add nix flake with dev shells and limited crane based checks #455
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| use flake . |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,186 @@ | ||
| { | ||
| description = "rust-payjoin"; | ||
|
|
||
| inputs = { | ||
| nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; | ||
| flake-utils.url = "github:numtide/flake-utils"; | ||
| rust-overlay = { | ||
| url = "github:oxalica/rust-overlay"; | ||
| inputs.nixpkgs.follows = "nixpkgs"; | ||
| }; | ||
| crane.url = "github:ipetkov/crane"; | ||
| }; | ||
|
|
||
| outputs = { | ||
| self, | ||
| nixpkgs, | ||
| flake-utils, | ||
| rust-overlay, | ||
| crane, | ||
| }: | ||
| flake-utils.lib.eachDefaultSystem ( | ||
| system: let | ||
| pkgs = import nixpkgs { | ||
| inherit system; | ||
| overlays = [rust-overlay.overlays.default]; | ||
| }; | ||
|
|
||
| msrv = "1.63.0"; | ||
| rustVersions = with pkgs.rust-bin; | ||
| builtins.mapAttrs (_name: rust-bin: | ||
| rust-bin.override { | ||
| extensions = ["rust-src" "rustfmt"]; | ||
| }) | ||
| { | ||
| msrv = stable.${msrv}.default; | ||
| stable = stable.latest.default; | ||
| nightly = nightly.latest.default; | ||
|
Comment on lines
+35
to
+37
Contributor
There was a problem hiding this comment. How do we document how to run these devShells? nix develop .#$VERSION was not intuitive to me
Collaborator
Author
There was a problem hiding this comment. not sure if it makes sense in README or some sort of dev documentation, but either or should contain some examples and discuss direnv, the devshells, and the checks
Contributor
There was a problem hiding this comment. This definitely fixes the problem of having the right toolchain for testing so I ask that that gets documented in README and just that. Everything else is neat but doesn't exactly solve a particular problem we've experienced yet afaict |
||
| }; | ||
|
|
||
| # Use crane to define nix packages for the workspace crate | ||
| # based on https://crane.dev/examples/quick-start-workspace.html | ||
| # default to nightly rust toolchain in crane, mainly due to rustfmt difference | ||
| craneLibVersions = builtins.mapAttrs (name: rust-bin: (crane.mkLib pkgs).overrideToolchain (_: rust-bin)) rustVersions; | ||
| craneLib = craneLibVersions.nightly; | ||
| src = craneLib.cleanCargoSource ./.; | ||
| commonArgs = { | ||
| inherit src; | ||
| strictDeps = true; | ||
|
|
||
| # provide fallback name & version for workspace related derivations | ||
| # this is mainly to silence warnings from crane about providing a stub | ||
| # value overridden in per-crate packages with info from Cargo.toml | ||
| pname = "workspace"; | ||
| version = "no-version"; | ||
|
|
||
| # default to recent dependency versions | ||
| # TODO add overrides for minimal lockfile, once #454 is resolved | ||
| cargoLock = ./Cargo-recent.lock; | ||
|
|
||
| # tell bitcoind crate not to try to download during build | ||
| BITCOIND_SKIP_DOWNLOAD = 1; | ||
| }; | ||
|
|
||
| cargoArtifacts = craneLib.buildDepsOnly commonArgs; | ||
| individualCrateArgs = | ||
| commonArgs | ||
| // { | ||
| inherit cargoArtifacts; | ||
| doCheck = false; # skip testing, since that's done in flake check | ||
| }; | ||
|
|
||
| fileSetForCrate = subdir: | ||
| pkgs.lib.fileset.toSource { | ||
| root = ./.; | ||
| fileset = pkgs.lib.fileset.unions [ | ||
| ./Cargo.toml | ||
| (craneLib.fileset.commonCargoSources subdir) | ||
| ]; | ||
| }; | ||
|
|
||
| packages = | ||
| builtins.mapAttrs ( | ||
| name: extraArgs: | ||
| craneLib.buildPackage (individualCrateArgs | ||
| // craneLib.crateNameFromCargoToml {cargoToml = builtins.toPath "${./.}/${name}/Cargo.toml";} | ||
| // { | ||
| cargoExtraArgs = "--locked -p ${name} ${extraArgs}"; | ||
| inherit src; | ||
| }) | ||
| ) { | ||
| "payjoin" = "--features v2,send,receive"; | ||
| "payjoin-cli" = "--features v1,v2"; | ||
| "payjoin-directory" = ""; | ||
| }; | ||
|
|
||
| devShells = builtins.mapAttrs (_name: craneLib: | ||
| craneLib.devShell { | ||
| packages = with pkgs; [ | ||
| cargo-edit | ||
| cargo-nextest | ||
| cargo-watch | ||
| rust-analyzer | ||
| ]; | ||
| }) | ||
| craneLibVersions; | ||
|
|
||
| simpleCheck = args: | ||
| pkgs.stdenvNoCC.mkDerivation ({ | ||
| doCheck = true; | ||
| dontFixup = true; | ||
| installPhase = "mkdir $out"; | ||
| } | ||
| // args); | ||
| in { | ||
| packages = packages; | ||
| devShells = devShells // {default = devShells.nightly;}; | ||
| formatter = pkgs.alejandra; | ||
| checks = | ||
| packages | ||
| // { | ||
| payjoin-workspace-nextest = craneLib.cargoNextest (commonArgs | ||
| // { | ||
| inherit cargoArtifacts; | ||
| partitions = 1; | ||
| partitionType = "count"; | ||
| # TODO also run integration tests | ||
| # this needs --all-features to enable io,_danger_local_https features | ||
| # unfortunately this can't yet work because running docker inside the nix sandbox is not possible, | ||
| # which precludes use of the redis test container | ||
| # cargoExtraArgs = "--locked --all-features"; | ||
| # buildInputs = [ pkgs.bitcoind ]; # not verified to work | ||
| }); | ||
|
|
||
| payjoin-workspace-nextest-msrv = craneLibVersions.msrv.cargoNextest (commonArgs | ||
| // { | ||
| cargoArtifacts = craneLibVersions.msrv.buildDepsOnly commonArgs; | ||
| partitions = 1; | ||
| partitionType = "count"; | ||
| }); | ||
|
|
||
| payjoin-workspace-clippy = craneLib.cargoClippy (commonArgs | ||
| // { | ||
| inherit cargoArtifacts; | ||
| cargoClippyExtraArgs = "--all-targets --all-features --keep-going -- --deny warnings"; | ||
| }); | ||
|
|
||
| payjoin-workspace-doc = craneLib.cargoDoc (commonArgs | ||
| // { | ||
| inherit cargoArtifacts; | ||
| }); | ||
|
|
||
| payjoin-workspace-fmt = craneLib.cargoFmt (commonArgs | ||
| // { | ||
| inherit src; | ||
| }); | ||
|
|
||
| nix-fmt-check = simpleCheck { | ||
| name = "nix-fmt-check"; | ||
| src = pkgs.lib.sources.sourceFilesBySuffices ./. [".nix"]; | ||
| nativeBuildInputs = [pkgs.alejandra]; | ||
| checkPhase = '' | ||
| alejandra -c . | ||
| ''; | ||
| }; | ||
|
|
||
| shfmt = simpleCheck rec { | ||
| name = "shell-checks"; | ||
| src = pkgs.lib.sources.sourceFilesBySuffices ./. [".sh"]; | ||
| nativeBuildInputs = [pkgs.shfmt]; | ||
| checkPhase = '' | ||
| shfmt -d -s -i 4 -ci ${src} | ||
| ''; | ||
| }; | ||
|
Comment on lines
+166
to
+173
Contributor
There was a problem hiding this comment. If this is an option it needs to be a CI check (part of ./contrib/lint.sh?) otherwise we're gonna get fat diffs with lots of formatting changes between diffs that don't run shfmt
Collaborator
Author
There was a problem hiding this comment.
|
||
|
|
||
| shellcheck = simpleCheck rec { | ||
| name = "shell-checks"; | ||
| src = pkgs.lib.sources.sourceFilesBySuffices ./. [".sh"]; | ||
| nativeBuildInputs = [pkgs.shellcheck]; | ||
| checkPhase = '' | ||
| shellcheck -x ${src} | ||
| ''; | ||
| }; | ||
| }; | ||
| } | ||
| ); | ||
| } | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I regret to inform you running
nix flake check --print-build-logsis not intuitive. Is it supposed to be for the nixpilled? IDK what crane does or what any of these changes doThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
crane parses cargo packages and produces nix package derivation for them
it works in stages:
nix flake check, some of which reuse the outputs of steps 1 or 2the checks can be done individually or separately, and are quite costly since they build everything both with nightly and msrv, but should be faster to run after minor code changes due to the caching of the workspace dependencies (caching also works in CI potentially)
the main advantage over shell scripts is that nix can provide a lockfile (flake.lock) for all of the various unix dependencies (anything packaged in nixpkgs), in this case shfmt and shellcheck for example, ensuring that we can use that stuff without dealing with github's bloated and brittle ubuntu images.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems like some interesting and convenient tooling to tinker with and make our dev environments and CI more reliable, AND most importantly giving new devs a path to easily get started contributing. But perhaps it's not the glaring priority of other broken parts preventing more integrations from implementing a maintainable payjoin stack?