podman: includes missing edk2-aarch64-code.fd on aarch64-darwin

[tricktron]

Motivation for this change

Podman on aarch64-darwin needs the edk2-aarch64-code.fd file to create the vm with qemu. This pr patches the getEdk2CodeFd function to find the edk2-aarch64-code.fd file under $out/share/qemu.

Things done

• Built on platform(s)
  • x86_64-linux
  • aarch64-linux
  • x86_64-darwin
  • aarch64-darwin
• For non-Linux: Is sandbox = true set in nix.conf? (See Nix manual)
• Tested, as applicable:
  • NixOS test(s) (look inside nixos/tests)
  • and/or package tests
  • or, for functions and "core" functionality, tests in lib/tests or pkgs/test
  • made sure NixOS tests are linked to the relevant packages
• Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
• Tested basic functionality of all binary files (usually in ./result/bin/)
• 22.05 Release Notes (or backporting 21.11 Release notes)
  • (Package updates) Added a release notes entry if the change is major or breaking
  • (Module updates) Added a release notes entry if the change is significant
  • (Module addition) Added a release notes entry if adding a new NixOS module
  • (Release notes changes) Ran nixos/doc/manual/md-to-db.sh to update generated release notes
• Fits CONTRIBUTING.md.

[zowoq]

No, we don't want to carry patches for this.

Lets get this fixed upsteam.

[zowoq]

This would be done by adding it to the symlinkJoin in the wrapper anyway.

[zowoq]

Not carrying patches has been discussed previously. Thanks anyway for the PR.

[tricktron]

@zowoq Ok. So is there another solution/approach to this problem?

[zowoq]

Sorry, I responded to your comment on my issue in the upstream repo but I must have accidentally cleared this notification at the same time.

So is there another solution/approach to this problem?

That we want to have in the nixpkgs repo today, no.

A few points:

• This isn't a nixpkgs specific issue, it is a "not homebrew" issue.
• It has been broken for nixpkgs users since upstream first added podman machine a year ago and AFAIK I was the first person to tell upstream about it a few weeks ago.
• podman machine works on linux as well so I assume this needs to be fixed in other places besides options_darwin_arm64 and the patch would also need to be applied on aarch64-linux. (applying it unconditionally would be better to avoid breakage, may actually be necessary if upstream supports aarch64 vm on x86_64?)
• Adding qemu to the podman closure is exactly what we're trying to avoid by using the wrapper. We could patch it in via the wrapper but podman machine/qemu can get into a broken state anyway which why qemu isn't already included in the wrapper.
• I very strongly believe that if we add this patch we'll end up carrying some variation of it indefinitely.
• Carrying a patch invites more patches. Currently I have seven podman patches for darwin/linux that I could make a case for adding here, all of which could (and should) be fixed upstream.
• podman is just one tool, buildah, cri-o, skopeo and others are all fast moving projects built on the same libraries and share the same config. Quite often a change to one should also be applied to the others to either fix the same problem or just to avoid causing different behaviour. (not relevant for this change at the moment but carrying a patch for one does add overhead for the other tools)

So while I appreciate that you're trying to fix what seems a relatively simple problem, long term maintainability is a significant concern.

[nixos-discourse]

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/out-share-linked-with-nix-profile-install-but-not-otherwise/27561/1