cartenix
A Proof of concept allowing you to run Nix builds inside the Cartesi virtual machine leveraging the Nix reproducible build system
Project Description
This proof of concept allows you to run Nix build inside the Cartesi virtual machine.
We built Nix tools for riscv64 and installed them on the cartesi/python:3.10-slim-jammy image in order to create a reproducible build of a generic software given his depencencies. At the moment the docker image depends on a specific package that we are going to build (GNU hello).
Since we don't have internet access inside the Cartesi VM we need to provide all the (transitive) dependencies sources, using the nix terminology, we need to provide all the fixed output derivations from the target derivation closure.
How it's Made
This project used Cartesi VM and Nix Package system to leverage reproducible build in a deterministic fashion environment.
We extended the riscv64 cartesi/python:3.10-slim-jammy docker image installing Nix, starting from scratch compiling a brand new riscv64 Nix package, on it, and defining a way to build a generic software in a way that is reproducible providing all the fixed output derivations from the target derivation closure.
