Last active
September 7, 2020 13:20
-
-
Save ldesgoui/36e89a33b78f80afa439042d066705ea to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { sources ? import ./sources.nix # using niv | |
| }: | |
| let | |
| pkgs = import sources.nixpkgs {}; | |
| rust-pkgs = import "${sources.nixpkgs-mozilla}/rust-overlay.nix" (pkgs // rust-pkgs) pkgs; | |
| naersk = pkgs.callPackage sources.naersk { | |
| cargo = rust-pkgs.latest.rustChannels.nightly.cargo; | |
| rustc = rust-pkgs.latest.rustChannels.stable.rust; | |
| }; | |
| program = naersk.buildPackage { | |
| src = ../.; | |
| nativeBuildInputs = [ pkgs.pkg-config ]; | |
| buildInputs = [ pkgs.openssl ]; | |
| }; | |
| docker-program = pkgs.dockerTools.buildLayeredImage { | |
| name = "program"; | |
| tag = program.version; | |
| contents = [ program pkgs.cacert ]; | |
| }; | |
| # --- here is the interesting part -- | |
| # we copy the binary built by cargo during development | |
| # this was built with cargo and dependencies provided by devShell | |
| # if it wasn't, the docker image would not function | |
| # the reason for all this is to be able to quickly bake docker images via nix | |
| # and shoot them with skopeo | |
| program-incremental = pkgs.runCommand "program-0.1.0" {} '' | |
| mkdir -p $out/bin | |
| cp ${../target/debug/program} $out/bin/program | |
| ''; | |
| docker-program-incremental = pkgs.dockerTools.buildLayeredImage { | |
| name = "program"; | |
| tag = "dev"; | |
| contents = [ program-incremental pkgs.openssl pkgs.cacert ]; | |
| }; | |
| in | |
| { | |
| inherit | |
| program | |
| docker-program | |
| program-incremental | |
| docker-program-incremental | |
| ; | |
| devShell = pkgs.mkShell { | |
| buildInputs = [ | |
| pkgs.nixpkgs-fmt | |
| pkgs.skopeo | |
| rust-pkgs.latest.rustChannels.stable.rust | |
| pkgs.openssl pkgs.pkg-config | |
| ]; | |
| }; | |
| ci = { | |
| inherit | |
| program | |
| docker-program | |
| ; | |
| }; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The
-incrementalbuilds should only be used for development but mainly because they're debug builds, it should be easy to create a version where release binaries are copied over instead, assuming they remain somewhat "nix-pure" (all dependencies used were injected in the dev shell)What would be best is producing
programandprogram-imagein CI and using those for deployments