From 35b5eda35f32f48d9ab84a8b55d91e3f58607c44 Mon Sep 17 00:00:00 2001 From: Harald Hoyer Date: Wed, 27 Mar 2024 19:25:27 +0100 Subject: [PATCH] feat(flake): use the crane nix lib https://crane.dev/ enables caching of artifacts and potentially reducing build time. Even End to End(E2E) testing could be added: https://crane.dev/examples/end-to-end-testing.html Signed-off-by: Harald Hoyer --- flake.lock | 21 +++++++++ flake.nix | 125 +++++++++++++++++++++++++++++------------------------ 2 files changed, 89 insertions(+), 57 deletions(-) diff --git a/flake.lock b/flake.lock index a821e17ed..87515cc26 100644 --- a/flake.lock +++ b/flake.lock @@ -24,6 +24,26 @@ "type": "github" } }, + "crane": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1711407199, + "narHash": "sha256-A/nB4j3JHL51ztlMQdfKw6y8tUJJzai3bLsZUEEaBxY=", + "owner": "ipetkov", + "repo": "crane", + "rev": "7e468a455506f2e65550e08dfd45092f0857a009", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, "devenv": { "inputs": { "cachix": "cachix", @@ -527,6 +547,7 @@ }, "root": { "inputs": { + "crane": "crane", "devenv": "devenv", "flake-utils": "flake-utils_4", "nixpkgs": "nixpkgs_2", diff --git a/flake.nix b/flake.nix index 32d328833..a3917d98c 100644 --- a/flake.nix +++ b/flake.nix @@ -15,11 +15,17 @@ }; url = "github:oxalica/rust-overlay"; }; + + crane = { + url = "github:ipetkov/crane"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; - outputs = { self, devenv, flake-utils, nixpkgs, rust-overlay, ... } @ inputs: + outputs = { self, devenv, flake-utils, nixpkgs, rust-overlay, crane, ... } @ inputs: flake-utils.lib.eachDefaultSystem (system: let + features = "--all-features"; overlays = [ (import rust-overlay) ]; pkgs = import nixpkgs { inherit overlays system; @@ -30,95 +36,100 @@ rustc = pkgs.rust-bin.stable.latest.minimal; inherit stdenv; }; - baseDependencies = with pkgs; [ + + craneLib = (crane.mkLib pkgs).overrideToolchain pkgs.rust-bin.stable.latest.minimal; + buildInputs = with pkgs; [ openssl sqlite zlib ]; - nativeDependencies = with pkgs; [ + + nativeBuildInputs = with pkgs; [ protobuf pkg-config rustPlatform.bindgenHook ]; - cargoToml = builtins.fromTOML (builtins.readFile ./Cargo.toml); src = pkgs.lib.cleanSourceWith { src = pkgs.lib.cleanSource ./.; filter = name: type: let baseName = baseNameOf (toString name); in !(baseName == "flake.lock" || pkgs.lib.hasSuffix ".nix" baseName); }; - version = cargoToml.workspace.package.version; - basePackage = { - inherit version src; + commonArgs = { + inherit src stdenv buildInputs nativeBuildInputs; + + strictDeps = true; meta = { description = "ActivityPub-federated microblogging"; homepage = "https://joinkitsune.org"; }; - cargoLock = { - lockFile = ./Cargo.lock; - allowBuiltinFetchGit = true; - }; - OPENSSL_NO_VENDOR = 1; - - buildInputs = baseDependencies; - - nativeBuildInputs = nativeDependencies; - - checkFlags = [ - # Depend on creating an HTTP client and that reads from the systems truststore - # Because nix is fully isolated, these types of tests fail - # - # Some (most?) of these also depend on the network? Not good?? - "--skip=activitypub::fetcher::test::federation_allow" - "--skip=activitypub::fetcher::test::federation_deny" - "--skip=activitypub::fetcher::test::fetch_actor" - "--skip=activitypub::fetcher::test::fetch_note" - "--skip=resolve::post::test::parse_mentions" - "--skip=webfinger::test::fetch_qarnax_ap_id" - "--skip=basic_request" - "--skip=json_request" - "--skip=http::handler::well_known::webfinger::tests::basic" - "--skip=http::handler::well_known::webfinger::tests::custom_domain" - "--skip=test::default_resolver_works" - "--skip=fetcher::basic::fetch_actor" - "--skip=fetcher::basic::fetch_emoji" - "--skip=fetcher::basic::fetch_note" - "--skip=fetcher::filter::federation_allow" - "--skip=fetcher::filter::federation_deny" - "--skip=fetcher::infinite::fetch_infinitely_long_reply_chain" - "--skip=fetcher::origin::check_ap_content_type" - "--skip=fetcher::origin::check_ap_id_authority" - "--skip=fetcher::webfinger::fetch_actor_with_custom_acct" - "--skip=fetcher::webfinger::ignore_fake_webfinger_acct" - "--skip=accounts_username" - "--skip=users_username" - "--skip=test::abort_request_works" - "--skip=test::full_test" - ]; + NIX_OUTPATH_USED_AS_RANDOM_SEED = "aaaaaaaaaa"; }; + + cargoTestExtraArgs = pkgs.lib.strings.concatStringsSep " " [ + "--" + # Depend on creating an HTTP client and that reads from the systems truststore + # Because nix is fully isolated, these types of tests fail + # + # Some (most?) of these also depend on the network? Not good?? + "--skip=activitypub::fetcher::test::federation_allow" + "--skip=activitypub::fetcher::test::federation_deny" + "--skip=activitypub::fetcher::test::fetch_actor" + "--skip=activitypub::fetcher::test::fetch_note" + "--skip=resolve::post::test::parse_mentions" + "--skip=webfinger::test::fetch_qarnax_ap_id" + "--skip=basic_request" + "--skip=json_request" + "--skip=http::handler::well_known::webfinger::tests::basic" + "--skip=http::handler::well_known::webfinger::tests::custom_domain" + "--skip=test::default_resolver_works" + "--skip=fetcher::basic::fetch_actor" + "--skip=fetcher::basic::fetch_emoji" + "--skip=fetcher::basic::fetch_note" + "--skip=fetcher::filter::federation_allow" + "--skip=fetcher::filter::federation_deny" + "--skip=fetcher::infinite::fetch_infinitely_long_reply_chain" + "--skip=fetcher::origin::check_ap_content_type" + "--skip=fetcher::origin::check_ap_id_authority" + "--skip=fetcher::webfinger::fetch_actor_with_custom_acct" + "--skip=fetcher::webfinger::ignore_fake_webfinger_acct" + "--skip=accounts_username" + "--skip=users_username" + "--skip=test::abort_request_works" + "--skip=test::full_test" + "--skip=attachment::test::upload_jpeg" + "--skip=post::resolver::test::parse_post" + ]; + + cargoToml = builtins.fromTOML (builtins.readFile ./Cargo.toml); + version = cargoToml.workspace.package.version; + + cargoArtifacts = craneLib.buildDepsOnly (commonArgs // { + pname = "kitsune-workspace"; + cargoExtraArgs = "--locked ${features}"; + src = craneLib.cleanCargoSource src; + }); in { formatter = pkgs.nixpkgs-fmt; packages = rec { - # Hack to make latest devenv work - devenv-up = self.devShells.${system}.default.config.procfileScript; - default = main; - cli = rustPlatform.buildRustPackage (basePackage // { + cli = craneLib.buildPackage (commonArgs // rec { pname = "kitsune-cli"; - cargoBuildFlags = "-p kitsune-cli"; + cargoExtraArgs = "--locked ${features} -p kitsune-cli "; + inherit cargoArtifacts cargoTestExtraArgs; }); - main = rustPlatform.buildRustPackage (basePackage // { + main = craneLib.buildPackage (commonArgs // rec { pname = "kitsune"; - buildFeatures = [ "meilisearch" "oidc" ]; - cargoBuildFlags = "-p kitsune"; + cargoExtraArgs = "--locked ${features} -p kitsune"; + inherit cargoArtifacts cargoTestExtraArgs; }); frontend = pkgs.mkYarnPackage { @@ -155,7 +166,7 @@ rust-bin.stable.latest.default ] ++ - baseDependencies ++ nativeDependencies; + buildInputs ++ nativeBuildInputs; enterShell = '' export PG_HOST=127.0.0.1