Deterministic Maven builds using Nix?
First you need to install the Nix package manager, if you already haven't.
nix-env -i -f https://github.com/nix-community/mavenix/tarball/master
First we need to create some stub Nix expression files. cd
into your maven
project directory and run:
mvnix-init
Follow the instructions displayed.
The mvnix-update
script generates a mavenix.lock
file:
mvnix-update
Note the mvnix-update
script expects a default.nix
that evaluates to the derivation,
just as is generated by mvnix-init
. It is possible however to pass in a custom expression
in order to update the derivation. E.g., if the derivation is the attribute pkgset.pkg
:
mvnix-update -E "(import ./. {}).pkgset.pkg"
If you are packaging a third-party Maven project you can specify a Nix expression that returns the source of that project.
This makes it possible to generate a lock file without having to first manually clone the target project repository.
E.g. generate and build a Nix package for Traccar v4.2:
mvnix-init -S 'fetchGit { url = git://github.com/traccar/traccar.git; ref = "v4.2"; }'
mvnix-update
nix-build
Or a Spring Boot application:
mvnix-init -S 'fetchTarball https://github.com/Gerschtli/spring-rest-api/tarball/master'
mvnix-update
nix-build