From 79605c754eec63cca1896007b860ffe209e11ef7 Mon Sep 17 00:00:00 2001 From: seth Date: Tue, 17 Oct 2023 09:27:10 -0400 Subject: [PATCH 01/13] feat: add nix flake --- .github/workflows/nix.yml | 42 ++++++++++++ .github/workflows/update-lock.yml | 27 ++++++++ .gitignore | 5 ++ flake.lock | 107 ++++++++++++++++++++++++++++++ flake.nix | 47 +++++++++++++ nix/cross.nix | 50 ++++++++++++++ nix/default.nix | 27 ++++++++ nix/dev.nix | 17 +++++ nix/docker.nix | 23 +++++++ nix/overlay.nix | 24 +++++++ nix/packages.nix | 14 ++++ 11 files changed, 383 insertions(+) create mode 100644 .github/workflows/nix.yml create mode 100644 .github/workflows/update-lock.yml create mode 100644 flake.lock create mode 100644 flake.nix create mode 100644 nix/cross.nix create mode 100644 nix/default.nix create mode 100644 nix/dev.nix create mode 100644 nix/docker.nix create mode 100644 nix/overlay.nix create mode 100644 nix/packages.nix diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml new file mode 100644 index 0000000..222fb8a --- /dev/null +++ b/.github/workflows/nix.yml @@ -0,0 +1,42 @@ +name: Nix + +on: + push: + branches: ["main"] + pull_request: + branches: ["main"] + +jobs: + build: + strategy: + matrix: + os: [ubuntu-latest, macos-latest] + + runs-on: ${{ matrix.os }} + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Install Nix + uses: DeterminateSystems/nix-installer-action@v6 + - name: Setup Nix cache + uses: DeterminateSystems/magic-nix-cache-action@v2 + + - name: Build + run: nix build -L --accept-flake-config --fallback .#valfisk + + check: + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Install Nix + uses: DeterminateSystems/nix-installer-action@v6 + - name: Setup Nix cache + uses: DeterminateSystems/magic-nix-cache-action@v2 + + - name: Run checks + run: nix flake check -L --accept-flake-config --show-trace diff --git a/.github/workflows/update-lock.yml b/.github/workflows/update-lock.yml new file mode 100644 index 0000000..6220db2 --- /dev/null +++ b/.github/workflows/update-lock.yml @@ -0,0 +1,27 @@ +name: Update flake.lock + +on: + schedule: + - cron: "0 0 * * 0" + workflow_dispatch: + +jobs: + update: + runs-on: ubuntu-latest + + permissions: + contents: write + pull-requests: write + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Install Nix + uses: DeterminateSystems/nix-installer-action@v6 + + - name: Update lockfile + uses: DeterminateSystems/update-flake-lock@v20 + with: + commit-msg: "chore(flake): update inputs" + pr-title: "chore(flake): update inputs" + token: ${{ github.token }} diff --git a/.gitignore b/.gitignore index edcb69d..c493577 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,8 @@ # IDEs .vscode/ .idea/ + +# nix stuff +.direnv +result* +repl-result-out* diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..c55f390 --- /dev/null +++ b/flake.lock @@ -0,0 +1,107 @@ +{ + "nodes": { + "fenix": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src" + }, + "locked": { + "lastModified": 1697523781, + "narHash": "sha256-Rp+9WNkvJrNwz3xAjwZg70bijTlHSLcPMF1qv0ScPHU=", + "owner": "nix-community", + "repo": "fenix", + "rev": "0471e46dc6140903f45adfc0ad2f9a8a6f1539b4", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, + "naersk": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1694081375, + "narHash": "sha256-vzJXOUnmkMCm3xw8yfPP5m8kypQ3BhAIRe4RRCWpzy8=", + "owner": "nix-community", + "repo": "naersk", + "rev": "3f976d822b7b37fc6fb8e6f157c2dd05e7e94e89", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "naersk", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1698134075, + "narHash": "sha256-foCD+nuKzfh49bIoiCBur4+Fx1nozo+4C/6k8BYk4sg=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "8efd5d1e283604f75a808a20e6cde0ef313d07d4", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-unstable", + "type": "indirect" + } + }, + "parts": { + "inputs": { + "nixpkgs-lib": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1696343447, + "narHash": "sha256-B2xAZKLkkeRFG5XcHHSXXcP7To9Xzr59KXeZiRf4vdQ=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "root": { + "inputs": { + "fenix": "fenix", + "naersk": "naersk", + "nixpkgs": "nixpkgs", + "parts": "parts" + } + }, + "rust-analyzer-src": { + "flake": false, + "locked": { + "lastModified": 1697480602, + "narHash": "sha256-XiBylVAQRwulBD0pEbct9ir+dLEAe8j3oJyrNnmRL3w=", + "owner": "rust-lang", + "repo": "rust-analyzer", + "rev": "d6afb4fa239fe7b5b34e5cefa9e58148fdff65b8", + "type": "github" + }, + "original": { + "owner": "rust-lang", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..9270f83 --- /dev/null +++ b/flake.nix @@ -0,0 +1,47 @@ +{ + description = "Next generation Ryanland Discord bot, written in Rust"; + + inputs = { + nixpkgs.url = "nixpkgs/nixos-unstable"; + naersk.url = "github:nix-community/naersk"; + naersk.inputs.nixpkgs.follows = "nixpkgs"; + fenix.url = "github:nix-community/fenix"; + fenix.inputs.nixpkgs.follows = "nixpkgs"; + parts.url = "github:hercules-ci/flake-parts"; + parts.inputs.nixpkgs-lib.follows = "nixpkgs"; + }; + + outputs = { + self, + parts, + ... + } @ inputs: + parts.lib.mkFlake {inherit inputs;} { + imports = [ + ./nix/cross.nix + ./nix/docker.nix + ./nix/dev.nix + ./nix/overlay.nix + ./nix/packages.nix + ]; + + systems = [ + "x86_64-linux" + "aarch64-linux" + "x86_64-darwin" + "aarch64-darwin" + ]; + + perSystem = { + pkgs, + lib, + ... + }: { + formatter = pkgs.alejandra; + + _module.args = { + fromOverlay = p: lib.fix (final: self.overlays.default final p); + }; + }; + }; +} diff --git a/nix/cross.nix b/nix/cross.nix new file mode 100644 index 0000000..4b591a9 --- /dev/null +++ b/nix/cross.nix @@ -0,0 +1,50 @@ +/* +mainly for internal use. builds static linux binaries +for a minimal docker image +*/ +{inputs, ...}: { + perSystem = { + lib, + pkgs, + system, + inputs', + fromOverlay, + ... + }: { + legacyPackages = let + crossPkgsFor = { + x86_64-linux = pkgs.pkgsStatic; + aarch64-linux = pkgs.pkgsStatic; + x86_64-darwin = pkgs.pkgsCross.gnu64.pkgsStatic; + aarch64-darwin = pkgs.pkgsCross.aarch64-multiplatform.pkgsStaitc; + }; + + crossPkgs = crossPkgsFor.${system}; + inherit (crossPkgs.stdenv.hostPlatform) config; + + toolchain = with inputs'.fenix.packages; + combine [ + minimal.rustc + minimal.cargo + # aarch64/x86_64-unknown-linux-musl don't have minimal targets :( + (targets.${config}.minimal or targets.${config}.latest).rust-std + ]; + + naersk' = inputs.naersk.lib.${system}.override { + cargo = toolchain; + rustc = toolchain; + }; + in { + valfisk-static = let + formattedConfig = lib.toUpper (builtins.replaceStrings ["-"] ["_"] config); + linker = "${crossPkgs.stdenv.cc}/bin/${crossPkgs.stdenv.cc.targetPrefix}cc"; + + valfisk = (fromOverlay crossPkgs).valfisk.override {naersk = naersk';}; + in + valfisk.overrideAttrs (_: { + CARGO_BUILD_TARGET = config; + "CARGO_TARGET_${formattedConfig}_LINKER" = linker; + }); + }; + }; +} diff --git a/nix/default.nix b/nix/default.nix new file mode 100644 index 0000000..5a30c68 --- /dev/null +++ b/nix/default.nix @@ -0,0 +1,27 @@ +{ + naersk, + stdenv, + lib, + CoreFoundation, + Security, + SystemConfiguration, + IOKit, +}: +naersk.buildPackage { + src = lib.cleanSource ./..; + + nativeBuildInputs = lib.optionals stdenv.hostPlatform.isDarwin [ + CoreFoundation + Security + SystemConfiguration + IOKit + ]; + + meta = with lib; { + mainProgram = "valfisk"; + description = "Next generation Ryanland Discord bot, written in Rust"; + homepage = "https://github.com/ryanccn/valfisk"; + maintainers = with maintainers; [getchoo ryanccn]; + licenses = licenses.agpl3Only; + }; +} diff --git a/nix/dev.nix b/nix/dev.nix new file mode 100644 index 0000000..4f18c7e --- /dev/null +++ b/nix/dev.nix @@ -0,0 +1,17 @@ +{ + perSystem = { + pkgs, + self', + ... + }: { + devShells = { + default = pkgs.mkShell { + packages = with pkgs; [ + rustfmt + ]; + + inputsFrom = [self'.packages.default]; + }; + }; + }; +} diff --git a/nix/docker.nix b/nix/docker.nix new file mode 100644 index 0000000..ae6199f --- /dev/null +++ b/nix/docker.nix @@ -0,0 +1,23 @@ +{ + perSystem = { + lib, + pkgs, + self', + ... + }: { + legacyPackages = { + valfisk-docker = pkgs.dockerTools.buildImage { + name = "valfisk"; + tag = "latest"; + + copyToRoot = [ + pkgs.dockerTools.caCertificates + ]; + + config.Cmd = [ + "${lib.getExe self'.legacyPackages.valfisk-static}" + ]; + }; + }; + }; +} diff --git a/nix/overlay.nix b/nix/overlay.nix new file mode 100644 index 0000000..b8b6561 --- /dev/null +++ b/nix/overlay.nix @@ -0,0 +1,24 @@ +{inputs, ...}: { + flake.overlays.default = final: prev: { + valfisk = prev.callPackage ./default.nix { + /* + the packages in this flake will use the pure `naersk.lib`, + while users consuming this overlay directly will only fallback to it + (or a new derivation) when needed. + */ + naersk = + final.naersk + or inputs.naersk.lib.${prev.stdenv.hostPlatform.system} + or (prev.callPackage inputs.naersk {}); + + inherit + ((final.darwin or prev.darwin).apple_sdk.frameworks) + CoreFoundation + Security + SystemConfiguration + ; + + inherit (final.darwin or prev.darwin) IOKit; + }; + }; +} diff --git a/nix/packages.nix b/nix/packages.nix new file mode 100644 index 0000000..c7ee758 --- /dev/null +++ b/nix/packages.nix @@ -0,0 +1,14 @@ +{ + perSystem = { + pkgs, + fromOverlay, + ... + }: { + packages = let + pkgs' = fromOverlay pkgs; + in { + inherit (pkgs') valfisk; + default = pkgs'.valfisk; + }; + }; +} From 2421418b660ceb89af4f7faf21f757a8d7be29e9 Mon Sep 17 00:00:00 2001 From: Ryan Cao <70191398+ryanccn@users.noreply.github.com> Date: Sat, 28 Oct 2023 22:45:57 +0800 Subject: [PATCH 02/13] fix typo --- nix/cross.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nix/cross.nix b/nix/cross.nix index 4b591a9..2126ff8 100644 --- a/nix/cross.nix +++ b/nix/cross.nix @@ -16,7 +16,7 @@ for a minimal docker image x86_64-linux = pkgs.pkgsStatic; aarch64-linux = pkgs.pkgsStatic; x86_64-darwin = pkgs.pkgsCross.gnu64.pkgsStatic; - aarch64-darwin = pkgs.pkgsCross.aarch64-multiplatform.pkgsStaitc; + aarch64-darwin = pkgs.pkgsCross.aarch64-multiplatform.pkgsStatic; }; crossPkgs = crossPkgsFor.${system}; From d007cd9aa735d514f772112e2c523012993a541c Mon Sep 17 00:00:00 2001 From: seth Date: Sun, 29 Oct 2023 02:06:20 -0400 Subject: [PATCH 03/13] refactor: move more out of flake.nix --- flake.nix | 26 ++------------------------ nix/cross.nix | 18 ++++++++---------- nix/default.nix | 30 ++++++------------------------ nix/derivation.nix | 27 +++++++++++++++++++++++++++ nix/dev.nix | 10 +++++++++- nix/overlay.nix | 2 +- 6 files changed, 53 insertions(+), 60 deletions(-) create mode 100644 nix/derivation.nix diff --git a/flake.nix b/flake.nix index 9270f83..50d03f2 100644 --- a/flake.nix +++ b/flake.nix @@ -11,19 +11,9 @@ parts.inputs.nixpkgs-lib.follows = "nixpkgs"; }; - outputs = { - self, - parts, - ... - } @ inputs: + outputs = {parts, ...} @ inputs: parts.lib.mkFlake {inherit inputs;} { - imports = [ - ./nix/cross.nix - ./nix/docker.nix - ./nix/dev.nix - ./nix/overlay.nix - ./nix/packages.nix - ]; + imports = [./nix]; systems = [ "x86_64-linux" @@ -31,17 +21,5 @@ "x86_64-darwin" "aarch64-darwin" ]; - - perSystem = { - pkgs, - lib, - ... - }: { - formatter = pkgs.alejandra; - - _module.args = { - fromOverlay = p: lib.fix (final: self.overlays.default final p); - }; - }; }; } diff --git a/nix/cross.nix b/nix/cross.nix index 2126ff8..6a90205 100644 --- a/nix/cross.nix +++ b/nix/cross.nix @@ -34,17 +34,15 @@ for a minimal docker image cargo = toolchain; rustc = toolchain; }; - in { - valfisk-static = let - formattedConfig = lib.toUpper (builtins.replaceStrings ["-"] ["_"] config); - linker = "${crossPkgs.stdenv.cc}/bin/${crossPkgs.stdenv.cc.targetPrefix}cc"; - valfisk = (fromOverlay crossPkgs).valfisk.override {naersk = naersk';}; - in - valfisk.overrideAttrs (_: { - CARGO_BUILD_TARGET = config; - "CARGO_TARGET_${formattedConfig}_LINKER" = linker; - }); + formattedConfig = lib.toUpper (builtins.replaceStrings ["-"] ["_"] config); + linker = "${crossPkgs.stdenv.cc}/bin/${crossPkgs.stdenv.cc.targetPrefix}cc"; + valfisk = (fromOverlay crossPkgs).valfisk.override {naersk = naersk';}; + in { + valfisk-static = valfisk.overrideAttrs (_: { + CARGO_BUILD_TARGET = config; + "CARGO_TARGET_${formattedConfig}_LINKER" = linker; + }); }; }; } diff --git a/nix/default.nix b/nix/default.nix index 5a30c68..eb39497 100644 --- a/nix/default.nix +++ b/nix/default.nix @@ -1,27 +1,9 @@ { - naersk, - stdenv, - lib, - CoreFoundation, - Security, - SystemConfiguration, - IOKit, -}: -naersk.buildPackage { - src = lib.cleanSource ./..; - - nativeBuildInputs = lib.optionals stdenv.hostPlatform.isDarwin [ - CoreFoundation - Security - SystemConfiguration - IOKit + imports = [ + ./cross.nix + ./dev.nix + ./docker.nix + ./overlay.nix + ./packages.nix ]; - - meta = with lib; { - mainProgram = "valfisk"; - description = "Next generation Ryanland Discord bot, written in Rust"; - homepage = "https://github.com/ryanccn/valfisk"; - maintainers = with maintainers; [getchoo ryanccn]; - licenses = licenses.agpl3Only; - }; } diff --git a/nix/derivation.nix b/nix/derivation.nix new file mode 100644 index 0000000..5a30c68 --- /dev/null +++ b/nix/derivation.nix @@ -0,0 +1,27 @@ +{ + naersk, + stdenv, + lib, + CoreFoundation, + Security, + SystemConfiguration, + IOKit, +}: +naersk.buildPackage { + src = lib.cleanSource ./..; + + nativeBuildInputs = lib.optionals stdenv.hostPlatform.isDarwin [ + CoreFoundation + Security + SystemConfiguration + IOKit + ]; + + meta = with lib; { + mainProgram = "valfisk"; + description = "Next generation Ryanland Discord bot, written in Rust"; + homepage = "https://github.com/ryanccn/valfisk"; + maintainers = with maintainers; [getchoo ryanccn]; + licenses = licenses.agpl3Only; + }; +} diff --git a/nix/dev.nix b/nix/dev.nix index 4f18c7e..887c7c0 100644 --- a/nix/dev.nix +++ b/nix/dev.nix @@ -1,5 +1,6 @@ -{ +{self, ...}: { perSystem = { + lib, pkgs, self', ... @@ -13,5 +14,12 @@ inputsFrom = [self'.packages.default]; }; }; + + formatter = pkgs.alejandra; + + _module.args = { + # helper function to evaluate valfisk using different instances of nixpkgs + fromOverlay = p: lib.fix (final: self.overlays.default final p); + }; }; } diff --git a/nix/overlay.nix b/nix/overlay.nix index b8b6561..f577ead 100644 --- a/nix/overlay.nix +++ b/nix/overlay.nix @@ -1,6 +1,6 @@ {inputs, ...}: { flake.overlays.default = final: prev: { - valfisk = prev.callPackage ./default.nix { + valfisk = prev.callPackage ./derivation.nix { /* the packages in this flake will use the pure `naersk.lib`, while users consuming this overlay directly will only fallback to it From 71eca910742c1dd1d887f26b7247bef2398181db Mon Sep 17 00:00:00 2001 From: seth Date: Sun, 29 Oct 2023 02:08:01 -0400 Subject: [PATCH 04/13] ci: build linux musl binaries --- .github/workflows/nix.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml index 222fb8a..c2490ac 100644 --- a/.github/workflows/nix.yml +++ b/.github/workflows/nix.yml @@ -11,6 +11,7 @@ jobs: strategy: matrix: os: [ubuntu-latest, macos-latest] + attr: [valfisk, valfisk-static] runs-on: ${{ matrix.os }} @@ -23,8 +24,8 @@ jobs: - name: Setup Nix cache uses: DeterminateSystems/magic-nix-cache-action@v2 - - name: Build - run: nix build -L --accept-flake-config --fallback .#valfisk + - name: Build ${{ matrix.attr }} + run: nix build -L --accept-flake-config --fallback .#${{ matrix.attr }} check: runs-on: ubuntu-latest From e1a5d0d304bcb8b53b9954dec0f68e47367da46a Mon Sep 17 00:00:00 2001 From: seth Date: Sun, 29 Oct 2023 02:29:08 -0400 Subject: [PATCH 05/13] fix(nix): don't use crossPkgs/pkgsStatic to build musl binaries --- nix/cross.nix | 4 ++-- nix/dev.nix | 8 +------- nix/packages.nix | 6 +++--- 3 files changed, 6 insertions(+), 12 deletions(-) diff --git a/nix/cross.nix b/nix/cross.nix index 6a90205..2d8b7f8 100644 --- a/nix/cross.nix +++ b/nix/cross.nix @@ -8,7 +8,7 @@ for a minimal docker image pkgs, system, inputs', - fromOverlay, + self', ... }: { legacyPackages = let @@ -37,7 +37,7 @@ for a minimal docker image formattedConfig = lib.toUpper (builtins.replaceStrings ["-"] ["_"] config); linker = "${crossPkgs.stdenv.cc}/bin/${crossPkgs.stdenv.cc.targetPrefix}cc"; - valfisk = (fromOverlay crossPkgs).valfisk.override {naersk = naersk';}; + valfisk = self'.packages.valfisk.override {naersk = naersk';}; in { valfisk-static = valfisk.overrideAttrs (_: { CARGO_BUILD_TARGET = config; diff --git a/nix/dev.nix b/nix/dev.nix index 887c7c0..cd2fc65 100644 --- a/nix/dev.nix +++ b/nix/dev.nix @@ -1,6 +1,5 @@ -{self, ...}: { +{ perSystem = { - lib, pkgs, self', ... @@ -16,10 +15,5 @@ }; formatter = pkgs.alejandra; - - _module.args = { - # helper function to evaluate valfisk using different instances of nixpkgs - fromOverlay = p: lib.fix (final: self.overlays.default final p); - }; }; } diff --git a/nix/packages.nix b/nix/packages.nix index c7ee758..c353d5b 100644 --- a/nix/packages.nix +++ b/nix/packages.nix @@ -1,11 +1,11 @@ -{ +{self, ...}: { perSystem = { + lib, pkgs, - fromOverlay, ... }: { packages = let - pkgs' = fromOverlay pkgs; + pkgs' = lib.fix (final: self.overlays.default final pkgs); in { inherit (pkgs') valfisk; default = pkgs'.valfisk; From 01e6a87539c2878f9844ae5dd0ee1a45c026c4ff Mon Sep 17 00:00:00 2001 From: seth Date: Wed, 8 Nov 2023 18:19:57 -0500 Subject: [PATCH 06/13] refactor(flake): simplify cross arch docker builds --- .github/workflows/docker.yml | 121 +++++++++++------------------- .github/workflows/nix.yml | 9 +-- .github/workflows/update-lock.yml | 1 + Dockerfile | 35 --------- flake.lock | 30 ++++---- nix/cross.nix | 48 ------------ nix/default.nix | 2 - nix/derivation.nix | 3 + nix/dev.nix | 5 +- nix/docker.nix | 84 ++++++++++++++++++--- nix/overlay.nix | 24 ------ nix/packages.nix | 24 ++++-- 12 files changed, 160 insertions(+), 226 deletions(-) delete mode 100644 Dockerfile delete mode 100644 nix/cross.nix delete mode 100644 nix/overlay.nix diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index e20853d..38f35e3 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -3,114 +3,81 @@ name: Docker on: push: branches: ["main"] - -env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }} - -permissions: - contents: read - packages: write + pull_request: + branches: ["main"] jobs: build: runs-on: ubuntu-latest strategy: matrix: - platform: - - linux/amd64 - # - linux/arm64 + arch: [amd64, arm64v8] steps: - name: Checkout repository uses: actions/checkout@v4 - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - if: ${{ matrix.platform != 'linux/amd64' }} + - name: Install Nix + uses: DeterminateSystems/nix-installer-action@v7 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Log in to the Container registry - uses: docker/login-action@v3 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} + - name: Setup Nix cache + uses: DeterminateSystems/magic-nix-cache-action@v2 - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v5 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - tags: | - type=ref,event=branch - type=raw,value=latest - - - name: Build and push by digest - uses: docker/build-push-action@v5 - id: build - with: - context: . - provenance: false - labels: ${{ steps.meta.outputs.labels }} - platforms: ${{ matrix.platform }} - cache-from: type=gha - cache-to: type=gha,mode=max - outputs: type=image,name=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }},push-by-digest=true,name-canonical=true,push=true - - - name: Export digests + - name: Build Docker image + id: image run: | - mkdir -p /tmp/digests - digest="${{ steps.build.outputs.digest }}" - touch "/tmp/digests/${digest#sha256:}" + nix build -L .#container-${{ matrix.arch }} + [ ! -L result ] && exit 1 + echo "path=$(realpath result)" >> "$GITHUB_OUTPUT" - - name: Upload digests + - name: Upload images uses: actions/upload-artifact@v3 with: - name: digests - path: /tmp/digests/* + name: container-${{ matrix.arch }} + path: ${{ steps.image.outputs.path }} if-no-files-found: error retention-days: 1 push: + needs: build runs-on: ubuntu-latest - needs: - - build + + env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + + permissions: + packages: write + + if: github.event_name == 'push' steps: - - name: Download digests - uses: actions/download-artifact@v3 + - uses: actions/download-artifacts@v3 with: - name: digests - path: /tmp/digests - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + path: images - name: Log in to the Container registry uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} + password: ${{ github.token }} - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v5 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - tags: | - type=ref,event=branch - type=raw,value=latest - - - name: Create manifest list and push - working-directory: /tmp/digests + - name: Push to Registry + env: + TAG: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest run: | - docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ - $(printf '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *) + set -eux - - name: Inspect image - run: | - docker buildx imagetools inspect ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }} + architectures=("x86_64" "aarch64") + for arch in "${architectures[@]}"; do + docker load < images/container-"$arch"/*.tar.gz + docker tag ${{ env.IMAGE_NAME }}:latest-"$arch" ${{ env.TAG }}-"$arch" + docker push ${{ env.TAG }}-"$arch" + done + + docker manifest create ${{ env.TAG }} \ + --amend ${{ env.TAG }}-amd64 \ + --amend ${{ env.TAG }}-arm64v8 + + docker manifest push ${{ env.TAG }} diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml index c2490ac..a139450 100644 --- a/.github/workflows/nix.yml +++ b/.github/workflows/nix.yml @@ -11,7 +11,6 @@ jobs: strategy: matrix: os: [ubuntu-latest, macos-latest] - attr: [valfisk, valfisk-static] runs-on: ${{ matrix.os }} @@ -20,12 +19,12 @@ jobs: uses: actions/checkout@v4 - name: Install Nix - uses: DeterminateSystems/nix-installer-action@v6 + uses: DeterminateSystems/nix-installer-action@v7 - name: Setup Nix cache uses: DeterminateSystems/magic-nix-cache-action@v2 - - name: Build ${{ matrix.attr }} - run: nix build -L --accept-flake-config --fallback .#${{ matrix.attr }} + - name: Build valfisk + run: nix build -L --accept-flake-config --fallback check: runs-on: ubuntu-latest @@ -35,7 +34,7 @@ jobs: uses: actions/checkout@v4 - name: Install Nix - uses: DeterminateSystems/nix-installer-action@v6 + uses: DeterminateSystems/nix-installer-action@v7 - name: Setup Nix cache uses: DeterminateSystems/magic-nix-cache-action@v2 diff --git a/.github/workflows/update-lock.yml b/.github/workflows/update-lock.yml index 6220db2..3dbe45c 100644 --- a/.github/workflows/update-lock.yml +++ b/.github/workflows/update-lock.yml @@ -16,6 +16,7 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v4 + - name: Install Nix uses: DeterminateSystems/nix-installer-action@v6 diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 66f3fc2..0000000 --- a/Dockerfile +++ /dev/null @@ -1,35 +0,0 @@ -FROM rust:1.72-alpine as common-build -ARG TARGETPLATFORM -RUN \ - if [ "$TARGETPLATFORM" = "linux/amd64" ]; then target="x86_64-unknown-linux-musl"; \ - elif [ "$TARGETPLATFORM" = "linux/arm64" ]; then target="aarch64-unknown-linux-musl"; \ - else echo "Unsupported platform ${TARGETPLATFORM}!" && exit 1; \ - fi && \ - echo "$target" > /tmp/rust-target - -RUN apk update && apk upgrade && apk add --no-cache musl-dev -RUN rustup target add "$(cat /tmp/rust-target)" -RUN cargo install cargo-chef --locked - -WORKDIR /build - -FROM common-build AS planner - -COPY . ./ -RUN cargo chef prepare --recipe-path recipe.json - -FROM common-build AS builder -ENV CARGO_BUILD_RUSTFLAGS="-C target-feature=+crt-static" - -COPY --from=planner /build/recipe.json recipe.json -RUN cargo chef cook --recipe-path recipe.json --release --locked --target "$(cat /tmp/rust-target)" - -COPY . ./ -RUN cargo build --release --locked --target "$(cat /tmp/rust-target)" --bin valfisk && \ - mv "./target/$(cat /tmp/rust-target)/release/valfisk" ./valfisk - -FROM gcr.io/distroless/static:latest -COPY --from=builder /build/valfisk /valfisk - -USER nonroot -CMD ["/valfisk"] diff --git a/flake.lock b/flake.lock index c55f390..16b730b 100644 --- a/flake.lock +++ b/flake.lock @@ -8,11 +8,11 @@ "rust-analyzer-src": "rust-analyzer-src" }, "locked": { - "lastModified": 1697523781, - "narHash": "sha256-Rp+9WNkvJrNwz3xAjwZg70bijTlHSLcPMF1qv0ScPHU=", + "lastModified": 1700029366, + "narHash": "sha256-0URFgoMK5M+xs2hHEGRJN/04Qy/nXrDgftZ7KTx0kA8=", "owner": "nix-community", "repo": "fenix", - "rev": "0471e46dc6140903f45adfc0ad2f9a8a6f1539b4", + "rev": "092bd452904e749efa39907aa4a20a42678ac31e", "type": "github" }, "original": { @@ -28,11 +28,11 @@ ] }, "locked": { - "lastModified": 1694081375, - "narHash": "sha256-vzJXOUnmkMCm3xw8yfPP5m8kypQ3BhAIRe4RRCWpzy8=", + "lastModified": 1698420672, + "narHash": "sha256-/TdeHMPRjjdJub7p7+w55vyABrsJlt5QkznPYy55vKA=", "owner": "nix-community", "repo": "naersk", - "rev": "3f976d822b7b37fc6fb8e6f157c2dd05e7e94e89", + "rev": "aeb58d5e8faead8980a807c840232697982d47b9", "type": "github" }, "original": { @@ -43,11 +43,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1698134075, - "narHash": "sha256-foCD+nuKzfh49bIoiCBur4+Fx1nozo+4C/6k8BYk4sg=", + "lastModified": 1699781429, + "narHash": "sha256-UYefjidASiLORAjIvVsUHG6WBtRhM67kTjEY4XfZOFs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8efd5d1e283604f75a808a20e6cde0ef313d07d4", + "rev": "e44462d6021bfe23dfb24b775cc7c390844f773d", "type": "github" }, "original": { @@ -63,11 +63,11 @@ ] }, "locked": { - "lastModified": 1696343447, - "narHash": "sha256-B2xAZKLkkeRFG5XcHHSXXcP7To9Xzr59KXeZiRf4vdQ=", + "lastModified": 1698882062, + "narHash": "sha256-HkhafUayIqxXyHH1X8d9RDl1M2CkFgZLjKD3MzabiEo=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4", + "rev": "8c9fa2545007b49a5db5f650ae91f227672c3877", "type": "github" }, "original": { @@ -87,11 +87,11 @@ "rust-analyzer-src": { "flake": false, "locked": { - "lastModified": 1697480602, - "narHash": "sha256-XiBylVAQRwulBD0pEbct9ir+dLEAe8j3oJyrNnmRL3w=", + "lastModified": 1699996283, + "narHash": "sha256-oj9l5vjhZTUGp8J+6bRfzMIRGsMZvdRQ+hBc6ksZtRU=", "owner": "rust-lang", "repo": "rust-analyzer", - "rev": "d6afb4fa239fe7b5b34e5cefa9e58148fdff65b8", + "rev": "c1e65aa58866cb80849a8d9d1705b537be62db2f", "type": "github" }, "original": { diff --git a/nix/cross.nix b/nix/cross.nix deleted file mode 100644 index 2d8b7f8..0000000 --- a/nix/cross.nix +++ /dev/null @@ -1,48 +0,0 @@ -/* -mainly for internal use. builds static linux binaries -for a minimal docker image -*/ -{inputs, ...}: { - perSystem = { - lib, - pkgs, - system, - inputs', - self', - ... - }: { - legacyPackages = let - crossPkgsFor = { - x86_64-linux = pkgs.pkgsStatic; - aarch64-linux = pkgs.pkgsStatic; - x86_64-darwin = pkgs.pkgsCross.gnu64.pkgsStatic; - aarch64-darwin = pkgs.pkgsCross.aarch64-multiplatform.pkgsStatic; - }; - - crossPkgs = crossPkgsFor.${system}; - inherit (crossPkgs.stdenv.hostPlatform) config; - - toolchain = with inputs'.fenix.packages; - combine [ - minimal.rustc - minimal.cargo - # aarch64/x86_64-unknown-linux-musl don't have minimal targets :( - (targets.${config}.minimal or targets.${config}.latest).rust-std - ]; - - naersk' = inputs.naersk.lib.${system}.override { - cargo = toolchain; - rustc = toolchain; - }; - - formattedConfig = lib.toUpper (builtins.replaceStrings ["-"] ["_"] config); - linker = "${crossPkgs.stdenv.cc}/bin/${crossPkgs.stdenv.cc.targetPrefix}cc"; - valfisk = self'.packages.valfisk.override {naersk = naersk';}; - in { - valfisk-static = valfisk.overrideAttrs (_: { - CARGO_BUILD_TARGET = config; - "CARGO_TARGET_${formattedConfig}_LINKER" = linker; - }); - }; - }; -} diff --git a/nix/default.nix b/nix/default.nix index eb39497..02c9bce 100644 --- a/nix/default.nix +++ b/nix/default.nix @@ -1,9 +1,7 @@ { imports = [ - ./cross.nix ./dev.nix ./docker.nix - ./overlay.nix ./packages.nix ]; } diff --git a/nix/derivation.nix b/nix/derivation.nix index 5a30c68..64f3222 100644 --- a/nix/derivation.nix +++ b/nix/derivation.nix @@ -6,6 +6,7 @@ Security, SystemConfiguration, IOKit, + optimizeSize ? false, }: naersk.buildPackage { src = lib.cleanSource ./..; @@ -17,6 +18,8 @@ naersk.buildPackage { IOKit ]; + RUSTFLAGS = lib.optionalString optimizeSize " -C codegen-units=1 -C strip=symbols -C opt-level=z"; + meta = with lib; { mainProgram = "valfisk"; description = "Next generation Ryanland Discord bot, written in Rust"; diff --git a/nix/dev.nix b/nix/dev.nix index cd2fc65..aaa0394 100644 --- a/nix/dev.nix +++ b/nix/dev.nix @@ -1,16 +1,17 @@ { perSystem = { pkgs, - self', + config, ... }: { devShells = { default = pkgs.mkShell { packages = with pkgs; [ rustfmt + clippy ]; - inputsFrom = [self'.packages.default]; + inputsFrom = [config.packages.default]; }; }; diff --git a/nix/docker.nix b/nix/docker.nix index ae6199f..9cd3293 100644 --- a/nix/docker.nix +++ b/nix/docker.nix @@ -1,23 +1,83 @@ -{ +{inputs, ...}: { perSystem = { lib, pkgs, - self', + system, + config, + inputs', ... - }: { - legacyPackages = { - valfisk-docker = pkgs.dockerTools.buildImage { - name = "valfisk"; - tag = "latest"; + }: let + crossPkgsFor = lib.fix (finalAttrs: { + "x86_64-linux" = { + "amd64" = pkgs.pkgsStatic; + "arm64v8" = pkgs.pkgsCross.aarch64-multiplatform.pkgsStatic; + }; - copyToRoot = [ - pkgs.dockerTools.caCertificates - ]; + "aarch64-linux" = { + "amd64" = pkgs.pkgsCross.musl64; + "arm64v8" = pkgs.pkgsStatic; + }; + + "x86_64-darwin" = { + "amd64" = pkgs.pkgsCross.musl64; + "arm64v8" = pkgs.pkgsCross.aarch64-multiplatform.pkgsStatic; + }; + + "aarch64-darwin" = finalAttrs."x86_64-darwin"; + }); + + nativeArchFor = { + "amd64" = "x86_64"; + "arm64v8" = "aarch64"; + }; - config.Cmd = [ - "${lib.getExe self'.legacyPackages.valfisk-static}" + valfiskFor = arch: let + target = "${nativeArchFor.${arch}}-unknown-linux-musl"; + target' = builtins.replaceStrings ["-"] ["_"] target; + targetUpper = lib.toUpper target'; + + toolchain = with inputs'.fenix.packages; + combine [ + minimal.cargo + minimal.rustc + targets.${target}.latest.rust-std ]; + + naersk' = inputs.naersk.lib.${system}.override { + cargo = toolchain; + rustc = toolchain; }; + + valfisk = config.packages.valfisk.override { + naersk = naersk'; + optimizeSize = true; + }; + + inherit (crossPkgsFor.${system}.${arch}.stdenv) cc; + in + lib.getExe ( + valfisk.overrideAttrs (_: + lib.fix (finalAttrs: { + CARGO_BUILD_TARGET = target; + "CC_${target'}" = "${cc}/bin/${cc.targetPrefix}cc"; + "CARGO_TARGET_${targetUpper}_RUSTFLAGS" = "-C target-feature=+crt-static"; + "CARGO_TARGET_${targetUpper}_LINKER" = finalAttrs."CC_${target'}"; + })) + ); + + containerFor = arch: + pkgs.dockerTools.buildImage { + name = "ryanccn/valfisk"; + tag = "latest-${arch}"; + copyToRoot = [pkgs.dockerTools.caCertificates]; + config.Cmd = [(valfiskFor arch)]; + + architecture = crossPkgsFor.${system}.${arch}.go.GOARCH; + }; + in { + legacyPackages = { + container-amd64 = containerFor "amd64"; + container-arm64v8 = containerFor "arm64v8"; }; }; } diff --git a/nix/overlay.nix b/nix/overlay.nix deleted file mode 100644 index f577ead..0000000 --- a/nix/overlay.nix +++ /dev/null @@ -1,24 +0,0 @@ -{inputs, ...}: { - flake.overlays.default = final: prev: { - valfisk = prev.callPackage ./derivation.nix { - /* - the packages in this flake will use the pure `naersk.lib`, - while users consuming this overlay directly will only fallback to it - (or a new derivation) when needed. - */ - naersk = - final.naersk - or inputs.naersk.lib.${prev.stdenv.hostPlatform.system} - or (prev.callPackage inputs.naersk {}); - - inherit - ((final.darwin or prev.darwin).apple_sdk.frameworks) - CoreFoundation - Security - SystemConfiguration - ; - - inherit (final.darwin or prev.darwin) IOKit; - }; - }; -} diff --git a/nix/packages.nix b/nix/packages.nix index c353d5b..b360046 100644 --- a/nix/packages.nix +++ b/nix/packages.nix @@ -1,14 +1,26 @@ -{self, ...}: { +{inputs, ...}: { perSystem = { lib, pkgs, + system, + config, ... }: { - packages = let - pkgs' = lib.fix (final: self.overlays.default final pkgs); - in { - inherit (pkgs') valfisk; - default = pkgs'.valfisk; + packages = { + valfisk = pkgs.callPackage ./derivation.nix { + naersk = inputs.naersk.lib.${system}; + + inherit + (pkgs.darwin.apple_sdk.frameworks) + CoreFoundation + Security + SystemConfiguration + ; + + inherit (pkgs.darwin) IOKit; + }; + + default = config.packages.valfisk; }; }; } From 2b9cff0a8f5369be6002c4549f72611863864055 Mon Sep 17 00:00:00 2001 From: seth Date: Thu, 16 Nov 2023 01:46:53 -0500 Subject: [PATCH 07/13] ci: separate docker build & upload workflows this allows for docker builds to be triggered & tested through ci for prs, without the risk of uploading the image (or getting annoyed with skipped jobs) --- .github/workflows/docker.yml | 47 +------------------------------ .github/workflows/nix.yml | 4 +-- .github/workflows/upload.yml | 54 ++++++++++++++++++++++++++++++++++++ 3 files changed, 57 insertions(+), 48 deletions(-) create mode 100644 .github/workflows/upload.yml diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 38f35e3..5943d9f 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -1,8 +1,7 @@ name: Docker on: - push: - branches: ["main"] + workflow_call: pull_request: branches: ["main"] @@ -37,47 +36,3 @@ jobs: path: ${{ steps.image.outputs.path }} if-no-files-found: error retention-days: 1 - - push: - needs: build - runs-on: ubuntu-latest - - env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }} - - permissions: - packages: write - - if: github.event_name == 'push' - - steps: - - uses: actions/download-artifacts@v3 - with: - path: images - - - name: Log in to the Container registry - uses: docker/login-action@v3 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ github.token }} - - - name: Push to Registry - env: - TAG: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - run: | - set -eux - - architectures=("x86_64" "aarch64") - for arch in "${architectures[@]}"; do - docker load < images/container-"$arch"/*.tar.gz - docker tag ${{ env.IMAGE_NAME }}:latest-"$arch" ${{ env.TAG }}-"$arch" - docker push ${{ env.TAG }}-"$arch" - done - - docker manifest create ${{ env.TAG }} \ - --amend ${{ env.TAG }}-amd64 \ - --amend ${{ env.TAG }}-arm64v8 - - docker manifest push ${{ env.TAG }} diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml index a139450..24af776 100644 --- a/.github/workflows/nix.yml +++ b/.github/workflows/nix.yml @@ -24,7 +24,7 @@ jobs: uses: DeterminateSystems/magic-nix-cache-action@v2 - name: Build valfisk - run: nix build -L --accept-flake-config --fallback + run: nix build -L --fallback check: runs-on: ubuntu-latest @@ -39,4 +39,4 @@ jobs: uses: DeterminateSystems/magic-nix-cache-action@v2 - name: Run checks - run: nix flake check -L --accept-flake-config --show-trace + run: nix flake check -L --show-trace diff --git a/.github/workflows/upload.yml b/.github/workflows/upload.yml new file mode 100644 index 0000000..f0834a1 --- /dev/null +++ b/.github/workflows/upload.yml @@ -0,0 +1,54 @@ +name: Upload to Registry + +on: + push: + branches: [main] + workflow_dispatch: + +jobs: + build: + uses: ./.github/workflows/docker.yml + + push: + needs: build + runs-on: ubuntu-latest + + env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + + permissions: + packages: write + + if: github.event_name == 'push' + + steps: + - uses: actions/download-artifacts@v3 + with: + path: images + + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ github.token }} + + - name: Push to Registry + env: + TAG: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest + run: | + set -eux + + architectures=("x86_64" "aarch64") + for arch in "${architectures[@]}"; do + docker load < images/container-"$arch"/*.tar.gz + docker tag ${{ env.IMAGE_NAME }}:latest-"$arch" ${{ env.TAG }}-"$arch" + docker push ${{ env.TAG }}-"$arch" + done + + docker manifest create ${{ env.TAG }} \ + --amend ${{ env.TAG }}-amd64 \ + --amend ${{ env.TAG }}-arm64v8 + + docker manifest push ${{ env.TAG }} From 0b188089da0ab14c631e9c8836f6fc0a60245d00 Mon Sep 17 00:00:00 2001 From: Ryan Cao <70191398+ryanccn@users.noreply.github.com> Date: Sat, 2 Dec 2023 10:37:09 +0800 Subject: [PATCH 08/13] simplify image name --- .github/workflows/upload.yml | 4 ++-- nix/docker.nix | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/upload.yml b/.github/workflows/upload.yml index f0834a1..231a81b 100644 --- a/.github/workflows/upload.yml +++ b/.github/workflows/upload.yml @@ -16,7 +16,7 @@ jobs: env: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }} - + permissions: packages: write @@ -43,7 +43,7 @@ jobs: architectures=("x86_64" "aarch64") for arch in "${architectures[@]}"; do docker load < images/container-"$arch"/*.tar.gz - docker tag ${{ env.IMAGE_NAME }}:latest-"$arch" ${{ env.TAG }}-"$arch" + docker tag valfisk:latest-"$arch" ${{ env.TAG }}-"$arch" docker push ${{ env.TAG }}-"$arch" done diff --git a/nix/docker.nix b/nix/docker.nix index 9cd3293..f275e16 100644 --- a/nix/docker.nix +++ b/nix/docker.nix @@ -67,7 +67,7 @@ containerFor = arch: pkgs.dockerTools.buildImage { - name = "ryanccn/valfisk"; + name = "valfisk"; tag = "latest-${arch}"; copyToRoot = [pkgs.dockerTools.caCertificates]; config.Cmd = [(valfiskFor arch)]; From f3eabc834c79168cc55a5344f62951b06c864ce7 Mon Sep 17 00:00:00 2001 From: Ryan Cao <70191398+ryanccn@users.noreply.github.com> Date: Sat, 2 Dec 2023 10:47:50 +0800 Subject: [PATCH 09/13] remove IOKit --- nix/derivation.nix | 2 -- nix/packages.nix | 2 -- 2 files changed, 4 deletions(-) diff --git a/nix/derivation.nix b/nix/derivation.nix index 64f3222..710ce0a 100644 --- a/nix/derivation.nix +++ b/nix/derivation.nix @@ -5,7 +5,6 @@ CoreFoundation, Security, SystemConfiguration, - IOKit, optimizeSize ? false, }: naersk.buildPackage { @@ -15,7 +14,6 @@ naersk.buildPackage { CoreFoundation Security SystemConfiguration - IOKit ]; RUSTFLAGS = lib.optionalString optimizeSize " -C codegen-units=1 -C strip=symbols -C opt-level=z"; diff --git a/nix/packages.nix b/nix/packages.nix index b360046..d7e5068 100644 --- a/nix/packages.nix +++ b/nix/packages.nix @@ -16,8 +16,6 @@ Security SystemConfiguration ; - - inherit (pkgs.darwin) IOKit; }; default = config.packages.valfisk; From f4805b551be409eb254bd864d91da5a3755907e5 Mon Sep 17 00:00:00 2001 From: seth Date: Fri, 1 Dec 2023 21:47:26 -0500 Subject: [PATCH 10/13] flake: use proc-flake for redis in devShell --- flake.lock | 34 +++++++++++++++++++++++++++++++++- flake.nix | 8 +++++++- nix/dev.nix | 19 +++++++++++++++++-- 3 files changed, 57 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index 16b730b..39396d1 100644 --- a/flake.lock +++ b/flake.lock @@ -21,6 +21,21 @@ "type": "github" } }, + "flake-root": { + "locked": { + "lastModified": 1692742795, + "narHash": "sha256-f+Y0YhVCIJ06LemO+3Xx00lIcqQxSKJHXT/yk1RTKxw=", + "owner": "srid", + "repo": "flake-root", + "rev": "d9a70d9c7a5fd7f3258ccf48da9335e9b47c3937", + "type": "github" + }, + "original": { + "owner": "srid", + "repo": "flake-root", + "type": "github" + } + }, "naersk": { "inputs": { "nixpkgs": [ @@ -76,12 +91,29 @@ "type": "github" } }, + "proc-flake": { + "locked": { + "lastModified": 1692742849, + "narHash": "sha256-Nv8SOX+O6twFfPnA9BfubbPLZpqc+UeK6JvIWnWkdb0=", + "owner": "srid", + "repo": "proc-flake", + "rev": "25291b6e3074ad5dd573c1cb7d96110a9591e10f", + "type": "github" + }, + "original": { + "owner": "srid", + "repo": "proc-flake", + "type": "github" + } + }, "root": { "inputs": { "fenix": "fenix", + "flake-root": "flake-root", "naersk": "naersk", "nixpkgs": "nixpkgs", - "parts": "parts" + "parts": "parts", + "proc-flake": "proc-flake" } }, "rust-analyzer-src": { diff --git a/flake.nix b/flake.nix index 50d03f2..7278a66 100644 --- a/flake.nix +++ b/flake.nix @@ -9,11 +9,17 @@ fenix.inputs.nixpkgs.follows = "nixpkgs"; parts.url = "github:hercules-ci/flake-parts"; parts.inputs.nixpkgs-lib.follows = "nixpkgs"; + proc-flake.url = "github:srid/proc-flake"; + flake-root.url = "github:srid/flake-root"; }; outputs = {parts, ...} @ inputs: parts.lib.mkFlake {inherit inputs;} { - imports = [./nix]; + imports = [ + inputs.proc-flake.flakeModule + inputs.flake-root.flakeModule + ./nix + ]; systems = [ "x86_64-linux" diff --git a/nix/dev.nix b/nix/dev.nix index aaa0394..5eb2e40 100644 --- a/nix/dev.nix +++ b/nix/dev.nix @@ -1,17 +1,32 @@ { perSystem = { + lib, pkgs, config, ... }: { + /* + You can run `daemons` in the devShell to launch these; + `REDIS_URL` should be set to `redis://127.0.0.1` + */ + proc.groups.daemons.processes = { + redis.command = lib.getExe' pkgs.redis "redis-server"; + }; + devShells = { default = pkgs.mkShell { packages = with pkgs; [ - rustfmt + config.formatter + config.proc.groups.daemons.package + + cargo + rustc clippy + rustfmt + rust-analyzer ]; - inputsFrom = [config.packages.default]; + RUST_SRC_PATH = "${pkgs.rust.packages.stable.rustPlatform.rustLibSrc}"; }; }; From 422649f95584b137783f7ac70efb698dbe0c285e Mon Sep 17 00:00:00 2001 From: seth Date: Fri, 1 Dec 2023 22:03:25 -0500 Subject: [PATCH 11/13] flake: use regular arch names for docker images --- .github/workflows/docker.yml | 6 +++--- .github/workflows/nix.yml | 4 ++-- .github/workflows/upload.yml | 4 ++-- nix/docker.nix | 23 +++++++++-------------- 4 files changed, 16 insertions(+), 21 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 5943d9f..00b3ebf 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -10,14 +10,14 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - arch: [amd64, arm64v8] + arch: [x86_64, aarch64] steps: - name: Checkout repository uses: actions/checkout@v4 - name: Install Nix - uses: DeterminateSystems/nix-installer-action@v7 + uses: DeterminateSystems/nix-installer-action@v8 - name: Setup Nix cache uses: DeterminateSystems/magic-nix-cache-action@v2 @@ -29,7 +29,7 @@ jobs: [ ! -L result ] && exit 1 echo "path=$(realpath result)" >> "$GITHUB_OUTPUT" - - name: Upload images + - name: Upload image uses: actions/upload-artifact@v3 with: name: container-${{ matrix.arch }} diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml index 24af776..4b15353 100644 --- a/.github/workflows/nix.yml +++ b/.github/workflows/nix.yml @@ -19,7 +19,7 @@ jobs: uses: actions/checkout@v4 - name: Install Nix - uses: DeterminateSystems/nix-installer-action@v7 + uses: DeterminateSystems/nix-installer-action@v8 - name: Setup Nix cache uses: DeterminateSystems/magic-nix-cache-action@v2 @@ -34,7 +34,7 @@ jobs: uses: actions/checkout@v4 - name: Install Nix - uses: DeterminateSystems/nix-installer-action@v7 + uses: DeterminateSystems/nix-installer-action@v8 - name: Setup Nix cache uses: DeterminateSystems/magic-nix-cache-action@v2 diff --git a/.github/workflows/upload.yml b/.github/workflows/upload.yml index 231a81b..d81c062 100644 --- a/.github/workflows/upload.yml +++ b/.github/workflows/upload.yml @@ -48,7 +48,7 @@ jobs: done docker manifest create ${{ env.TAG }} \ - --amend ${{ env.TAG }}-amd64 \ - --amend ${{ env.TAG }}-arm64v8 + --amend ${{ env.TAG }}-x86_64 \ + --amend ${{ env.TAG }}-aarch64 docker manifest push ${{ env.TAG }} diff --git a/nix/docker.nix b/nix/docker.nix index f275e16..9cbf426 100644 --- a/nix/docker.nix +++ b/nix/docker.nix @@ -9,30 +9,25 @@ }: let crossPkgsFor = lib.fix (finalAttrs: { "x86_64-linux" = { - "amd64" = pkgs.pkgsStatic; - "arm64v8" = pkgs.pkgsCross.aarch64-multiplatform.pkgsStatic; + "x86_64" = pkgs.pkgsStatic; + "aarch64" = pkgs.pkgsCross.aarch64-multiplatform.pkgsStatic; }; "aarch64-linux" = { - "amd64" = pkgs.pkgsCross.musl64; - "arm64v8" = pkgs.pkgsStatic; + "x86_64" = pkgs.pkgsCross.musl64; + "aarch64" = pkgs.pkgsStatic; }; "x86_64-darwin" = { - "amd64" = pkgs.pkgsCross.musl64; - "arm64v8" = pkgs.pkgsCross.aarch64-multiplatform.pkgsStatic; + "x86_64" = pkgs.pkgsCross.musl64; + "aarch64" = pkgs.pkgsCross.aarch64-multiplatform.pkgsStatic; }; "aarch64-darwin" = finalAttrs."x86_64-darwin"; }); - nativeArchFor = { - "amd64" = "x86_64"; - "arm64v8" = "aarch64"; - }; - valfiskFor = arch: let - target = "${nativeArchFor.${arch}}-unknown-linux-musl"; + target = "${arch}-unknown-linux-musl"; target' = builtins.replaceStrings ["-"] ["_"] target; targetUpper = lib.toUpper target'; @@ -76,8 +71,8 @@ }; in { legacyPackages = { - container-amd64 = containerFor "amd64"; - container-arm64v8 = containerFor "arm64v8"; + container-x86_64 = containerFor "x86_64"; + container-aarch64 = containerFor "aarch64"; }; }; } From 99033d7c1987bf547f515b5147f31f7b11017865 Mon Sep 17 00:00:00 2001 From: seth Date: Fri, 1 Dec 2023 22:09:07 -0500 Subject: [PATCH 12/13] chore: add .envrc and .env.example --- .env.example | 7 +++++++ .envrc | 11 +++++++++++ 2 files changed, 18 insertions(+) create mode 100644 .env.example create mode 100644 .envrc diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..d8c2988 --- /dev/null +++ b/.env.example @@ -0,0 +1,7 @@ +TOKEN="AAAAA" +GUILD_ID="AAAAA" +ERROR_LOGS_CHANNEL="AAAAA" +PAGESPEED_API_KEY="AAAAA" +REDIS_URL="redis://127.0.0.1/" +HOST="0.0.0.0" +PORT="8080" diff --git a/.envrc b/.envrc new file mode 100644 index 0000000..0cfcdcc --- /dev/null +++ b/.envrc @@ -0,0 +1,11 @@ +# only use flake when `nix` is present +if command -v nix &> /dev/null; then + if ! has nix_direnv_version || ! nix_direnv_version 2.2.1; then + source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/2.2.1/direnvrc" "sha256-zelF0vLbEl5uaqrfIzbgNzJWGmLzCmYAkInj/LNxvKs=" + fi + + watch_file ./nix/dev.nix + use flake +fi + +dotenv_if_exists From e944b98874817c9541ec4c602b86a9cfa8a2d887 Mon Sep 17 00:00:00 2001 From: Ryan Cao <70191398+ryanccn@users.noreply.github.com> Date: Sat, 2 Dec 2023 03:37:14 +0000 Subject: [PATCH 13/13] update .env.example --- .env.example | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/.env.example b/.env.example index d8c2988..237c2d9 100644 --- a/.env.example +++ b/.env.example @@ -1,7 +1,9 @@ -TOKEN="AAAAA" -GUILD_ID="AAAAA" -ERROR_LOGS_CHANNEL="AAAAA" -PAGESPEED_API_KEY="AAAAA" -REDIS_URL="redis://127.0.0.1/" -HOST="0.0.0.0" -PORT="8080" +DISCORD_TOKEN= +PAGESPEED_API_KEY= +REDIS_URL= + +GUILD_ID= +ERROR_LOGS_CHANNEL= + +HOST= +PORT=