-
-
Notifications
You must be signed in to change notification settings - Fork 14.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[WIP] Enable Vault UI #49082
[WIP] Enable Vault UI #49082
Conversation
Enables the vault UI, which ships with vault since version 0.10
Also adds a test that this option actually works
I'm not sure why the build is failing. It gives a "path is not valid" but I can't reproduce that locally |
|
The problem is that consul and vault use yarn.lock instead of package-lock.json. Which npm2nix isn't compatible with ... But I could try. Maybe I don't need the exact upstream versions for them. |
Another problem is that some of the dependencies of Vault's UI are not on edit: apparently I'll have a look today. Lets hope |
Alas @Mic92 I tried adding it to |
I think the evaluation error is cause by the way yarn2nix works, it uses import from derivation which isn't allowed on ofborg or hydra. |
I disabled import from derivation by explicitly passing a lockfile I
thought.
…On Fri, Oct 26, 2018, 02:24 Daiderd Jordan ***@***.***> wrote:
I think the evaluation error is cause by the way yarn2nix works, it uses
import from derivation which isn't allowed on ofborg or hydra.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#49082 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAmWo1FoG7q2Sqzn-ujhxx8KuJ3eu4FQks5uolYrgaJpZM4X5Sql>
.
|
I thought so too, but maybe not? The error definitely looks like an error caused by |
Is patterns like: disallowed in restricted eval mode? I.e. the source of one package is dependent on the source of another package? |
Ahaaa... It's |
I filed an issue upstream with |
This method isn't allowed on Hydra. It was only used to extract metadata from package.json We remove it, so that the build is pure again. We should probably upstream this to the yarn2nix repo as well
Apparently I've asked upstream if they would consider doing something similar to |
Unfortunately, they will not change this upstream. So we'll have to go with |
@Mic92 are there any technical downsides of including this |
This pull request adds 500 KB generated data to our repository. This will stick in our history and requires additional storage for each channel user. I can tell from experience that also git does not like large generated text files. Also we might be able to fix nix evaluation performance it would be impossible to fix our history.
Here is an example project for uploading release assets: https://github.com/Mic92/cntr/blob/master/.travis.yml#L39 |
That sounds like a good idea. I will do that. If it turns out to be too much work. I'm just gonna drop this PR, and we'll just continue building Vault without a UI. |
I lost interest in getting this merged, as I have no interest in maintaining my own fork of vault with my own CI, given it's quite a security-senstive product. Someone else feel free to pick this up, or use it to build Vault locally with UI enabled :) |
This binray contain the UI part of HashiCorp Vault that we were not able to build it due to the need to generate a very big yarn file. NixOS#49082
Motivation for this change
Since version 0.10, Vault ships with an administrator UI. This PR allows us to use that.
This was a bit of task to get working!
The new consul version also packages its UI this way. So when we want to bump consul from the current (pretty old) version, we can use the same groundwork we did here. So that's good news.
Including the assets has barely any impact on the closure size:
Things done
sandbox
innix.conf
on non-NixOS)nix-shell -p nox --run "nox-review wip"
./result/bin/
)nix path-info -S
before and after)