jre_minimal: strip libraries #115523
jre_minimal: strip libraries #115523
Conversation
|
Should we maybe also strip the full variant? |
I think we already do. (if you want to check for yourself, the most interesting file to look at is |
|
199M -> 38M 🎉
I checked and thats true. |
raboof
force-pushed
the
jre_minimal-strip-library
branch
from
25149aa
to
a08cfa1
Compare
|
Wasn't there an automatic stripping phase in stdenv? |
runCommand doesn't invoke the automatic stripping from stdenv, expanding the derivation like this does. Fixes NixOS#115486
raboof
force-pushed
the
jre_minimal-strip-library
branch
from
a08cfa1
to
d3e9040
Compare
Thanks for the nudge. I was going to reply binaries aren't fully stripped anyway with that (since #21667), but making this a regular derivation and using |
|
This pull request has been mentioned on NixOS Discourse. There might be relevant details there: |
|
as an upshot - this also stops dragging |
| passthru = { | ||
| home = "${jre}"; | ||
| }; | ||
| } '' | ||
| jlink --module-path ${jdk}/lib/openjdk/jmods --add-modules ${lib.concatStringsSep "," modules} --output $out | ||
| patchelf --shrink-rpath $out/bin/* $out/lib/jexec $out/lib/jspawnhelper $out/lib/*.so $out/lib/*/*.so |
There was a problem hiding this comment.
I suppose --shrink-rpath has become redundant?
It would be nice to have a test in passthru. Perhaps just a small package that uses this jre in its tests.
There was a problem hiding this comment.
I suppose
--shrink-rpathhas become redundant?
Yes - I tried patchelf --shrink-rpath on the resulting binaries and it doesn't produce any change anymore
It would be nice to have a test in
passthru. Perhaps just a small package that uses this jre in its tests.
I agree that would be nice, though I'd rather not grow this PR with it..
|
Result of 1 package built:
|
There was a problem hiding this comment.
I couldn't find a package to test this. openapi-generator-cli needs org/xml/sax/InputSource. Jitsi needs java.util.logging. These were jre_headless use cases, not jre_minimal. jre_minimal isn't used by nixpkgs itself atm. It's also a fairly new package.
If this breaks anything, the impact seems to be small.
|
I'm even more interested in having a test case now. I wonder if we should define another jre variation with only a couple of frequently used modules. |
I made a basic start in #121043, feedback welcome.
I think we should follow the approach that AFAIK upstream recommends and other distro's also follow, which is to use the full JDK for 'general-purpose' systems and only use jlink'ed 'minimal' JRE's for bespoke systems (i.e. not in nixpkgs). If you create 'variations', before you know it a typical system will include multiple of those 'variations', defeating the original purpose. |
Yea, the monolithic modules file is a problem. I wonder if we should just unpack all modules into separate derivations and put only the ones an app needs in its runtime |
That's an interesting idea - hard to predict if it's be worth the extra complexity though.. |
Motivation for this change
If you're building a bespoke minimal JRE, there is a good chance you
want it to be stripped, so do that by default (but allow overriding this
behavior).
Fixes #115486
Things done
sandboxinnix.confon non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"./result/bin/)nix path-info -Sbefore and after)