Import-from-derivation (IFD) has problematic performance, and is disabled in
Nixpkgs by policy. It is arguably good practice for libraries to avoid
it whenever possible, as it has poor ergonomics in some cases,
especially with dry builds, as it requires multiple eval+build phases.
As such, prevent its use in Home Manager by default by putting existing
tests that use IFD behind a config. In CI, run a first pass with IFD
disabled, skipping tests without the config. Then run a second pass with
IFD enabled and including tests with the config. This second pass will
also run tests without the config, but they should be cached from the
previous run, so the cost is not double (only eval time should be paid
twice). It’s necessary to change from using NMT’s `run` to `build` as
`run` itself uses IFD.
Of the tests that have the config:
- kitty/theme-to-themeFile: this is a test for deprecated config, and so
should be removed eventually anyway
- podman: the implementation relies on IFD to create individual systemd
units from the derivation output, and so it is not straightforward to
remove the IFD; doing so would require rethinking how the module works
to instead have the systemd unit files included as-is rather than as
individually configured units in the Nix config.
Podman uses systemd-run to setup transient systemd timers, e.g. for healthchecks.
On systems where systemd is not present in /run/current-system/sw/bin or ~/.nix-profile/bin (like one of my Ubuntu hosts), setting up the transient timers will fail. For containers with healthchecks configured, this results in the container being stuck in starting state.
Relevant issue here: containers/podman#25034
podman's systemd generator can automatically resolve unit dependencies, so instead of us guessing these links to create them, we provide the sources during generation
Added support for build, image, and volume quadlets
Resolved test failures due to podman 5.3.0 upgrade
Replaced several instances of pkgs.podman with services.podman.package
Instead of having to manually stub packages that should not be
downloaded we instead automatically stub all packages (except a small
list of whitelisted ones). Tests can re-introduce the real package by
using the `realPkgs` module argument.
Adds a new Podman module for creating user containers and networks as
systemd services. These are installed to the user's
`$XDG_CONFIG/systemd/user` directory.
