From d34cf4fa8ea5f02eff207bfac38ef9b3eead70e6 Mon Sep 17 00:00:00 2001 From: kilimnik Date: Sat, 4 Mar 2023 14:07:50 +0100 Subject: [PATCH] Add nix flake build --- .github/workflows/main.yml | 40 ++++++++++------ .gitignore | 1 + flake.lock | 27 ++--------- flake.nix | 98 ++++++++++++++++++++++++-------------- 4 files changed, 93 insertions(+), 73 deletions(-) create mode 100644 .gitignore diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 7e178b5..68454c0 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -9,22 +9,34 @@ permissions: contents: write jobs: + test_nix: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: cachix/install-nix-action@v20 + with: + nix_path: nixpkgs=channel:nixos-unstable + - run: nix flake show + - run: nix build ".#packages.x86_64-linux.auth_proxy" + - run: nix build ".#packages.x86_64-linux.vault_plugin" + pre_job: - runs-on: ubuntu-latest - outputs: - should_skip: ${{ steps.skip_check.outputs.should_skip }} - paths_result: ${{ steps.skip_check.outputs.paths_result }} - steps: - - id: skip_check - uses: fkirc/skip-duplicate-actions@v5 - with: - paths_filter: | - app: - paths: - - 'app/**' + needs: test_nix + runs-on: ubuntu-latest + outputs: + should_skip: ${{ steps.skip_check.outputs.should_skip }} + paths_result: ${{ steps.skip_check.outputs.paths_result }} + steps: + - id: skip_check + uses: fkirc/skip-duplicate-actions@v5 + with: + paths_filter: | + app: + paths: + - 'app/**' build: - needs: pre_job + needs: [pre_job, test_nix] name: Build and Release environment: Deploy runs-on: ubuntu-latest @@ -40,7 +52,7 @@ jobs: - uses: actions/setup-go@v3 with: - go-version: '^1.18.0' + go-version: "^1.18.0" - uses: actions/checkout@v3 with: diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e2f5dd2 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +result \ No newline at end of file diff --git a/flake.lock b/flake.lock index be40e14..9040fb4 100644 --- a/flake.lock +++ b/flake.lock @@ -15,29 +15,13 @@ "type": "github" } }, - "nixpkgs-master": { + "nixpkgs": { "locked": { - "lastModified": 1671743101, - "narHash": "sha256-7OB8hAGT5MxeYGwXmbIVI3KW2ld+Xt0MySOdY3BooAI=", + "lastModified": 1677676435, + "narHash": "sha256-6FxdcmQr5JeZqsQvfinIMr0XcTyTuR7EXX0H3ANShpQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "372858814dd803d576ca1df8ca6ee58235bdd872", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "master", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-unstable": { - "locked": { - "lastModified": 1671359686, - "narHash": "sha256-3MpC6yZo+Xn9cPordGz2/ii6IJpP2n8LE8e/ebUXLrs=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "04f574a1c0fde90b51bf68198e2297ca4e7cccf4", + "rev": "a08d6979dd7c82c4cef0dcc6ac45ab16051c1169", "type": "github" }, "original": { @@ -50,8 +34,7 @@ "root": { "inputs": { "flake-utils": "flake-utils", - "nixpkgs-master": "nixpkgs-master", - "nixpkgs-unstable": "nixpkgs-unstable" + "nixpkgs": "nixpkgs" } } }, diff --git a/flake.nix b/flake.nix index 0cc363b..efb0334 100644 --- a/flake.nix +++ b/flake.nix @@ -1,48 +1,72 @@ { inputs = { - nixpkgs-master.url = "github:nixos/nixpkgs/master"; - nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; flake-utils.url = "github:numtide/flake-utils"; }; - outputs = { self, flake-utils, nixpkgs-unstable, nixpkgs-master, ... }@inputs: - flake-utils.lib.eachDefaultSystem (system: - let - pkgs-master = nixpkgs-master.legacyPackages.${system}.appendOverlays [ + outputs = { self, flake-utils, nixpkgs, ... }@inputs: + let + outputs = flake-utils.lib.eachDefaultSystem (system: + let + pkgs = import nixpkgs ({ + inherit system; - ]; + overlays = [ + ]; - pkgs = import nixpkgs-unstable ({ - inherit system; + config.allowUnfree = true; + }); + in + { + packages = { + auth_proxy = pkgs.buildGoModule rec { + name = "auth_proxy"; - overlays = [ - ]; + src = ./auth_proxy; - config.allowUnfree = true; - }); + vendorHash = "sha256-skp304q/dO1cBH6LIlrSg1rAoALtOK1wtweC0LJRPyI="; + }; + vault_plugin = pkgs.buildGoModule rec { + name = "vault_plugin"; - in - { - devShell = pkgs.pkgs.mkShell { - - buildInputs = with pkgs; - [ - protobuf - stdenv - go_1_18 - buf - cmake - vault-bin - protoc-gen-go - pkgs-master.protoc-gen-connect-go - ]; - shellHook = '' - export CFLAGS="-I${pkgs.glibc.dev}/include" - export LDFLAGS="-L${pkgs.glibc}/lib" - [ -n "$(go env GOBIN)" ] && export PATH="$(go env GOBIN):''${PATH}" - [ -n "$(go env GOPATH)" ] && export PATH="$(go env GOPATH)/bin:''${PATH}" - ''; - }; - - }); + src = ./vault_plugin; + + vendorHash = "sha256-/6aE5w6Rki1ZIXMX9Ryo4XrGzS/01xZQiWDUROriixs="; + }; + }; + + overlays.default = final: prev: { + zigpkgs = outputs.packages.${prev.system}; + }; + + devShell = pkgs.pkgs.mkShell { + + buildInputs = with pkgs; + [ + protobuf + stdenv + go_1_18 + buf + cmake + vault-bin + protoc-gen-go + pkgs.protoc-gen-connect-go + ]; + shellHook = '' + export CFLAGS="-I${pkgs.glibc.dev}/include" + export LDFLAGS="-L${pkgs.glibc}/lib" + [ -n "$(go env GOBIN)" ] && export PATH="$(go env GOBIN):''${PATH}" + [ -n "$(go env GOPATH)" ] && export PATH="$(go env GOPATH)/bin:''${PATH}" + ''; + }; + + }); + in + outputs + // { + overlays.default = final: prev: { + auth_proxy = outputs.packages.${prev.system}.auth_proxy; + vault_plugin = outputs.packages.${prev.system}.vault_plugin; + }; + }; }