diff options
Diffstat (limited to 'src/x509-info/flake.nix')
| -rw-r--r-- | src/x509-info/flake.nix | 221 |
1 files changed, 142 insertions, 79 deletions
diff --git a/src/x509-info/flake.nix b/src/x509-info/flake.nix index 4b7967a..4b95c2e 100644 --- a/src/x509-info/flake.nix +++ b/src/x509-info/flake.nix @@ -2,103 +2,166 @@ description = "A CLI to display information about x509 certificates."; inputs = { - flake-utils.url = "github:numtide/flake-utils"; - nixpkgs.url = "github:NixOS/nixpkgs"; - rust-overlay = { - url = "github:oxalica/rust-overlay"; - inputs = { - flake-utils.follows = "flake-utils"; - nixpkgs.follows = "nixpkgs"; - }; + nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; + + fenix = { + url = "github:nix-community/fenix"; + inputs.nixpkgs.follows = "nixpkgs"; }; - crane = { - url = "github:ipetkov/crane"; + + naersk = { + url = "github:nix-community/naersk"; inputs.nixpkgs.follows = "nixpkgs"; }; - pre-commit-hooks = { - url = "github:cachix/pre-commit-hooks.nix"; - inputs = { - flake-utils.follows = "flake-utils"; - nixpkgs.follows = "nixpkgs"; - }; + + nix = { + url = "github:nixos/nix/2.13.2"; }; + + flake-compat = { url = "github:edolstra/flake-compat"; flake = false; }; }; outputs = { self - , flake-utils , nixpkgs - , rust-overlay - , crane - , pre-commit-hooks - }: - - flake-utils.lib.eachDefaultSystem - (system: - let - pkgs = import nixpkgs { - inherit system; - overlays = [ (import rust-overlay) ]; - }; - rust-toolchain = (pkgs.rust-bin.fromRustupToolchainFile ./rust-toolchain.toml).override { - extensions = [ "rust-src" ]; - }; + , fenix + , naersk + , nix + , ... + } @ inputs: + let + supportedSystems = [ "x86_64-linux" "x86_64-darwin" "aarch64-darwin" ]; - craneLib = (crane.mkLib pkgs).overrideScope' (_: _: { - cargo = rust-toolchain; - clippy = rust-toolchain; - rustc = rust-toolchain; - rustfmt = rust-toolchain; - }); + forAllSystems = f: nixpkgs.lib.genAttrs supportedSystems (system: (forSystem system f)); - src = ./.; + forSystem = system: f: f rec { + inherit system; + pkgs = import nixpkgs { inherit system; overlays = [ self.overlays.default ]; }; + lib = pkgs.lib; + }; - cargoArtifacts = craneLib.buildDepsOnly { - inherit src; - }; + fenixToolchain = system: with fenix.packages.${system}; + combine ([ + stable.clippy + stable.rustc + stable.cargo + stable.rustfmt + stable.rust-src + ] ++ nixpkgs.lib.optionals (system == "x86_64-linux") [ + targets.x86_64-unknown-linux-musl.stable.rust-std + ]); + in + { + overlays.default = final: prev: + let + toolchain = fenixToolchain final.stdenv.system; + naerskLib = final.callPackage naersk { + cargo = toolchain; + rustc = toolchain; + }; + sharedAttrs = { + pname = "x509-info"; + version = "0.1.0"; + src = builtins.path { + name = "x509-info"; + path = self; + }; - x509-info = craneLib.buildPackage { - inherit cargoArtifacts src; - }; - in - { - packages.default = x509-info; - apps.default = flake-utils.lib.mkApp { - drv = x509-info; - }; + nativeBuildInputs = with final; [ ]; + buildInputs = with final; [ ] ++ lib.optionals (final.stdenv.isDarwin) (with final.darwin.apple_sdk.frameworks; [ + SystemConfiguration + ]); + + copyBins = true; + copyDocsToSeparateOutput = true; + + doCheck = true; + doDoc = true; + doDocFail = true; + cargoTestOptions = f: f ++ [ "--all" ]; - checks = { - pre-commit = pre-commit-hooks.lib.${system}.run { - inherit src; - hooks = { - clippy = { - enable = true; - entry = pkgs.lib.mkForce "cargo clippy -- -D warnings"; - }; - nixpkgs-fmt = { - enable = true; - }; - rustfmt = { - enable = true; - entry = pkgs.lib.mkForce "cargo fmt -- --check --color always"; - }; + override = { preBuild ? "", ... }: { + preBuild = preBuild + '' + # logRun "cargo clippy --all-targets --all-features -- -D warnings" + ''; }; }; + in + rec { + x509-info = naerskLib.buildPackage sharedAttrs; + } // nixpkgs.lib.optionalAttrs (prev.stdenv.system == "x86_64-linux") rec { + default = x509-info-static; + x509-info-static = naerskLib.buildPackage + (sharedAttrs // { + CARGO_BUILD_TARGET = "x86_64-unknown-linux-musl"; + }); }; - devShell = pkgs.mkShell { - nativeBuildInputs = with pkgs; [ - rust-toolchain - cargo-deny - ]; + devShells = forAllSystems ({ system, pkgs, ... }: + let + toolchain = fenixToolchain system; + check = import ./nix/check.nix { inherit pkgs toolchain; }; + in + { + default = pkgs.mkShell { + name = "x509-info-shell"; - inherit (self.checks.${system}.pre-commit) shellHook; - }; - }) - // { - overlay = final: prev: { - x509-info = self.packages.${prev.system}.default; - }; + RUST_SRC_PATH = "${toolchain}/lib/rustlib/src/rust/library"; + + nativeBuildInputs = with pkgs; [ ]; + buildInputs = with pkgs; [ + toolchain + rust-analyzer + cargo-outdated + cacert + cargo-audit + nixpkgs-fmt + check.check-rustfmt + check.check-spelling + check.check-nixpkgs-fmt + check.check-semver + ] + ++ lib.optionals (pkgs.stdenv.isDarwin) (with pkgs; [ + libiconv + darwin.apple_sdk.frameworks.Security + ]) + ++ lib.optionals (pkgs.stdenv.isLinux) (with pkgs; [ + checkpolicy + ]); + }; + }); + + checks = forAllSystems ({ system, pkgs, ... }: + let + toolchain = fenixToolchain system; + check = import ./nix/check.nix { inherit pkgs toolchain; }; + in + { + check-rustfmt = pkgs.runCommand "check-rustfmt" { buildInputs = [ check.check-rustfmt ]; } '' + cd ${./.} + check-rustfmt + touch $out + ''; + check-spelling = pkgs.runCommand "check-spelling" { buildInputs = [ check.check-spelling ]; } '' + cd ${./.} + check-spelling + touch $out + ''; + check-nixpkgs-fmt = pkgs.runCommand "check-nixpkgs-fmt" { buildInputs = [ check.check-nixpkgs-fmt ]; } '' + cd ${./.} + check-nixpkgs-fmt + touch $out + ''; + }); + + packages = forAllSystems ({ system, pkgs, ... }: + { + inherit (pkgs) x509-info; + } // nixpkgs.lib.optionalAttrs (system == "x86_64-linux") { + inherit (pkgs) x509-info-static; + default = pkgs.x509-info-static; + } // nixpkgs.lib.optionalAttrs (pkgs.stdenv.isDarwin) { + default = pkgs.x509-info; + }); }; } - |