diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 079ff3ba9..f5f21397a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -8,19 +8,41 @@ jobs: build_test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - name: install dependencies - run: sudo apt-get update && sudo apt install -y astyle jq git - - - name: Astyle version - run: astyle --version - - - name: Astyle test - run: | - err=$(astyle $(git ls-files "*.c" "*.h") --options=.astylerc --dry-run --formatted) - if [[ ${#err} != 0 ]]; then - echo "$err" | awk '{split($0,a);print a[2]}' | while IFS= read -r file; do - echo "::error file={"$file"},title={checking}::Formatted $file" - done - exit 1 - fi \ No newline at end of file + - name: install jq + shell: bash + run: | + if ! (command -v jq) &> /dev/null + then + sudo apt install -y --no-install-recommends jq + fi + - uses: actions/checkout@v4 + - id: nixpkgs + shell: bash + run: | + if [ -f flake.lock ]; then + nixpkgs="flake:$(cat flake.lock | jq -r '.nodes.nixpkgs.locked // empty | .type + ":" + .owner + "/" + .repo + "/" + .rev')" + else + nixpkgs=channel:nixos-unstable + fi + echo "nixpkgs=$nixpkgs" >> "$GITHUB_OUTPUT" + - uses: cachix/install-nix-action@v25 + with: + nix_path: nixpkgs=${{ steps.nixpkgs.outputs.nixpkgs }} + - name: Prepare nix dev shell + shell: nix develop .#ci -c bash -e {0} + run: | + astyle --version + - name: Astyle + shell: nix develop .#ci -c bash -e {0} + run: | + err=$(astyle $(git ls-files "*.c" "*.h") --options=.astylerc --dry-run --formatted) + if [[ ${#err} != 0 ]]; then + echo "$err" | awk '{split($0,a);print a[2]}' | while IFS= read -r file; do + echo "::error file={"$file"},title={checking}::Formatted $file" + done + exit 1 + fi + - name: Build targets + shell: nix develop .#ci -c bash -e {0} + run: | + make diff --git a/flake.lock b/flake.lock new file mode 100644 index 000000000..fc8e038fb --- /dev/null +++ b/flake.lock @@ -0,0 +1,48 @@ +{ + "nodes": { + "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709336216, + "narHash": "sha256-Dt/wOWeW6Sqm11Yh+2+t0dfEWxoMxGBvv3JpIocFl9E=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1710695816, + "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "614b4613980a522ba49f0d194531beddbb7220d3", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "flake-parts": "flake-parts", + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 000000000..8c6c3737e --- /dev/null +++ b/flake.nix @@ -0,0 +1,61 @@ +# SPDX-License-Identifier: Apache-2.0 + +{ + description = "mlkem-c-embedded"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11"; + + flake-parts = { + url = "github:hercules-ci/flake-parts"; + inputs.nixpkgs-lib.follows = "nixpkgs"; + }; + }; + + outputs = inputs@{ flake-parts, nixpkgs, ... }: + flake-parts.lib.mkFlake { inherit inputs; } { + imports = [ ]; + systems = [ "x86_64-linux" "aarch64-linux" "aarch64-darwin" "x86_64-darwin" ]; + perSystem = { pkgs, system, inputs', ... }: + let + core = with pkgs; [ + # formatter & linters + astyle # 3.4.10 + + # build dependencies + gcc-arm-embedded-13 # arm-gnu-toolchain-13.2.rel1 + openocd # 0.12.0 + python311Packages.pyserial # 3.5 + ]; + in + { + devShells.default = with pkgs; mkShellNoCC { + packages = core ++ [ + direnv + nix-direnv + + # formatter & linters + nixpkgs-fmt + shfmt + codespell + ]; + + shellHook = '' + export PATH=$PWD/dev-support/bin:$PATH + ''; + }; + + devShells.ci = with pkgs; mkShellNoCC { + packages = core; + }; + + }; + flake = { + # The usual flake attributes can be defined here, including system- + # agnostic ones like nixosModule and system-enumerating ones, although + # those are more easily expressed in perSystem. + + }; + }; +} +