Skip to content

Instantly share code, notes, and snippets.

@ldesgoui
Last active September 7, 2020 13:20
Show Gist options
  • Save ldesgoui/36e89a33b78f80afa439042d066705ea to your computer and use it in GitHub Desktop.
Save ldesgoui/36e89a33b78f80afa439042d066705ea to your computer and use it in GitHub Desktop.
{ sources ? import ./sources.nix # using niv
}:
let
pkgs = import sources.nixpkgs {};
rust-pkgs = import "${sources.nixpkgs-mozilla}/rust-overlay.nix" (pkgs // rust-pkgs) pkgs;
naersk = pkgs.callPackage sources.naersk {
cargo = rust-pkgs.latest.rustChannels.nightly.cargo;
rustc = rust-pkgs.latest.rustChannels.stable.rust;
};
program = naersk.buildPackage {
src = ../.;
nativeBuildInputs = [ pkgs.pkg-config ];
buildInputs = [ pkgs.openssl ];
};
docker-program = pkgs.dockerTools.buildLayeredImage {
name = "program";
tag = program.version;
contents = [ program pkgs.cacert ];
};
# --- here is the interesting part --
# we copy the binary built by cargo during development
# this was built with cargo and dependencies provided by devShell
# if it wasn't, the docker image would not function
# the reason for all this is to be able to quickly bake docker images via nix
# and shoot them with skopeo
program-incremental = pkgs.runCommand "program-0.1.0" {} ''
mkdir -p $out/bin
cp ${../target/debug/program} $out/bin/program
'';
docker-program-incremental = pkgs.dockerTools.buildLayeredImage {
name = "program";
tag = "dev";
contents = [ program-incremental pkgs.openssl pkgs.cacert ];
};
in
{
inherit
program
docker-program
program-incremental
docker-program-incremental
;
devShell = pkgs.mkShell {
buildInputs = [
pkgs.nixpkgs-fmt
pkgs.skopeo
rust-pkgs.latest.rustChannels.stable.rust
pkgs.openssl pkgs.pkg-config
];
};
ci = {
inherit
program
docker-program
;
};
}
@Rizary
Copy link

Rizary commented Sep 3, 2020

Ah yeah, Cargo. is incremental build in this code suited for a development environment or also production?

@ldesgoui
Copy link
Author

ldesgoui commented Sep 3, 2020

The -incremental builds should only be used for development but mainly because they're debug builds, it should be easy to create a version where release binaries are copied over instead, assuming they remain somewhat "nix-pure" (all dependencies used were injected in the dev shell)
What would be best is producing program and program-image in CI and using those for deployments

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment