diff --git a/.woodpecker/debug.yaml b/.woodpecker/debug.yaml index 0076feda..06597a3b 100644 --- a/.woodpecker/debug.yaml +++ b/.woodpecker/debug.yaml @@ -16,7 +16,7 @@ steps: - name: build image: nixpkgs/nix:nixos-22.05 commands: - - nix-build --no-build-output --attr clippy.amd64 --argstr git_version ${CI_COMMIT_TAG:-$CI_COMMIT_SHA} + - nix-build --no-build-output --attr pkgs.amd64.debug --argstr git_version ${CI_COMMIT_TAG:-$CI_COMMIT_SHA} - name: unit + func tests image: nixpkgs/nix:nixos-22.05 @@ -24,7 +24,7 @@ steps: GARAGE_TEST_INTEGRATION_EXE: result-bin/bin/garage GARAGE_TEST_INTEGRATION_PATH: tmp-garage-integration commands: - - nix-build --no-build-output --attr clippy.amd64 --argstr git_version ${CI_COMMIT_TAG:-$CI_COMMIT_SHA} + - nix-build --no-build-output --attr pkgs.amd64.debug --argstr git_version ${CI_COMMIT_TAG:-$CI_COMMIT_SHA} - nix-build --no-build-output --attr test.amd64 - ./result/bin/garage_db-* - ./result/bin/garage_api-* @@ -43,5 +43,5 @@ steps: - name: integration tests image: nixpkgs/nix:nixos-22.05 commands: - - nix-build --no-build-output --attr clippy.amd64 --argstr git_version ${CI_COMMIT_TAG:-$CI_COMMIT_SHA} + - nix-build --no-build-output --attr pkgs.amd64.debug --argstr git_version ${CI_COMMIT_TAG:-$CI_COMMIT_SHA} - nix-shell --attr ci --run ./script/test-smoke.sh || (cat /tmp/garage.log; false) diff --git a/default.nix b/default.nix index 57bc24a5..8ddc0af8 100644 --- a/default.nix +++ b/default.nix @@ -45,11 +45,4 @@ in { ]; }); }; - clippy = { - amd64 = (compile { - inherit system git_version pkgsSrc cargo2nixOverlay; - target = "x86_64-unknown-linux-musl"; - compiler = "clippy"; - }).workspace.garage { compileMode = "build"; }; - }; } diff --git a/nix/compile.nix b/nix/compile.nix index 61955d8a..2755f5be 100644 --- a/nix/compile.nix +++ b/nix/compile.nix @@ -1,4 +1,4 @@ -{ system, target ? null, pkgsSrc, cargo2nixOverlay, compiler ? "rustc" +{ system, target ? null, pkgsSrc, cargo2nixOverlay , release ? false, git_version ? null, features ? null, }: let @@ -24,20 +24,6 @@ let extraRustComponents = [ "clippy" ]; }; - buildEnv = (drv: - { - rustc = drv.setBuildEnv; - clippy = '' - ${drv.setBuildEnv or ""} - echo - echo --- BUILDING WITH CLIPPY --- - echo - - export NIX_RUST_BUILD_FLAGS="''${NIX_RUST_BUILD_FLAGS} --deny warnings" - export RUSTC="''${CLIPPY_DRIVER}" - ''; - }.${compiler}); - /* Cargo2nix provides many overrides by default, you can take inspiration from them: https://github.com/cargo2nix/cargo2nix/blob/master/overlay/overrides.nix @@ -46,9 +32,7 @@ let */ packageOverrides = pkgs: pkgs.rustBuilder.overrides.all ++ [ - /* [1] We add some logic to compile our crates with clippy, it provides us many additional lints - - [2] We need to alter Nix hardening to make static binaries: PIE, + /* [1] We need to alter Nix hardening to make static binaries: PIE, Position Independent Executables seems to be supported only on amd64. Having this flag set either 1. make our executables crash or 2. compile as dynamic on some platforms. Here, we deactivate it. Later (find `codegenOpts`), we reactivate it for supported targets @@ -56,11 +40,11 @@ let PIE is a feature used by ASLR, which helps mitigate security issues. Learn more about Nix Hardening at: https://github.com/NixOS/nixpkgs/blob/master/pkgs/build-support/cc-wrapper/add-hardening.sh - [3] We want to inject the git version while keeping the build deterministic. + [2] We want to inject the git version while keeping the build deterministic. As we do not want to consider the .git folder as part of the input source, we ask the user (the CI often) to pass the value to Nix. - [4] We don't want libsodium-sys and zstd-sys to try to use pkgconfig to build against a system library. + [3] We don't want libsodium-sys and zstd-sys to try to use pkgconfig to build against a system library. However the features to do so get activated for some reason (due to a bug in cargo2nix?), so disable them manually here. */ @@ -68,7 +52,7 @@ let name = "garage"; overrideAttrs = drv: (if git_version != null then { - # [3] + # [2] preConfigure = '' ${drv.preConfigure or ""} export GIT_VERSION="${git_version}" @@ -76,86 +60,21 @@ let } else { }) // { # [1] - setBuildEnv = (buildEnv drv); - # [2] hardeningDisable = [ "pie" ]; }; }) - (pkgs.rustBuilder.rustLib.makeOverride { - name = "garage_rpc"; - overrideAttrs = drv: { # [1] - setBuildEnv = (buildEnv drv); - }; - }) - - (pkgs.rustBuilder.rustLib.makeOverride { - name = "garage_db"; - overrideAttrs = drv: { # [1] - setBuildEnv = (buildEnv drv); - }; - }) - - (pkgs.rustBuilder.rustLib.makeOverride { - name = "garage_util"; - overrideAttrs = drv: { # [1] - setBuildEnv = (buildEnv drv); - }; - }) - - (pkgs.rustBuilder.rustLib.makeOverride { - name = "garage_table"; - overrideAttrs = drv: { # [1] - setBuildEnv = (buildEnv drv); - }; - }) - - (pkgs.rustBuilder.rustLib.makeOverride { - name = "garage_block"; - overrideAttrs = drv: { # [1] - setBuildEnv = (buildEnv drv); - }; - }) - - (pkgs.rustBuilder.rustLib.makeOverride { - name = "garage_model"; - overrideAttrs = drv: { # [1] - setBuildEnv = (buildEnv drv); - }; - }) - - (pkgs.rustBuilder.rustLib.makeOverride { - name = "garage_api"; - overrideAttrs = drv: { # [1] - setBuildEnv = (buildEnv drv); - }; - }) - - (pkgs.rustBuilder.rustLib.makeOverride { - name = "garage_web"; - overrideAttrs = drv: { # [1] - setBuildEnv = (buildEnv drv); - }; - }) - - (pkgs.rustBuilder.rustLib.makeOverride { - name = "k2v-client"; - overrideAttrs = drv: { # [1] - setBuildEnv = (buildEnv drv); - }; - }) - (pkgs.rustBuilder.rustLib.makeOverride { name = "libsodium-sys"; overrideArgs = old: { - features = [ ]; # [4] + features = [ ]; # [3] }; }) (pkgs.rustBuilder.rustLib.makeOverride { name = "zstd-sys"; overrideArgs = old: { - features = [ ]; # [4] + features = [ ]; # [3] }; }) ]; diff --git a/shell.nix b/shell.nix index 7236fdcb..cc06f0fb 100644 --- a/shell.nix +++ b/shell.nix @@ -115,7 +115,7 @@ in shellHook = '' function refresh_cache { pass show deuxfleurs/nix_priv_key > /tmp/nix-signing-key.sec - for attr in clippy.amd64 test.amd64 pkgs.{amd64,i386,arm,arm64}.release; do + for attr in pkgs.amd64.debug test.amd64 pkgs.{amd64,i386,arm,arm64}.release; do echo "Updating cache for ''${attr}" nix copy -j8 \ --to 's3://nix?endpoint=garage.deuxfleurs.fr®ion=garage&secret-key=/tmp/nix-signing-key.sec' \