Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

mkosi: make image failing with "experimental Nix feature 'nix-command' is disabled" error #2228

Closed
wainersm opened this issue Jan 6, 2025 · 6 comments
Closed

mkosi: make image failing with "experimental Nix feature 'nix-command' is disabled" error #2228

wainersm opened this issue Jan 6, 2025 · 6 comments
Labels
bug Something isn't working

Comments

@wainersm
Copy link
Member

wainersm commented Jan 6, 2025

Describe the bug

I got the error on $SUBJECT when tried to build the mkosi-based podvm image.

I'm running Fedora 40 x86_64. Got nix 2.25.3 installed via installation script from https://nixos.org

How to reproduce

  1. Install nix
$  sh <(curl -L https://nixos.org/nix/install) --no-daemon
  1. Build binaries
$ cd src/cloud-api-adaptor/podvm-mkosi
$ make binaries
  1. Build image
$ make image

CoCo version information

latest

What TEE are you seeing the problem on

None

Failing command and relevant log output

$ make image
Enabling production preset...
rm -rf resources/build*Image
rm -rf ./build
Building image...
touch resources/buildBootableImage
nix develop ..#podvm-mkosi --command mkosi --environment=VARIANT_ID=production
error: experimental Nix feature 'nix-command' is disabled; add '--extra-experimental-features nix-command' to enable it
make: *** [Makefile:68: image] Error 1
@wainersm wainersm added the bug Something isn't working label Jan 6, 2025
@wainersm
Copy link
Member Author

wainersm commented Jan 6, 2025

Then I realized https://github.com/confidential-containers/cloud-api-adaptor/tree/main/src/cloud-api-adaptor/podvm-mkosi#prerequisites gave me some hints that could have saved me some time. However, as I'm not versed on nix I couldn't understand Nix needs to be configured to enable flakes and nix command nor t is recommended to install Nix with the DeterminateSystems nix-installer.

We could improve the README for nix dummies. Or, explicitly passing the magic --extra-experimental-features "flakes nix-command" option to every evocation of nix like:

diff --git a/src/cloud-api-adaptor/podvm-mkosi/Makefile b/src/cloud-api-adaptor/podvm-mkosi/Makefile
index a5761f92..d112272b 100644
--- a/src/cloud-api-adaptor/podvm-mkosi/Makefile
+++ b/src/cloud-api-adaptor/podvm-mkosi/Makefile
@@ -74,7 +74,7 @@ else ifeq ($(ARCH),s390x)
        sudo -E ../hack/build-s390x-image.sh
 else
        touch resources/buildBootableImage
-       nix develop ..#podvm-mkosi --command mkosi --environment=VARIANT_ID=production
+       nix --extra-experimental-features "flakes nix-command" develop ..#podvm-mkosi --command mkosi --environment=VARIANT_ID=production
        qemu-img convert -f raw -O qcow2 build/system.raw build/podvm-$(PODVM_DISTRO)-$(ARCH).qcow2
 endif
 
@@ -95,7 +95,7 @@ else ifeq ($(ARCH),s390x)
        sudo -E ../hack/build-s390x-image.sh
 else
        touch resources/buildBootableImage
-       nix develop ..#podvm-mkosi --command mkosi --environment=VARIANT_ID=debug
+       nix --extra-experimental-features "flakes nix-command"  develop ..#podvm-mkosi --command mkosi --environment=VARIANT_ID=debug
        qemu-img convert -f raw -O qcow2 build/system.raw build/podvm-$(PODVM_DISTRO)-$(ARCH).qcow2
 endif

@wainersm
Copy link
Member Author

wainersm commented Jan 6, 2025

Then I'm hit by another problem:

$ make image
Enabling production preset...
rm -rf resources/build*Image
rm -rf ./build
Building image...
touch resources/buildBootableImage
nix --extra-experimental-features "flakes nix-command" develop ..#podvm-mkosi --command mkosi --environment=VARIANT_ID=production
Traceback (most recent call last):
  File "/nix/store/z5f0iv1pzn2vb5nl82mhj80z5gxfy6mk-mkosi-17.1/bin/..mkosi-wrapped-wrapped", line 9, in <module>
    sys.exit(main())
  File "/nix/store/pzf6dnxg8gf04xazzjdwarm7s03cbrgz-python3-3.10.12/lib/python3.10/contextlib.py", line 79, in inner
    return func(*args, **kwds)
  File "/nix/store/z5f0iv1pzn2vb5nl82mhj80z5gxfy6mk-mkosi-17.1/lib/python3.10/site-packages/mkosi/__main__.py", line 48, in main
    run_verb(args, presets)
  File "/nix/store/z5f0iv1pzn2vb5nl82mhj80z5gxfy6mk-mkosi-17.1/lib/python3.10/site-packages/mkosi/__init__.py", line 2316, in run_verb
    name = InvokingUser.name()
  File "/nix/store/z5f0iv1pzn2vb5nl82mhj80z5gxfy6mk-mkosi-17.1/lib/python3.10/site-packages/mkosi/util.py", line 98, in name
    return pwd.getpwuid(cls.uid()).pw_name
KeyError: 'getpwuid(): uid not found: 102187'
make: *** [Makefile:68: image] Error 1

102187 is my regular user ID:

$ echo $UID
102187

@stevenhorsman
Copy link
Member

I think I ended up using curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install to install nix when I built is locally based on the

It is recommended to install Nix with the DeterminateSystems nix-installer.

comment

@mkulke
Copy link
Collaborator

mkulke commented Jan 8, 2025

Isn't a reasonably recent version of mkosi packaged on the github runner OS these days?

@beraldoleal
Copy link
Member

beraldoleal commented Jan 8, 2025
edited
Loading

I just experienced this issue today. I was not aware of this issue, so I created the PR:

#2229

IIUC, even the latest nix version still has those features as experimental. But I agree with @wainersm that if we could update the Makefile targets, it would be easier for non-nix users like me.

@wainersm
Copy link
Member Author

Hi @beraldoleal ! Thanks for the fix proposal! As explained in #2233 by @mkulke, we gonna get rid of nix to build mkosi, so I will close this issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@beraldoleal @mkulke @wainersm @stevenhorsman