependencies. ################################################################################ -# Create the "base" container that will be used elsewhere in the project. -# -# NOTE: Alternatively: `buildah commit --rm` (at the end of the script) removes -# the working container. -# -# XXX: Reusing the container by name if it exists seems like not the best idea -# but it's convenient for development. buildah \ --signature-policy=./policy.json \ --name "${container}" \ - from --pull docker.io/library/alpine:3.14 \ - || true + from --pull docker.io/library/alpine:3.14 # Update index files and upgrade the currently installed packages. # @@ -96,23 +76,14 @@ buildah run "${container}" \ buildah run "${container}" \ apk add \ curl \ - gcc \ - git \ - libc-dev \ xz -if [ "${numeric}" = "gmp" ]; then - echo "Installing 'libgmp'." - buildah run "${container}" \ - apk add gmp-dev -fi; - ################################################################################ # Download and install `ghcup`. ################################################################################ -ghcup_version="0.1.16.2" -ghcup_expected_checksum="d5e43b95ce1d42263376e414f7eb7c5dd440271c7c6cd9bad446fdeff3823893" +ghcup_version="0.1.17.2" +ghcup_expected_checksum="e9adb022b9bcfe501caca39e76ae7241af0f30fbb466a2202837a7a578607daf" # Fetch `ghcup`. buildah run "${container}" \ @@ -122,7 +93,7 @@ buildah run "${container}" \ # Copy the checksum validation script into the container... buildah copy --chmod 111 "${container}" \ - ./0_base/validate_checksum.sh \ + ./ghcup/validate_checksum.sh \ /tmp/validate_checksum.sh # ...and verify that the expected and actual actual `ghcup` checksums match. @@ -147,6 +118,7 @@ buildah run "${container}" \ # Generate the final image. ################################################################################ +# NOTE: Tagging the image with the `ghcup_version` for convenience. buildah \ --signature-policy=./policy.json \ - commit "${container}" "${image}" + commit --rm "${container}" "${image}:${ghcup_version}" diff --git a/0_base/validate_checksum.sh b/ghcup/validate_checksum.sh similarity index 94% rename from 0_base/validate_checksum.sh rename to ghcup/validate_checksum.sh index 3017cd0..7d43af7 100644 --- a/0_base/validate_checksum.sh +++ b/ghcup/validate_checksum.sh @@ -1,7 +1,7 @@ #!/usr/bin/env sh set -eu -ghcup_path=$1 +ghcup_path="$1" ghcup_expected_checksum="$2" if ! echo "${ghcup_expected_checksum} ${ghcup_path}" | sha256sum -c -; then From b64f65017ce98f543fbd9501e3cc5152957a7278 Mon Sep 17 00:00:00 2001 From: jkachmar Date: Sun, 3 Oct 2021 18:05:29 -0400 Subject: [PATCH 08/18] First crack at a GitHub Actions workflow --- .github/workflows/ghcup.yaml | 40 ++++++++++++++++++++++++++++++++++++ .gitignore | 1 + ghc/builder.sh | 25 +++++++++++++++++++++- ghcup/builder.sh | 21 +++++++++++++------ shell.nix | 1 + 5 files changed, 81 insertions(+), 7 deletions(-) create mode 100644 .github/workflows/ghcup.yaml diff --git a/.github/workflows/ghcup.yaml b/.github/workflows/ghcup.yaml new file mode 100644 index 0000000..73cdd0c --- /dev/null +++ b/.github/workflows/ghcup.yaml @@ -0,0 +1,40 @@ +name: "`ghcup` image" + +on: + # FIXME: Remove this before merging! + pull_request: { branches: [ "master" ] } + push: { branches: [ "release" ] } + +env: + alpine_ver: "3.14" + +jobs: + build: + runs-on: "ubuntu-20.04" + + steps: + - name: "Check this repository out." + uses: "actions/checkout@v2" + + - name: "Build `ghcup` image." + id: "build-ghcup-image" + run: | + image=$( + ./ghcup/builder.sh \ + -a "${{ env.alpine_ver }}" \ + | tail -n 1 + ) + echo "::set-output name=image::${image}" + + - name: "Push `ghcup` image to the GitHub Container Registry" + id: "push-ghcup-to-ghcr" + uses: "redhat-actions/push-to-registry@v2" + with: + image: "${{ steps.build-ghcup-image.outputs.image }}" + username: "${{ github.actor }}" + password: "${{ github.token }}" + registry: "ghcr.io/${{ github.repository_owner }}" + + - name: "Print image URL." + run: | + echo "Image pushed to [ ${{ steps.push-ghcup-to-ghcr.outputs.registry-paths }} ]" diff --git a/.gitignore b/.gitignore index 92b2793..0a279d8 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ .direnv +tmp diff --git a/ghc/builder.sh b/ghc/builder.sh index 80a2d42..eb87d93 100755 --- a/ghc/builder.sh +++ b/ghc/builder.sh @@ -21,6 +21,7 @@ alpine_ver="3.14" container="ghc" image="ghc" ghc_ver="8.10.7" + # NOTE: The logic associated with this will have to change for GHC 9.x and up to # support the changes introduced with the switch to `ghc-bignum`. numeric="gmp" @@ -33,7 +34,7 @@ usage="USAGE: $0 default: ${container} -g GHC_VER override the numeric library GHC is built against; either 'gmp' or 'simple' default: ${ghc_ver} - -i IMAGE override the default image name + -i IMAGE override the default image base name default: ${image} -n NUMERIC override the numeric library GHC is built against; either 'gmp' or 'simple' default: ${numeric}" @@ -172,10 +173,32 @@ buildah run "${container}" \ buildah run "${container}" \ rm -rf "/tmp/{build.mk,compile_ghc.sh,patches}" +# Add `ghcup`'s bin directory to the container's `PATH`. +# +# NOTE: This little bit of indirection is needed to get the container's 'PATH', +# since '$PATH' would be sourced from the host. +cntr_path=$(buildah run "${container}" printenv PATH) +buildah config \ + --env PATH="${cntr_path}:/root/.ghcup/bin" \ + "${container}" + ################################################################################ # Generate the final image. ################################################################################ +# NOTE: `buildah` uses `/var/tmp` (or $TMPDIR) as a staging area when assembling +# images. +# +# On systems where `/var/tmp` is mounted as `tmpfs`, this can cause `buildah` to +# run out of space. +# +# In this case, create some `./tmp` directory and use it with `TMPDIR=./tmp` +# before running `buildah commit`. +# +# e.g. Uncomment the following: +# +# mkdir -p ./tmp +# TMPDIR=./tmp \ buildah \ --signature-policy=./policy.json \ commit --rm "${container}" "${image}" diff --git a/ghcup/builder.sh b/ghcup/builder.sh index eac6f50..f2ea755 100755 --- a/ghcup/builder.sh +++ b/ghcup/builder.sh @@ -22,12 +22,12 @@ container="ghcup" image="ghcup" usage="USAGE: $0 - -h show this help text + -h show this help text -a ALPINE_VER override the default Alpine version default: ${alpine_ver} - -c CONTAINER override the default container name - default: ${container} - -i IMAGE override the default image name + -c CONTAINER override the default container name + default: ${container} + -i IMAGE override the default image base name default: ${image}" while getopts "a:c:i:h" opt; do @@ -106,14 +106,23 @@ buildah run "${container}" \ buildah run "${container}" \ mv /tmp/"ghcup-${ghcup_version}" /usr/bin/ghcup -# ...set it to be executable... +# ...make it executable... buildah run "${container}" \ chmod +x /usr/bin/ghcup -# ...clean up any scripts. +# ...and clean up any scripts. buildah run "${container}" \ rm -rf /tmp/validate_checksum.sh +# Add `ghcup`'s bin directory to the container's `PATH`. +# +# NOTE: This little bit of indirection is needed to get the container's 'PATH', +# since '$PATH' would be sourced from the host. +cntr_path=$(buildah run "${container}" printenv PATH) +buildah config \ + --env PATH="${cntr_path}:/root/.ghcup/bin" \ + "${container}" + ################################################################################ # Generate the final image. ################################################################################ diff --git a/shell.nix b/shell.nix index 35f23a8..83881dc 100644 --- a/shell.nix +++ b/shell.nix @@ -6,6 +6,7 @@ pkgs.mkShell { skopeo # Misc. other dependencies. + jq nixpkgs-fmt shellcheck ]; From 5755cea269774205ee2b9f2f7c98f3b119c54f2f Mon Sep 17 00:00:00 2001 From: jkachmar Date: Sun, 3 Oct 2021 18:51:46 -0400 Subject: [PATCH 09/18] Corrects Fedora image push action params --- .github/workflows/ghcup.yaml | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ghcup.yaml b/.github/workflows/ghcup.yaml index 73cdd0c..d65faf8 100644 --- a/.github/workflows/ghcup.yaml +++ b/.github/workflows/ghcup.yaml @@ -19,22 +19,36 @@ jobs: - name: "Build `ghcup` image." id: "build-ghcup-image" run: | - image=$( + image_id=$( ./ghcup/builder.sh \ -a "${{ env.alpine_ver }}" \ | tail -n 1 ) - echo "::set-output name=image::${image}" + echo "::set-output name=image_id::${image_id}" + + image_name=$( + buildah images --format "{{.Name}}" ${image_id} + ) + + # NOTE: This parameter expansion drops the leading `localhost/` that + # `buildah` (and other OCI tools) prepend to local image names. + echo "::set-output name=image_name::${image_name#*/}" + + image_tags=$( + buildah images --format "{{.Tag}}" ${image_id} + ) + echo "::set-output name=image_tags::${image_tags}" - name: "Push `ghcup` image to the GitHub Container Registry" id: "push-ghcup-to-ghcr" uses: "redhat-actions/push-to-registry@v2" with: - image: "${{ steps.build-ghcup-image.outputs.image }}" + image: "${{ steps.build-ghcup-image.outputs.image_name }}" + tags: "${{ steps.build-ghcup-image.outputs.image_tags }}" + registry: "ghcr.io/${{ github.repository_owner }}" username: "${{ github.actor }}" password: "${{ github.token }}" - registry: "ghcr.io/${{ github.repository_owner }}" - name: "Print image URL." run: | - echo "Image pushed to [ ${{ steps.push-ghcup-to-ghcr.outputs.registry-paths }} ]" + echo "Image pushed to ${{ steps.push-ghcup-to-ghcr.outputs.registry-paths }}" From 5a909ef60f718755eb581c57c5eac6265d6098e2 Mon Sep 17 00:00:00 2001 From: jkachmar Date: Sun, 3 Oct 2021 19:27:47 -0400 Subject: [PATCH 10/18] Adds GHC compilation CI stage --- .github/workflows/ghc.yaml | 64 ++++++++++++++++++++++++++++++++++++ .github/workflows/ghcup.yaml | 18 +++++----- ghc/builder.sh | 4 +-- ghcup/builder.sh | 2 +- policy.json | 3 +- 5 files changed, 78 insertions(+), 13 deletions(-) create mode 100644 .github/workflows/ghc.yaml diff --git a/.github/workflows/ghc.yaml b/.github/workflows/ghc.yaml new file mode 100644 index 0000000..4a445c3 --- /dev/null +++ b/.github/workflows/ghc.yaml @@ -0,0 +1,64 @@ +name: "GHC images" + +on: + # FIXME: Remove this before merging! + pull_request: { branches: [ "master" ] } + push: { branches: [ "release" ] } + +env: + alpine_ver: "3.14" + +jobs: + build: + runs-on: "ubuntu-20.04" + + strategy: + matrix: + ghc_ver: [ "8.10.7" ] + numeric: [ "gmp" ] + + steps: + - name: "Check this repository out." + uses: "actions/checkout@v2" + + - name: "Pull `ghcup` image." + run: | + # TODO: Avoid having to specify a ghcup version here... + buildah pull docker://ghcr.io/jkachmar/ghcup:0.1.17.2 + + - name: "Compile GHC and publish an image from the resulting container." + id: "build-image" + run: | + image_id=$( + ./ghc/builder.sh \ + -a "${{ env.alpine_ver }}" \ + -g "${{ matrix.ghc_ver }}" \ + -n "${{ matrix.numeric }}" \ + | tail -n 1 + ) + + image_name=$( + buildah images --format "{{.Name}}" ${image_id} + ) + # NOTE: This parameter expansion drops the leading `localhost/` that + # `buildah` (and other OCI tools) prepend to local image names. + echo "::set-output name=image_name::${image_name#*/}" + + image_tags=$( + buildah images --format "{{.Tag}}" ${image_id} + ) + echo "::set-output name=image_tags::${image_tags}" + + - name: "Push compiled GHC image to the GitHub Container Registry." + id: "push-to-ghcr" + uses: "redhat-actions/push-to-registry@v2" + with: + image: "${{ steps.build-image.outputs.image_name }}" + tags: "${{ steps.build-image.outputs.image_tags }}" + registry: "ghcr.io/${{ github.repository_owner }}" + username: "${{ github.actor }}" + password: "${{ github.token }}" + + - name: "Print image URL." + run: | + echo "Image pushed to ${{ steps.push-to-ghcr.outputs.registry-paths }}" diff --git a/.github/workflows/ghcup.yaml b/.github/workflows/ghcup.yaml index d65faf8..b1bb5bf 100644 --- a/.github/workflows/ghcup.yaml +++ b/.github/workflows/ghcup.yaml @@ -1,9 +1,10 @@ name: "`ghcup` image" +# FIXME: Re-enable this workflow before merging! on: # FIXME: Remove this before merging! - pull_request: { branches: [ "master" ] } - push: { branches: [ "release" ] } + # pull_request: { branches: [ "master" ] } + # push: { branches: [ "release" ] } env: alpine_ver: "3.14" @@ -16,8 +17,8 @@ jobs: - name: "Check this repository out." uses: "actions/checkout@v2" - - name: "Build `ghcup` image." - id: "build-ghcup-image" + - name: "Download `ghcup` and publish an image containing it." + id: "build-image" run: | image_id=$( ./ghcup/builder.sh \ @@ -29,7 +30,6 @@ jobs: image_name=$( buildah images --format "{{.Name}}" ${image_id} ) - # NOTE: This parameter expansion drops the leading `localhost/` that # `buildah` (and other OCI tools) prepend to local image names. echo "::set-output name=image_name::${image_name#*/}" @@ -40,15 +40,15 @@ jobs: echo "::set-output name=image_tags::${image_tags}" - name: "Push `ghcup` image to the GitHub Container Registry" - id: "push-ghcup-to-ghcr" + id: "push-to-ghcr" uses: "redhat-actions/push-to-registry@v2" with: - image: "${{ steps.build-ghcup-image.outputs.image_name }}" - tags: "${{ steps.build-ghcup-image.outputs.image_tags }}" + image: "${{ steps.build-image.outputs.image_name }}" + tags: "${{ steps.build-image.outputs.image_tags }}" registry: "ghcr.io/${{ github.repository_owner }}" username: "${{ github.actor }}" password: "${{ github.token }}" - name: "Print image URL." run: | - echo "Image pushed to ${{ steps.push-ghcup-to-ghcr.outputs.registry-paths }}" + echo "Image pushed to ${{ steps.push-to-ghcr.outputs.registry-paths }}" diff --git a/ghc/builder.sh b/ghc/builder.sh index eb87d93..fbc9c38 100755 --- a/ghc/builder.sh +++ b/ghc/builder.sh @@ -80,7 +80,7 @@ fi # Add the GHC version and numeric library to container and image names. container="${container}-${numeric}-${ghc_ver}" -image="${image}-${numeric}:${ghc_ver}" +image="${image}-${numeric}" ################################################################################ # Container. @@ -201,4 +201,4 @@ buildah config \ # TMPDIR=./tmp \ buildah \ --signature-policy=./policy.json \ - commit --rm "${container}" "${image}" + commit "${container}" "${image}:${ghc_ver}" diff --git a/ghcup/builder.sh b/ghcup/builder.sh index f2ea755..a8cd7c8 100755 --- a/ghcup/builder.sh +++ b/ghcup/builder.sh @@ -130,4 +130,4 @@ buildah config \ # NOTE: Tagging the image with the `ghcup_version` for convenience. buildah \ --signature-policy=./policy.json \ - commit --rm "${container}" "${image}:${ghcup_version}" + commit "${container}" "${image}:${ghcup_version}" diff --git a/policy.json b/policy.json index be42b42..1ee3333 100644 --- a/policy.json +++ b/policy.json @@ -2,7 +2,8 @@ "default": [{"type": "reject"}], "transports": { "docker": { - "docker.io/library/alpine": [{"type": "insecureAcceptAnything"}] + "docker.io/library/alpine": [{"type": "insecureAcceptAnything"}], + "ghcr.io/jkachmar/ghcup": [{"type": "insecureAcceptAnything"}] }, "dir": { "": [{"type": "insecureAcceptAnything"}] From 2ef39a8c689fb160ef7cbd233bc1a807860ed440 Mon Sep 17 00:00:00 2001 From: jkachmar Date: Sun, 3 Oct 2021 20:35:07 -0400 Subject: [PATCH 11/18] Disables CI --- .github/workflows/ghc.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ghc.yaml b/.github/workflows/ghc.yaml index 4a445c3..05efabc 100644 --- a/.github/workflows/ghc.yaml +++ b/.github/workflows/ghc.yaml @@ -2,8 +2,8 @@ name: "GHC images" on: # FIXME: Remove this before merging! - pull_request: { branches: [ "master" ] } - push: { branches: [ "release" ] } + # pull_request: { branches: [ "master" ] } + # push: { branches: [ "release" ] } env: alpine_ver: "3.14" From b8d5b50989de961335bcc1b5bce6c4ca6b3dc2ed Mon Sep 17 00:00:00 2001 From: jkachmar Date: Sun, 3 Oct 2021 20:35:15 -0400 Subject: [PATCH 12/18] Uses `buildah tag` for tagging --- ghc/builder.sh | 18 +++++++++--------- ghcup/builder.sh | 9 +++++++-- 2 files changed, 16 insertions(+), 11 deletions(-) diff --git a/ghc/builder.sh b/ghc/builder.sh index fbc9c38..0a8723c 100755 --- a/ghc/builder.sh +++ b/ghc/builder.sh @@ -20,7 +20,7 @@ cd "$( git rev-parse --show-toplevel )" alpine_ver="3.14" container="ghc" image="ghc" -ghc_ver="8.10.7" +ghc_version="8.10.7" # NOTE: The logic associated with this will have to change for GHC 9.x and up to # support the changes introduced with the switch to `ghc-bignum`. @@ -33,7 +33,7 @@ usage="USAGE: $0 -c CONTAINER override the default container name default: ${container} -g GHC_VER override the numeric library GHC is built against; either 'gmp' or 'simple' - default: ${ghc_ver} + default: ${ghc_version} -i IMAGE override the default image base name default: ${image} -n NUMERIC override the numeric library GHC is built against; either 'gmp' or 'simple' @@ -48,7 +48,7 @@ while getopts "a:c:g:i:n:h" opt; do container="${OPTARG}" };; g ) { - ghc_ver="${OPTARG}" + ghc_version="${OPTARG}" };; i ) { image="${OPTARG}" @@ -79,7 +79,7 @@ if [ "$#" -ne 0 ]; then fi # Add the GHC version and numeric library to container and image names. -container="${container}-${numeric}-${ghc_ver}" +container="${container}-${numeric}-${ghc_version}" image="${image}-${numeric}" ################################################################################ @@ -163,7 +163,7 @@ buildah copy --chmod 111 "${container}" \ # Compile GHC. buildah run "${container}" \ - ./tmp/compile_ghc.sh "${ghc_ver}" + ./tmp/compile_ghc.sh "${ghc_version}" # Uninstall the bootstrapping compiler. buildah run "${container}" \ @@ -197,8 +197,8 @@ buildah config \ # # e.g. Uncomment the following: # -# mkdir -p ./tmp -# TMPDIR=./tmp \ -buildah \ +mkdir -p ./tmp +TMPDIR=./tmp \ + buildah \ --signature-policy=./policy.json \ - commit "${container}" "${image}:${ghc_ver}" + commit --rm "${container}" "${image}:${ghc_version}" diff --git a/ghcup/builder.sh b/ghcup/builder.sh index a8cd7c8..be92337 100755 --- a/ghcup/builder.sh +++ b/ghcup/builder.sh @@ -127,7 +127,12 @@ buildah config \ # Generate the final image. ################################################################################ -# NOTE: Tagging the image with the `ghcup_version` for convenience. buildah \ --signature-policy=./policy.json \ - commit "${container}" "${image}:${ghcup_version}" + commit --rm "${container}" "${image}:${ghcup_version}" + +# NOTE: Tagging the image with the `ghcup_version` for convenience. +# +# This is going to produce an image with the newest `ghcup` most of the time +# anyway. +buildah tag "${image}:${ghcup_version}" "${image}:latest" From 4a59147672126fdedcf4f8df3df73b8a50ac367a Mon Sep 17 00:00:00 2001 From: jkachmar Date: Sun, 3 Oct 2021 20:40:16 -0400 Subject: [PATCH 13/18] Uses tmpdir for building GHC & adds secrets --- .gitignore | 4 +++- ghc/builder.sh | 16 +++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.gitignore b/.gitignore index 0a279d8..2f945e0 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,4 @@ .direnv -tmp +.tmp +authfile.json +secrets diff --git a/ghc/builder.sh b/ghc/builder.sh index 0a8723c..db93349 100755 --- a/ghc/builder.sh +++ b/ghc/builder.sh @@ -191,14 +191,12 @@ buildah config \ # # On systems where `/var/tmp` is mounted as `tmpfs`, this can cause `buildah` to # run out of space. -# -# In this case, create some `./tmp` directory and use it with `TMPDIR=./tmp` -# before running `buildah commit`. -# -# e.g. Uncomment the following: -# mkdir -p ./tmp TMPDIR=./tmp \ - buildah \ - --signature-policy=./policy.json \ - commit --rm "${container}" "${image}:${ghc_version}" + image_id=$( + buildah \ + --signature-policy=./policy.json \ + commit --rm "${container}" "${image}:${ghc_version}" + ) +rm -rf ./tmp +echo "${image_id}" From 421318bc2d0835c14f9033d1a5a65c0ae3413c88 Mon Sep 17 00:00:00 2001 From: jkachmar Date: Sun, 3 Oct 2021 23:24:21 -0400 Subject: [PATCH 14/18] Cleanup --- common/copy_ghcup.sh | 13 +++++++++++++ common/copy_ghcup_bin_dir.sh | 13 +++++++++++++ common/validate_checksum.sh | 11 +++++++++++ ghc/builder.sh | 18 +++++------------- ghc/copy_ghcup.sh | 13 ------------- ghcup/builder.sh | 5 +++-- ghcup/validate_checksum.sh | 11 ----------- 7 files changed, 45 insertions(+), 39 deletions(-) create mode 100755 common/copy_ghcup.sh create mode 100755 common/copy_ghcup_bin_dir.sh create mode 100644 common/validate_checksum.sh delete mode 100755 ghc/copy_ghcup.sh delete mode 100644 ghcup/validate_checksum.sh diff --git a/common/copy_ghcup.sh b/common/copy_ghcup.sh new file mode 100755 index 0000000..85de7c0 --- /dev/null +++ b/common/copy_ghcup.sh @@ -0,0 +1,13 @@ +#!/usr/bin/env sh + +ghcup_img="$1" +builder_cntr="$2" + +ghcup_cntr=$(buildah from --signature-policy=./policy.json "${ghcup_img}") +ghcup_mnt=$(buildah mount "${ghcup_cntr}") +builder_mnt=$(buildah mount "${builder_cntr}") + +cp "${ghcup_mnt}/usr/bin/ghcup" "${builder_mnt}/usr/bin/ghcup" + +# Clean up intermediate container. +buildah rm "${ghcup_cntr}" diff --git a/common/copy_ghcup_bin_dir.sh b/common/copy_ghcup_bin_dir.sh new file mode 100755 index 0000000..fc4c59e --- /dev/null +++ b/common/copy_ghcup_bin_dir.sh @@ -0,0 +1,13 @@ +#!/usr/bin/env sh + +ghcup_img="$1" +builder_cntr="$2" + +ghcup_cntr=$(buildah from --signature-policy=./policy.json "${ghcup_img}") +ghcup_mnt=$(buildah mount "${ghcup_cntr}") +builder_mnt=$(buildah mount "${builder_cntr}") + +cp -r "${ghcup_mnt}/root/.ghcup" "${builder_mnt}/root/.ghcup" + +# Clean up intermediate container. +buildah rm "${ghcup_cntr}" diff --git a/common/validate_checksum.sh b/common/validate_checksum.sh new file mode 100644 index 0000000..06e62ca --- /dev/null +++ b/common/validate_checksum.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env sh +set -eu + +file_path="$1" +expected_checksum="$2" + +if ! echo "${expected_checksum} ${file_path}" | sha256sum -c -; then + echo "${file_path} checksum failed" >&2 + echo "expected '${expected_checksum}', but got '$( sha256sum "${file_path}" )'" >&2 + exit 1 +fi; diff --git a/ghc/builder.sh b/ghc/builder.sh index db93349..95e4971 100755 --- a/ghc/builder.sh +++ b/ghc/builder.sh @@ -54,13 +54,13 @@ while getopts "a:c:g:i:n:h" opt; do image="${OPTARG}" };; n ) { - if [ "${OPTARG}" = "gmp" ] || [ "${OPTARG}" = "simple" ]; then - numeric="${OPTARG}" - else + if [ "${OPTARG}" = "gmp" ] || [ "${OPTARG}" = "simple" ]; then + numeric="${OPTARG}" + else echo "Invalid NUMERIC argument (i.e. '-n')." >&2 echo "Expected either 'gmp' or 'simple', got '${OPTARG}'" >&2 exit 1 - fi; + fi; };; h ) { echo "${usage}" @@ -87,12 +87,6 @@ image="${image}-${numeric}" ################################################################################ # Create the container that will be used to compile GHC from source. -# -# NOTE: Alternatively: `buildah commit --rm` (at the end of the script) removes -# the working container. -# -# XXX: Reusing the container by name if it exists seems like not the best idea -# but it's convenient for development. buildah \ --signature-policy=./policy.json \ --name "${container}" \ @@ -102,9 +96,7 @@ buildah \ # Copy `ghcup` from another container. ################################################################################ -# XXX: Maybe the `"ghcup"` image name should be fully qualified (i.e. -# "localhost/ghcup" for an image built locally)...? -buildah unshare ./ghc/copy_ghcup.sh "ghcup" "${container}" +buildah unshare ./common/copy_ghcup.sh "ghcup" "${container}" ################################################################################ # Dependencies. diff --git a/ghc/copy_ghcup.sh b/ghc/copy_ghcup.sh deleted file mode 100755 index 8a0b5b1..0000000 --- a/ghc/copy_ghcup.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/usr/bin/env sh - -ghcup_img="$1" -builder_cnt="$2" - -ghcup_cnt=$(buildah from --signature-policy=./policy.json "${ghcup_img}") -ghcup_mnt=$(buildah mount "${ghcup_cnt}") -builder_mnt=$(buildah mount "${builder_cnt}") - -cp "${ghcup_mnt}/usr/bin/ghcup" "${builder_mnt}/usr/bin/ghcup" - -# Clean up intermediate container. -buildah rm "${ghcup_cnt}" diff --git a/ghcup/builder.sh b/ghcup/builder.sh index be92337..dc68703 100755 --- a/ghcup/builder.sh +++ b/ghcup/builder.sh @@ -58,9 +58,10 @@ if [ "$#" -ne 0 ]; then fi ################################################################################ -# Container and basic dependencies. +# Container. ################################################################################ +# Create the container that will be used to download `ghcup`. buildah \ --signature-policy=./policy.json \ --name "${container}" \ @@ -93,7 +94,7 @@ buildah run "${container}" \ # Copy the checksum validation script into the container... buildah copy --chmod 111 "${container}" \ - ./ghcup/validate_checksum.sh \ + ./common/validate_checksum.sh \ /tmp/validate_checksum.sh # ...and verify that the expected and actual actual `ghcup` checksums match. diff --git a/ghcup/validate_checksum.sh b/ghcup/validate_checksum.sh deleted file mode 100644 index 7d43af7..0000000 --- a/ghcup/validate_checksum.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/usr/bin/env sh -set -eu - -ghcup_path="$1" -ghcup_expected_checksum="$2" - -if ! echo "${ghcup_expected_checksum} ${ghcup_path}" | sha256sum -c -; then - echo "${ghcup_path} checksum failed" >&2 - echo "expected '${ghcup_expected_checksum}', but got '$( sha256sum "${ghcup_path}" )'" >&2 - exit 1 -fi; From 8981eeae9b15d79d5051bb9fa108270c95652418 Mon Sep 17 00:00:00 2001 From: jkachmar Date: Sun, 3 Oct 2021 23:24:30 -0400 Subject: [PATCH 15/18] Adds tooling image builder --- tooling/builder.sh | 244 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 244 insertions(+) create mode 100755 tooling/builder.sh diff --git a/tooling/builder.sh b/tooling/builder.sh new file mode 100755 index 0000000..91d3a9e --- /dev/null +++ b/tooling/builder.sh @@ -0,0 +1,244 @@ +#!/usr/bin/env sh +set -eu + +################################################################################ +# Pre-flight checks. +################################################################################ + +command -v git >/dev/null 2>&1 || { echo >&2 "git is not installed, aborting."; exit 1; } +command -v buildah >/dev/null 2>&1 || { echo >&2 "buildah is not installed, aborting."; exit 1; } + +# Start the script in the top-level repository directory no matter what. +cd "$( git rev-parse --show-toplevel )" + +################################################################################ +# Argument parsing and related values. +# +# cf. https://sookocheff.com/post/bash/parsing-bash-script-arguments-with-shopts/ +################################################################################ + +alpine_ver="3.14" +container="ghc-with-tooling" +image="ghc-with-tooling" +ghc_version="8.10.7" + +# NOTE: The logic associated with this will have to change for GHC 9.x and up to +# support the changes introduced with the switch to `ghc-bignum`. +numeric="gmp" + +cabal_version="3.6.0.0" + +stack_version="2.7.3" +stack_expected_checksum="c5bce24defa2b2b86f1bbb14bed4f1ee83bec14c6ed9fcc81174d5473fbf3450" + +hls_version="1.4.0" + +usage="USAGE: $0 + -h show this help text + -a ALPINE_VER override the default Alpine version + default: ${alpine_ver} + -c CONTAINER override the default container name + default: ${container} + -g GHC_VER override the numeric library GHC is built against; either 'gmp' or 'simple' + default: ${ghc_version} + -i IMAGE override the default image base name + default: ${image} + -n NUMERIC override the numeric library GHC is built against; either 'gmp' or 'simple' + default: ${numeric} + -C CABAL_VER override the default version of 'cabal-install' to build + default: ${cabal_version} + -S STACK_VER override the default version of 'stack' to download and install + default: ${stack_version} + -H HLS_VER override the default version of 'haskell-language-server' to download and install + default: ${hls_version}" + +while getopts "a:c:g:i:n:C:S:H:h" opt; do + case ${opt} in + a ) { + alpine_ver="${OPTARG}" + };; + c ) { + container="${OPTARG}" + };; + g ) { + ghc_version="${OPTARG}" + };; + i ) { + image="${OPTARG}" + };; + n ) { + if [ "${OPTARG}" = "gmp" ] || [ "${OPTARG}" = "simple" ]; then + numeric="${OPTARG}" + else + echo "Invalid NUMERIC argument (i.e. '-n')." >&2 + echo "Expected either 'gmp' or 'simple', got '${OPTARG}'" >&2 + exit 1 + fi; + };; + C ) { + cabal_version="${OPTARG}" + };; + S ) { + stack_version="${OPTARG}" + };; + H ) { + hls_version="${OPTARG}" + };; + h ) { + echo "${usage}" + exit 0 + };; + \? ) { + echo "${usage}" + exit 1 + };; + esac +done +shift $((OPTIND -1)) + +if [ "$#" -ne 0 ]; then + exit 1 +fi + +# Add the GHC version and numeric library to container and image names. +container="${container}-${numeric}-${ghc_version}" +image="${image}-${numeric}" + +################################################################################ +# Container. +################################################################################ + +# Create the container that will be used to download and/or compile various bits +# of Haskell tooling. +buildah \ + --signature-policy=./policy.json \ + --name "${container}" \ + from --pull "docker.io/library/alpine:${alpine_ver}" + +# Install common dependencies. +buildah run "${container}" \ + apk add \ + binutils-gold \ + curl \ + gcc \ + musl-dev \ + ncurses-libs \ + xz \ + zlib + +if [ "${numeric}" = "gmp" ]; then + buildah run "${container}" \ + apk add gmp-dev +fi + +################################################################################ +# Copy `ghcup` (and files) from other containers. +################################################################################ + +buildah unshare ./common/copy_ghcup.sh "ghcup" "${container}" +buildah unshare ./common/copy_ghcup_bin_dir.sh "ghc-${numeric}:${ghc_version}" "${container}" + +# Add `ghcup`'s bin directory to the container's `PATH`. +# +# NOTE: This little bit of indirection is needed to get the container's 'PATH', +# since '$PATH' would be sourced from the host. +cntr_path=$(buildah run "${container}" printenv PATH) +buildah config \ + --env PATH="${cntr_path}:/root/.ghcup/bin" \ + "${container}" + +################################################################################ +# Download and install `cabal-install. +# +# TODO: Compile `cabal-install` from source for non-gmp images so that the +# library won't be necessary at all. +# +# This should be easier once `ghcup` re-adds the `ghcup compile cabal` +# subcommand; cf. https://gitlab.haskell.org/haskell/ghcup-hs/-/issues/254 +################################################################################ + +buildah run "${container}" \ + ghcup install cabal "${cabal_version}" + +################################################################################ +# Download and install `stack`. +################################################################################ + +# Fetch `stack`. +buildah run "${container}" \ + wget \ + -O "/tmp/stack-${stack_version}.tar.gz" \ + "https://github.com/commercialhaskell/stack/releases/download/v${stack_version}/stack-${stack_version}-linux-x86_64-static.tar.gz" + +# Copy the checksum validation script into the container... +buildah copy --chmod 111 "${container}" \ + ./common/validate_checksum.sh \ + /tmp/validate_checksum.sh + +# ...and verify that the expected and actual actual `stack` checksums match. +buildah run "${container}" \ + ./tmp/validate_checksum.sh \ + "/tmp/stack-${stack_version}.tar.gz" \ + "${stack_expected_checksum}" + +# Extract the `stack` binary... +buildah run "${container}" \ + tar -xvzf "/tmp/stack-${stack_version}.tar.gz" \ + --directory "/tmp" + +# ...relocate it... +buildah run "${container}" \ + mv "/tmp/stack-${stack_version}-linux-x86_64-static/stack" /usr/bin/stack + +# ...make it executable... +buildah run "${container}" \ + chmod +x /usr/bin/stack + +# ...and clean up after ourselves. +buildah run "${container}" rm "/tmp/stack-${stack_version}.tar.gz" +buildah run "${container}" rm -rf "/tmp/stack-${stack_version}-linux-x86_64-static" +buildah run "${container}" rm /tmp/validate_checksum.sh + +################################################################################ +# Compile the Haskell Language Server (HLS) from source. +################################################################################ + +# Install HLS-specific dependencies. +buildah run "${container}" \ + apk add \ + ncurses-dev \ + zlib-dev + +# NOTE: This is just some arbirary time, but it's fixed here so that the package +# set chosen by `cabal-install` should be consistent. +buildah run "${container}" \ + cabal update hackage.haskell.org,2021-10-03T23:05:17Z + +# Compile HLS... +buildah run "${container}" \ + ghcup compile hls \ + --version "${hls_version}" \ + --jobs "$(nproc)" \ + "${ghc_version}" + +# ...and set it as the default version. +buildah run "${container}" \ + ghcup set hls "${hls_version}" + +# Remove HLS-specific system dependencies... +buildah run "${container}" \ + apk del \ + ncurses-dev \ + zlib-dev + +# ...and leftover `cabal-install` build cruft. +buildah run "${container}" \ + rm -rf /root/.cabal + +################################################################################ +# Generate the final image. +################################################################################ + +buildah \ + --signature-policy=./policy.json \ + commit --rm "${container}" "${image}:${ghc_version}" From a8a73e84939fa809372114660f390e4c570a0283 Mon Sep 17 00:00:00 2001 From: jkachmar Date: Mon, 4 Oct 2021 14:54:49 -0400 Subject: [PATCH 16/18] Updates LICENSE --- LICENSE | 403 +++++++++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 373 insertions(+), 30 deletions(-) diff --git a/LICENSE b/LICENSE index 91132e7..a612ad9 100644 --- a/LICENSE +++ b/LICENSE @@ -1,30 +1,373 @@ -Copyright Author name here (c) 2019 - -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - - * Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - - * Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials provided - with the distribution. - - * Neither the name of Author name here nor the names of other - contributors may be used to endorse or promote products derived - from this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. \ No newline at end of file +Mozilla Public License Version 2.0 +================================== + +1. Definitions +-------------- + +1.1. "Contributor" + means each individual or legal entity that creates, contributes to + the creation of, or owns Covered Software. + +1.2. "Contributor Version" + means the combination of the Contributions of others (if any) used + by a Contributor and that particular Contributor's Contribution. + +1.3. "Contribution" + means Covered Software of a particular Contributor. + +1.4. "Covered Software" + means Source Code Form to which the initial Contributor has attached + the notice in Exhibit A, the Executable Form of such Source Code + Form, and Modifications of such Source Code Form, in each case + including portions thereof. + +1.5. "Incompatible With Secondary Licenses" + means + + (a) that the initial Contributor has attached the notice described + in Exhibit B to the Covered Software; or + + (b) that the Covered Software was made available under the terms of + version 1.1 or earlier of the License, but not also under the + terms of a Secondary License. + +1.6. "Executable Form" + means any form of the work other than Source Code Form. + +1.7. "Larger Work" + means a work that combines Covered Software with other material, in + a separate file or files, that is not Covered Software. + +1.8. "License" + means this document. + +1.9. "Licensable" + means having the right to grant, to the maximum extent possible, + whether at the time of the initial grant or subsequently, any and + all of the rights conveyed by this License. + +1.10. "Modifications" + means any of the following: + + (a) any file in Source Code Form that results from an addition to, + deletion from, or modification of the contents of Covered + Software; or + + (b) any new file in Source Code Form that contains any Covered + Software. + +1.11. "Patent Claims" of a Contributor + means any patent claim(s), including without limitation, method, + process, and apparatus claims, in any patent Licensable by such + Contributor that would be infringed, but for the grant of the + License, by the making, using, selling, offering for sale, having + made, import, or transfer of either its Contributions or its + Contributor Version. + +1.12. "Secondary License" + means either the GNU General Public License, Version 2.0, the GNU + Lesser General Public License, Version 2.1, the GNU Affero General + Public License, Version 3.0, or any later versions of those + licenses. + +1.13. "Source Code Form" + means the form of the work preferred for making modifications. + +1.14. "You" (or "Your") + means an individual or a legal entity exercising rights under this + License. For legal entities, "You" includes any entity that + controls, is controlled by, or is under common control with You. For + purposes of this definition, "control" means (a) the power, direct + or indirect, to cause the direction or management of such entity, + whether by contract or otherwise, or (b) ownership of more than + fifty percent (50%) of the outstanding shares or beneficial + ownership of such entity. + +2. License Grants and Conditions +-------------------------------- + +2.1. Grants + +Each Contributor hereby grants You a world-wide, royalty-free, +non-exclusive license: + +(a) under intellectual property rights (other than patent or trademark) + Licensable by such Contributor to use, reproduce, make available, + modify, display, perform, distribute, and otherwise exploit its + Contributions, either on an unmodified basis, with Modifications, or + as part of a Larger Work; and + +(b) under Patent Claims of such Contributor to make, use, sell, offer + for sale, have made, import, and otherwise transfer either its + Contributions or its Contributor Version. + +2.2. Effective Date + +The licenses granted in Section 2.1 with respect to any Contribution +become effective for each Contribution on the date the Contributor first +distributes such Contribution. + +2.3. Limitations on Grant Scope + +The licenses granted in this Section 2 are the only rights granted under +this License. No additional rights or licenses will be implied from the +distribution or licensing of Covered Software under this License. +Notwithstanding Section 2.1(b) above, no patent license is granted by a +Contributor: + +(a) for any code that a Contributor has removed from Covered Software; + or + +(b) for infringements caused by: (i) Your and any other third party's + modifications of Covered Software, or (ii) the combination of its + Contributions with other software (except as part of its Contributor + Version); or + +(c) under Patent Claims infringed by Covered Software in the absence of + its Contributions. + +This License does not grant any rights in the trademarks, service marks, +or logos of any Contributor (except as may be necessary to comply with +the notice requirements in Section 3.4). + +2.4. Subsequent Licenses + +No Contributor makes additional grants as a result of Your choice to +distribute the Covered Software under a subsequent version of this +License (see Section 10.2) or under the terms of a Secondary License (if +permitted under the terms of Section 3.3). + +2.5. Representation + +Each Contributor represents that the Contributor believes its +Contributions are its original creation(s) or it has sufficient rights +to grant the rights to its Contributions conveyed by this License. + +2.6. Fair Use + +This License is not intended to limit any rights You have under +applicable copyright doctrines of fair use, fair dealing, or other +equivalents. + +2.7. Conditions + +Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted +in Section 2.1. + +3. Responsibilities +------------------- + +3.1. Distribution of Source Form + +All distribution of Covered Software in Source Code Form, including any +Modifications that You create or to which You contribute, must be under +the terms of this License. You must inform recipients that the Source +Code Form of the Covered Software is governed by the terms of this +License, and how they can obtain a copy of this License. You may not +attempt to alter or restrict the recipients' rights in the Source Code +Form. + +3.2. Distribution of Executable Form + +If You distribute Covered Software in Executable Form then: + +(a) such Covered Software must also be made available in Source Code + Form, as described in Section 3.1, and You must inform recipients of + the Executable Form how they can obtain a copy of such Source Code + Form by reasonable means in a timely manner, at a charge no more + than the cost of distribution to the recipient; and + +(b) You may distribute such Executable Form under the terms of this + License, or sublicense it under different terms, provided that the + license for the Executable Form does not attempt to limit or alter + the recipients' rights in the Source Code Form under this License. + +3.3. Distribution of a Larger Work + +You may create and distribute a Larger Work under terms of Your choice, +provided that You also comply with the requirements of this License for +the Covered Software. If the Larger Work is a combination of Covered +Software with a work governed by one or more Secondary Licenses, and the +Covered Software is not Incompatible With Secondary Licenses, this +License permits You to additionally distribute such Covered Software +under the terms of such Secondary License(s), so that the recipient of +the Larger Work may, at their option, further distribute the Covered +Software under the terms of either this License or such Secondary +License(s). + +3.4. Notices + +You may not remove or alter the substance of any license notices +(including copyright notices, patent notices, disclaimers of warranty, +or limitations of liability) contained within the Source Code Form of +the Covered Software, except that You may alter any license notices to +the extent required to remedy known factual inaccuracies. + +3.5. Application of Additional Terms + +You may choose to offer, and to charge a fee for, warranty, support, +indemnity or liability obligations to one or more recipients of Covered +Software. However, You may do so only on Your own behalf, and not on +behalf of any Contributor. You must make it absolutely clear that any +such warranty, support, indemnity, or liability obligation is offered by +You alone, and You hereby agree to indemnify every Contributor for any +liability incurred by such Contributor as a result of warranty, support, +indemnity or liability terms You offer. You may include additional +disclaimers of warranty and limitations of liability specific to any +jurisdiction. + +4. Inability to Comply Due to Statute or Regulation +--------------------------------------------------- + +If it is impossible for You to comply with any of the terms of this +License with respect to some or all of the Covered Software due to +statute, judicial order, or regulation then You must: (a) comply with +the terms of this License to the maximum extent possible; and (b) +describe the limitations and the code they affect. Such description must +be placed in a text file included with all distributions of the Covered +Software under this License. Except to the extent prohibited by statute +or regulation, such description must be sufficiently detailed for a +recipient of ordinary skill to be able to understand it. + +5. Termination +-------------- + +5.1. The rights granted under this License will terminate automatically +if You fail to comply with any of its terms. However, if You become +compliant, then the rights granted under this License from a particular +Contributor are reinstated (a) provisionally, unless and until such +Contributor explicitly and finally terminates Your grants, and (b) on an +ongoing basis, if such Contributor fails to notify You of the +non-compliance by some reasonable means prior to 60 days after You have +come back into compliance. Moreover, Your grants from a particular +Contributor are reinstated on an ongoing basis if such Contributor +notifies You of the non-compliance by some reasonable means, this is the +first time You have received notice of non-compliance with this License +from such Contributor, and You become compliant prior to 30 days after +Your receipt of the notice. + +5.2. If You initiate litigation against any entity by asserting a patent +infringement claim (excluding declaratory judgment actions, +counter-claims, and cross-claims) alleging that a Contributor Version +directly or indirectly infringes any patent, then the rights granted to +You by any and all Contributors for the Covered Software under Section +2.1 of this License shall terminate. + +5.3. In the event of termination under Sections 5.1 or 5.2 above, all +end user license agreements (excluding distributors and resellers) which +have been validly granted by You or Your distributors under this License +prior to termination shall survive termination. + +************************************************************************ +* * +* 6. Disclaimer of Warranty * +* ------------------------- * +* * +* Covered Software is provided under this License on an "as is" * +* basis, without warranty of any kind, either expressed, implied, or * +* statutory, including, without limitation, warranties that the * +* Covered Software is free of defects, merchantable, fit for a * +* particular purpose or non-infringing. The entire risk as to the * +* quality and performance of the Covered Software is with You. * +* Should any Covered Software prove defective in any respect, You * +* (not any Contributor) assume the cost of any necessary servicing, * +* repair, or correction. This disclaimer of warranty constitutes an * +* essential part of this License. No use of any Covered Software is * +* authorized under this License except under this disclaimer. * +* * +************************************************************************ + +************************************************************************ +* * +* 7. Limitation of Liability * +* -------------------------- * +* * +* Under no circumstances and under no legal theory, whether tort * +* (including negligence), contract, or otherwise, shall any * +* Contributor, or anyone who distributes Covered Software as * +* permitted above, be liable to You for any direct, indirect, * +* special, incidental, or consequential damages of any character * +* including, without limitation, damages for lost profits, loss of * +* goodwill, work stoppage, computer failure or malfunction, or any * +* and all other commercial damages or losses, even if such party * +* shall have been informed of the possibility of such damages. This * +* limitation of liability shall not apply to liability for death or * +* personal injury resulting from such party's negligence to the * +* extent applicable law prohibits such limitation. Some * +* jurisdictions do not allow the exclusion or limitation of * +* incidental or consequential damages, so this exclusion and * +* limitation may not apply to You. * +* * +************************************************************************ + +8. Litigation +------------- + +Any litigation relating to this License may be brought only in the +courts of a jurisdiction where the defendant maintains its principal +place of business and such litigation shall be governed by laws of that +jurisdiction, without reference to its conflict-of-law provisions. +Nothing in this Section shall prevent a party's ability to bring +cross-claims or counter-claims. + +9. Miscellaneous +---------------- + +This License represents the complete agreement concerning the subject +matter hereof. If any provision of this License is held to be +unenforceable, such provision shall be reformed only to the extent +necessary to make it enforceable. Any law or regulation which provides +that the language of a contract shall be construed against the drafter +shall not be used to construe this License against a Contributor. + +10. Versions of the License +--------------------------- + +10.1. New Versions + +Mozilla Foundation is the license steward. Except as provided in Section +10.3, no one other than the license steward has the right to modify or +publish new versions of this License. Each version will be given a +distinguishing version number. + +10.2. Effect of New Versions + +You may distribute the Covered Software under the terms of the version +of the License under which You originally received the Covered Software, +or under the terms of any subsequent version published by the license +steward. + +10.3. Modified Versions + +If you create software not governed by this License, and you want to +create a new license for such software, you may create and use a +modified version of this License if you rename the license and remove +any references to the name of the license steward (except to note that +such modified license differs from this License). + +10.4. Distributing Source Code Form that is Incompatible With Secondary +Licenses + +If You choose to distribute Source Code Form that is Incompatible With +Secondary Licenses under the terms of this version of the License, the +notice described in Exhibit B of this License must be attached. + +Exhibit A - Source Code Form License Notice +------------------------------------------- + + This Source Code Form is subject to the terms of the Mozilla Public + License, v. 2.0. If a copy of the MPL was not distributed with this + file, You can obtain one at http://mozilla.org/MPL/2.0/. + +If it is not possible or desirable to put the notice in a particular +file, then You may include the notice in a location (such as a LICENSE +file in a relevant directory) where a recipient would be likely to look +for such a notice. + +You may add additional accurate notices of copyright ownership. + +Exhibit B - "Incompatible With Secondary Licenses" Notice +--------------------------------------------------------- + + This Source Code Form is "Incompatible With Secondary Licenses", as + defined by the Mozilla Public License, v. 2.0. From d7c2b6861603a69144bbb97bfbad069845ddbb5c Mon Sep 17 00:00:00 2001 From: jkachmar Date: Mon, 4 Oct 2021 14:55:00 -0400 Subject: [PATCH 17/18] Small updates --- ghc/builder.sh | 14 ++++++++------ policy.json | 4 +++- tooling/builder.sh | 8 ++++---- 3 files changed, 15 insertions(+), 11 deletions(-) diff --git a/ghc/builder.sh b/ghc/builder.sh index 95e4971..324b82c 100755 --- a/ghc/builder.sh +++ b/ghc/builder.sh @@ -32,11 +32,11 @@ usage="USAGE: $0 default: ${alpine_ver} -c CONTAINER override the default container name default: ${container} - -g GHC_VER override the numeric library GHC is built against; either 'gmp' or 'simple' + -g GHC_VER override the version of GHC to be compiled default: ${ghc_version} -i IMAGE override the default image base name default: ${image} - -n NUMERIC override the numeric library GHC is built against; either 'gmp' or 'simple' + -n NUMERIC override the numeric library GHC is built against; either 'gmp' or 'native' default: ${numeric}" while getopts "a:c:g:i:n:h" opt; do @@ -54,11 +54,11 @@ while getopts "a:c:g:i:n:h" opt; do image="${OPTARG}" };; n ) { - if [ "${OPTARG}" = "gmp" ] || [ "${OPTARG}" = "simple" ]; then + if [ "${OPTARG}" = "gmp" ] || [ "${OPTARG}" = "native" ]; then numeric="${OPTARG}" else echo "Invalid NUMERIC argument (i.e. '-n')." >&2 - echo "Expected either 'gmp' or 'simple', got '${OPTARG}'" >&2 + echo "Expected either 'gmp' or 'native', got '${OPTARG}'" >&2 exit 1 fi; };; @@ -128,14 +128,16 @@ if [ "${numeric}" = "gmp" ]; then buildah copy --chmod 444 "${container}" \ ./ghc/build-gmp.mk \ /tmp/build.mk -elif [ "${numeric}" = "simple" ]; then +elif [ "${numeric}" = "native" ]; then + # TODO: Add a check for GHC version > 9.x; in that case we need to use a + # `ghc-bignum` flag w/ `native` instead of the old flag for `simple`. buildah copy --chmod 444 "${container}" \ ./ghc/build-simple.mk \ /tmp/build.mk else # Should be impossible... echo "This code path should be unreachable!" >&2 echo "Invalid NUMERIC argument (i.e. '-n')" >&2 - echo "Expected either 'gmp' or 'simple', got '${numeric}'" >&2 + echo "Expected either 'gmp' or 'native', got '${numeric}'" >&2 exit 1 fi; diff --git a/policy.json b/policy.json index 1ee3333..8571b62 100644 --- a/policy.json +++ b/policy.json @@ -3,7 +3,9 @@ "transports": { "docker": { "docker.io/library/alpine": [{"type": "insecureAcceptAnything"}], - "ghcr.io/jkachmar/ghcup": [{"type": "insecureAcceptAnything"}] + "ghcr.io/jkachmar/ghcup": [{"type": "insecureAcceptAnything"}], + "ghcr.io/jkachmar/ghc-gmp": [{"type": "insecureAcceptAnything"}], + "ghcr.io/jkachmar/ghc-native": [{"type": "insecureAcceptAnything"}] }, "dir": { "": [{"type": "insecureAcceptAnything"}] diff --git a/tooling/builder.sh b/tooling/builder.sh index 91d3a9e..f405a4f 100755 --- a/tooling/builder.sh +++ b/tooling/builder.sh @@ -39,11 +39,11 @@ usage="USAGE: $0 default: ${alpine_ver} -c CONTAINER override the default container name default: ${container} - -g GHC_VER override the numeric library GHC is built against; either 'gmp' or 'simple' + -g GHC_VER override the version of GHC to be compiled default: ${ghc_version} -i IMAGE override the default image base name default: ${image} - -n NUMERIC override the numeric library GHC is built against; either 'gmp' or 'simple' + -n NUMERIC override the numeric library GHC is built against; either 'gmp' or 'native' default: ${numeric} -C CABAL_VER override the default version of 'cabal-install' to build default: ${cabal_version} @@ -67,11 +67,11 @@ while getopts "a:c:g:i:n:C:S:H:h" opt; do image="${OPTARG}" };; n ) { - if [ "${OPTARG}" = "gmp" ] || [ "${OPTARG}" = "simple" ]; then + if [ "${OPTARG}" = "gmp" ] || [ "${OPTARG}" = "native" ]; then numeric="${OPTARG}" else echo "Invalid NUMERIC argument (i.e. '-n')." >&2 - echo "Expected either 'gmp' or 'simple', got '${OPTARG}'" >&2 + echo "Expected either 'gmp' or 'native', got '${OPTARG}'" >&2 exit 1 fi; };; From 9f87e8f92fbbe528f0d9fe745ace6a5625da6c79 Mon Sep 17 00:00:00 2001 From: jkachmar Date: Fri, 8 Oct 2021 01:39:16 -0400 Subject: [PATCH 18/18] Adds alpine to image names --- ghc/builder.sh | 4 ++-- tooling/builder.sh | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ghc/builder.sh b/ghc/builder.sh index 324b82c..126d517 100755 --- a/ghc/builder.sh +++ b/ghc/builder.sh @@ -18,8 +18,8 @@ cd "$( git rev-parse --show-toplevel )" ################################################################################ alpine_ver="3.14" -container="ghc" -image="ghc" +container="alpine-ghc" +image="alpine-ghc" ghc_version="8.10.7" # NOTE: The logic associated with this will have to change for GHC 9.x and up to diff --git a/tooling/builder.sh b/tooling/builder.sh index f405a4f..36f51ff 100755 --- a/tooling/builder.sh +++ b/tooling/builder.sh @@ -18,8 +18,8 @@ cd "$( git rev-parse --show-toplevel )" ################################################################################ alpine_ver="3.14" -container="ghc-with-tooling" -image="ghc-with-tooling" +container="alpine-ghc-with-tooling" +image="alpine-ghc-with-tooling" ghc_version="8.10.7" # NOTE: The logic associated with this will have to change for GHC 9.x and up to