Comment by arianvanp
4 days ago
Use a modern hermetic build system with remote caching or remote execution. Nix, Bazel, buck, pants. Many options
4 days ago
Use a modern hermetic build system with remote caching or remote execution. Nix, Bazel, buck, pants. Many options
This is like fighting complexity with even more complexity. Nix and bazel are definitely not close to actually achieving hermetic build at scale. And when they break the complexity increases exponentially to fix.
What's not hermetic with Nix? Are you talking about running with the sandbox disabled, or and macOS quirks? It's pretty damn hard to accidentally depend on the underlying system in an unexpected way with Nix.
My experience with nix, at a smaller scale than what you're talking about, is that it only worked as long as every. single. thing. was reimplemented inside nix. Once one thing was outside of nix, everything exploded and writing a workaround was miserable because the nix configuration did not make it easy.
3 replies →