cy/nixcp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: cy:76e6c6c537a1ec1d126ef1afd41b00cc29459969
Branches Tags
cy:main
cy:test-in-ci
cy:2025-04-15
cy:2025-04-12
...
compare: cy:885a49701c8f0de204467fcbe0089b67a5cf1c09
Branches Tags
cy:main
cy:test-in-ci
cy:2025-04-15
cy:2025-04-12

9 commits
76e6c6c537 ... 885a49701c

Author SHA1 Message Date
cy
885a49701c add cargo-audit to devshell 2025-05-11 01:57:35 -04:00
cy
139dcf2fe7 use main branch in ci 2025-05-11 01:57:35 -04:00
cy
8ba2c6cc9b cache devshell in ci 2025-05-11 01:57:35 -04:00
cy
ab1fcc8207 run builds on mac 2025-05-11 01:28:56 -04:00
cy
a995716212 pin workflows by sha 2025-05-11 01:05:44 -04:00
cy
2b52792959 add flake check workflow 2025-05-11 01:02:39 -04:00
cy
112654f448 add flake checks and formatter, run some formatters 2025-05-11 00:56:15 -04:00
cy
ce0e70f95a add option to disable cache.nixos.org 2025-05-11 00:21:58 -04:00
cy
68df59ad25 use & instead of as_slice() 2025-05-11 00:02:38 -04:00
9 changed files with 103 additions and 40 deletions
Download patch file Download diff file Expand all files Collapse all files

24
.github/workflows/build.yml vendored
View file

@ -18,6 +18,9 @@ jobs:
os:
- ubuntu-latest
- ubuntu-24.04-arm
- macos-latest # arm64
- macos-13 # x86
runs-on: ${{ matrix.os }}
steps:
@ -25,7 +28,7 @@ jobs:
run: echo -n "${{ secrets.NIX_CACHE_SECRET_KEY }}" | xxd -p -r > ${{ runner.temp }}/cache-priv-key.pem
- name: Install Nix
uses: cachix/install-nix-action@v30
uses: cachix/install-nix-action@526118121621777ccd86f79b04685a9319637641
with:
enable_kvm: true
extra_nix_config: |
@ -35,17 +38,26 @@ jobs:
extra-substituters = https://nixcache.cy7.sh
extra-trusted-public-keys = nixcache.cy7.sh:DN3d1dt0wnXfTH03oVmTee4KgmdNdB0NY3SuzA8Fwx8=
- name: Sync repository
uses: actions/checkout@v4
- uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2
with:
persist-credentials: false
- run: nix build -L .
- name: cache devshell
run: |
nix build .#devShells.$(nix eval --impure --raw --expr 'builtins.currentSystem').default
nix run \
github:cything/nixcp -- push \
--bucket nixcache \
--signing-key ${{ runner.temp }}/cache-priv-key.pem \
result
- name: build
run: nix build -L .
- name: cache
run: |
nix run \
github:cything/nixcp/test-in-ci -- push \
github:cything/nixcp -- push \
--bucket nixcache \
--signing-key ${{ runner.temp }}/cache-priv-key.pem \
result
@ -54,7 +66,7 @@ jobs:
run: nix run github:nixos/nixpkgs#gnutar hcvf result.tar result
- name: upload result
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@6027e3dd177782cd8ab9af838c04fd81a07f1d47
with:
name: ${{ matrix.os }}.tar
path: result.tar

27
.github/workflows/check.yml vendored Normal file
View file

@ -0,0 +1,27 @@
name: check
on:
workflow_dispatch:
push:
pull_request:
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Install Nix
uses: cachix/install-nix-action@526118121621777ccd86f79b04685a9319637641
with:
enable_kvm: true
extra_nix_config: |
show-trace = true
experimental-features = nix-command flakes
extra-substituters = https://nixcache.cy7.sh
extra-trusted-public-keys = nixcache.cy7.sh:DN3d1dt0wnXfTH03oVmTee4KgmdNdB0NY3SuzA8Fwx8=
- uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2
with:
persist-credentials: false
- name: Run checks
run: nix flake check -L

6
.github/workflows/test.yml vendored
View file

@ -13,7 +13,7 @@ jobs:
steps:
- name: Install Nix
uses: cachix/install-nix-action@v30
uses: cachix/install-nix-action@526118121621777ccd86f79b04685a9319637641
with:
enable_kvm: true
extra_nix_config: |
@ -22,7 +22,9 @@ jobs:
extra-substituters = https://nixcache.cy7.sh
extra-trusted-public-keys = nixcache.cy7.sh:DN3d1dt0wnXfTH03oVmTee4KgmdNdB0NY3SuzA8Fwx8=
- uses: actions/checkout@v4
- uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2
with:
persist-credentials: false
- name: Run tests
run: nix develop -c cargo test --verbose

4
README.md
View file

@ -30,8 +30,8 @@ Options:
If unspecified, will get it form AWS_DEFAULT_REGION envar or default to us-east-1
--endpoint <ENDPOINT>
If unspecifed, will get it from AWS_ENDPOINT envar e.g. https://s3.example.com
--skip-signature-check
--no-default-upstream
Do not include cache.nixos.org as upstream
-h, --help
Print help
```

51
flake.nix
View file

@ -11,8 +11,15 @@
};
};
outputs = inputs@{ nixpkgs, flake-utils, crane, ... }:
flake-utils.lib.eachDefaultSystem (system:
outputs =
inputs@{
nixpkgs,
flake-utils,
crane,
...
}:
flake-utils.lib.eachDefaultSystem (
system:
let
pkgs = import nixpkgs {
inherit system;
@ -21,13 +28,12 @@
];
};
toolchain = pkgs.rust-bin.fromRustupToolchainFile ./rust-toolchain.toml;
craneLib = (crane.mkLib pkgs).overrideToolchain(_: toolchain);
craneLib = (crane.mkLib pkgs).overrideToolchain (_: toolchain);
lib = pkgs.lib;
# don't clean cpp files
cppFilter = path: _type: builtins.match ".*(cpp|hpp)$" path != null;
cppOrCargo = path: type:
(cppFilter path type) || (craneLib.filterCargoSources path type);
cppOrCargo = path: type: (cppFilter path type) || (craneLib.filterCargoSources path type);
src = lib.cleanSourceWith {
src = ./.;
filter = cppOrCargo;
@ -48,16 +54,38 @@
];
# for cpp bindings to work
NIX_INCLUDE_PATH = "${lib.getDev pkgs.nix}/include";
# skip integration tests (they need a connection to the nix store)
cargoTestExtraArgs = "--bins";
# skip integration tests (they need a connection to the nix store)
cargoTestExtraArgs = "--bins";
};
cargoArtifacts = craneLib.buildDepsOnly commonArgs;
nixcp = craneLib.buildPackage (commonArgs // {
inherit cargoArtifacts;
});
nixcp = craneLib.buildPackage (
commonArgs
// {
inherit cargoArtifacts;
}
);
in
{
checks = {
# clippy with all warnings denied
clippy = craneLib.cargoClippy (
commonArgs
// {
inherit cargoArtifacts;
cargoClippyExtraArgs = "--all-targets -- --deny warnings";
}
);
# check formatting
cargoFmt = craneLib.cargoFmt {
inherit src;
};
tomlFmt = craneLib.taploFmt {
src = lib.sources.sourceFilesBySuffices src [ ".toml" ];
};
};
devShells.default = craneLib.devShell {
inputsFrom = [ nixcp ];
@ -68,9 +96,12 @@
packages = with pkgs; [
tokio-console
cargo-udeps
cargo-audit
];
};
formatter = pkgs.nixfmt-rfc-style;
packages.default = nixcp;
}
);

7
rust-toolchain.toml
View file

@ -1,9 +1,4 @@
[toolchain]
channel = "nightly"
profile = "minimal"
components = [
"rust-src",
"rust-analyzer",
"rustfmt",
"clippy",
]
components = ["rust-src", "rust-analyzer", "rustfmt", "clippy"]

2
src/cli.rs
View file

@ -1,2 +0,0 @@

4
src/lib.rs
View file

@ -3,7 +3,6 @@ use std::path::PathBuf;
use clap::{Args, Parser, Subcommand};
mod bindings;
mod cli;
pub mod make_nar;
pub mod path_info;
pub mod push;
@ -55,8 +54,9 @@ pub struct PushArgs {
#[arg(long)]
endpoint: Option<String>,
/// Do not include cache.nixos.org as upstream
#[arg(long)]
skip_signature_check: bool,
no_default_upstream: bool,
/// Path to upload
/// e.g. ./result or /nix/store/y4qpcibkj767szhjb58i2sidmz8m24hb-hello-2.12.1

18
src/push.rs
View file

@ -1,7 +1,6 @@
use std::{
collections::HashSet,
fs,
iter::once,
path::PathBuf,
sync::{
Arc,
@ -39,11 +38,13 @@ pub struct Push {
impl Push {
pub async fn new(cli: &PushArgs, store: Store) -> Result<Self> {
let mut upstreams = Vec::with_capacity(cli.upstreams.len() + 1);
for upstream in cli
.upstreams
.iter()
.chain(once(&"https://cache.nixos.org".to_string()))
{
if !cli.no_default_upstream {
upstreams.push(
Url::parse("https://cache.nixos.org")
.expect("default upstream must be a valid url"),
);
}
for upstream in &cli.upstreams {
upstreams
.push(Url::parse(upstream).context(format!("failed to parse {upstream} as url"))?);
}
@ -132,10 +133,7 @@ impl Push {
let inflight_permits = inflight_permits.clone();
tokio::spawn(async move {
let _permit = inflight_permits.acquire().await.unwrap();
if !path
.check_upstream_hit(self.upstream_caches.as_slice())
.await
{
if !path.check_upstream_hit(&self.upstream_caches).await {
if path.check_if_already_exists(&self.s3).await {
debug!("skip {} (already exists)", path.absolute_path());
self.already_exists_count.fetch_add(1, Ordering::Relaxed);