Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use nixfmt nix formatter #144

Merged
merged 2 commits into from
Jan 5, 2025
Merged

Use nixfmt nix formatter #144

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
78cff18
Use nixfmt as nix formatter
henrirosten Jan 3, 2025
295f09f
Apply nix fmt
henrirosten Jan 3, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 11 additions & 3 deletions default.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,18 @@
# This file originates from:
# https://github.com/nix-community/flake-compat
# This file provides backward compatibility to nix < 2.4 clients
{system ? builtins.currentSystem}: let
{
system ? builtins.currentSystem,
}:
let
lock = builtins.fromJSON (builtins.readFile ./flake.lock);

inherit (lock.nodes.flake-compat.locked) owner repo rev narHash;
inherit (lock.nodes.flake-compat.locked)
owner
repo
rev
narHash
;

flake-compat = fetchTarball {
url = "https://github.com/${owner}/${repo}/archive/${rev}.tar.gz";
Expand All @@ -20,4 +28,4 @@
src = ./.;
};
in
flake.defaultNix
flake.defaultNix
30 changes: 16 additions & 14 deletions flake.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,20 +19,22 @@
};
};

outputs = inputs @ {flake-parts, ...}:
outputs =
inputs@{ flake-parts, ... }:
flake-parts.lib.mkFlake
{
inherit inputs;
} {
systems = [
"x86_64-linux"
"aarch64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
{
inherit inputs;
}
{
systems = [
"x86_64-linux"
"aarch64-linux"
"x86_64-darwin"
"aarch64-darwin"
];

imports = [
./nix
];
};
imports = [
./nix
];
};
}
84 changes: 44 additions & 40 deletions nix/apps.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,51 +2,55 @@
#
# SPDX-License-Identifier: Apache-2.0
{
perSystem = {self', ...}: {
apps = let
inherit (self'.packages) sbomnix;
in {
# nix run .#repology_cli
repology_cli = {
type = "app";
program = "${sbomnix}/bin/repology_cli";
};
perSystem =
{ self', ... }:
{
apps =
let
inherit (self'.packages) sbomnix;
in
{
# nix run .#repology_cli
repology_cli = {
type = "app";
program = "${sbomnix}/bin/repology_cli";
};

# nix run .#repology_cve
repology_cve = {
type = "app";
program = "${sbomnix}/bin/repology_cve";
};
# nix run .#repology_cve
repology_cve = {
type = "app";
program = "${sbomnix}/bin/repology_cve";
};

# nix run .#nix_outdated
nix_outdated = {
type = "app";
program = "${sbomnix}/bin/nix_outdated";
};
# nix run .#nix_outdated
nix_outdated = {
type = "app";
program = "${sbomnix}/bin/nix_outdated";
};

# nix run .#nixgraph
nixgraph = {
type = "app";
program = "${sbomnix}/bin/nixgraph";
};
# nix run .#nixgraph
nixgraph = {
type = "app";
program = "${sbomnix}/bin/nixgraph";
};

# nix run .#nixmeta
nixmeta = {
type = "app";
program = "${sbomnix}/bin/nixmeta";
};
# nix run .#nixmeta
nixmeta = {
type = "app";
program = "${sbomnix}/bin/nixmeta";
};

# nix run .#vulnxscan
vulnxscan = {
type = "app";
program = "${sbomnix}/bin/vulnxscan";
};
# nix run .#vulnxscan
vulnxscan = {
type = "app";
program = "${sbomnix}/bin/vulnxscan";
};

# nix run .#provenance
provenance = {
type = "app";
program = "${sbomnix}/bin/provenance";
};
# nix run .#provenance
provenance = {
type = "app";
program = "${sbomnix}/bin/provenance";
};
};
};
};
}
99 changes: 54 additions & 45 deletions nix/checks.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,49 +5,58 @@
lib,
self,
...
}: {
perSystem = {
self',
pkgs,
...
}: {
checks =
{
# checks that copyright headers are compliant
# todo this could be moved into a shared flake
reuse =
pkgs.runCommandLocal "reuse-lint" {
nativeBuildInputs = [pkgs.reuse];
} ''
cd ${self.outPath}
reuse lint
touch $out
'';
pycodestyle =
pkgs.runCommandLocal "pycodestyle" {
nativeBuildInputs = [pkgs.python3.pkgs.pycodestyle];
} ''
cd ${self.outPath}
pycodestyle --max-line-length 90 $(find . -name "*.py")
touch $out
'';
pylint =
pkgs.runCommandLocal "pylint" {
nativeBuildInputs = [self'.devShells.default.nativeBuildInputs];
} ''
cd ${self.outPath}
export HOME=/tmp
pylint \
$(find . -name "*.py") \
--reports n \
--enable=useless-suppression \
--fail-on=useless-suppression \
--disable=duplicate-code
touch $out
'';
}
//
# Force a build of all packages during a `nix flake check`
(with lib; mapAttrs' (n: nameValuePair "package-${n}") self'.packages);
};
}:
{
perSystem =
{
self',
pkgs,
...
}:
{
checks =
{
# checks that copyright headers are compliant
# todo this could be moved into a shared flake
reuse =
pkgs.runCommandLocal "reuse-lint"
{
nativeBuildInputs = [ pkgs.reuse ];
}
''
cd ${self.outPath}
reuse lint
touch $out
'';
pycodestyle =
pkgs.runCommandLocal "pycodestyle"
{
nativeBuildInputs = [ pkgs.python3.pkgs.pycodestyle ];
}
''
cd ${self.outPath}
pycodestyle --max-line-length 90 $(find . -name "*.py")
touch $out
'';
pylint =
pkgs.runCommandLocal "pylint"
{
nativeBuildInputs = [ self'.devShells.default.nativeBuildInputs ];
}
''
cd ${self.outPath}
export HOME=/tmp
pylint \
$(find . -name "*.py") \
--reports n \
--enable=useless-suppression \
--fail-on=useless-suppression \
--disable=duplicate-code
touch $out
'';
}
//
# Force a build of all packages during a `nix flake check`
(with lib; mapAttrs' (n: nameValuePair "package-${n}") self'.packages);
};
}
52 changes: 27 additions & 25 deletions nix/devshell.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,30 +2,32 @@
#
# SPDX-License-Identifier: Apache-2.0
{
perSystem = {
pkgs,
self',
...
}: {
devShells.default = pkgs.mkShell rec {
name = "sbomnix-devshell";
packages = with self'.packages; [
pkgs.python3.pkgs.pylint # for running pylint manually in devshell
pkgs.black # for running black manually in devshell
pkgs.isort # for running isort manually in devshell
sbomnix.propagatedBuildInputs
sbomnix.nativeBuildInputs
];
# Add the repo root to PYTHONPATH, so invoking entrypoints (and them being
# able to find the python packages in the repo) becomes possible.
# `pytest.ini` already sets this for invoking `pytest`
# (cascading down to the processes it spawns), but this is for the developer
# invoking entrypoints from inside the devshell.
shellHook = ''
export PYTHONPATH="$PYTHONPATH:$(pwd)/src"
# https://github.com/NixOS/nix/issues/1009:
export TMPDIR="/tmp"
'';
perSystem =
{
pkgs,
self',
...
}:
{
devShells.default = pkgs.mkShell rec {
name = "sbomnix-devshell";
packages = with self'.packages; [
pkgs.python3.pkgs.pylint # for running pylint manually in devshell
pkgs.black # for running black manually in devshell
pkgs.isort # for running isort manually in devshell
sbomnix.propagatedBuildInputs
sbomnix.nativeBuildInputs
];
# Add the repo root to PYTHONPATH, so invoking entrypoints (and them being
# able to find the python packages in the repo) becomes possible.
# `pytest.ini` already sets this for invoking `pytest`
# (cascading down to the processes it spawns), but this is for the developer
# invoking entrypoints from inside the devshell.
shellHook = ''
export PYTHONPATH="$PYTHONPATH:$(pwd)/src"
# https://github.com/NixOS/nix/issues/1009:
export TMPDIR="/tmp"
'';
};
};
};
}
Loading
Loading