[staging] fix pkgsMusl.stdenv

maintainers/scripts/bootstrap-files/README.md

@@ -11,10 +11,53 @@ These are called "bootstrap files".
 
 Bootstrap files should always be fetched from hydra and uploaded to `tarballs.nixos.org` to guarantee that all the binaries were built from the code committed into `nixpkgs` repository.
 
-The uploads to `tarballs.nixos.org` are done by `@lovesegfault` today.
+The uploads to `tarballs.nixos.org` are done by `@NixOS/infra` team members who have S3 write access.
 
 This document describes the procedure of updating bootstrap files in `nixpkgs`.
 
+## How to upload bootstrap files (for infra team)
+
+When a PR updates bootstrap files, the commit message contains the upload commands.
+Infra team members with S3 access can upload as follows:
+
+1. Clone or navigate to the [nixos-infra](https://github.com/NixOS/nixos-infra) repository and enter the `terraform` directory:
+
+   ```
+   $ cd nixos-infra/terraform
+   ```
+
+2. Authenticate with AWS SSO:
+
+   ```
+   $ aws sso login
+   ```
+
+3. Realize the build output locally (fetch from hydra cache):
+
+   ```
+   $ nix-store --realize /nix/store/<hash>-stdenv-bootstrap-tools
+   ```
+
+4. Upload to S3 with public-read ACL:
+
+   ```
+   $ aws s3 cp --recursive --acl public-read \
+       /nix/store/<hash>-stdenv-bootstrap-tools/on-server/ \
+       s3://nixpkgs-tarballs/stdenv/<target>/<nixpkgs-revision>/
+   ```
+
+5. Verify the upload by downloading and checking hashes:
+
+   ```
+   $ aws s3 cp --recursive s3://nixpkgs-tarballs/stdenv/<target>/<nixpkgs-revision>/ ./
+   $ sha256sum bootstrap-tools.tar.xz busybox
+   $ sha256sum /nix/store/<hash>-stdenv-bootstrap-tools/on-server/*
+   ```
+
+   Compare these hashes with those shown in the PR's commit message.
+
+The exact paths and hashes are provided in each bootstrap update commit message generated by `refresh-tarballs.bash`.
+
 ## How to request the bootstrap seed update
 
 To get the tarballs updated let's use an example `i686-unknown-linux-gnu` target:
@@ -34,7 +77,7 @@ To get the tarballs updated let's use an example `i686-unknown-linux-gnu` target
    To validate cross-targets `binfmt` `NixOS` helper can be useful.
    For `riscv64-unknown-linux-gnu` the `/etc/nixos/configuration.nix` entry would be `boot.binfmt.emulatedSystems = [ "riscv64-linux" ]`.
 
-3. Propose the commit as a PR to update bootstrap tarballs, tag people who can help you test the updated architecture and once reviewed tag `@lovesegfault` to upload the tarballs.
+3. Propose the commit as a PR to update bootstrap tarballs, tag people who can help you test the updated architecture and once reviewed tag `@NixOS/infra-build` to upload the tarballs.
 
 ## How to add bootstrap files for a new target
 

pkgs/development/tools/build-managers/gnumake/default.nix

@@ -37,9 +37,7 @@ stdenv.mkDerivation (finalAttrs: {
   # TODO: stdenv’s setup.sh should be aware of patch directories. It’s very
   # convenient to keep them in a separate directory but we can defer listing the
   # directory until derivation realization to avoid unnecessary Nix evaluations.
-  patches =
-    lib.filesystem.listFilesRecursive ./patches
-    ++ lib.optionals stdenv.hostPlatform.isMusl (lib.filesystem.listFilesRecursive ./musl-patches);
+  patches = lib.filesystem.listFilesRecursive ./patches;
 
   nativeBuildInputs = [
     autoreconfHook

pkgs/development/tools/build-managers/gnumake/patches/0001-No-impure-bin-sh.patch

@@ -1,7 +1,7 @@
 From 532276a537fbfc08c946c9f808f1b0bb54e16523 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
 Date: Sat, 24 Apr 2021 10:11:40 +0200
-Subject: [PATCH 1/3] No impure bin sh
+Subject: [PATCH 1/5] No impure bin sh
 
 default_shell is used to populuate default shell used to execute jobs.
 Unless SHELL is set to a different value this would be /bin/sh.

pkgs/development/tools/build-managers/gnumake/patches/0002-Remove-impure-dirs.patch

@@ -1,7 +1,7 @@
-From 2db52008be2e2d504889f4f19318c2ba5a2a4797 Mon Sep 17 00:00:00 2001
+From 99dcf18f8c66c25e17e0b84c005b03000312eb8f Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
 Date: Sat, 24 Apr 2021 10:20:16 +0200
-Subject: [PATCH 2/3] Remove impure dirs
+Subject: [PATCH 2/5] Remove impure dirs
 
 Purity: don't look for library dependencies (of the form `-lfoo') in
 /lib and /usr/lib. It's a stupid feature anyway. Likewise, when
@@ -40,5 +40,5 @@ index fe67ab28..1b76560c 100644
  #if defined(WINDOWS32) && !defined(LIBDIR)
  /*
 -- 
-2.44.1
+2.51.2
 

pkgs/development/tools/build-managers/gnumake/patches/0003-Do-not-search-for-a-C-compiler-and-set-MAKE_CXX.patch

@@ -1,7 +1,7 @@
-From 3317b3a78666e6073c63f62a322176e3dc680461 Mon Sep 17 00:00:00 2001
+From e63470a43889be3f61c71ca31e57b4e3c3da5961 Mon Sep 17 00:00:00 2001
 From: Ivan Trubach <mr.trubach@icloud.com>
 Date: Sat, 17 Aug 2024 22:35:03 +0300
-Subject: [PATCH 3/3] Do not search for a C++ compiler and set MAKE_CXX
+Subject: [PATCH 3/5] Do not search for a C++ compiler and set MAKE_CXX
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
@@ -79,5 +79,5 @@ index e396269b..78ba402f 100644
      /* This expands to $(CO) $(COFLAGS) $< $@ if $@ does not exist,
         and to the empty string if $@ does exist.  */
 -- 
-2.44.1
+2.51.2