-
Notifications
You must be signed in to change notification settings - Fork 0
/
flake.nix
155 lines (142 loc) · 4.84 KB
/
flake.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
{
description = "CloudExec VPS provisioning helper";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/4ecab3273592f27479a583fb6d975d4aba3486fe"; # v23.05
utils.url = "github:numtide/flake-utils/04c1b180862888302ddfb2e3ad9eaa63afc60cf8"; # v1.0.0
};
outputs = inputs: with inputs;
utils.lib.eachDefaultSystem (system:
let
pkgs = import nixpkgs { inherit system; config.allowUnfree = true; };
pyCommon = {
format = "pyproject";
nativeBuildInputs = with pkgs.python310Packages; [ pythonRelaxDepsHook ];
pythonRelaxDeps = true;
doCheck = false;
};
in
rec {
# Provide some binary packages for selected system types.
packages = rec {
default = cloudexec;
cloudexec = let
version = let
result = builtins.match "([^\n]*).*" (builtins.readFile ./VERSION);
in if result != null then builtins.head result else "unknown";
gitCommit = let
result = builtins.match ".*commit=([^\n]*).*" (builtins.readFile ./VERSION);
in if result != null then builtins.head result else "unknown";
gitDate = let
result = builtins.match ".*date=([^\n]*).*" (builtins.readFile ./VERSION);
in if result != null then builtins.head result else "unknown";
in pkgs.buildGoModule {
pname = "cloudexec";
version = "${version}";
src = ./.;
vendorHash = "sha256-xiiMcjo+hRllttjYXB3F2Ms2gX43r7/qgwxr4THNhsk=";
nativeBuildInputs = [
pkgs.git
pkgs.go_1_20
];
ldflags = [
"-X main.Version=${version}"
"-X main.Commit=${gitCommit}"
"-X main.Date=${gitDate}"
];
};
vscode = pkgs.vscode-with-extensions.override {
vscode = pkgs.vscodium;
vscodeExtensions = with pkgs.vscode-extensions; [
golang.go
jnoortheen.nix-ide
mads-hartmann.bash-ide-vscode
mikestead.dotenv
naumovs.color-highlight
oderwat.indent-rainbow
vscodevim.vim
yzhang.markdown-all-in-one
];
};
solc-select = pkgs.python310Packages.buildPythonPackage (pyCommon // {
pname = "solc-select";
version = "1.0.4";
src = builtins.fetchGit {
url = "git+ssh://[email protected]/crytic/solc-select";
rev = "8072a3394bdc960c0f652fb72e928a7eae3631da";
};
propagatedBuildInputs = with pkgs.python310Packages; [
packaging
setuptools
pycryptodome
];
});
crytic-compile = pkgs.python310Packages.buildPythonPackage (pyCommon // rec {
pname = "crytic-compile";
version = "0.3.5";
src = builtins.fetchGit {
url = "git+ssh://[email protected]/crytic/crytic-compile";
rev = "3a4b0de72ad418b60b9ef8c38d7de31ed39e3898";
};
propagatedBuildInputs = with pkgs.python310Packages; [
cbor2
packages.solc-select
pycryptodome
setuptools
toml
];
});
medusa = pkgs.buildGoModule {
pname = "medusa";
version = "0.1.2"; # from cmd/root.go
src = builtins.fetchGit {
url = "git+ssh://[email protected]/trailofbits/medusa";
rev = "72e9b8586ad93b37ff9063ccf3f5b471f934c264";
};
vendorSha256 = "sha256-IKB8c6oxF5h88FdzUAmNA96BpNo/LIbwzuDCMFsdZNE=";
nativeBuildInputs = [
packages.crytic-compile
pkgs.solc
pkgs.nodejs
];
doCheck = false; # tests require `npm install` which can't run in hermetic build env
};
};
apps = {
default = {
type = "app";
program = "${self.packages.${system}.cloudexec}/bin/cloudexec";
};
};
devShells = {
default = pkgs.mkShell {
buildInputs = with pkgs; [
# misc tools
bashInteractive
shellcheck
packages.vscode
just
trunk-io
# go development
go_1_20
gotools
go-tools
gopls
go-outline
gocode
gopkgs
gocode-gomod
godef
golint
# deployment tools
packer
doctl
curl
# manual testing
packages.medusa
packages.crytic-compile
];
};
};
}
);
}