lib

common.nix (10144B)

---

 {
   crane,
   lib,
   pkgs,
   toolchains,
 }:
 let
   root = ../..;
   cargoToml = builtins.fromTOML (builtins.readFile ../../Cargo.toml);
   version = cargoToml.workspace.package.version;
   darwinBuildInputs = lib.optionals pkgs.stdenv.isDarwin [
     pkgs.libiconv
   ];
   repoSource = lib.sources.cleanSource root;
   cargoSource = lib.fileset.toSource {
     root = root;
     fileset = lib.fileset.intersection (lib.fileset.fromSource repoSource) (
       lib.fileset.unions [
         ../../Cargo.toml
         ../../Cargo.lock
         ../../README
         ../../rust-toolchain.toml
         ../../contracts
         ../../crates
         ../../tools
       ]
     );
   };
   baseEnv = {
     CARGO_TERM_COLOR = "always";
     LIBCLANG_PATH = "${pkgs.llvmPackages.libclang.lib}/lib";
   }
   // lib.optionalAttrs pkgs.stdenv.isDarwin {
     CC = "clang";
     CXX = "clang++";
     SDKROOT = pkgs.apple-sdk_14.sdkroot;
     MACOSX_DEPLOYMENT_TARGET = pkgs.stdenv.hostPlatform.darwinMinVersion;
   };
   sharedEnv =
     baseEnv
     // {
       PKG_CONFIG_PATH = lib.makeSearchPathOutput "dev" "lib/pkgconfig" stableRuntimeInputs;
     }
     // lib.optionalAttrs pkgs.stdenv.isDarwin {
       LIBRARY_PATH = lib.makeLibraryPath darwinBuildInputs;
     };
   coverageEnv = sharedEnv // {
     RADROOTS_COVERAGE_CARGO = "${toolchains.coverage}/bin/cargo";
   };
   cargoLlvmCov = pkgs.cargo-llvm-cov.overrideAttrs (old: {
     doCheck = false;
     meta = old.meta // {
       broken = false;
     };
   });
   exportEnv =
     env:
     lib.concatStringsSep "\n" (
       lib.mapAttrsToList (name: value: "export ${name}=${lib.escapeShellArg value}") env
     );
   stableRuntimeInputs =
     with pkgs;
     [
       toolchains.stable
       clang
       coreutils
       curl
       findutils
       gawk
       gitMinimal
       gnugrep
       gnumake
       gnused
       jq
       libsodium
       llvmPackages.llvm
       llvmPackages.libclang
       pkg-config
       python3
     ]
     ++ darwinBuildInputs;
   coverageRuntimeInputs = stableRuntimeInputs ++ [
     toolchains.coverage
     cargoLlvmCov
   ];
   releaseRuntimeInputs = coverageRuntimeInputs;
   coreContractCrates = [
     "xtask"
     "radroots_core"
     "radroots_types"
     "radroots_events"
     "radroots_trade"
     "radroots_identity"
     "radroots_replica_db_schema"
     "radroots_events_codec"
     "radroots_nostr_connect"
     "radroots_nostr_signer"
   ];
   coreContractCargoArgs = lib.concatStringsSep " " (map (crate: "-p ${crate}") coreContractCrates);
   craneLib = (crane.mkLib pkgs).overrideToolchain toolchains.stable;
   commonCraneArgs = {
     inherit version;
     pname = "radroots";
     src = cargoSource;
     strictDeps = true;
     nativeBuildInputs = [
       pkgs.pkg-config
       pkgs.clang
       pkgs.llvmPackages.libclang
     ];
     buildInputs = [
       pkgs.libsodium
     ]
     ++ darwinBuildInputs;
     inherit (sharedEnv)
       CARGO_TERM_COLOR
       LIBCLANG_PATH
       PKG_CONFIG_PATH
       ;
   };
   cargoArtifacts = craneLib.buildDepsOnly commonCraneArgs;
   xtaskPackage = craneLib.buildPackage (
     commonCraneArgs
     // {
       inherit cargoArtifacts;
       pname = "xtask";
       cargoExtraArgs = "-p xtask";
       doCheck = false;
     }
   );
   initGitRepo = ''
     git init -q .
     git config user.email "nix-check@example.invalid"
     git config user.name "nix check"
     git add -A .
   '';
   mkRepoCheck =
     {
       name,
       runtimeInputs,
       command,
       env ? sharedEnv,
       initGit ? false,
       linuxOnly ? false,
     }:
     if linuxOnly && !pkgs.stdenv.isLinux then
       null
     else
       pkgs.runCommand name { nativeBuildInputs = runtimeInputs; } ''
         export HOME="$TMPDIR/home"
         mkdir -p "$HOME"
 
         cp -R ${repoSource} "$TMPDIR/repo"
         chmod -R u+w "$TMPDIR/repo"
         cd "$TMPDIR/repo"
         export RADROOTS_WORKSPACE_ROOT="$PWD"
 
         ${exportEnv env}
         ${lib.optionalString initGit initGitRepo}
 
         ${command}
 
         touch "$out"
       '';
   ensureRepoRoot = ''
     if [ ! -f Cargo.toml ] || [ ! -f flake.nix ]; then
       echo "run this command from the radroots workspace checkout" >&2
       exit 1
     fi
     export RADROOTS_WORKSPACE_ROOT="$PWD"
   '';
   checkCommand = ''
     cargo check --workspace
   '';
   contractCommand = ''
     cargo run -q -p xtask -- hygiene forbidden-identifiers
     cargo check -q ${coreContractCargoArgs}
     cargo test -q ${coreContractCargoArgs}
     cargo run -q -p xtask -- contract validate
   '';
   releasePreflightCommand = ''
     cargo check -q
     env -u RADROOTS_MOUNTED_RUST_CRATE_PUBLISH_POLICY cargo test -q -p xtask
     cargo run -q -p xtask -- contract validate
 
     required_file="$(mktemp)"
     trap 'rm -f "$required_file"' EXIT
     cargo run -q -p xtask -- coverage required-crates > "$required_file"
 
     rm -rf target/coverage
     mkdir -p target/coverage
 
     while IFS= read -r crate; do
       [ -n "$crate" ] || continue
       safe_crate="''${crate//-/_}"
       out_dir="target/coverage/''${safe_crate}"
       mkdir -p "$out_dir"
 
       cargo run -q -p xtask -- coverage run-crate --crate "$crate" --out "$out_dir"
       cargo run -q -p xtask -- coverage report \
         --scope "$crate" \
         --summary "$out_dir/coverage-summary.json" \
         --lcov "$out_dir/coverage-lcov.info" \
         --out "$out_dir/gate-report.json" \
         --policy-gate
     done < "$required_file"
 
     cargo run -q -p xtask -- coverage refresh-summary \
       --reports-root target/coverage \
       --out target/coverage/coverage-refresh.tsv \
       --status-out target/coverage/coverage-refresh-status.tsv
 
     cargo run -q -p xtask -- release preflight
     echo "release preflight complete"
   '';
   coverageReportCommand = ''
         rm -rf target/coverage-report
         mkdir -p target/coverage-report
         : > target/coverage-report/coverage-report-status.txt
 
         workspace_crates_file="$(mktemp)"
         required_crates_file="$(mktemp)"
         trap 'rm -f "$workspace_crates_file" "$required_crates_file"' EXIT
 
         cargo run -q -p xtask -- coverage workspace-crates > "$workspace_crates_file"
         while IFS= read -r crate; do
           [ -n "''${crate}" ] || continue
           safe_crate="''${crate//-/_}"
           run_dir="target/coverage-report/''${safe_crate}"
           mkdir -p "''${run_dir}"
           status="ok"
 
           if ! cargo run -q -p xtask -- coverage run-crate --crate "''${crate}" --out "''${run_dir}"; then
             status="run-failed"
           fi
 
           if [ "''${status}" = "ok" ] && ! cargo run -q -p xtask -- coverage report \
             --scope "''${crate}" \
             --summary "''${run_dir}/coverage-summary.json" \
             --lcov "''${run_dir}/coverage-lcov.info" \
             --out "''${run_dir}/coverage-gate-summary.json" \
             --fail-under-exec-lines 0 \
             --fail-under-functions 0 \
             --fail-under-regions 0 \
             --fail-under-branches 0; then
             status="report-failed"
           fi
 
           if [ "''${status}" != "ok" ]; then
             cat > "''${run_dir}/coverage-gate-summary.json" <<EOF
             {
               "scope": "''${crate}",
               "thresholds": {
                 "executable_lines": 0,
                 "functions": 0,
                 "regions": 0,
                 "branches": 0,
                 "branches_required": false
               },
               "measured": {
                 "executable_lines_percent": 0,
                 "executable_lines_source": "da",
                 "functions_percent": 0,
                 "branches_percent": null,
                 "branches_available": false,
                 "summary_lines_percent": 0,
                 "summary_regions_percent": 0
               },
               "counts": {
                 "executable_lines": {
                   "covered": 0,
                   "total": 0
                 },
                 "branches": {
                   "covered": 0,
                   "total": 0
                 }
               },
               "result": {
                 "pass": false,
                 "fail_reasons": [
                   "''${status}"
                 ]
               }
             }
     EOF
           fi
 
           echo "''${crate}:''${status}" >> target/coverage-report/coverage-report-status.txt
         done < "$workspace_crates_file"
 
         cargo run -q -p xtask -- coverage required-crates > "$required_crates_file"
         while IFS= read -r crate; do
           [ -n "''${crate}" ] || continue
           safe_crate="''${crate//-/_}"
           crate_dir="target/coverage-report/''${safe_crate}"
           crate_status="$(awk -F: -v crate="''${crate}" '$1 == crate { status = $2 } END { print status }' target/coverage-report/coverage-report-status.txt)"
 
           if [ ! -f "''${crate_dir}/coverage-summary.json" ] || [ ! -f "''${crate_dir}/coverage-lcov.info" ]; then
             fail_reason="missing-coverage-artifacts"
             if [ -n "''${crate_status}" ] && [ "''${crate_status}" != "ok" ]; then
               fail_reason="''${crate_status}"
             fi
 
             cargo run -q -p xtask -- coverage report-missing \
               --scope "''${crate}" \
               --out "''${crate_dir}/coverage-gate-blocking.json" \
               --reason "''${fail_reason}"
             continue
           fi
 
           cargo run -q -p xtask -- coverage report \
             --scope "''${crate}" \
             --summary "''${crate_dir}/coverage-summary.json" \
             --lcov "''${crate_dir}/coverage-lcov.info" \
             --out "''${crate_dir}/coverage-gate-blocking.json" \
             --policy-gate
         done < "$required_crates_file"
   '';
 in
 {
   inherit
     cargoLlvmCov
     cargoArtifacts
     checkCommand
     commonCraneArgs
     contractCommand
     coverageEnv
     coverageReportCommand
     craneLib
     ensureRepoRoot
     mkRepoCheck
     releasePreflightCommand
     coreContractCargoArgs
     sharedEnv
     version
     xtaskPackage
     ;
 
   exportCoverageEnv = exportEnv coverageEnv;
   exportSharedEnv = exportEnv sharedEnv;
 
   runtimeInputs = {
     stable = stableRuntimeInputs;
     coverage = coverageRuntimeInputs;
     release = releaseRuntimeInputs;
   };
 }