From ea2062a2d9144d78588675950fc04756f0d200a5 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 24 Jul 2020 20:38:56 +0200 Subject: [PATCH] Move most store-related commands to 'nix store' --- src/nix/add-to-store.cc | 4 +-- src/nix/cat.cc | 2 -- src/nix/diff-closures.cc | 6 ++-- src/nix/dump-path.cc | 5 +-- src/nix/ls.cc | 4 +-- src/nix/main.cc | 18 ++++++++--- src/nix/make-content-addressable.cc | 8 ++--- src/nix/optimise-store.cc | 6 ++-- src/nix/ping-store.cc | 6 ++-- src/nix/sigs.cc | 8 ++--- src/nix/verify.cc | 8 ++--- tests/binary-cache.sh | 2 +- tests/fetchurl.sh | 2 +- tests/gc-auto.sh | 6 ++-- tests/recursive.sh | 4 +-- tests/signing.sh | 48 ++++++++++++++--------------- tests/ssh-relay.sh | 2 +- 17 files changed, 62 insertions(+), 77 deletions(-) diff --git a/src/nix/add-to-store.cc b/src/nix/add-to-store.cc index a2721431e..66822b0ff 100644 --- a/src/nix/add-to-store.cc +++ b/src/nix/add-to-store.cc @@ -43,8 +43,6 @@ struct CmdAddToStore : MixDryRun, StoreCommand ; } - Category category() override { return catUtility; } - void run(ref store) override { if (!namePart) namePart = baseNameOf(path); @@ -80,4 +78,4 @@ struct CmdAddToStore : MixDryRun, StoreCommand } }; -static auto rCmdAddToStore = registerCommand("add-to-store"); +static auto rCmdAddToStore = registerCommand2({"store", "add-path"}); diff --git a/src/nix/cat.cc b/src/nix/cat.cc index 4fa1c9491..2ecffc9a5 100644 --- a/src/nix/cat.cc +++ b/src/nix/cat.cc @@ -37,8 +37,6 @@ struct CmdCatStore : StoreCommand, MixCat return "print the contents of a file in the Nix store on stdout"; } - Category category() override { return catUtility; } - void run(ref store) override { cat(store->getFSAccessor()); diff --git a/src/nix/diff-closures.cc b/src/nix/diff-closures.cc index 30e7b20e1..f72b5eff7 100644 --- a/src/nix/diff-closures.cc +++ b/src/nix/diff-closures.cc @@ -121,14 +121,12 @@ struct CmdDiffClosures : SourceExprCommand return "show what packages and versions were added and removed between two closures"; } - Category category() override { return catSecondary; } - Examples examples() override { return { { "To show what got added and removed between two versions of the NixOS system profile:", - "nix diff-closures /nix/var/nix/profiles/system-655-link /nix/var/nix/profiles/system-658-link", + "nix store diff-closures /nix/var/nix/profiles/system-655-link /nix/var/nix/profiles/system-658-link", }, }; } @@ -143,4 +141,4 @@ struct CmdDiffClosures : SourceExprCommand } }; -static auto rCmdDiffClosures = registerCommand("diff-closures"); +static auto rCmdDiffClosures = registerCommand2({"store", "diff-closures"}); diff --git a/src/nix/dump-path.cc b/src/nix/dump-path.cc index 4b225ae9f..256db64a9 100644 --- a/src/nix/dump-path.cc +++ b/src/nix/dump-path.cc @@ -16,13 +16,11 @@ struct CmdDumpPath : StorePathCommand return { Example{ "To get a NAR from the binary cache https://cache.nixos.org/:", - "nix dump-path --store https://cache.nixos.org/ /nix/store/7crrmih8c52r8fbnqb933dxrsp44md93-glibc-2.25" + "nix store dump-path --store https://cache.nixos.org/ /nix/store/7crrmih8c52r8fbnqb933dxrsp44md93-glibc-2.25" }, }; } - Category category() override { return catUtility; } - void run(ref store, const StorePath & storePath) override { FdSink sink(STDOUT_FILENO); @@ -31,7 +29,6 @@ struct CmdDumpPath : StorePathCommand } }; - static auto rDumpPath = registerCommand2({"store", "dump-path"}); struct CmdDumpPath2 : Command diff --git a/src/nix/ls.cc b/src/nix/ls.cc index d5fec4d84..1f5ed6913 100644 --- a/src/nix/ls.cc +++ b/src/nix/ls.cc @@ -97,7 +97,7 @@ struct CmdLsStore : StoreCommand, MixLs return { Example{ "To list the contents of a store path in a binary cache:", - "nix ls-store --store https://cache.nixos.org/ -lR /nix/store/0i2jd68mp5g6h2sa5k9c85rb80sn8hi9-hello-2.10" + "nix store ls --store https://cache.nixos.org/ -lR /nix/store/0i2jd68mp5g6h2sa5k9c85rb80sn8hi9-hello-2.10" }, }; } @@ -107,8 +107,6 @@ struct CmdLsStore : StoreCommand, MixLs return "show information about a path in the Nix store"; } - Category category() override { return catUtility; } - void run(ref store) override { list(store->getFSAccessor()); diff --git a/src/nix/main.cc b/src/nix/main.cc index 0002be291..fb3bffeaf 100644 --- a/src/nix/main.cc +++ b/src/nix/main.cc @@ -115,17 +115,25 @@ struct NixArgs : virtual MultiCommand, virtual MixCommonArgs } std::map> aliases = { + {"add-to-store", {"store", "add-path"}}, + {"cat-nar", {"nar", "cat"}}, + {"cat-store", {"store", "cat"}}, + {"copy-sigs", {"store", "copy-sigs"}}, {"dev-shell", {"develop"}}, + {"diff-closures", {"store", "diff-closures"}}, + {"dump-path", {"store", "dump-path"}}, {"hash-file", {"hash", "file"}}, {"hash-path", {"hash", "path"}}, + {"ls-nar", {"nar", "ls"}}, + {"ls-store", {"store", "ls"}}, + {"make-content-addressable", {"store", "make-content-addressable"}}, + {"optimise-store", {"store", "optimise"}}, + {"ping-store", {"store", "ping"}}, + {"sign-paths", {"store", "sign-paths"}}, {"to-base16", {"hash", "to-base16"}}, {"to-base32", {"hash", "to-base32"}}, {"to-base64", {"hash", "to-base64"}}, - {"ls-nar", {"nar", "ls"}}, - {"ls-store", {"store", "ls"}}, - {"cat-nar", {"nar", "cat"}}, - {"cat-store", {"store", "cat"}}, - {"dump-path", {"store", "dump-path"}}, + {"verify", {"store", "verify"}}, }; bool aliasUsed = false; diff --git a/src/nix/make-content-addressable.cc b/src/nix/make-content-addressable.cc index 12c2cf776..0dade90ef 100644 --- a/src/nix/make-content-addressable.cc +++ b/src/nix/make-content-addressable.cc @@ -23,17 +23,15 @@ struct CmdMakeContentAddressable : StorePathsCommand, MixJSON return { Example{ "To create a content-addressable representation of GNU Hello (but not its dependencies):", - "nix make-content-addressable nixpkgs#hello" + "nix store make-content-addressable nixpkgs#hello" }, Example{ "To compute a content-addressable representation of the current NixOS system closure:", - "nix make-content-addressable -r /run/current-system" + "nix store make-content-addressable -r /run/current-system" }, }; } - Category category() override { return catUtility; } - void run(ref store, StorePaths storePaths) override { auto paths = store->topoSortPaths(StorePathSet(storePaths.begin(), storePaths.end())); @@ -108,4 +106,4 @@ struct CmdMakeContentAddressable : StorePathsCommand, MixJSON } }; -static auto rCmdMakeContentAddressable = registerCommand("make-content-addressable"); +static auto rCmdMakeContentAddressable = registerCommand2({"store", "make-content-addressable"}); diff --git a/src/nix/optimise-store.cc b/src/nix/optimise-store.cc index 51a7a9756..bc7f175ac 100644 --- a/src/nix/optimise-store.cc +++ b/src/nix/optimise-store.cc @@ -18,17 +18,15 @@ struct CmdOptimiseStore : StoreCommand return { Example{ "To optimise the Nix store:", - "nix optimise-store" + "nix store optimise" }, }; } - Category category() override { return catUtility; } - void run(ref store) override { store->optimiseStore(); } }; -static auto rCmdOptimiseStore = registerCommand("optimise-store"); +static auto rCmdOptimiseStore = registerCommand2({"store", "optimise"}); diff --git a/src/nix/ping-store.cc b/src/nix/ping-store.cc index 8db78d591..19b1a55c8 100644 --- a/src/nix/ping-store.cc +++ b/src/nix/ping-store.cc @@ -16,17 +16,15 @@ struct CmdPingStore : StoreCommand return { Example{ "To test whether connecting to a remote Nix store via SSH works:", - "nix ping-store --store ssh://mac1" + "nix store ping --store ssh://mac1" }, }; } - Category category() override { return catUtility; } - void run(ref store) override { store->connect(); } }; -static auto rCmdPingStore = registerCommand("ping-store"); +static auto rCmdPingStore = registerCommand2({"store", "ping"}); diff --git a/src/nix/sigs.cc b/src/nix/sigs.cc index 44916c77f..37b8a6712 100644 --- a/src/nix/sigs.cc +++ b/src/nix/sigs.cc @@ -27,8 +27,6 @@ struct CmdCopySigs : StorePathsCommand return "copy path signatures from substituters (like binary caches)"; } - Category category() override { return catUtility; } - void run(ref store, StorePaths storePaths) override { if (substituterUris.empty()) @@ -92,7 +90,7 @@ struct CmdCopySigs : StorePathsCommand } }; -static auto rCmdCopySigs = registerCommand("copy-sigs"); +static auto rCmdCopySigs = registerCommand2({"store", "copy-sigs"}); struct CmdSignPaths : StorePathsCommand { @@ -115,8 +113,6 @@ struct CmdSignPaths : StorePathsCommand return "sign the specified paths"; } - Category category() override { return catUtility; } - void run(ref store, StorePaths storePaths) override { if (secretKeyFile.empty()) @@ -144,4 +140,4 @@ struct CmdSignPaths : StorePathsCommand } }; -static auto rCmdSignPaths = registerCommand("sign-paths"); +static auto rCmdSignPaths = registerCommand2({"store", "sign-paths"}); diff --git a/src/nix/verify.cc b/src/nix/verify.cc index ec7333d03..bcf85d7dd 100644 --- a/src/nix/verify.cc +++ b/src/nix/verify.cc @@ -40,17 +40,15 @@ struct CmdVerify : StorePathsCommand return { Example{ "To verify the entire Nix store:", - "nix verify --all" + "nix store verify --all" }, Example{ "To check whether each path in the closure of Firefox has at least 2 signatures:", - "nix verify -r -n2 --no-contents $(type -p firefox)" + "nix store verify -r -n2 --no-contents $(type -p firefox)" }, }; } - Category category() override { return catSecondary; } - void run(ref store, StorePaths storePaths) override { std::vector> substituters; @@ -189,4 +187,4 @@ struct CmdVerify : StorePathsCommand } }; -static auto rCmdVerify = registerCommand("verify"); +static auto rCmdVerify = registerCommand2({"store", "verify"}); diff --git a/tests/binary-cache.sh b/tests/binary-cache.sh index 8cb17caf8..92ed36225 100644 --- a/tests/binary-cache.sh +++ b/tests/binary-cache.sh @@ -188,7 +188,7 @@ unset _NIX_FORCE_HTTP # Test 'nix verify --all' on a binary cache. -nix verify -vvvvv --all --store file://$cacheDir --no-trust +nix store verify -vvvvv --all --store file://$cacheDir --no-trust # Test local NAR caching. diff --git a/tests/fetchurl.sh b/tests/fetchurl.sh index 89ff08d4d..7ec25808c 100644 --- a/tests/fetchurl.sh +++ b/tests/fetchurl.sh @@ -36,7 +36,7 @@ other_store=file://$TEST_ROOT/other_store?store=/fnord/store hash=$(nix hash file --type sha256 --base16 ./fetchurl.sh) -storePath=$(nix --store $other_store add-to-store --flat ./fetchurl.sh) +storePath=$(nix --store $other_store store add-path --flat ./fetchurl.sh) outPath=$(nix-build '' --argstr url file:///no-such-dir/fetchurl.sh --argstr sha256 $hash --no-out-link --substituters $other_store) diff --git a/tests/gc-auto.sh b/tests/gc-auto.sh index 3add896c6..6867f2eb4 100644 --- a/tests/gc-auto.sh +++ b/tests/gc-auto.sh @@ -2,9 +2,9 @@ source common.sh clearStore -garbage1=$(nix add-to-store --name garbage1 ./nar-access.sh) -garbage2=$(nix add-to-store --name garbage2 ./nar-access.sh) -garbage3=$(nix add-to-store --name garbage3 ./nar-access.sh) +garbage1=$(nix store add-path --name garbage1 ./nar-access.sh) +garbage2=$(nix store add-path --name garbage2 ./nar-access.sh) +garbage3=$(nix store add-path --name garbage3 ./nar-access.sh) ls -l $garbage3 POSIXLY_CORRECT=1 du $garbage3 diff --git a/tests/recursive.sh b/tests/recursive.sh index 80a178cc7..b020ec710 100644 --- a/tests/recursive.sh +++ b/tests/recursive.sh @@ -7,7 +7,7 @@ clearStore rm -f $TEST_ROOT/result -export unreachable=$(nix add-to-store ./recursive.sh) +export unreachable=$(nix store add-path ./recursive.sh) NIX_BIN_DIR=$(dirname $(type -p nix)) nix --experimental-features 'nix-command recursive-nix' build -o $TEST_ROOT/result -L --impure --expr ' with import ./config.nix; @@ -38,7 +38,7 @@ NIX_BIN_DIR=$(dirname $(type -p nix)) nix --experimental-features 'nix-command r # Add something to the store. echo foobar > foobar - foobar=$(nix $opts add-to-store ./foobar) + foobar=$(nix $opts store add-path ./foobar) nix $opts path-info $foobar nix $opts build $foobar diff --git a/tests/signing.sh b/tests/signing.sh index 9e29e3fbf..bd6280cc6 100644 --- a/tests/signing.sh +++ b/tests/signing.sh @@ -17,40 +17,40 @@ info=$(nix path-info --json $outPath) [[ $info =~ 'cache1.example.org' ]] [[ $info =~ 'cache2.example.org' ]] -# Test "nix verify". -nix verify -r $outPath +# Test "nix store verify". +nix store verify -r $outPath -expect 2 nix verify -r $outPath --sigs-needed 1 +expect 2 nix store verify -r $outPath --sigs-needed 1 -nix verify -r $outPath --sigs-needed 1 --trusted-public-keys $pk1 +nix store verify -r $outPath --sigs-needed 1 --trusted-public-keys $pk1 -expect 2 nix verify -r $outPath --sigs-needed 2 --trusted-public-keys $pk1 +expect 2 nix store verify -r $outPath --sigs-needed 2 --trusted-public-keys $pk1 -nix verify -r $outPath --sigs-needed 2 --trusted-public-keys "$pk1 $pk2" +nix store verify -r $outPath --sigs-needed 2 --trusted-public-keys "$pk1 $pk2" -nix verify --all --sigs-needed 2 --trusted-public-keys "$pk1 $pk2" +nix store verify --all --sigs-needed 2 --trusted-public-keys "$pk1 $pk2" # Build something unsigned. outPath2=$(nix-build simple.nix --no-out-link) -nix verify -r $outPath +nix store verify -r $outPath # Verify that the path did not get signed but does have the ultimate bit. info=$(nix path-info --json $outPath2) [[ $info =~ '"ultimate":true' ]] (! [[ $info =~ 'signatures' ]]) -# Test "nix verify". -nix verify -r $outPath2 +# Test "nix store verify". +nix store verify -r $outPath2 -expect 2 nix verify -r $outPath2 --sigs-needed 1 +expect 2 nix store verify -r $outPath2 --sigs-needed 1 -expect 2 nix verify -r $outPath2 --sigs-needed 1 --trusted-public-keys $pk1 +expect 2 nix store verify -r $outPath2 --sigs-needed 1 --trusted-public-keys $pk1 -# Test "nix sign-paths". -nix sign-paths --key-file $TEST_ROOT/sk1 $outPath2 +# Test "nix store sign-paths". +nix store sign-paths --key-file $TEST_ROOT/sk1 $outPath2 -nix verify -r $outPath2 --sigs-needed 1 --trusted-public-keys $pk1 +nix store verify -r $outPath2 --sigs-needed 1 --trusted-public-keys $pk1 # Build something content-addressed. outPathCA=$(IMPURE_VAR1=foo IMPURE_VAR2=bar nix-build ./fixed.nix -A good.0 --no-out-link) @@ -59,12 +59,12 @@ outPathCA=$(IMPURE_VAR1=foo IMPURE_VAR2=bar nix-build ./fixed.nix -A good.0 --no # Content-addressed paths don't need signatures, so they verify # regardless of --sigs-needed. -nix verify $outPathCA -nix verify $outPathCA --sigs-needed 1000 +nix store verify $outPathCA +nix store verify $outPathCA --sigs-needed 1000 # Check that signing a content-addressed path doesn't overflow validSigs -nix sign-paths --key-file $TEST_ROOT/sk1 $outPathCA -nix verify -r $outPathCA --sigs-needed 1000 --trusted-public-keys $pk1 +nix store sign-paths --key-file $TEST_ROOT/sk1 $outPathCA +nix store verify -r $outPathCA --sigs-needed 1000 --trusted-public-keys $pk1 # Copy to a binary cache. nix copy --to file://$cacheDir $outPath2 @@ -76,7 +76,7 @@ info=$(nix path-info --store file://$cacheDir --json $outPath2) (! [[ $info =~ 'cache2.example.org' ]]) # Verify that adding a signature to a path in a binary cache works. -nix sign-paths --store file://$cacheDir --key-file $TEST_ROOT/sk2 $outPath2 +nix store sign-paths --store file://$cacheDir --key-file $TEST_ROOT/sk2 $outPath2 info=$(nix path-info --store file://$cacheDir --json $outPath2) [[ $info =~ 'cache1.example.org' ]] [[ $info =~ 'cache2.example.org' ]] @@ -89,17 +89,17 @@ rm -rf $TEST_ROOT/store0 # But succeed if we supply the public keys. nix copy --to $TEST_ROOT/store0 $outPath --trusted-public-keys $pk1 -expect 2 nix verify --store $TEST_ROOT/store0 -r $outPath +expect 2 nix store verify --store $TEST_ROOT/store0 -r $outPath -nix verify --store $TEST_ROOT/store0 -r $outPath --trusted-public-keys $pk1 -nix verify --store $TEST_ROOT/store0 -r $outPath --sigs-needed 2 --trusted-public-keys "$pk1 $pk2" +nix store verify --store $TEST_ROOT/store0 -r $outPath --trusted-public-keys $pk1 +nix store verify --store $TEST_ROOT/store0 -r $outPath --sigs-needed 2 --trusted-public-keys "$pk1 $pk2" # It should also succeed if we disable signature checking. (! nix copy --to $TEST_ROOT/store0 $outPath2) nix copy --to $TEST_ROOT/store0?require-sigs=false $outPath2 # But signatures should still get copied. -nix verify --store $TEST_ROOT/store0 -r $outPath2 --trusted-public-keys $pk1 +nix store verify --store $TEST_ROOT/store0 -r $outPath2 --trusted-public-keys $pk1 # Content-addressed stuff can be copied without signatures. nix copy --to $TEST_ROOT/store0 $outPathCA diff --git a/tests/ssh-relay.sh b/tests/ssh-relay.sh index dce50974b..053b2f00d 100644 --- a/tests/ssh-relay.sh +++ b/tests/ssh-relay.sh @@ -11,6 +11,6 @@ store+=$remote_store store+=$remote_store store+=$remote_store -out=$(nix add-to-store --store "$store" $TEST_ROOT/hello.sh) +out=$(nix store add-path --store "$store" $TEST_ROOT/hello.sh) [ foo = $(< $out) ]