diff --git a/.gitignore b/.gitignore index cfe0956..6a84b32 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ result* /.direnv target +/.pre-commit-config.yaml diff --git a/flake.lock b/flake.lock index 49cf414..866e43b 100644 --- a/flake.lock +++ b/flake.lock @@ -59,6 +59,22 @@ "type": "github" } }, + "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": "nixpkgs-lib" @@ -92,6 +108,27 @@ "type": "github" } }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "pre-commit-hooks-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1660459072, + "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1673039641, @@ -126,6 +163,22 @@ "type": "github" } }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1671271954, + "narHash": "sha256-cSvu+bnvN08sOlTBWbBrKaBHQZq8mvk8bgpt0ZJ2Snc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "d513b448cc2a6da2c8803e3c197c9fc7e67b19e3", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-22.05", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs-test": { "locked": { "lastModified": 1671812130, @@ -142,6 +195,32 @@ "type": "github" } }, + "pre-commit-hooks-nix": { + "inputs": { + "flake-compat": "flake-compat_3", + "flake-utils": [ + "flake-utils" + ], + "gitignore": "gitignore", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1672912243, + "narHash": "sha256-QnQeKUjco2kO9J4rBqIBPp5XcOMblIMnmyhpjeaJBYc=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "a4548c09eac4afb592ab2614f4a150120b29584c", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, "root": { "inputs": { "crane": "crane", @@ -150,6 +229,7 @@ "flake-utils": "flake-utils", "nixpkgs": "nixpkgs", "nixpkgs-test": "nixpkgs-test", + "pre-commit-hooks-nix": "pre-commit-hooks-nix", "rust-overlay": "rust-overlay" } }, diff --git a/flake.nix b/flake.nix index c7e3324..87e922a 100644 --- a/flake.nix +++ b/flake.nix @@ -7,6 +7,12 @@ flake-parts.url = "github:hercules-ci/flake-parts"; + pre-commit-hooks-nix = { + url = "github:cachix/pre-commit-hooks.nix"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.flake-utils.follows = "flake-utils"; + }; + # We only have this input to pass it to other dependencies and # avoid having mulitple versions in our dependencies. flake-utils.url = "github:numtide/flake-utils"; @@ -35,6 +41,9 @@ imports = [ # Derive the output overlay automatically from all packages that we define. inputs.flake-parts.flakeModules.easyOverlay + + # Formatting and quality checks. + inputs.pre-commit-hooks-nix.flakeModule ]; flake.nixosModules.lanzaboote = moduleWithSystem ( @@ -146,7 +155,15 @@ lanzabooteModule = self.nixosModules.lanzaboote; }); + pre-commit = { + check.enable = true; + }; + devShells.default = pkgs.mkShell { + shellHook = '' + ${config.pre-commit.installationScript} + ''; + packages = let uefi-run = pkgs.callPackage ./nix/packages/uefi-run.nix { inherit craneLib;