Factor our connection code for worker proto like serve proto

This increases test coverage, and gets the worker protocol ready to be used by Hydra. Why don't we just try to use the store interface in Hydra? Well, the problem is that the store interface works on connection pools, with each opreation getting potentially a different connection, but the way temp roots work requires that we keep one logical "transaction" (temp root session) using the same connection. The longer-term solution probably is making connections themselves implement the store interface, but that is something that builds on this, so I feel OK that this is not churn in the wrong direction. Fixes #9584
2025-11-16 23:42:43 +01:00 · 2024-05-23 16:40:05 -04:00 · 2024-05-23 16:40:05 -04:00 · f71b4da0b3
commit f71b4da0b3
parent 7de033d63f
18 changed files with 906 additions and 452 deletions
--- a/src/libstore/worker-protocol.hh
+++ b/src/libstore/worker-protocol.hh
@ -76,6 +76,19 @@ struct WorkerProto
        Version version;
    };

+    /**
+     * Stripped down serialization logic suitable for sharing with Hydra.
+     *
+     * @todo remove once Hydra uses Store abstraction consistently.
+     */
+    struct BasicClientConnection;
+    struct BasicServerConnection;
+
+    /**
+     * Extra information provided as part of protocol negotation.
+     */
+    struct ClientHandshakeInfo;
+
    /**
     * Data type for canonical pairs of serialisers for the worker protocol.
     *
@ -166,6 +179,33 @@ enum struct WorkerProto::Op : uint64_t
    AddPermRoot = 47,
 };

+struct WorkerProto::ClientHandshakeInfo
+{
+    /**
+     * The version of the Nix daemon that is processing our requests
+.
+     *
+     * Do note, it may or may not communicating with another daemon,
+     * rather than being an "end" `LocalStore` or similar.
+     */
+    std::optional<std::string> daemonNixVersion;
+
+    /**
+     * Whether the remote side trusts us or not.
+     *
+     * 3 values: "yes", "no", or `std::nullopt` for "unknown".
+     *
+     * Note that the "remote side" might not be just the end daemon, but
+     * also an intermediary forwarder that can make its own trusting
+     * decisions. This would be the intersection of all their trust
+     * decisions, since it takes only one link in the chain to start
+     * denying operations.
+     */
+    std::optional<TrustedFlag> remoteTrustsUs;
+
+    bool operator == (const ClientHandshakeInfo &) const = default;
+};
+
 /**
 * Convenience for sending operation codes.
 *
@ -218,6 +258,8 @@ template<>
 DECLARE_WORKER_SERIALISER(std::optional<TrustedFlag>);
 template<>
 DECLARE_WORKER_SERIALISER(std::optional<std::chrono::microseconds>);
+template<>
+DECLARE_WORKER_SERIALISER(WorkerProto::ClientHandshakeInfo);

 template<typename T>
 DECLARE_WORKER_SERIALISER(std::vector<T>);