-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathflake.nix
146 lines (128 loc) · 4.52 KB
/
flake.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
crane.url = "github:ipetkov/crane";
rust-overlay = {
url = "github:oxalica/rust-overlay";
inputs.nixpkgs.follows = "nixpkgs";
};
flake-utils.url = "github:numtide/flake-utils";
};
outputs =
{
self,
nixpkgs,
rust-overlay,
crane,
flake-utils,
...
}:
let
supportedSystems = [
"aarch64-darwin"
"aarch64-linux"
"x86_64-linux"
];
in
flake-utils.lib.eachSystem supportedSystems (
system:
let
overlays = [ (import rust-overlay) ];
pkgs = import nixpkgs { inherit system overlays; };
inherit (pkgs) lib;
# alternatively, to use a rust-toolchain.toml - which we'll want once runrs becomes stable:
# rustToolchain = pkgs.pkgsBuildHost.rust-bin.fromRustupToolchainFile ./rust-toolchain.toml;
rustToolchain = pkgs.rust-bin.stable.latest.default;
craneLib = (crane.mkLib nixpkgs.legacyPackages.${system}).overrideToolchain rustToolchain;
# Required to NOT filter out SQL files from the source tree. We need them for the build
# process because we compile them into the binary, allowing us to run migrations from just
# the binary without additional tooling.
sqlFilter = path: _type: null != builtins.match "^.*/migrations/.+\.sql$" path;
sqlOrCargo = path: type: (sqlFilter path type) || (craneLib.filterCargoSources path type);
src = lib.cleanSourceWith {
src = craneLib.path ./.; # The original, unfiltered source
filter = sqlOrCargo;
};
commonArgs = {
inherit src;
strictDeps = true;
buildInputs =
with pkgs;
[ openssl ] ++ lib.optionals stdenv.isDarwin [ darwin.apple_sdk.frameworks.Security ];
nativeBuildInputs = with pkgs; [
pkg-config
# This switches rustfmt to the nightly channel.
rust-bin.nightly.latest.rustfmt
];
cargoTestExtraArgs = "--workspace";
};
cargoArtifacts = craneLib.buildDepsOnly commonArgs;
runrs = craneLib.buildPackage (commonArgs // { inherit cargoArtifacts; });
runrs-fmt = craneLib.cargoFmt (commonArgs // { inherit cargoArtifacts; });
runrs-clippy = craneLib.cargoClippy (
commonArgs
// {
inherit cargoArtifacts;
cargoClippyExtraArgs = "--all-targets --no-deps -- --deny warnings --deny clippy::all";
}
);
runrs-test = craneLib.cargoTest (commonArgs // { inherit cargoArtifacts; });
runrs-docker-image = pkgs.dockerTools.buildLayeredImage {
name = "ghcr.io/bmc-labs/runrs";
tag =
if (builtins.pathExists ./version) then
lib.removeSuffix "\n" (builtins.readFile ./version)
else
"latest";
#
# "created" option takes an ISO timestamp or "now"; defaults to UNIX epoch.
#
# Using the default or a fixed timestamp (i.e., the time the git tag was created for a
# release) makes the Docker image bit-level reproducible. Using "now" breaks this.
#
# created = "now";
contents = with pkgs.dockerTools; [
usrBinEnv
binSh
caCertificates
runrs
];
config = {
Cmd = [ "${runrs}/bin/runrs" ];
# These labels are required for GitHub to correctly associate the image with, and thus
# inherit visibility from, the repository.
Labels = {
"org.opencontainers.image.source" = "https://github.com/bmc-labs/runrs";
"org.opencontainers.image.description" = "Manage CI runners via a REST API.";
"org.opencontainers.image.licenses" = "Apache-2.0";
};
# Not technically required to specify here, but a hint for runtime environments.
ExposedPorts = {
"3000/tcp" = { };
};
};
};
in
{
packages = {
default = runrs;
inherit runrs runrs-docker-image;
};
checks = {
inherit
runrs
runrs-fmt
runrs-clippy
runrs-test
;
};
devShells.default = pkgs.mkShell {
inputsFrom = [ runrs ];
packages = with pkgs; [
docker
docker-compose
];
};
}
);
}