Deuxfleurs
/
garage
42
39
Fork 55
Code Issues 71 Pull Requests 8 Releases 29 Wiki Activity

Apply nixfmt to all .nix files; fix devshell and add it to cache
continuous-integration/drone/push Build is passing Details

This commit is contained in:
Alex 2023-01-26 12:20:12 +01:00
parent 1311742fe0
commit f251b4721f
10 changed files with 551 additions and 521 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
default.nix
View File

@ -1,7 +1,4 @@
{
system ? builtins.currentSystem,
git_version ? null,
}:
{ system ? builtins.currentSystem, git_version ? null, }:
with import ./nix/common.nix;
@ -13,21 +10,20 @@ let
debug = (compile {
inherit system target git_version pkgsSrc cargo2nixOverlay;
release = false;
}).workspace.garage {
compileMode = "build";
};
}).workspace.garage { compileMode = "build"; };
release = (compile {
inherit system target git_version pkgsSrc cargo2nixOverlay;
release = true;
}).workspace.garage {
compileMode = "build";
};
}).workspace.garage { compileMode = "build"; };
});
test = (rustPkgs: pkgs.symlinkJoin {
test = (rustPkgs:
pkgs.symlinkJoin {
name = "garage-tests";
paths = builtins.map (key: rustPkgs.workspace.${key} { compileMode = "test"; }) (builtins.attrNames rustPkgs.workspace);
paths =
builtins.map (key: rustPkgs.workspace.${key} { compileMode = "test"; })
(builtins.attrNames rustPkgs.workspace);
});
in {
@ -55,8 +51,6 @@ in {
inherit system git_version pkgsSrc cargo2nixOverlay;
target = "x86_64-unknown-linux-musl";
compiler = "clippy";
}).workspace.garage {
compileMode = "build";
};
}).workspace.garage { compileMode = "build"; };
};
}

12
flake.nix
View File

@ -1,7 +1,9 @@
{
description = "Garage, an S3-compatible distributed object store for self-hosted deployments";
description =
"Garage, an S3-compatible distributed object store for self-hosted deployments";
inputs.nixpkgs.url = "github:NixOS/nixpkgs/a3073c49bc0163fea6a121c276f526837672b555";
inputs.nixpkgs.url =
"github:NixOS/nixpkgs/a3073c49bc0163fea6a121c276f526837672b555";
inputs.cargo2nix = {
# As of 2022-10-18: two small patches over unstable branch, one for clippy and one to fix feature detection
url = "github:Alexis211/cargo2nix/a7a61179b66054904ef6a195d8da736eaaa06c36";
@ -24,13 +26,11 @@
release = true;
}).workspace.garage { compileMode = "build"; };
};
devShell = ((compile {
devShell = (compile {
inherit system git_version;
pkgsSrc = nixpkgs;
cargo2nixOverlay = cargo2nix.overlays.default;
release = false;
}).workspaceShell {
packages = [ pkgs.rustfmt cargo2nix.packages.${system}.default ];
});
}).workspaceShell { packages = [ pkgs.rustfmt ]; };
});
}

133
nix/build_index.nix
View File

@ -1,6 +1,4 @@
{
path ? "/../aws-list.txt",
}:
{ path ? "/../aws-list.txt", }:
with import ./common.nix;
let
@ -14,11 +12,10 @@ let
=> { name = "latex"; version = "3.14"; }
*/
listToSet = keys: values:
builtins.listToAttrs
(lib.zipListsWith
(a: b: { name = a; value = b; })
keys
values);
builtins.listToAttrs (lib.zipListsWith (a: b: {
name = a;
value = b;
}) keys values);
/* Says if datetime a is more recent than datetime b
@ -27,69 +24,98 @@ let
=> true
*/
cmpDate = a: b:
let da = (builtins.head a.builds).date;
let
da = (builtins.head a.builds).date;
db = (builtins.head b.builds).date;
in
if da == db then (builtins.head a.builds).time > (builtins.head b.builds).time
else da > db;
in if da == db then
(builtins.head a.builds).time > (builtins.head b.builds).time
else
da > db;
/* Pretty platforms */
# Pretty platforms
prettyPlatform = name:
if name == "aarch64-unknown-linux-musl" then "linux/arm64"
else if name == "armv6l-unknown-linux-musleabihf" then "linux/arm"
else if name == "x86_64-unknown-linux-musl" then "linux/amd64"
else if name == "i686-unknown-linux-musl" then "linux/386"
else name;
if name == "aarch64-unknown-linux-musl" then
"linux/arm64"
else if name == "armv6l-unknown-linux-musleabihf" then
"linux/arm"
else if name == "x86_64-unknown-linux-musl" then
"linux/amd64"
else if name == "i686-unknown-linux-musl" then
"linux/386"
else
name;
/* Parsing */
# Parsing
list = builtins.readFile (./. + path);
entries = lib.splitString "\n" list;
elems = builtins.filter
(e: (builtins.length e) == 4)
(map
(x: builtins.filter (e: e != "") (lib.splitString " " x))
entries);
elems = builtins.filter (e: (builtins.length e) == 4)
(map (x: builtins.filter (e: e != "") (lib.splitString " " x)) entries);
keys = [ "date" "time" "size" "path" ];
parsed = map (entry: listToSet keys entry) elems;
subkeys = [ "root" "version" "platform" "binary" ];
builds = map (entry: entry // listToSet subkeys (lib.splitString "/" entry.path) // { url = "https://garagehq.deuxfleurs.fr/" + entry.path; }) parsed;
builds = map (entry:
entry // listToSet subkeys (lib.splitString "/" entry.path) // {
url = "https://garagehq.deuxfleurs.fr/" + entry.path;
}) parsed;
/* Aggregation */
builds_per_version = lib.foldl (acc: v: acc // { ${v.version} = if builtins.hasAttr v.version acc then acc.${v.version} ++ [ v ] else [ v ]; }) {} builds;
# Aggregation
builds_per_version = lib.foldl (acc: v:
acc // {
${v.version} = if builtins.hasAttr v.version acc then
acc.${v.version} ++ [ v ]
else
[ v ];
}) { } builds;
versions = builtins.attrNames builds_per_version;
versions_release = builtins.filter (x: builtins.match "v[0-9]+\.[0-9]+\.[0-9]+(\.[0-9]+)?" x != null) versions;
versions_commit = builtins.filter (x: builtins.match "[0-9a-f]{40}" x != null) versions;
versions_extra = lib.subtractLists (versions_release ++ versions_commit) versions;
versions_release = builtins.filter
(x: builtins.match "v[0-9]+.[0-9]+.[0-9]+(.[0-9]+)?" x != null) versions;
versions_commit =
builtins.filter (x: builtins.match "[0-9a-f]{40}" x != null) versions;
versions_extra =
lib.subtractLists (versions_release ++ versions_commit) versions;
sorted_builds = [
{
name = "Release";
hide = false;
type = "tag";
description = "Release builds are the official builds, they are tailored for productions and are the most tested.";
builds = builtins.sort (a: b: a.version > b.version) (map (x: { version = x; builds = builtins.getAttr x builds_per_version; }) versions_release);
description =
"Release builds are the official builds, they are tailored for productions and are the most tested.";
builds = builtins.sort (a: b: a.version > b.version) (map (x: {
version = x;
builds = builtins.getAttr x builds_per_version;
}) versions_release);
}
{
name = "Extra";
hide = true;
type = "tag";
description = "Extra builds are built on demand to test a specific feature or a specific need.";
builds = builtins.sort cmpDate (map (x: { version = x; builds = builtins.getAttr x builds_per_version; }) versions_extra);
description =
"Extra builds are built on demand to test a specific feature or a specific need.";
builds = builtins.sort cmpDate (map (x: {
version = x;
builds = builtins.getAttr x builds_per_version;
}) versions_extra);
}
{
name = "Development";
hide = true;
type = "commit";
description = "Development builds are built periodically. Use them if you want to test a specific feature that is not yet released.";
builds = builtins.sort cmpDate (map (x: { version = x; builds = builtins.getAttr x builds_per_version; }) versions_commit);
description =
"Development builds are built periodically. Use them if you want to test a specific feature that is not yet released.";
builds = builtins.sort cmpDate (map (x: {
version = x;
builds = builtins.getAttr x builds_per_version;
}) versions_commit);
}
];
json = pkgs.writeTextDir "share/_releases.json" (builtins.toJSON sorted_builds);
json =
pkgs.writeTextDir "share/_releases.json" (builtins.toJSON sorted_builds);
html = pkgs.writeTextDir "share/_releases.html" ''
<!doctype html>
<html>
@ -114,20 +140,29 @@ let
</style>
</head>
<body>
${ builtins.toString (lib.forEach sorted_builds (r: ''
${
builtins.toString (lib.forEach sorted_builds (r: ''
<section>
<h2>${r.name} builds</h2>
<p>${r.description}</p>
${if r.hide then "<details><summary>Show ${r.name} builds</summary>" else ""}
${ builtins.toString (lib.forEach r.builds (x: ''
${
if r.hide then
"<details><summary>Show ${r.name} builds</summary>"
else
""
}
${
builtins.toString (lib.forEach r.builds (x: ''
<h3> ${x.version} (${(builtins.head x.builds).date}) </h3>
<p>See this build on</p>
<p> Binaries:
<ul>
${builtins.toString (lib.forEach x.builds (b: ''
<li><a href="/${b.path}">${prettyPlatform b.platform}</a></li>
<li><a href="/${b.path}">${
prettyPlatform b.platform
}</a></li>
''))}
</ul></p>
<p> Sources:
@ -136,16 +171,22 @@ let
<li><a href="https://git.deuxfleurs.fr/Deuxfleurs/garage/archive/${x.version}.zip">.zip</a></li>
<li><a href="https://git.deuxfleurs.fr/Deuxfleurs/garage/archive/${x.version}.tar.gz">.tar.gz</a></li>
</ul></p>
'')) }
${ if builtins.length r.builds == 0 then "<em>There is no build for this category</em>" else "" }
''))
}
${
if builtins.length r.builds == 0 then
"<em>There is no build for this category</em>"
else
""
}
${if r.hide then "</details>" else ""}
</section>
''))}
''))
}
</body>
</html>
'';
in
pkgs.symlinkJoin {
in pkgs.symlinkJoin {
name = "releases";
paths = [ json html ];
}

11
nix/common.nix
View File

@ -1,10 +1,9 @@
rec {
/*
* Fixed dependencies
*/
# * Fixed dependencies
pkgsSrc = fetchTarball {
# As of 2022-10-13
url = "https://github.com/NixOS/nixpkgs/archive/a3073c49bc0163fea6a121c276f526837672b555.zip";
url =
"https://github.com/NixOS/nixpkgs/archive/a3073c49bc0163fea6a121c276f526837672b555.zip";
sha256 = "1bz632psfbpmicyzjb8b4265y50shylccvfm6ry6mgnv5hvz324s";
};
cargo2nixSrc = fetchGit {
@ -14,9 +13,7 @@ rec {
rev = "a7a61179b66054904ef6a195d8da736eaaa06c36";
};
/*
* Shared objects
*/
# * Shared objects
cargo2nix = import cargo2nixSrc;
cargo2nixOverlay = cargo2nix.overlays.default;
}

141
nix/compile.nix
View File

@ -1,19 +1,10 @@
{
system,
target ? null,
pkgsSrc,
cargo2nixOverlay,
compiler ? "rustc",
release ? false,
git_version ? null,
features ? null,
}:
{ system, target ? null, pkgsSrc, cargo2nixOverlay, compiler ? "rustc"
, release ? false, git_version ? null, features ? null, }:
let
log = v: builtins.trace v v;
pkgs =
if target != null then
pkgs = if target != null then
import pkgsSrc {
inherit system;
crossSystem = {
@ -28,8 +19,7 @@ let
overlays = [ cargo2nixOverlay ];
};
/*
Cargo2nix is built for rustOverlay which installs Rust from Mozilla releases.
/* Cargo2nix is built for rustOverlay which installs Rust from Mozilla releases.
This is fine for 64-bit platforms, but for 32-bit platforms, we need our own Rust
to avoid incompatibilities with time_t between different versions of musl
(>= 1.2.0 shipped by NixOS, < 1.2.0 with which rustc was built), which lead to compilation breakage.
@ -40,8 +30,8 @@ let
In practise, rustOverlay ships rustc+cargo in a single derivation while
NixOS ships them in separate ones. We reunite them with symlinkJoin.
*/
toolchainOptions =
if target == null || target == "x86_64-unknown-linux-musl" || target == "aarch64-unknown-linux-musl" then {
toolchainOptions = if target == null || target == "x86_64-unknown-linux-musl"
|| target == "aarch64-unknown-linux-musl" then {
rustVersion = "1.63.0";
extraRustComponents = [ "clippy" ];
} else {
@ -55,8 +45,8 @@ let
};
};
buildEnv = (drv: {
buildEnv = (drv:
{
rustc = drv.setBuildEnv;
clippy = ''
${drv.setBuildEnv or ""}
@ -69,16 +59,15 @@ let
'';
}.${compiler});
/*
Cargo2nix provides many overrides by default, you can take inspiration from them:
/* Cargo2nix provides many overrides by default, you can take inspiration from them:
https://github.com/cargo2nix/cargo2nix/blob/master/overlay/overrides.nix
You can have a complete list of the available options by looking at the overriden object, mkcrate:
https://github.com/cargo2nix/cargo2nix/blob/master/overlay/mkcrate.nix
*/
packageOverrides = pkgs: pkgs.rustBuilder.overrides.all ++ [
/*
[1] We add some logic to compile our crates with clippy, it provides us many additional lints
packageOverrides = pkgs:
pkgs.rustBuilder.overrides.all ++ [
/* [1] We add some logic to compile our crates with clippy, it provides us many additional lints
[2] We need to alter Nix hardening to make static binaries: PIE,
Position Independent Executables seems to be supported only on amd64. Having
@ -100,103 +89,119 @@ let
name = "garage";
overrideAttrs = drv:
(if git_version != null then {
/* [3] */ preConfigure = ''
# [3]
preConfigure = ''
${drv.preConfigure or ""}
export GIT_VERSION="${git_version}"
'';
} else {})
//
{
/* [1] */ setBuildEnv = (buildEnv drv);
/* [2] */ hardeningDisable = [ "pie" ];
} else
{ }) // {
# [1]
setBuildEnv = (buildEnv drv);
# [2]
hardeningDisable = [ "pie" ];
};
})
(pkgs.rustBuilder.rustLib.makeOverride {
name = "garage_rpc";
overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
overrideAttrs = drv: { # [1]
setBuildEnv = (buildEnv drv);
};
})
(pkgs.rustBuilder.rustLib.makeOverride {
name = "garage_db";
overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
overrideAttrs = drv: { # [1]
setBuildEnv = (buildEnv drv);
};
})
(pkgs.rustBuilder.rustLib.makeOverride {
name = "garage_util";
overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
overrideAttrs = drv: { # [1]
setBuildEnv = (buildEnv drv);
};
})
(pkgs.rustBuilder.rustLib.makeOverride {
name = "garage_table";
overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
overrideAttrs = drv: { # [1]
setBuildEnv = (buildEnv drv);
};
})
(pkgs.rustBuilder.rustLib.makeOverride {
name = "garage_block";
overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
overrideAttrs = drv: { # [1]
setBuildEnv = (buildEnv drv);
};
})
(pkgs.rustBuilder.rustLib.makeOverride {
name = "garage_model";
overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
overrideAttrs = drv: { # [1]
setBuildEnv = (buildEnv drv);
};
})
(pkgs.rustBuilder.rustLib.makeOverride {
name = "garage_api";
overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
overrideAttrs = drv: { # [1]
setBuildEnv = (buildEnv drv);
};
})
(pkgs.rustBuilder.rustLib.makeOverride {
name = "garage_web";
overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
overrideAttrs = drv: { # [1]
setBuildEnv = (buildEnv drv);
};
})
(pkgs.rustBuilder.rustLib.makeOverride {
name = "k2v-client";
overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
overrideAttrs = drv: { # [1]
setBuildEnv = (buildEnv drv);
};
})
(pkgs.rustBuilder.rustLib.makeOverride {
name = "libsodium-sys";
overrideArgs = old: {
features = [ ]; /* [4] */
features = [ ]; # [4]
};
})
(pkgs.rustBuilder.rustLib.makeOverride {
name = "zstd-sys";
overrideArgs = old: {
features = [ ]; /* [4] */
features = [ ]; # [4]
};
})
];
/*
We ship some parts of the code disabled by default by putting them behind a flag.
/* We ship some parts of the code disabled by default by putting them behind a flag.
It speeds up the compilation (when the feature is not required) and released crates have less dependency by default (less attack surface, disk space, etc.).
But we want to ship these additional features when we release Garage.
In the end, we chose to exclude all features from debug builds while putting (all of) them in the release builds.
*/
rootFeatures = if features != null then features else
([
"garage/bundled-libs"
"garage/sled"
"garage/k2v"
] ++ (if release then [
rootFeatures = if features != null then
features
else
([ "garage/bundled-libs" "garage/sled" "garage/k2v" ] ++ (if release then [
"garage/consul-discovery"
"garage/kubernetes-discovery"
"garage/metrics"
"garage/telemetry-otlp"
"garage/lmdb"
"garage/sqlite"
] else []));
] else
[ ]));
packageFun = import ../Cargo.nix;
/*
We compile fully static binaries with musl to simplify deployment on most systems.
/* We compile fully static binaries with musl to simplify deployment on most systems.
When possible, we reactivate PIE hardening (see above).
Also, if you set the RUSTFLAGS environment variable, the following parameters will
@ -207,21 +212,29 @@ let
*/
codegenOpts = {
"armv6l-unknown-linux-musleabihf" = [ "target-feature=+crt-static" "link-arg=-static" ]; /* compile as dynamic with static-pie */
"aarch64-unknown-linux-musl" = [ "target-feature=+crt-static" "link-arg=-static" ]; /* segfault with static-pie */
"i686-unknown-linux-musl" = [ "target-feature=+crt-static" "link-arg=-static" ]; /* segfault with static-pie */
"x86_64-unknown-linux-musl" = [ "target-feature=+crt-static" "link-arg=-static-pie" ];
"armv6l-unknown-linux-musleabihf" = [
"target-feature=+crt-static"
"link-arg=-static"
]; # compile as dynamic with static-pie
"aarch64-unknown-linux-musl" = [
"target-feature=+crt-static"
"link-arg=-static"
]; # segfault with static-pie
"i686-unknown-linux-musl" = [
"target-feature=+crt-static"
"link-arg=-static"
]; # segfault with static-pie
"x86_64-unknown-linux-musl" =
[ "target-feature=+crt-static" "link-arg=-static-pie" ];
};
/*
NixOS and Rust/Cargo triples do not match for ARM, fix it here.
*/
rustTarget = if target == "armv6l-unknown-linux-musleabihf"
then "arm-unknown-linux-musleabihf"
else target;
# NixOS and Rust/Cargo triples do not match for ARM, fix it here.
rustTarget = if target == "armv6l-unknown-linux-musleabihf" then
"arm-unknown-linux-musleabihf"
else
target;
in
pkgs.rustBuilder.makePackageSet ({
in pkgs.rustBuilder.makePackageSet ({
inherit release packageFun packageOverrides codegenOpts rootFeatures;
target = rustTarget;
} // toolchainOptions)

3
nix/kaniko.nix
View File

@ -15,7 +15,8 @@ pkgs.buildGoModule rec {
checkPhase = "true";
meta = with pkgs.lib; {
description = "kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster.";
description =
"kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster.";
homepage = "https://github.com/GoogleContainerTools/kaniko";
license = licenses.asl20;
platforms = platforms.linux;

3
nix/manifest-tool.nix
View File

@ -15,7 +15,8 @@ pkgs.buildGoModule rec {
checkPhase = "true";
meta = with pkgs.lib; {
description = "Command line tool to create and query container image manifest list/indexes";
description =
"Command line tool to create and query container image manifest list/indexes";
homepage = "https://github.com/estesp/manifest-tool";
license = licenses.asl20;
platforms = platforms.linux;

16
nix/toolchain.nix
View File

@ -1,6 +1,4 @@
{
system ? builtins.currentSystem,
}:
{ system ? builtins.currentSystem, }:
with import ./common.nix;
@ -11,7 +9,8 @@ let
#"aarch64-unknown-linux-musl"
"armv6l-unknown-linux-musleabihf"
];
pkgsList = builtins.map (target: import pkgsSrc {
pkgsList = builtins.map (target:
import pkgsSrc {
inherit system;
crossSystem = {
config = target;
@ -24,14 +23,9 @@ let
kaniko = (import ./kaniko.nix) pkgsHost;
winscp = (import ./winscp.nix) pkgsHost;
manifestTool = (import ./manifest-tool.nix) pkgsHost;
in
lib.flatten (builtins.map (pkgs: [
in lib.flatten (builtins.map (pkgs: [
pkgs.rustPlatform.rust.rustc
pkgs.rustPlatform.rust.cargo
pkgs.buildPackages.stdenv.cc
]) pkgsList) ++ [
kaniko
winscp
manifestTool
]
]) pkgsList) ++ [ kaniko winscp manifestTool ]

31
shell.nix
View File

@ -1,6 +1,4 @@
{
system ? builtins.currentSystem,
}:
{ system ? builtins.currentSystem, }:
with import ./nix/common.nix;
@ -13,11 +11,9 @@ let
manifest-tool = (import ./nix/manifest-tool.nix) pkgs;
winscp = (import ./nix/winscp.nix) pkgs;
in
{
/* --- Rust Shell ---
* Use it to compile Garage
*/
in {
# --- Rust Shell ---
# Use it to compile Garage
rust = pkgs.mkShell {
nativeBuildInputs = [
#pkgs.rustPlatform.rust.rustc
@ -33,9 +29,8 @@ in
];
};
/* --- Integration shell ---
* Use it to test Garage with common S3 clients
*/
# --- Integration shell ---
# Use it to test Garage with common S3 clients
integration = pkgs.mkShell {
nativeBuildInputs = [
winscp
@ -52,9 +47,8 @@ in
];
};
/* --- Release shell ---
* A shell built to make releasing easier
*/
# --- Release shell ---
# A shell built to make releasing easier
release = pkgs.mkShell {
shellHook = ''
function refresh_toolchain {
@ -80,7 +74,7 @@ function refresh_cache {
function refresh_flake_cache {
pass show deuxfleurs/nix_priv_key > /tmp/nix-signing-key.sec
for attr in packages.x86_64-linux.default; do
for attr in packages.x86_64-linux.default devShell.x86_64-linux; do
echo "Updating cache for ''${attr}"
derivation=$(nix path-info --derivation ".#''${attr}")
nix copy -j8 \
@ -162,12 +156,7 @@ function refresh_index {
s3://garagehq.deuxfleurs.fr/
}
'';
nativeBuildInputs = [
pkgs.awscli2
kaniko
manifest-tool
];
nativeBuildInputs = [ pkgs.awscli2 kaniko manifest-tool ];
};
}