You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
We need to enable the boringcrypto experiment in Go in order to get support for FIPS. Without Bazel this would be a matter of setting GOEXPERIMENT in your environment when running go build. With rules_go directly, there is support for GOEXPERIMENT, which rules_nixpkgs uses by setting nocoverageredesign for some versions, but there seems to be no way to add additional experiments.
Describe the solution you'd like
We'd like a way to pass additional experiments through to rules_go from rules_nixpkgs.
Describe alternatives you've considered
Right now I've decided to patch rules_nixpkgs_go and set boringcrypto explicitly:
diff --git a/go.bzl b/go.bzl
index a40c2ac..8c6b520 100644
--- a/go.bzl+++ b/go.bzl@@ -84,6 +84,7 @@ def go_sdk_for_arch(go_version):
experiments = []
if go_version.split('.')[0] == '1' and int(go_version.split('.')[1]) >= 20:
experiments = ["nocoverageredesign"]
+ experiments.append("boringcrypto")
go_sdk(
name = "go_sdk",
I tried other solutions using go_wrap_sdk / go_register_toolchains but unfortunately I wasn't able to get anything working using that approach.
One solution could just be to pass experiments = ["boringcrypto"] into nixpkgs_go_configure which then can be passed through to go_sdk_for_arch instead of defaulting to [].
Additional context
None.
The text was updated successfully, but these errors were encountered:
Your feature request makes a lot of sense. I’m curious, though, if there’s a specific reason you’re looking for a Go toolchain from nixpkgs. Starting with Go 1.21, rules_go provides a fully functional, statically linked Go toolchain right out of the box. You may also find this discussion on the potential deprecation of Go support in rules_nixpkgs helpful.
If continued support for Go in rules_nixpkgs is valuable to your work, I’d love to learn more about your use case!
malt3
added
the
P4
unimportant: consider wontfix or other priority
label
Nov 29, 2024
Is your feature request related to a problem? Please describe.
We need to enable the
boringcrypto
experiment in Go in order to get support for FIPS. Without Bazel this would be a matter of settingGOEXPERIMENT
in your environment when runninggo build
. Withrules_go
directly, there is support forGOEXPERIMENT
, whichrules_nixpkgs
uses by settingnocoverageredesign
for some versions, but there seems to be no way to add additional experiments.Describe the solution you'd like
We'd like a way to pass additional experiments through to
rules_go
fromrules_nixpkgs
.Describe alternatives you've considered
Right now I've decided to patch
rules_nixpkgs_go
and setboringcrypto
explicitly:I tried other solutions using
go_wrap_sdk
/go_register_toolchains
but unfortunately I wasn't able to get anything working using that approach.One solution could just be to pass
experiments = ["boringcrypto"]
intonixpkgs_go_configure
which then can be passed through togo_sdk_for_arch
instead of defaulting to[]
.Additional context
None.
The text was updated successfully, but these errors were encountered: