diff --git a/.github/workflows/Cabal-Linux.yml b/.github/workflows/Cabal-Linux.yml new file mode 100644 index 00000000..1dfecedf --- /dev/null +++ b/.github/workflows/Cabal-Linux.yml @@ -0,0 +1,65 @@ +name: "Hackage, Cabal, Linux" + +on: + pull_request: + push: + branches: + - master + schedule: + - cron: "45 02 * * *" + + +jobs: + + build10: + name: GHC 8.10 + runs-on: ubuntu-latest + strategy: + matrix: + packageRoots: [ ./ ] + defaults: + run: + working-directory: ${{ matrix.packageRoots }} + steps: + - uses: actions/checkout@v2 + with: + submodules: recursive + - uses: actions/setup-haskell@v1.1 + with: + ghc-version: "8.10" + # cabal-version: "3.0.0.0" + - name: Install additional system packages + run: sudo apt install libsodium-dev + # 2020-08-01: NOTE: Nix instantiate still needed for HNix tests + - name: Install Nix + uses: cachix/install-nix-action@v10 + - run: cabal v2-configure --disable-optimization --enable-tests --enable-deterministic + - run: cabal v2-build + - run: cabal v2-test + + + build20: + name: GHC 8.4 + runs-on: ubuntu-latest + strategy: + matrix: + packageRoots: [ ./ ] + defaults: + run: + working-directory: ${{ matrix.packageRoots }} + steps: + - uses: actions/checkout@v2 + with: + submodules: recursive + - uses: actions/setup-haskell@v1.1 + with: + ghc-version: "8.4" + # cabal-version: "3.0.0.0" + - name: Install additional system packages + run: sudo apt install libsodium-dev + # 2020-08-01: NOTE: Nix instantiate still needed for HNix tests + - name: Install Nix + uses: cachix/install-nix-action@v10 + - run: cabal v2-configure --disable-optimization --enable-tests + - run: cabal v2-build + - run: cabal v2-test diff --git a/.github/workflows/Nixpkgs-GHCJS-turned-off b/.github/workflows/Nixpkgs-GHCJS-turned-off new file mode 100644 index 00000000..112a1064 --- /dev/null +++ b/.github/workflows/Nixpkgs-GHCJS-turned-off @@ -0,0 +1,45 @@ +# 2020-08-02: NOTE: GHCJS fails for number of month, and makes GitHub CI "red", because team does not care and not pursue GHCJS build currently - there is no need to test for it. Technically compilation directly to WebAssembly looks much easier task than keeping HQ compilation to JS. WebAssembly compilation https://github.com/tweag/asterius look much more promising. +# 2020-08-02: FIXME: If this is not needed after some time - remove the file. +name: "Nixpkgs, Linux, GHCJS" + +on: + pull_request: + push: + branches: + - master + schedule: + # Every day at 05:45 + - cron: "45 05 * * *" + +env: + useRev: "true" + rev: "nixos-unstable" + cachixAccount: "hnix" + # GitHub secret + CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }} + linkWithGold: "true" + compiler: "ghcjs" + ghcjsTmpLogFile: "/tmp/ghcjsTmpLogFile.log" + ghcjsLogTailLength: "10000" + +jobs: + build10: + name: Build + runs-on: ubuntu-latest + continue-on-error: true + steps: + - name: Git checkout + uses: actions/checkout@v2 + with: + submodules: recursive + - name: Install Nix + uses: cachix/install-nix-action@v10 + - name: Install Cachix + uses: cachix/cachix-action@v6 + with: + name: ${{ env.cachixAccount }} + - name: Determined Nix-build + run: ./build.sh + - name: Print log tail + if: always() + run: tail -n "$ghcjsLogTailLength" "$ghcjsTmpLogFile" && rm "$ghcjsTmpLogFile" diff --git a/.github/workflows/Nixpkgs-Linux-additional.yml b/.github/workflows/Nixpkgs-Linux-additional.yml new file mode 100644 index 00000000..031ec1be --- /dev/null +++ b/.github/workflows/Nixpkgs-Linux-additional.yml @@ -0,0 +1,72 @@ +name: "Nixpkgs, Linux, additional" + + +on: + # On Git changes in PR + pull_request: + # On Git changes of the master + push: + branches: + - master + schedule: + # Every day at 03:45 + - cron: "45 06 * * *" + + +env: + ### + ### NOTE: This configuration uses `build.sh` interface, which uses `default.nix` interface, which exposes the Nixpkgs Haskell Lib interface. + ### + ### Documentation of this settings is mosly in `default.nix`, since most settings it Nixpkgs related + ### and the other part of keys explained in `build.sh`, since those address external procedures aound the builds. + ### Additional documentation is in Nixpkgs Haskell.lib: https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/haskell-modules/lib.nix + ### + useRev: "true" + rev: "nixos-unstable" + cachixAccount: "hnix" + # GitHub secret + CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }} + linkWithGold: "true" + + +jobs: + + build40: + name: "Nixpkgs-unstable channel, default GHC (8.8)" + runs-on: ubuntu-latest + continue-on-error: true + env: + rev: "nixpkgs-unstable" + steps: + - name: Git checkout + uses: actions/checkout@v2 + with: + submodules: recursive + - name: Install Nix + uses: cachix/install-nix-action@v10 + - name: Install Cachix + uses: cachix/cachix-action@v6 + with: + name: ${{ env.cachixAccount }} + - name: Determined Nix-build + run: ./build.sh + + build50: + name: "NixOS-unstable channel, GHC 8.6.5" + runs-on: ubuntu-latest + continue-on-error: true + env: + compiler: "ghc865" + steps: + - name: Git checkout + uses: actions/checkout@v2 + with: + submodules: recursive + - name: Install Nix + uses: cachix/install-nix-action@v10 + - name: Install Cachix + uses: cachix/cachix-action@v6 + with: + name: ${{ env.cachixAccount }} + - name: Determined Nix-build + run: ./build.sh diff --git a/.github/workflows/Nixpkgs-Linux-main.yml b/.github/workflows/Nixpkgs-Linux-main.yml new file mode 100644 index 00000000..47278ef4 --- /dev/null +++ b/.github/workflows/Nixpkgs-Linux-main.yml @@ -0,0 +1,172 @@ +name: "Nixpkgs, Linux, main" + +# When to trigger builds +on: + # On Git changes in PR + pull_request: + # On Git changes of the master + push: + branches: + - master + schedule: + # Every day at 03:45 + - cron: "45 03 * * *" + + +env: + ### + ### NOTE: Table example of the provided build configuration keys + ### Infrastructure uses `build.sh` API, which uses `default.nix` API, which exposes the almost literal Nixpkgs Haskell Lib API wich was abstracted for use outside of Nix language. + ### + ### Documentation of this settings is mosly in `default.nix`, since most settings it Nixpkgs related + ### and the other part of keys explained in `build.sh`, since those address external procedures aound the builds. + ### Additional documentation is in Nixpkgs Haskell.lib: https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/haskell-modules/lib.nix + ### + useRev: "true" + rev: "nixos-unstable" + # Register and use Cachix account + cachixAccount: "hnix" + # GitHub secret + CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }} + allowInconsistentDependencies: "false" + doJailbreak: "false" + doCheck: "true" + sdistTarball: "false" + buildFromSdist: "false" + buildStrictly: "false" + failOnAllWarnings: "false" + enableDeadCodeElimination: "false" + disableOptimization: "true" + linkWithGold: "true" + enableLibraryProfiling: "false" + enableExecutableProfiling: "false" + doTracing: "false" + enableDWARFDebugging: "false" + doStrip: "false" + enableSharedLibraries: "true" + enableStaticLibraries: "false" + enableSharedExecutables: "false" + justStaticExecutables: "false" + enableSeparateBinOutput: "false" + checkUnusedPackages: "false" + doHaddock: "false" + doHyperlinkSource: "false" + doCoverage: "false" + doBenchmark: "false" + generateOptparseApplicativeCompletions: "false" + executableNamesToShellComplete: '[ "hnix" ]' + + +jobs: + + # NOTE: Basic example + build10: + name: "NixOS-unstable channel, strict build, default GHC (8.8)" + runs-on: ubuntu-latest + # 2020-08-01: NOTE: Due to Nixpkgs brittleness to not block project development Nixpkgs made optional, see commit message for more info + continue-on-error: true + steps: + - name: Git checkout + uses: actions/checkout@v2 + with: + submodules: recursive + - name: Install Nix + uses: cachix/install-nix-action@v10 + - name: Install Cachix + uses: cachix/cachix-action@v6 + with: + name: ${{ env.cachixAccount }} + - name: Determined Nix-build + env: + # nixos-unstable is a nixpkgs-upstable that passed a number of upstream CI and quality checks, it is essentially a current branch while also receives stable updates fitting for our CI checkups with current Nixpkgs. + # Note that Nix nature is purely functional lazy language, it is referentially transparent, reproducible (deterministic) builds, that means that just as in the type system - any the Nix build failures properly cascade through the Nixpkgs tree graph branch, so particular `master` broken checkouts would properly refuse/would not be able to build parts of Nixpkgs tree graph. So the Nix builds are pretty brittle, do not be ashamed to make Nixpkgs builds optional (`continue-on-error: true`), or set them to the latest stable NixOS Nixpkgs release. + useRev: "true" + rev: "nixos-unstable" + buildStrictly: "true" + run: ./build.sh + + + # NOTE: Example of customization using Nixpkgs Haskell Lib API + build20: + name: "Quality build, SDist, Optimizations, Benchmark, Haddock, Completions, GHC 8.10.1" + runs-on: ubuntu-latest + continue-on-error: true + # Matrix of builds for multiple subprojects in a monorepo + strategy: + matrix: + packageRoots: [ ./ ] + steps: + - name: Git checkout + uses: actions/checkout@v2 + with: + submodules: recursive + - name: Install Nix + uses: cachix/install-nix-action@v10 + - name: Install Cachix + uses: cachix/cachix-action@v6 + with: + name: ${{ env.cachixAccount }} + - name: Determined Nix-build + env: + useRev: "true" + rev: "nixos-unstable" + compiler: "ghc8101" + buildFromSdist: "true" + linkWithGold: "true" + doHaddock: "true" + doHyperlinkSource: "true" + disableOptimization: "false" + enableDeadCodeElimination: "true" + doBenchmark: "true" + generateOptparseApplicativeCompletions: "true" + # packageRoot for CI builds can be just a paths, since CI uses remote Git repo that is already filtered with local .gitignore's + packageRoot: ${{ matrix.packageRoots }} + run: ./build.sh + + + # NOTE: Build on latest stable NixOS release + build30: + name: "NixOS 20.03 stable channel, default GHC (8.8)" + runs-on: ubuntu-latest + continue-on-error: true + steps: + - name: Git checkout + uses: actions/checkout@v2 + with: + submodules: recursive + - name: Install Nix + uses: cachix/install-nix-action@v10 + - name: Install Cachix + uses: cachix/cachix-action@v6 + with: + name: ${{ env.cachixAccount }} + - name: Determined Nix-build + env: + rev: "nixos-20.03" + run: ./build.sh + + + # NOTE: This would additionally test that the Nix shell customization of the project works. + # By default *this setup provides local hoogle and generates database of the documetation for the project and its dependencies + build40: + name: "Nix-shell & supplied locall project Hoogle DB" + runs-on: ubuntu-latest + continue-on-error: true + steps: + - name: Git checkout + uses: actions/checkout@v2 + with: + submodules: recursive + - name: Install Nix + uses: cachix/install-nix-action@v10 + - name: Install Cachix + uses: cachix/cachix-action@v6 + with: + name: ${{ env.cachixAccount }} + - name: Nix-shell + run: nix-shell --pure --command 'echo "Evaluated, loaded and entered $IN_NIX_SHELL Nix shell env."' + - name: Local Hoogle DB for the project development and tooling + run: nix-shell --pure --command 'hoogle True' + + + # Other samples of tests used in the project see in the directory diff --git a/.github/workflows/Nixpkgs-macOS.yml b/.github/workflows/Nixpkgs-macOS.yml new file mode 100644 index 00000000..715fe8a9 --- /dev/null +++ b/.github/workflows/Nixpkgs-macOS.yml @@ -0,0 +1,40 @@ +name: "Nixpkgs, macOS" + # Due to macOS is a side-build to test the platform, using nixos-unstable for additional long-term stability of it +on: + # On Git changes in PR + pull_request: + # On Git changes of the master + push: + branches: + - master + schedule: + # Every day at 04:45 + - cron: "45 01 * * *" + + +env: + useRev: "true" + rev: "nixos-unstable" + cachixAccount: "hnix" + # GitHub secret + CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }} + + +jobs: + build10: + name: NixOS-unstable, default GHC (8.8) + runs-on: macos-latest + continue-on-error: true + steps: + - name: Git checkout + uses: actions/checkout@v2 + with: + submodules: recursive + - name: Install Nix + uses: cachix/install-nix-action@v10 + - name: Install Cachix + uses: cachix/cachix-action@v6 + with: + name: ${{ env.cachixAccount }} + - name: Determined Nix-build + run: ./build.sh diff --git a/.travis.yml b/.travis.yml index 5ac575b5..a398a73a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -21,8 +21,6 @@ git: env: global: - # NOTE: This is secure CACHIX_SIGNING_KEY=val, it is only available on project internal branches, so Cachix would push only there - - secure: "dm6I+M4+V+C7QMTpcSADdKPE633SvmToXZrTbZ7miNDGmMN+/SfHeN2ybi1+PW6oViMlbPN/7J/aEfiGjSJI8vLk72Y4uCWGmpSb8TXZLu6+whnxtZzzW8+z4tsM4048QJg7CF3N/25U8thRFgs3DqUub1Sf3nG9LrNWdz6ZcDQ=" ### ### NOTE: This configuration uses `build.sh` interface, which uses `default.nix` interface, which exposes the Nixpkgs Haskell Lib interface. ### @@ -31,10 +29,8 @@ env: ### Additional documentation is in Nixpkgs Haskell.lib: https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/haskell-modules/lib.nix ### # + # - rev=nixos-unstable # - NIX_PATH="nixpkgs=https://github.com/nixos/nixpkgs/archive/$rev.tar.gz" - - project='hnix' - - useRev='true' - - rev='nixos-unstable' - allowInconsistentDependencies='false' - doJailbreak='false' - doCheck='true' @@ -63,41 +59,42 @@ env: - generateOptparseApplicativeCompletions='false' - executableNamesToShellComplete='[ "hnix" ]' # + - withHoogle='false' + # + - cachixAccount='hnix' + # NOTE: This is secure CACHIX_SIGNING_KEY=val, it is only available on project internal branches, so Cachix would push only there + - secure: "dm6I+M4+V+C7QMTpcSADdKPE633SvmToXZrTbZ7miNDGmMN+/SfHeN2ybi1+PW6oViMlbPN/7J/aEfiGjSJI8vLk72Y4uCWGmpSb8TXZLu6+whnxtZzzW8+z4tsM4048QJg7CF3N/25U8thRFgs3DqUub1Sf3nG9LrNWdz6ZcDQ=" + # - ghcjsTmpLogFile='/tmp/ghcjsTmpLogFile.log' - ghcjsLogTailLength='10000' # 2020-05-26: Currently newest Travis dist Ubuntu 18.04 bionic # {os} x {jobs} + {jobs:include} - {jobs:exclude} = {build matrix} jobs: + fast_finish: true include: - - name: GHC 8.4.4, Linux + - name: Bypass build env: - - compiler='ghc844' - - linkWithGold='true' + - compiler='bypass' os: linux dist: bionic - name: GHC 8.6.5, Linux env: - compiler='ghc865' - - linkWithGold='true' os: linux dist: bionic - - name: GHC 8.8.3, macOS, Strict + - name: GHC 8.8.4, macOS env: - - compiler='ghc883' - - buildStrictly='true' + - compiler='ghc884' os: osx - - name: GHC 8.10.1, Linux, SDist, Optimize, Benchmark, Haddock, Shell Completions + - name: GHC 8.8.4, Linux + env: + - compiler='ghc884' + os: linux + dist: bionic + - name: GHC 8.10.1, Linux env: - compiler='ghc8101' - - buildFromSdist='true' - - linkWithGold='true' - - doHaddock='true' - - doHyperlinkSource='true' - - doBenchmark='true' - - disableOptimization='false' - - enableDeadCodeElimination='true' - - generateOptparseApplicativeCompletions='true' os: linux dist: bionic - name: GHCJS, Linux @@ -107,6 +104,9 @@ jobs: dist: bionic allow_failures: - env: compiler='ghcjs' + - env: compiler='ghc8101' + - env: compiler='ghc884' + - env: compiler='ghc865' before_script: - sudo mkdir -p /etc/nix @@ -117,13 +117,15 @@ before_script: - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then sudo launchctl kickstart -k system/org.nixos.nix-daemon; fi script: + # Ability to bypass builds + - if [ "${compiler}" = "bypass" ]; then exit; fi # # # Install Cachix client using Nix: - if [ "${TRAVIS_OS_NAME}" = "linux" ] || [ "${TRAVIS_OS_NAME}" = "osx" ]; then nix-env -iA cachix -f https://cachix.org/api/v1/install; fi - - cachix use "$project" + - cachix use "$cachixAccount" # If key is set - use Cachix push, else - proceed without it - - if [ ! "$CACHIX_SIGNING_KEY" = "" ]; then cachix push "$project" --watch-store& fi + - if [ ! "$CACHIX_SIGNING_KEY" = "" ]; then cachix push "$cachixAccount" --watch-store& fi # # # NOTE: Normal GHC build diff --git a/build.sh b/build.sh index 0d094d3f..9ad3e8a6 100755 --- a/build.sh +++ b/build.sh @@ -13,13 +13,10 @@ set -Eexuo pipefail # NOTE: If vars not imported - init the vars with default values -compiler=${compiler:-'ghc8101'} -rev=${rev:-'nixpkgs-unstable'} -# If NIX_PATH not imported - construct it from `rev` -NIX_PATH=${NIX_PATH:-"nixpkgs=https://github.com/nixos/nixpkgs/archive/$rev.tar.gz"} -export NIX_PATH -# Project name, used by cachix -project=${project:-'defaultProjectName'} +compiler=${compiler:-'ghc884'} + +# Account in Cachix to use +cachixAccount=${cachixAccount:-'replaceWithProjectNameInCachix'} allowInconsistentDependencies=${allowInconsistentDependencies:-'false'} @@ -190,7 +187,8 @@ MAIN() { # Overall it is useful to have in CI test builds the latest stable Nix # 2020-06-24: HACK: Do not ask why different commands on Linux and macOS. IDK, wished they we the same. These are the only commands that worked on according platforms right after the fresh Nix installer rollout. -(nix-channel --update && nix-env -iA nixpkgs.nix) || (sudo nix upgrade-nix) +# 2020-07-06: HACK: GitHub Actions CI shown that nix-channel or nix-upgrade-nix do not work, there is probably some new rollout, shortcircuting for the time bing with || true +(nix-channel --update && nix-env -u) || (sudo nix upgrade-nix) || true # Report the Nixpkgs channel revision @@ -198,14 +196,14 @@ nix-instantiate --eval -E 'with import {}; lib.version or lib.nixpkgsV # Secrets are not shared to PRs from forks -# nix-build | cachix push - uploads binaries, runs&works only in the branches of the main repository, so for PRs - else case runs +# nix-build | cachix push - uploads binaries, runs&works only in the branches of the main repository, so for PRs - else case runs if [ ! "$CACHIX_SIGNING_KEY" = "" ] then # Build of the inside repo branch - enable push Cachix cache - BUILD_PROJECT | cachix push "$project" + BUILD_PROJECT | cachix push "$cachixAccount" else diff --git a/default.nix b/default.nix index 70a32ffb..f683f9ba 100644 --- a/default.nix +++ b/default.nix @@ -1,6 +1,13 @@ { # Compiler in a form ghc8101 == GHC 8.10.1, just remove spaces and dots - compiler ? "ghc883" +# 2020-07-05: By default using default GHC for Nixpkgs, see https://search.nixos.org/packages?query=ghc&from=0&size=500&channel=unstable for current version (currently ghc883 == GHC 8.8.3) + compiler ? "ghc884" + +# Deafult.nix is a unit package abstraciton that allows to abstract over packages even in monorepos: +# Example: pass --arg cabalName --arg packageRoot "./subprojectDir", or map default.nix over a list of tiples for subprojects. +# cabalName is package resulting name: by default and on error resolves in haskellPackages.developPackage to project root directory name by default, but outside the haskellPackages.developPackage as you see below packageRoot can be different +, cabalName ? "hnix" +, packageRoot ? pkgs.nix-gitignore.gitignoreSource [ ] ./. # This settings expose most of the Nixpkgs Haskell.lib API: https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/haskell-modules/lib.nix @@ -74,7 +81,7 @@ , useRev ? false -# Nix by default uses nixpkgs-unstable channel +# Nix by default updates and uses locally configured nixpkgs-unstable channel # Nixpkgs revision options: # `rev` vals in order of freshness -> cache & stability: # { master @@ -89,21 +96,15 @@ , pkgs ? if builtins.compareVersions builtins.nixVersion "2.0" < 0 - then abort "hnix requires at least nix 2.0" + then abort "Requires Nix >= 2.0" else if useRev - # Please do not guard with hash, so the package able to use current channels (rolling `rev`) of Haskell&Nixpkgs + # Do not guard with hash, so the project is able to use current channels (rolling `rev`) of Nixpkgs then import (builtins.fetchTarball "https://github.com/NixOS/nixpkgs/archive/${rev}.tar.gz") {} else import {} // { + # Try to build dependencies even if they are marked broken. config.allowBroken = true; - # config.packageOverrides = pkgs: rec { - # nix = pkgs.nixStable.overrideDerivation (attrs: with pkgs; rec { - # src = if builtins.pathExists ./data/nix/.version - # then data/nix - # else throw "data/nix doesn't seem to contain the nix source. You may want to run git submodule update --init."; - # }); - # }; } , mkDerivation ? null @@ -140,7 +141,7 @@ let overrideHaskellPackages; # Application of functions from this list to the package in code here happens in the reverse order (from the tail). Some options depend on & override others, so if enabling options caused Nix error or not expected result - change the order, and please do not change this order without proper testing. - listOfSetsOfSwitchExtend = + listSwitchFunc = [ { switch = sdistTarball; @@ -197,21 +198,22 @@ let ]; # Function that applies enabled option to the package, used in the fold. - funcOnSwitchAppliesFunction = set: object: + onSwitchApplyFunc = set: object: if set.switch then set.function object else object; # General description of package package = haskellPackages.developPackage { - name = "hnix"; - root = pkgs.nix-gitignore.gitignoreSource [ ] ./.; + name = cabalName; + # Do not include into closure the files listed in .gitignore + root = packageRoot; overrides = self: super: { # 2020-06-26 Due to a behaviour change in neat-interpolation-0.4, we # require n-i >= 0.4. dontCheck helps us avoid conflicts with # neat-interpolation's test dependencies. - neat-interpolation = pkgs.haskell.lib.dontCheck super.neat-interpolation_0_5_1; + neat-interpolation = pkgs.haskell.lib.dontCheck super.neat-interpolation_0_5_1_1; # 2020-07-23 hnix uses multiple functions that are unavailable in # data-fix < 0.3. @@ -266,7 +268,7 @@ let # One part of Haskell.lib options are argument switches, those are in `inherit`ed list. # Other part - are function wrappers over pkg. Fold allows to compose those. # composePackage = foldr (if switch then function) (package) ([{switch,function}]) == (functionN .. (function1 package)) - composedPackage = pkgs.lib.foldr (funcOnSwitchAppliesFunction) package listOfSetsOfSwitchExtend; + composedPackage = pkgs.lib.foldr (onSwitchApplyFunc) package listSwitchFunc; in composedPackage