Rust/flake.nix

186 lines
6.7 KiB
Nix

{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
utils.url = "github:numtide/flake-utils";
naersk = {
url = "github:nix-community/naersk";
inputs.nixpkgs.follows = "nixpkgs";
};
# Used for rust compiler
rust-overlay = {
url = "github:oxalica/rust-overlay";
inputs.nixpkgs.follows = "nixpkgs";
};
# Advisory db from rust-sec
advisory-db = {
url = "github:RustSec/advisory-db";
flake = false;
};
};
description = "Rust Toolchain and Utility Flake";
outputs = { self, nixpkgs, utils, ... }@inputs:
with builtins;
let
sources = fromJSON (readFile ./sources/sources.json);
rustPackageNames = attrNames sources ++ [ "cargo-release" "cargo-deny" ];
# Build the rust packages we'll be using
in (utils.lib.eachDefaultSystem (system: {
packages = let
pkgs = import nixpkgs {
inherit system;
overlays = [ (import inputs.rust-overlay) ];
};
rust = pkgs.rust-bin.stable.latest.default.override {
extensions = [ "llvm-tools-preview" ];
};
naersk-lib = inputs.naersk.lib."${system}".override {
rustc = rust;
cargo = rust;
};
in (mapAttrs (name: source:
naersk-lib.buildPackage {
pname = source.pname;
src = pkgs.fetchCrate source;
buildInputs = with pkgs;
[ pkg-config openssl ] ++ lib.optionals stdenv.isDarwin [
darwin.apple_sdk.frameworks.Security
pkgs.libiconv
darwin.apple_sdk.frameworks.SystemConfiguration
];
}) sources) //
# Packages that naersk has trouble building due to https://github.com/nix-community/naersk/issues/263
{
cargo-release = pkgs.cargo-release;
cargo-deny = pkgs.cargo-deny;
};
})) //
# Now provide our builder functions
{
# Build a rust flake with a single crate
single = { src, crateName, sharedDeps ? (system: [ ])
, sharedNativeDeps ? (system: [ ]), copyBins ? true, copyLibs ? false
, postInstall ? false, }:
utils.lib.eachDefaultSystem (system:
let
pkgs = import nixpkgs {
inherit system;
overlays = [ (import inputs.rust-overlay) ];
};
rust = pkgs.rust-bin.stable.latest.default.override {
extensions = [ "llvm-tools-preview" ];
};
naersk-lib = inputs.naersk.lib."${system}".override {
rustc = rust;
cargo = rust;
};
buildInputs = (sharedDeps pkgs) ++ (with pkgs;
[ openssl ] ++ lib.optionals stdenv.isDarwin [
darwin.apple_sdk.frameworks.Security
pkgs.libiconv
darwin.apple_sdk.frameworks.SystemConfiguration
]);
nativeBuildInputs = (sharedNativeDeps pkgs)
++ (with pkgs; [ pkg-config cmake ]) ++ (with pkgs;
lib.optionals stdenv.isDarwin [ fixDarwinDylibNames ]);
devBase = with pkgs;
[
# Build tools
rust-analyzer
gnuplot
# git tooling
gitFull
pre-commit
git-lfs
git-cliff
# Formatters
nixfmt
python311Packages.mdformat
] ++ buildInputs ++ nativeBuildInputs
# Linux specific tools
++ (lib.optionals pkgs.stdenv.isLinux [
# Profiling
perf-tools
]) ++ map (x: self.packages.${system}.${x}) rustPackageNames;
in rec {
# Main binary
packages.${crateName} = naersk-lib.buildPackage {
pname = "${crateName}";
inherit buildInputs nativeBuildInputs copyBins copyLibs
postInstall;
root = src;
};
# binary + tests
packages.tests.${crateName} = naersk-lib.buildPackage {
pname = "${crateName}";
inherit buildInputs nativeBuildInputs copyBins copyLibs;
root = src;
doCheck = true;
};
# Docs
packages.docs.${crateName} = naersk-lib.buildPackage {
pname = "${crateName}";
inherit buildInputs nativeBuildInputs copyBins copyLibs;
root = src;
dontBuild = true;
doDoc = true;
doDocFail = true;
};
# Set the default package to the main binary
defaultPackage = packages.${crateName};
# CI tasks
packages.lints = {
# lint formatting
format.${crateName} = with import nixpkgs { inherit system; };
stdenv.mkDerivation {
name = "format lint";
src = src;
inherit buildInputs copyBins copyLibs;
nativeBuildInputs = with pkgs;
[ rust-bin.stable.latest.default ] ++ nativeBuildInputs;
dontConfigure = true;
buildPhase = "cargo fmt -- --check";
installPhase = "mkdir -p $out; echo 'done'";
};
# audit against stored advisory db
audit.${crateName} = with import nixpkgs { inherit system; };
stdenv.mkDerivation {
name = "audit lint";
src = src;
inherit buildInputs copyBins copyLibs;
nativeBuildInputs = with pkgs;
[ rust-bin.stable.latest.default ] ++ nativeBuildInputs;
dontConfigure = true;
buildPhase = ''
export HOME=$TMP
mkdir -p ~/.cargo
cp -r ${advisory-db} ~/.cargo/advisory-db
cargo audit -n
'';
installPhase = "mkdir -p $out; echo 'done'";
};
# Clippy
clippy.${crateName} = naersk-lib.buildPackage {
pname = "${crateName}";
root = src;
inherit buildInputs nativeBuildInputs copyBins copyLibs;
cargoTestCommands = (old: [ "cargo $cargo_options clippy" ]);
doCheck = true;
dontBuild = true;
};
};
# Development environments
devShell = pkgs.mkShell {
inputsFrom = builtins.attrValues packages;
buildInputs = [ rust ] ++ devBase ++ buildInputs
++ nativeBuildInputs;
};
});
};
}