WIP: build: use stable nix to build git-bug and subpackages#1532
Draft
WIP: build: use stable nix to build git-bug and subpackages#1532
Conversation
694bb1c to
ec255e0
Compare
This change refactors all tooling to use stable nix to build the project's packages (the git-bug binary and web ui). Support for the experimental features of nix that were previously in use were removed: `flakes` and `nix-command`. This requires updating many different parts of the development toolchain, namely: CI, internal tools, and documentation. As a result of this, onboarding has been simplified (as users no longer need to add support for the experimental features), nix is now exclusively being used to build in CI, and is the recommended golden path outside of CI (for correctness guarantees, at least). A `release-binaries` drv has been added that builds git-bug for a variety of platforms to support moving away from gox (and add support for `darwin/arm64`). When evaluating the treefmt configuration, optimizations were realized: - zizmor is being used instead of pinact for performing analysis of pipelines defined in //.github/workflows. as a result of this, changes were made to improve pipeline security - codespell configuration has been updated to include hidden files by default, and to skip over additional generated fileas - treefmt verbosity was changed so that additional information is shown during its execution - treefmt will no longer emit messages about unmatched files by default (but will if debug logging is enabled) This is one of the rare cases in which I'll submit a change that crosses multiple logical boundaries and closes several issues at once, but the nature of this change opened up the possibility to do so fairly neatly. I hope that this brings about a simpler experience for contributors to this project, and for downstream consumers (packagers and source-builders). Closes: #1491 Closes: #1418 Closes: #1508 Change-Id: I3fb65c84c9c1a98b045548802d5710de9b117b2e
ec255e0 to
9066873
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This change refactors all tooling to use stable nix to build the
project's packages (the git-bug binary and web ui). Support for the
experimental features of nix that were previously in use were removed:
flakesandnix-command. This requires updating many different partsof the development toolchain, namely: CI, internal tools, and
documentation.
As a result of this, onboarding has been simplified (as users no longer
need to add support for the experimental features), nix is now
exclusively being used to build in CI, and is the recommended golden
path outside of CI (for correctness guarantees, at least). A
release-binariesdrv has been added that builds git-bug for a varietyof platforms to support moving away from gox (and add support for
darwin/arm64).When evaluating the treefmt configuration, optimizations were realized:
pipelines defined in //.github/workflows. as a result of this, changes
were made to improve pipeline security
default, and to skip over additional generated fileas
during its execution
(but will if debug logging is enabled)
This is one of the rare cases in which I'll submit a change that crosses
multiple logical boundaries and closes several issues at once, but the
nature of this change opened up the possibility to do so fairly neatly.
I hope that this brings about a simpler experience for contributors to
this project, and for downstream consumers (packagers and
source-builders).
Closes: #1491
Closes: #1418
Closes: #1508
Change-Id: I3fb65c84c9c1a98b045548802d5710de9b117b2e