M doc/guix.texi => doc/guix.texi +9 -1
@@ 2187,7 2187,7 @@ a derivation is the @code{derivation} procedure:
@var{args} [#:outputs '("out")] [#:hash #f] [#:hash-algo #f] @
[#:recursive? #f] [#:inputs '()] [#:env-vars '()] @
[#:system (%current-system)] [#:references-graphs #f] @
- [#:allowed-references #f] [#:local-build? #f]
+ [#:allowed-references #f] [#:leaked-env-vars #f] [#:local-build? #f]
Build a derivation with the given arguments, and return the resulting
@code{<derivation>} object.
@@ 2206,6 2206,13 @@ a simple text format.
When @var{allowed-references} is true, it must be a list of store items
or outputs that the derivation's output may refer to.
+When @var{leaked-env-vars} is true, it must be a list of strings
+denoting environment variables that are allowed to ``leak'' from the
+daemon's environment to the build environment. This is only applicable
+to fixed-output derivations---i.e., when @var{hash} is true. The main
+use is to allow variables such as @code{http_proxy} to be passed to
+derivations that download files.
+
When @var{local-build?} is true, declare that the derivation is not a
good candidate for offloading and should rather be built locally
(@pxref{Daemon Offload Setup}). This is the case for small derivations
@@ 2728,6 2735,7 @@ information about monads.)
[#:recursive? #f] [#:env-vars '()] [#:modules '()] @
[#:module-path @var{%load-path}] @
[#:references-graphs #f] [#:allowed-references #f] @
+ [#:leaked-env-vars #f] @
[#:local-build? #f] [#:guile-for-build #f]
Return a derivation @var{name} that runs @var{exp} (a gexp) with
@var{guile-for-build} (a derivation) on @var{system}. When @var{target}
M guix/derivations.scm => guix/derivations.scm +11 -1
@@ 692,7 692,7 @@ HASH-ALGO, of the derivation NAME. RECURSIVE? has the same meaning as for
(inputs '()) (outputs '("out"))
hash hash-algo recursive?
references-graphs allowed-references
- local-build?)
+ leaked-env-vars local-build?)
"Build a derivation with the given arguments, and return the resulting
<derivation> object. When HASH and HASH-ALGO are given, a
fixed-output derivation is created---i.e., one whose result is known in
@@ 707,6 707,12 @@ the build environment in the corresponding file, in a simple text format.
When ALLOWED-REFERENCES is true, it must be a list of store items or outputs
that the derivation's output may refer to.
+When LEAKED-ENV-VARS is true, it must be a list of strings denoting
+environment variables that are allowed to \"leak\" from the daemon's
+environment to the build environment. This is only applicable to fixed-output
+derivations--i.e., when HASH is true. The main use is to allow variables such
+as \"http_proxy\" to be passed to derivations that download files.
+
When LOCAL-BUILD? is true, declare that the derivation is not a good candidate
for offloading and should rather be built locally. This is the case for small
derivations where the costs of data transfers would outweigh the benefits."
@@ 751,6 757,10 @@ derivations where the costs of data transfers would outweigh the benefits."
`(("allowedReferences"
. ,(string-join allowed-references)))
'())
+ ,@(if leaked-env-vars
+ `(("impureEnvVars"
+ . ,(string-join leaked-env-vars)))
+ '())
,@env-vars)))
(match references-graphs
(((file . path) ...)
M guix/gexp.scm => guix/gexp.scm +2 -0
@@ 282,6 282,7 @@ names and file names suitable for the #:allowed-references argument to
(graft? (%graft?))
references-graphs
allowed-references
+ leaked-env-vars
local-build?)
"Return a derivation NAME that runs EXP (a gexp) with GUILE-FOR-BUILD (a
derivation) on SYSTEM. When TARGET is true, it is used as the
@@ 400,6 401,7 @@ The other arguments are as for 'derivation'."
#:hash hash #:hash-algo hash-algo #:recursive? recursive?
#:references-graphs (and=> graphs graphs-file-names)
#:allowed-references allowed
+ #:leaked-env-vars leaked-env-vars
#:local-build? local-build?))))
(define* (gexp-inputs exp #:key native?)