feat(libstore): add builtin fetchurl S3 credential pre-resolution#14206
Merged
xokdvium merged 1 commit intoNixOS:masterfrom Oct 14, 2025
Merged
feat(libstore): add builtin fetchurl S3 credential pre-resolution#14206xokdvium merged 1 commit intoNixOS:masterfrom
xokdvium merged 1 commit intoNixOS:masterfrom
Conversation
Ericson2314
reviewed
Oct 10, 2025
lovesegfault
force-pushed
the
curl-based-s3-pieces
branch
from
1aeeeec to
80b170b
Compare
Ericson2314
reviewed
Oct 10, 2025
Ericson2314
reviewed
Oct 10, 2025
Ericson2314
reviewed
Oct 10, 2025
Ericson2314
reviewed
Oct 10, 2025
Ericson2314
reviewed
Oct 10, 2025
Ericson2314
reviewed
Oct 10, 2025
lovesegfault
force-pushed
the
curl-based-s3-pieces
branch
from
80b170b to
5eb4c6a
Compare
lovesegfault
force-pushed
the
curl-based-s3-pieces
branch
from
5eb4c6a to
e6cd085
Compare
Ericson2314
approved these changes
Oct 10, 2025
Member
There was a problem hiding this comment.
LGTM. But let's wait for @xokdvium again, especially because he caught a lot of things last time that I didn't notice.
lovesegfault
force-pushed
the
curl-based-s3-pieces
branch
from
e6cd085 to
53440a6
Compare
lovesegfault
added a commit
to lovesegfault/nix
that referenced
this pull request
Oct 12, 2025
Add `curl-s3-binary-cache-store.nix` with comprehensive test coverage for the curl-based S3 implementation. Some tests are commented out pending NixOS#14206 (builtin fetchurl S3 credential pre-resolution): - test_fork_credential_preresolution - test_concurrent_fetches Also, this will fail while NixOS#14222 does not land.
lovesegfault
added a commit
to lovesegfault/nix
that referenced
this pull request
Oct 12, 2025
Add `curl-s3-binary-cache-store.nix` with comprehensive test coverage for the curl-based S3 implementation. Some tests are commented out pending NixOS#14206 (builtin fetchurl S3 credential pre-resolution): - test_fork_credential_preresolution - test_concurrent_fetches Also, this will fail while NixOS#14222 does not land.
lovesegfault
added a commit
to lovesegfault/nix
that referenced
this pull request
Oct 12, 2025
Add `curl-s3-binary-cache-store.nix` with comprehensive test coverage for the curl-based S3 implementation. Some tests are commented out pending NixOS#14206 (builtin fetchurl S3 credential pre-resolution): - test_fork_credential_preresolution - test_concurrent_fetches Also, this will fail while NixOS#14222 does not land.
lovesegfault
added a commit
to lovesegfault/nix
that referenced
this pull request
Oct 12, 2025
Add `curl-s3-binary-cache-store.nix` with comprehensive test coverage for the curl-based S3 implementation. Some tests are commented out pending NixOS#14206 (builtin fetchurl S3 credential pre-resolution): - test_fork_credential_preresolution - test_concurrent_fetches Also, this will fail while NixOS#14222 does not land.
lovesegfault
added a commit
to lovesegfault/nix
that referenced
this pull request
Oct 12, 2025
Add `curl-s3-binary-cache-store.nix` with comprehensive test coverage for the curl-based S3 implementation. Some tests are commented out pending NixOS#14206 (builtin fetchurl S3 credential pre-resolution): - test_fork_credential_preresolution - test_concurrent_fetches Also, this will fail while NixOS#14222 does not land.
Add support for pre-resolving AWS credentials in the parent process before forking for builtin:fetchurl. This avoids recreating credential providers in the forked child process.
lovesegfault
force-pushed
the
curl-based-s3-pieces
branch
from
53440a6 to
000e6f6
Compare
xokdvium
approved these changes
Oct 14, 2025
lovesegfault
added a commit
to lovesegfault/nix
that referenced
this pull request
Oct 14, 2025
Add `curl-s3-binary-cache-store.nix` with comprehensive test coverage for the curl-based S3 implementation. Some tests are commented out pending NixOS#14206 (builtin fetchurl S3 credential pre-resolution): - test_fork_credential_preresolution - test_concurrent_fetches Also, this will fail while NixOS#14222 does not land.
lovesegfault
added a commit
to lovesegfault/nix
that referenced
this pull request
Oct 14, 2025
Add `curl-s3-binary-cache-store.nix` with comprehensive test coverage for the curl-based S3 implementation. Depends-On: NixOS#14206, NixOS#14222
Merged
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation
Add support for pre-resolving AWS credentials in the parent process
before forking for builtin:fetchurl. This avoids recreating credential
providers in the forked child process.
Context
Carve out of #13752
Add 👍 to pull requests you find important.
The Nix maintainer team uses a GitHub project board to schedule and track reviews.