jonringer
commented
2 years ago Agreed, I'll add another paragraph about the importance of the process needing to be highly reproducible.
Open tejing1 opened 2 years ago
jonringer
commented
2 years ago Agreed, I'll add another paragraph about the importance of the process needing to be highly reproducible.
Somewhere in https://book.divnix.com/ch04-00-derivations.html#fixed-output-derivations-fods it should probably mention the dangers of doing complex things inside FODs, given that this is a common newbie trap.
Maybe something like: You may be tempted to put your build process itself into a FOD, particularly if your build system expects network access, but this is generally a bad idea in practice, as it results in fragile hashes, which make the resultant derivation impossible to reproduce before long. FODs should really only be used for processes that can be reasonably expected to produce bit-for-bit identical results, even across updates of the involved software and expected changes in the responses to network requests. Downloading a url, for example.