diff --git a/.github/workflows/ci-nix.yml b/.github/workflows/ci-nix.yml new file mode 100644 index 0000000..0df6ef2 --- /dev/null +++ b/.github/workflows/ci-nix.yml @@ -0,0 +1,47 @@ +name: ci / nix +permissions: + contents: read + pull-requests: read + checks: write +on: + pull_request: + branches: [master] + +jobs: + build: + strategy: + fail-fast: false + matrix: + system: + - aarch64-darwin + - x86_64-linux + nixpkg: + - libsds + - libsds-android-arm64 + - libsds-android-amd64 + - libsds-android-x86 + - libsds-android-arm + + include: + - system: aarch64-darwin + runs_on: [self-hosted, macOS, ARM64] + + - system: x86_64-linux + runs_on: [self-hosted, Linux, X64] + + name: '${{ matrix.system }} / ${{ matrix.nixpkg }}' + runs-on: ${{ matrix.runs_on }} + steps: + - uses: actions/checkout@v4 + with: + submodules: recursive + + - name: 'Run Nix build for ${{ matrix.nixpkg }}' + shell: bash + run: | + nix build -L '.?submodules=1#${{ matrix.nixpkg }}' \ + --print-out-paths --accept-flake-config + + - name: 'Show result contents' + shell: bash + run: find result/ -type f diff --git a/.github/workflows/nix-builds.yml b/.github/workflows/nix-builds.yml deleted file mode 100644 index 4e6e845..0000000 --- a/.github/workflows/nix-builds.yml +++ /dev/null @@ -1,25 +0,0 @@ ---- -name: ci / nix-builds -on: - pull_request: - branches: [master] -jobs: - build: - name: Build Nix Flake packages - runs-on: [self-hosted, Linux] - steps: - - uses: actions/checkout@v4 - with: - submodules: recursive - - - name: Build library - shell: bash - run: | - nix build '.?submodules=1#libsds' \ - --print-out-paths --accept-flake-config - - - name: Build Android library - shell: bash - run: | - nix build '.?submodules=1#libsds-android-arm64' \ - --print-out-paths --accept-flake-config diff --git a/flake.lock b/flake.lock index 1ca4043..cc4a595 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,27 @@ { "nodes": { + "nimbusBuildSystem": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1769685810, + "narHash": "sha256-mANqcQcRXb08ZR8WF6SoyVrL/nXUePtMZfpNx25BlLI=", + "ref": "refs/heads/master", + "rev": "0e7a764edae92b224326b3700f062702489ce2b4", + "revCount": 238, + "submodules": true, + "type": "git", + "url": "file:./vendor/nimbus-build-system" + }, + "original": { + "submodules": true, + "type": "git", + "url": "file:./vendor/nimbus-build-system" + } + }, "nixpkgs": { "locked": { "lastModified": 1757590060, @@ -18,6 +40,7 @@ }, "root": { "inputs": { + "nimbusBuildSystem": "nimbusBuildSystem", "nixpkgs": "nixpkgs" } } diff --git a/flake.nix b/flake.nix index 31743dc..2fca775 100644 --- a/flake.nix +++ b/flake.nix @@ -7,10 +7,17 @@ }; inputs = { + # We are pinning the commit because ultimately we want to use same commit across different projects. + # A commit from nixpkgs 24.11 release : https://github.com/NixOS/nixpkgs/tree/release-24.11 nixpkgs.url = "github:NixOS/nixpkgs?rev=0ef228213045d2cdb5a169a95d63ded38670b293"; + # WARNING: Remember to update commit and use 'nix flake update' to update flake.lock. + nimbusBuildSystem = { + url = "git+file:./vendor/nimbus-build-system?submodules=1"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; - outputs = { self, nixpkgs }: + outputs = { self, nixpkgs, nimbusBuildSystem }: let stableSystems = [ "x86_64-linux" "aarch64-linux" @@ -40,38 +47,36 @@ in rec { packages = forAllSystems (system: let pkgs = pkgsFor.${system}; - targets = builtins.filter - (t: !(pkgs.stdenv.isDarwin && builtins.match "libsds-android.*" t != null)) - [ - "libsds-android-arm64" - "libsds-android-amd64" - "libsds-android-x86" - "libsds-android-arm" - ]; + nim = nimbusBuildSystem.packages.${system}.nim; + + buildTargets = pkgs.callPackage ./nix/default.nix { + inherit stableSystems nim; + src = self; + }; + + skipAndroidOnDarwin = t: !(pkgs.stdenv.isDarwin); + targets = [ + "libsds-android-arm64" + "libsds-android-amd64" + "libsds-android-x86" + "libsds-android-arm" + ]; in rec { # non-Android package - libsds = pkgs.callPackage ./nix/default.nix { - inherit stableSystems; - src = self; - targets = [ "libsds" ]; - }; + libsds = buildTargets.override { targets = [ "libsds" ]; }; default = libsds; } # Generate a package for each target dynamically // builtins.listToAttrs (map (name: { inherit name; - value = pkgs.callPackage ./nix/default.nix { - inherit stableSystems; - src = self; - targets = [ name ]; - }; + value = buildTargets.override { targets = [ name ]; }; }) targets)); - devShells = forAllSystems (system: let - pkgs = pkgsFor.${system}; - in { - default = pkgs.callPackage ./nix/shell.nix { } ; + devShells = forAllSystems (system: { + default = pkgsFor.${system}.callPackage ./nix/shell.nix { + inherit (nimbusBuildSystem.packages.${system}) nim; + }; }); }; diff --git a/nix/default.nix b/nix/default.nix index 945bad5..51386a3 100644 --- a/nix/default.nix +++ b/nix/default.nix @@ -1,14 +1,14 @@ { - config ? {}, - pkgs ? import { }, + pkgs, src ? ../., - targets ? ["libsds-android-arm64"], + # Nimbus-build-system package. + nim ? null, + # Options: 0,1,2 verbosity ? 2, - useSystemNim ? true, - quickAndDirty ? true, - stableSystems ? [ - "x86_64-linux" "aarch64-linux" - ] + # Make targets + targets ? ["libsds-android-arm64"], + # These are the only platforms tested in CI and considered stable. + stableSystems ? ["x86_64-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" "x86_64-windows"], }: assert pkgs.lib.assertMsg ((src.submodules or true) == true) @@ -22,55 +22,49 @@ let containsAndroid = s: (match ".*android.*" s) != null; isAndroidBuild = any containsAndroid targets; - version = substring 0 8 (src.sourceInfo.rev or "dirty"); + tools = callPackage ./tools.nix {}; -in stdenv.mkDerivation rec { + revision = substring 0 8 (src.rev or src.dirtyRev or "00000000"); + version = tools.findKeyValue "^version = \"([a-f0-9.-]+)\"$" ../sds.nimble; + +in stdenv.mkDerivation { pname = "nim-sds"; - inherit src version; + inherit src; + version = "${version}-${revision}"; + + env = { + NIMFLAGS = "-d:disableMarchNative"; + ANDROID_SDK_ROOT = optionalString isAndroidBuild pkgs.androidPkgs.sdk; + ANDROID_NDK_ROOT = optionalString isAndroidBuild pkgs.androidPkgs.ndk; + }; buildInputs = with pkgs; [ - openssl - gmp - zip + openssl gmp zip ]; # Dependencies that should only exist in the build environment. - nativeBuildInputs = let - # Fix for Nim compiler calling 'git rev-parse' and 'lsb_release'. - fakeGit = writeScriptBin "git" "echo ${version}"; - in with pkgs; [ - cmake - which - nim-unwrapped-2_2 - fakeGit + nativeBuildInputs = with pkgs; [ + nim cmake which patchelf ] ++ optionals stdenv.isLinux [ pkgs.lsb-release ]; - ANDROID_SDK_ROOT = optionalString isAndroidBuild pkgs.androidPkgs.sdk; - ANDROID_NDK_ROOT = optionalString isAndroidBuild pkgs.androidPkgs.ndk; - - NIMFLAGS = "-d:disableMarchNative -d:git_revision_override=${version}"; - XDG_CACHE_HOME = "/tmp"; - makeFlags = targets ++ [ "V=${toString verbosity}" + # Built from nimbus-build-system via flake. "USE_SYSTEM_NIM=1" ]; configurePhase = '' - patchShebangs . vendor/nimbus-build-system > /dev/null - make nimbus-build-system-paths + # Avoid /tmp write errors. + export XDG_CACHE_HOME=$TMPDIR/cache + patchShebangs . vendor/nimbus-build-system/scripts make nimbus-build-system-nimble-dir ''; - preBuild = '' - ln -s sds.nimble sds.nims - ''; - installPhase = let androidManifest = '' - + ''; in if isAndroidBuild then '' mkdir -p $out/jni @@ -88,6 +82,6 @@ in stdenv.mkDerivation rec { description = "Nim implementation of the e2e reliability protocol"; homepage = "https://github.com/status-im/nim-sds"; license = licenses.mit; - platforms = ["x86_64-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" "x86_64-windows"]; + platforms = stableSystems; }; } diff --git a/nix/shell.nix b/nix/shell.nix index fe94d89..53b0663 100644 --- a/nix/shell.nix +++ b/nix/shell.nix @@ -1,27 +1,27 @@ { pkgs ? import { }, + nim ? null, }: + let inherit (pkgs) lib stdenv; - /* No Android SDK for Darwin aarch64. */ - isMacM1 = stdenv.isDarwin && stdenv.isAarch64; in pkgs.mkShell { - inputsFrom = lib.optionals (!isMacM1) [ + inputsFrom = [ pkgs.androidShell ]; buildInputs = with pkgs; [ + nim which git cmake - nim-unwrapped-2_2 ] ++ lib.optionals stdenv.isDarwin [ pkgs.libiconv ]; # Avoid compiling Nim itself. shellHook = '' - export MAKEFLAGS='USE_SYSTEM_NIM=1' + export USE_SYSTEM_NIM=1 ''; } diff --git a/nix/tools.nix b/nix/tools.nix new file mode 100644 index 0000000..108d386 --- /dev/null +++ b/nix/tools.nix @@ -0,0 +1,15 @@ +{ pkgs ? import { } }: + +let + + inherit (pkgs.lib) fileContents last splitString flatten remove; + inherit (builtins) map match; +in { + findKeyValue = regex: sourceFile: + let + linesFrom = file: splitString "\n" (fileContents file); + matching = regex: lines: map (line: match regex line) lines; + extractMatch = matches: last (flatten (remove null matches)); + in + extractMatch (matching regex (linesFrom sourceFile)); +} diff --git a/vendor/nimbus-build-system b/vendor/nimbus-build-system index 0be0663..0e7a764 160000 --- a/vendor/nimbus-build-system +++ b/vendor/nimbus-build-system @@ -1 +1 @@ -Subproject commit 0be0663e1af76e869837226a4ef3e586fcc737d3 +Subproject commit 0e7a764edae92b224326b3700f062702489ce2b4