project: perform clippy/rustfmt checking via a higher order derivation transformer
Instead of patching the derivation in-place via flags, we just have a higher order function that takes the Rust package derivation and override it into a Rustfmt / Clippy oriented derivation: it turns off checks and adds its required dependencies.
This commit is contained in:
parent
5b22893473
commit
b77ef07cec
48
flake.nix
48
flake.nix
|
@ -62,12 +62,14 @@
|
|||
uefiPkgs = import nixpkgs {
|
||||
inherit system;
|
||||
crossSystem = {
|
||||
config = "${pkgs.hostPlatform.linuxArch}-windows";
|
||||
rustc.config = "${pkgs.hostPlatform.linuxArch}-unknown-uefi";
|
||||
# linuxArch is wrong here, it will yield arm64 instead of aarch64.
|
||||
config = "${pkgs.hostPlatform.qemuArch}-windows";
|
||||
rustc.config = "${pkgs.hostPlatform.qemuArch}-unknown-uefi";
|
||||
libc = null;
|
||||
useLLVM = true;
|
||||
};
|
||||
};
|
||||
utils = import ./nix/packages/utils.nix;
|
||||
|
||||
inherit (pkgs) lib;
|
||||
|
||||
|
@ -100,26 +102,28 @@
|
|||
|
||||
overlayAttrs = { inherit (config.packages) tool; };
|
||||
|
||||
checks = let
|
||||
nixosLib = import (pkgs.path + "/nixos/lib") { };
|
||||
runTest = module:
|
||||
nixosLib.runTest {
|
||||
imports = [ module ];
|
||||
hostPkgs = pkgs;
|
||||
};
|
||||
in {
|
||||
toolFmt = (tool.override { enableFmt = true; });
|
||||
stubFmt = (stub.override { enableFmt = true; });
|
||||
toolClippy = (tool.override { enableLint = true; });
|
||||
stubClippy = (stub.override { enableLint = true; });
|
||||
fatStubClippy = (fatStub.override { enableLint = true; });
|
||||
} // (import ./nix/tests/lanzaboote.nix {
|
||||
inherit pkgs;
|
||||
lanzabooteModule = self.nixosModules.lanzaboote;
|
||||
}) // (import ./nix/tests/stub.nix {
|
||||
inherit pkgs runTest;
|
||||
ukiModule = self.nixosModules.uki;
|
||||
});
|
||||
checks =
|
||||
let
|
||||
nixosLib = import (pkgs.path + "/nixos/lib") { };
|
||||
runTest = module:
|
||||
nixosLib.runTest {
|
||||
imports = [ module ];
|
||||
hostPkgs = pkgs;
|
||||
};
|
||||
in
|
||||
{
|
||||
stubFmt = uefiPkgs.callPackage (utils.rustfmt stub) { };
|
||||
toolFmt = pkgs.callPackage (utils.rustfmt tool) { };
|
||||
toolClippy = pkgs.callPackage (utils.clippy tool) { };
|
||||
stubClippy = uefiPkgs.callPackage (utils.clippy stub) { };
|
||||
fatStubClippy = uefiPkgs.callPackage (utils.clippy fatStub) { };
|
||||
} // (import ./nix/tests/lanzaboote.nix {
|
||||
inherit pkgs;
|
||||
lanzabooteModule = self.nixosModules.lanzaboote;
|
||||
}) // (import ./nix/tests/stub.nix {
|
||||
inherit pkgs runTest;
|
||||
ukiModule = self.nixosModules.uki;
|
||||
});
|
||||
|
||||
pre-commit = {
|
||||
check.enable = true;
|
||||
|
|
|
@ -1,66 +1,29 @@
|
|||
{ rust, rustPlatform, clippy, rustfmt, stdenv, lib, runCommand, enableFmt ? false, enableLint ? false, fatVariant ? false }:
|
||||
{ rustPlatform, stdenv, lib, fatVariant ? false }:
|
||||
|
||||
let
|
||||
targetSpec = rust.toRustTargetSpec stdenv.hostPlatform;
|
||||
targetIsJSON = lib.hasSuffix ".json" targetSpec;
|
||||
shortTarget =
|
||||
if targetIsJSON then
|
||||
(lib.removeSuffix ".json" (builtins.baseNameOf "${targetSpec}"))
|
||||
else targetSpec;
|
||||
in
|
||||
rustPlatform.buildRustPackage
|
||||
({
|
||||
pname = "lanzaboote_stub";
|
||||
version = "0.3.0";
|
||||
src = runCommand "src" { } ''
|
||||
install -D ${../../rust/stub/Cargo.toml} $out/Cargo.toml
|
||||
install -D ${../../rust/stub/Cargo.lock} $out/Cargo.lock
|
||||
cp -r ${../../rust/stub/src} $out/src
|
||||
'';
|
||||
{
|
||||
pname = "lanzaboote_stub";
|
||||
version = "0.3.0";
|
||||
src = lib.cleanSource ../../rust/stub;
|
||||
|
||||
# We don't want the thin code.
|
||||
buildNoDefaultFeatures = true;
|
||||
buildFeatures = if fatVariant then [ "fat" ] else [ "thin" ];
|
||||
|
||||
# We don't want the thin code.
|
||||
buildNoDefaultFeatures = fatVariant;
|
||||
buildFeatures = lib.optional fatVariant "fat";
|
||||
cargoLock = {
|
||||
lockFile = ../../rust/stub/Cargo.lock;
|
||||
};
|
||||
|
||||
cargoLock = {
|
||||
lockFile = ../../rust/stub/Cargo.lock;
|
||||
};
|
||||
# Necessary because our `cc-wrapper` doesn't understand MSVC link options.
|
||||
RUSTFLAGS = "-Clinker=${stdenv.cc.bintools}/bin/${stdenv.cc.targetPrefix}ld.lld -Clinker-flavor=lld-link";
|
||||
# Necessary because otherwise we will get (useless) hardening options in front of
|
||||
# -flavor link which will break the whole command-line processing for the ld.lld linker.
|
||||
hardeningDisable = [ "all" ];
|
||||
|
||||
# Necessary because our `cc-wrapper` doesn't understand MSVC link options.
|
||||
RUSTFLAGS = "-Clinker=${stdenv.cc.bintools}/bin/${stdenv.cc.targetPrefix}ld.lld -Clinker-flavor=lld-link";
|
||||
# Necessary because otherwise we will get (useless) hardening options in front of
|
||||
# -flavor link which will break the whole command-line processing for the ld.lld linker.
|
||||
hardeningDisable = [ "all" ];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Lanzaboote UEFI stub for SecureBoot enablement on NixOS systems";
|
||||
homepage = "https://github.com/nix-community/lanzaboote";
|
||||
license = licenses.mit;
|
||||
platforms = [ "x86_64-windows" "aarch64-windows" "i686-windows" ];
|
||||
};
|
||||
} // lib.optionalAttrs enableLint {
|
||||
buildPhase = ''
|
||||
cargo clippy --target ${shortTarget} --all-features -- -D warnings
|
||||
if grep -R 'dbg!' ./src; then
|
||||
echo "use of dbg macro found in code!"
|
||||
false
|
||||
fi
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
touch $out
|
||||
'';
|
||||
} // lib.optionalAttrs enableFmt {
|
||||
buildPhase = ''
|
||||
echo "checking formatting..."
|
||||
cargo fmt --all -- --check
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
touch $out
|
||||
'';
|
||||
})
|
||||
meta = with lib; {
|
||||
description = "Lanzaboote UEFI stub for SecureBoot enablement on NixOS systems";
|
||||
homepage = "https://github.com/nix-community/lanzaboote";
|
||||
license = licenses.mit;
|
||||
platforms = [ "x86_64-windows" "aarch64-windows" "i686-windows" ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,67 +1,30 @@
|
|||
{ stdenv
|
||||
, systemd
|
||||
{ systemd
|
||||
, binutils-unwrapped
|
||||
, sbsigntool
|
||||
, rustPlatform
|
||||
, lib
|
||||
, runCommand
|
||||
, fetchurl
|
||||
, clippy
|
||||
, rustfmt
|
||||
, path
|
||||
, enableLint ? false
|
||||
, enableFmt ? false
|
||||
}:
|
||||
|
||||
rustPlatform.buildRustPackage
|
||||
({
|
||||
pname = "lanzaboote_tool";
|
||||
version = "0.3.0";
|
||||
src = runCommand "src" { } ''
|
||||
install -D ${../../rust/tool/Cargo.toml} $out/Cargo.toml
|
||||
install -D ${../../rust/tool/Cargo.lock} $out/Cargo.lock
|
||||
cp -r ${../../rust/tool/src} $out/src
|
||||
'';
|
||||
{
|
||||
pname = "lanzaboote_tool";
|
||||
version = "0.3.0";
|
||||
src = lib.cleanSource ../../rust/tool;
|
||||
|
||||
TEST_SYSTEMD = systemd;
|
||||
TEST_SYSTEMD = systemd;
|
||||
|
||||
nativeBuildInputs = lib.optional enableLint clippy ++ lib.optional enableFmt rustfmt;
|
||||
cargoLock = {
|
||||
lockFile = ../../rust/tool/Cargo.lock;
|
||||
};
|
||||
|
||||
cargoLock = {
|
||||
lockFile = ../../rust/tool/Cargo.lock;
|
||||
};
|
||||
nativeCheckInputs = [
|
||||
binutils-unwrapped
|
||||
sbsigntool
|
||||
];
|
||||
|
||||
nativeCheckInputs = [
|
||||
binutils-unwrapped
|
||||
sbsigntool
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Lanzaboote UEFI tooling for SecureBoot enablement on NixOS systems";
|
||||
homepage = "https://github.com/nix-community/lanzaboote";
|
||||
license = licenses.mit;
|
||||
};
|
||||
} // lib.optionalAttrs enableLint {
|
||||
doCheck = false;
|
||||
buildPhase = ''
|
||||
cargo clippy --all-targets --all-features -- -D warnings
|
||||
if grep -R 'dbg!' ./src; then
|
||||
echo "use of dbg macro found in code!"
|
||||
false
|
||||
fi
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
touch $out
|
||||
'';
|
||||
} // lib.optionalAttrs enableFmt {
|
||||
doCheck = false;
|
||||
|
||||
buildPhase = ''
|
||||
echo "checking formatting..."
|
||||
cargo fmt --all -- --check
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
touch $out
|
||||
'';
|
||||
})
|
||||
meta = with lib; {
|
||||
description = "Lanzaboote UEFI tooling for SecureBoot enablement on NixOS systems";
|
||||
homepage = "https://github.com/nix-community/lanzaboote";
|
||||
license = licenses.mit;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -0,0 +1,39 @@
|
|||
{
|
||||
clippy = rustPackage: { lib, rust, clippy }:
|
||||
let
|
||||
targetSpec = rust.toRustTargetSpec rustPackage.stdenv.hostPlatform;
|
||||
inherit (lib) optionalString concatStringsSep;
|
||||
in
|
||||
rustPackage.overrideAttrs (old: {
|
||||
nativeBuildInputs = (old.nativeBuildInputs or [ ]) ++ [ clippy ];
|
||||
|
||||
doCheck = false;
|
||||
|
||||
buildPhase = ''
|
||||
echo "checking via clippy..."
|
||||
cargo clippy --target ${targetSpec} ${optionalString (old.buildNoDefaultFeatures or false) "--no-default-features "}${optionalString ((old.buildFeatures or null) != null) ''--features="${concatStringsSep " " old.buildFeatures}" ''}-- -D warnings
|
||||
if grep -R 'dbg!' ./src; then
|
||||
echo "use of dbg macro found in code!"
|
||||
false
|
||||
fi
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
touch $out
|
||||
'';
|
||||
});
|
||||
rustfmt = rustPackage: { rustfmt }: rustPackage.overrideAttrs (old: {
|
||||
nativeBuildInputs = (old.nativeBuildInputs or [ ]) ++ [ rustfmt ];
|
||||
|
||||
doCheck = false;
|
||||
|
||||
buildPhase = ''
|
||||
echo "checking formatting..."
|
||||
cargo fmt --all -- --check
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
touch $out
|
||||
'';
|
||||
});
|
||||
}
|
Loading…
Reference in New Issue