Skip to content

Commit

Permalink
Merge pull request #124 from MatrixAI/feature-flakes
Browse files Browse the repository at this point in the history 
Flakes Implementation
  • Loading branch information
@tegefaulkes
tegefaulkes authored Feb 19, 2024
2 parents 5a31aba + 00e532c commit 88415e1
Show file tree
Hide file tree
Showing 12 changed files with 325 additions and 213 deletions.
75 changes: 35 additions & 40 deletions .gitlab-ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ check:lint:
needs: []
script:
- >
nix-shell --arg ci true --run $'
nix develop .#ci --command bash -c $'
npm run lint;
npm run lint-shell;
'
Expand All @@ -67,10 +67,7 @@ check:nix-dry:
needs: []
script:
- >
nix-shell --arg ci true --run $'
npmDepsHash="$(prefetch-npm-deps ./package-lock.json)";
nix-build -v -v --dry-run ./release.nix --argstr npmDepsHash "$npmDepsHash";
'
nix build .#docker --dry-run
rules:
# Runs on feature and staging commits and ignores version commits
- if: $CI_COMMIT_BRANCH =~ /^(?:feature.*|staging)$/ && $CI_COMMIT_TITLE !~ /^[0-9]+\.[0-9]+\.[0-9]+(?:-.*[0-9]+)?$/
Expand All @@ -85,7 +82,7 @@ check:test-generate:
needs: []
script:
- >
nix-shell --arg ci true --run $'
nix develop .#ci --command bash -c $'
./scripts/check-test-generate.sh > ./tmp/check-test.yml;
'
artifacts:
Expand Down Expand Up @@ -127,7 +124,7 @@ build:merge:
# Required for `gh pr create`
- git remote add upstream "$GH_PROJECT_URL"
- >
nix-shell --arg ci true --run $'
nix develop .#ci --command bash -c $'
gh pr create \
--head staging \
--base master \
Expand All @@ -152,7 +149,7 @@ build:dist:
needs: []
script:
- >
nix-shell --arg ci true --run $'
nix develop .#ci --command bash -c $'
npm run build --verbose;
'
artifacts:
Expand All @@ -170,7 +167,7 @@ build:platforms-generate:
needs: []
script:
- >
nix-shell --arg ci true --run $'
nix develop .#ci --command bash -c $'
./scripts/build-platforms-generate.sh > ./tmp/build-platforms.yml;
'
artifacts:
Expand Down Expand Up @@ -213,7 +210,7 @@ build:prerelease:
- echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ./.npmrc
- echo 'Publishing library prerelease'
- >
nix-shell --arg ci true --run $'
nix develop .#ci --command bash -c $'
npm publish --tag prerelease --access public;
'
after_script:
Expand All @@ -233,26 +230,24 @@ integration:builds:
script:
- mkdir -p ./builds
- >
nix-shell --arg ci true --run $'
npmDepsHash="$(prefetch-npm-deps ./package-lock.json)";
build_application="$(nix-build \
--max-jobs "$(nproc)" --cores "$(nproc)" \
./release.nix \
--attr application \
--argstr npmDepsHash "$npmDepsHash" \
nix develop .#ci --command bash -c $'
build_application="$(nix build \
--max-jobs "$(nproc)" \
--cores "$(nproc)" \
--print-out-paths \
.#application \
)";
nix-store --export $( \
nix-store --query --requisites "$build_application" \
) | gzip > ./builds/polykey-cli.closure.gz;
builds="$(nix-build \
--max-jobs "$(nproc)" --cores "$(nproc)" \
./release.nix \
--attr docker \
--attr package.linux.x64.elf \
--attr package.windows.x64.exe \
--attr package.macos.x64.macho \
--argstr npmDepsHash "$npmDepsHash" \
--argstr commitHash "$CI_COMMIT_SHA")";
builds="$(nix build \
--max-jobs "$(nproc)" \
--cores "$(nproc)" \
--print-out-paths \
.#docker \
.#packages.x86_64-linux.polykey-cli \
.#packages.x86_64-windows.polykey-cli \
.#packages.x86_64-darwin.polykey-cli;
cp -r $builds ./builds/;
'
artifacts:
Expand Down Expand Up @@ -283,7 +278,7 @@ integration:deployment:
script:
- echo 'Deploying container image to ECR'
- >
nix-shell --arg ci true --run $'
nix develop .#ci --command bash -c $'
aws ecr get-login-password \
| skopeo login \
--username AWS \
Expand All @@ -295,7 +290,7 @@ integration:deployment:
'
- echo 'Waiting for Testnet Deployment'
- >
nix-shell --arg ci true --run $'
nix develop .#ci --command bash -c $'
./scripts/wait-for-deploy.js testnet.polykey.com;
'
after_script:
Expand Down Expand Up @@ -343,7 +338,7 @@ integration:docker:
- docker info
- mkdir $PK_TEST_TMPDIR
- >
nix-shell --arg ci true --run $'
nix develop .#ci --command bash -c $'
image_and_tag="$(docker load --input ./builds/*docker* | cut -d\' \' -f3)";
docker tag "$image_and_tag" "polykey-cli:testtarget";
npm run test tests/integration/docker;
Expand Down Expand Up @@ -433,7 +428,7 @@ integration:prerelease:
script:
- echo 'Publishing application prerelease'
- >
nix-shell --arg ci true --run $'
nix develop .#ci --command bash -c $'
if gh release view "$CI_COMMIT_TAG" --repo "$GH_PROJECT_PATH" >/dev/null; then \
gh release \
upload "$CI_COMMIT_TAG" \
Expand Down Expand Up @@ -461,7 +456,7 @@ integration:prerelease:
'
- echo 'Prereleasing container image'
- >
nix-shell --arg ci true --run $'
nix develop .#ci --command bash -c $'
skopeo login \
--username "$CI_REGISTRY_USER" \
--password "$CI_REGISTRY_PASSWORD" \
Expand Down Expand Up @@ -505,7 +500,7 @@ integration:merge:
GIT_DEPTH: 0
script:
- >
nix-shell --arg ci true --run $'
nix develop .#ci --command bash -c $'
printf "Pipeline Succeeded on ${CI_PIPELINE_ID} for ${CI_COMMIT_SHA}\n\n${CI_PIPELINE_URL}" \
| gh pr comment staging \
--body-file - \
Expand Down Expand Up @@ -545,7 +540,7 @@ release:deployment:branch:
script:
- echo 'Deploying container image to ECR'
- >
nix-shell --arg ci true --run $'
nix develop .#ci --command bash -c $'
aws ecr get-login-password \
| skopeo login \
--username AWS \
Expand All @@ -557,7 +552,7 @@ release:deployment:branch:
'
- echo 'Waiting for Mainnet Deployment'
- >
nix-shell --arg ci true --run $'
nix develop .#ci --command bash -c $'
./scripts/wait-for-deploy.js mainnet.polykey.com;
'
after_script:
Expand Down Expand Up @@ -587,7 +582,7 @@ release:deployment:tag:
script:
- echo 'Deploying container image to ECR'
- >
nix-shell --arg ci true --run $'
nix develop .#ci --command bash -c $'
aws ecr get-login-password \
| skopeo login \
--username AWS \
Expand All @@ -599,7 +594,7 @@ release:deployment:tag:
'
- echo 'Waiting for Mainnet Deployment'
- >
nix-shell --arg ci true --run $'
nix develop .#ci --command bash -c $'
./scripts/wait-for-deploy.js mainnet.polykey.com;
'
after_script:
Expand All @@ -625,7 +620,7 @@ release:docker:
- docker info
- mkdir $PK_TEST_TMPDIR
- >
nix-shell --arg ci true --run $'
nix develop .#ci --command bash -c $'
image_and_tag="$(docker load --input ./builds/*docker* | cut -d\' \' -f3)";
docker tag "$image_and_tag" "polykey-cli:testtarget";
npm run test tests/integration/docker;
Expand Down Expand Up @@ -653,12 +648,12 @@ release:distribution:
- echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ./.npmrc
- echo 'Publishing library'
- >
nix-shell --arg ci true --run $'
nix develop .#ci --command bash -c $'
npm publish --access public;
'
- echo 'Releasing application builds'
- >
nix-shell --arg ci true --run $'
nix develop .#ci --command bash -c $'
gh release \
create "$CI_COMMIT_TAG" \
builds/*.closure.gz \
Expand All @@ -673,7 +668,7 @@ release:distribution:
'
- echo 'Releasing container image'
- >
nix-shell --arg ci true --run $'
nix develop .#ci --command bash -c $'
skopeo login \
--username "$CI_REGISTRY_USER" \
--password "$CI_REGISTRY_PASSWORD" \
Expand Down
52 changes: 41 additions & 11 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,48 +46,78 @@ Have a security issue you want to let us know? You can contact us on our website

Our main website is https://polykey.com

## Flakes

Polykey-CLI uses flakes for its build process. By default Nix does not enable this feature.
To enable it by default, add the following to `~/.config/nix/nix.conf` or `/etc/nix/nix.conf`:

```
experimental-features = nix-command flakes
```

Or if you're on NixOS, you can add it to your flakes system configuration:

```
nix.settings.experimental-features = [ "nix-command" "flakes" ];
```

Alternatively, to enable it temporarily append the following to any nix related commands:

```
--extra-experimental-features flakes
```

## Installation

Note that JavaScript libraries are not packaged in Nix. Only JavaScript applications are.

Building the package:

```sh
npmDepsHash="$(prefetch-npm-deps ./package-lock.json)"
nix-build -E "(import ./pkgs.nix {}).callPackage ./default.nix { npmDepsHash = \"$npmDepsHash\"; }"
nix build .#polykey-cli
```

### Nix/NixOS

Building the releases:

```sh
nix-build ./release.nix --attr application --argstr npmDepsHash "$(prefetch-npm-deps ./package-lock.json)"
nix-build ./release.nix --attr docker --argstr npmDepsHash "$(prefetch-npm-deps ./package-lock.json)"
nix-build ./release.nix --attr package.linux.x64.elf --argstr npmDepsHash "$(prefetch-npm-deps ./package-lock.json)"
nix-build ./release.nix --attr package.windows.x64.exe --argstr npmDepsHash "$(prefetch-npm-deps ./package-lock.json)"
nix-build ./release.nix --attr package.macos.x64.macho --argstr npmDepsHash "$(prefetch-npm-deps ./package-lock.json)"
# Build the packages for your current platform
nix build .#polykey-cli

# You can also specify the platform to build for
nix build .#application
nix build .#docker
nix build .#packages.x86_64-linux.polykey-cli
nix build .#packages.x86_64-windows.polykey-cli
nix build .#packages.x86_64-darwin.polykey-cli
```

Install into Nix user profile:

```sh
nix-env -f ./release.nix --install --attr application --argstr npmDepsHash "$(prefetch-npm-deps ./package-lock.json)"
nix profile install github:MatrixAI/Polykey-CLI
```

The program can be run directly without installing via `nix run`

```sh
nix run . -- agent start
```

### Docker

Install into Docker:

```sh
loaded="$(docker load --input "$(nix-build ./release.nix --attr docker --argstr npmDepsHash "$(prefetch-npm-deps ./package-lock.json)")")"
image="$(cut -d' ' -f3 <<< "$loaded")"
nix build .#docker
image="$(docker load < result | cut -d' ' -f3)"
docker run -it "$image"
```

## Development

Run `nix-shell`, and once you're inside, you can use:
Run `nix develop`, and once you're inside, you can use:

```sh
# install (or reinstall packages from package.json)
Expand Down
38 changes: 0 additions & 38 deletions default.nix
View file

This file was deleted.

Loading

0 comments on commit 88415e1

Please sign in to comment.