From 7672da868b2686911a37e46f05bcebd75996765c Mon Sep 17 00:00:00 2001 From: Ben Maddison Date: Fri, 9 Feb 2024 22:40:36 +0200 Subject: [PATCH] working `nix` based build system --- .gitignore | 2 - Cross.toml | 3 - flake.lock | 139 ++++++++++++++++++++++++++ flake.nix | 51 ++++++++++ junos-agent/jet.yaml | 9 -- nix/platforms/default.nix | 8 ++ nix/platforms/junos/default.nix | 21 ++++ nix/platforms/junos/freebsd-cross.nix | 98 ++++++++++++++++++ nix/platforms/junos/jetez.nix | 50 +++++++++ nix/rust.nix | 45 +++++++++ 10 files changed, 412 insertions(+), 14 deletions(-) delete mode 100644 Cross.toml create mode 100644 flake.lock create mode 100644 flake.nix delete mode 100644 junos-agent/jet.yaml create mode 100644 nix/platforms/default.nix create mode 100644 nix/platforms/junos/default.nix create mode 100644 nix/platforms/junos/freebsd-cross.nix create mode 100644 nix/platforms/junos/jetez.nix create mode 100644 nix/rust.nix diff --git a/.gitignore b/.gitignore index 5ba40df..eed66fe 100644 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,5 @@ /target result* pki/ -bgpfu-junos-agent-x86-64-0.1.0-alpha.1.tgz -.build/ flamegraph.svg perf.data diff --git a/Cross.toml b/Cross.toml deleted file mode 100644 index 6adfb31..0000000 --- a/Cross.toml +++ /dev/null @@ -1,3 +0,0 @@ -[target.x86_64-unknown-freebsd] -image = "ghcr.io/cross-rs/x86_64-unknown-freebsd:main" -pre-build = ["apt install -qy protobuf-compiler"] diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..beee7b4 --- /dev/null +++ b/flake.lock @@ -0,0 +1,139 @@ +{ + "nodes": { + "crane": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1707075082, + "narHash": "sha256-PUplk5F5jlIyofxqn/xEDN9pbjrd0tnkd0pDsZ52db0=", + "owner": "ipetkov", + "repo": "crane", + "rev": "7d5b46c17d857ee9ddb2e8d88185729a3e5637b6", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "fenix": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src" + }, + "locked": { + "lastModified": 1706941198, + "narHash": "sha256-t6/qloMYdknVJ9a3QzjylQIZnQfgefJ5kMim50B7dwA=", + "owner": "nix-community", + "repo": "fenix", + "rev": "28dbd8b43ea328ee708f7da538c63e03d5ed93c8", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1705309234, + "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "jetez-src": { + "flake": false, + "locked": { + "lastModified": 1673429942, + "narHash": "sha256-YRow+v1nJPjw51PRIol0esNKJfdjVvohwYDBJKJlCWI=", + "owner": "juniper", + "repo": "jetez", + "rev": "dd621a3bcb80bce7f7c9d34d1435e1e11f9ca11d", + "type": "github" + }, + "original": { + "owner": "juniper", + "ref": "v1.0.7", + "repo": "jetez", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1707091808, + "narHash": "sha256-LahKBAfGbY836gtpVNnWwBTIzN7yf/uYM/S0g393r0Y=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "9f2ee8c91ac42da3ae6c6a1d21555f283458247e", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "crane": "crane", + "fenix": "fenix", + "flake-utils": "flake-utils", + "jetez-src": "jetez-src", + "nixpkgs": "nixpkgs" + } + }, + "rust-analyzer-src": { + "flake": false, + "locked": { + "lastModified": 1706875368, + "narHash": "sha256-KOBXxNurIU2lEmO6lR2A5El32X9x8ITt25McxKZ/Ew0=", + "owner": "rust-lang", + "repo": "rust-analyzer", + "rev": "8f6a72871ec87ed53cfe43a09fb284168a284e7e", + "type": "github" + }, + "original": { + "owner": "rust-lang", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..164771c --- /dev/null +++ b/flake.nix @@ -0,0 +1,51 @@ +{ + description = "Packages and tooling for bgpfu"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11"; + flake-utils.url = "github:numtide/flake-utils"; + fenix = { + url = "github:nix-community/fenix"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + crane = { + url = "github:ipetkov/crane"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + jetez-src = { + url = "github:juniper/jetez/v1.0.7"; + flake = false; + }; + }; + + outputs = { self, ... } @ inputs: + inputs.flake-utils.lib.eachDefaultSystem + (system: + let + pkgs = import inputs.nixpkgs { + inherit system; + }; + platforms = import ./nix/platforms { + inherit pkgs; + inherit (inputs) jetez-src; + }; + rust = import ./nix/rust.nix { + inherit pkgs platforms; + inherit (inputs) crane fenix; + }; + in + { + packages = with platforms; rec { + cli = rust.buildPackage { + pname = "bgpfu-cli"; + bin = "bgpfu"; + }; + junos-agent = rust.buildPackage { + pname = "bgpfu-junos-agent"; + defaultPlatform = x86_64-junos-freebsd; + extraPlatforms = [ native ]; + }; + default = cli; + }; + }); +} diff --git a/junos-agent/jet.yaml b/junos-agent/jet.yaml deleted file mode 100644 index 1408615..0000000 --- a/junos-agent/jet.yaml +++ /dev/null @@ -1,9 +0,0 @@ -basename: "bgpfu-junos-agent" -comment: > - Hello, world! -copyright: "Copyright 2023, Workonline Communications" -arch: "x86" -abi: "64" -files: - - source: ../target/x86_64-unknown-freebsd/release/bgpfu-junos-agent - destination: /var/db/scripts/jet/bgpfu-junos-agent diff --git a/nix/platforms/default.nix b/nix/platforms/default.nix new file mode 100644 index 0000000..aff9f84 --- /dev/null +++ b/nix/platforms/default.nix @@ -0,0 +1,8 @@ +{ pkgs, jetez-src }: +{ + native = { + platformName = "native"; + mkPackage = builder: args: builder args; + }; + x86_64-junos-freebsd = import ./junos { inherit pkgs jetez-src; }; +} diff --git a/nix/platforms/junos/default.nix b/nix/platforms/junos/default.nix new file mode 100644 index 0000000..8d9c9f6 --- /dev/null +++ b/nix/platforms/junos/default.nix @@ -0,0 +1,21 @@ +{ pkgs, jetez-src }: +let + platformName = "junos-freebsd"; + jetez = import ./jetez.nix { inherit jetez-src pkgs; }; + freebsdCrossArgs = import ./freebsd-cross.nix { inherit pkgs; }; +in +{ + inherit platformName; + rustTarget = freebsdCrossArgs.CARGO_BUILD_TARGET; + mkPackage = builder: { pname, passthru, meta, ... } @ args: + let + finalArgs = args // freebsdCrossArgs // { + pname = "${pname}-${platformName}"; + doCheck = false; + }; + in + jetez.mkJetPackage { + pkg = builder finalArgs; + inherit meta passthru; + }; +} diff --git a/nix/platforms/junos/freebsd-cross.nix b/nix/platforms/junos/freebsd-cross.nix new file mode 100644 index 0000000..d776331 --- /dev/null +++ b/nix/platforms/junos/freebsd-cross.nix @@ -0,0 +1,98 @@ +{ pkgs }: +with pkgs; +let + freebsd-arch = "amd64"; + freebsd-major = 12; + freebsd-minor = 4; + + target-arch = "x86_64"; + rust-target = "${target-arch}-unknown-freebsd"; + gnu-target = "${rust-target}${toString freebsd-major}"; + + binutils = stdenv.mkDerivation + rec { + pname = "binutils-${gnu-target}"; + version = "2.32"; + src = fetchzip { + url = "https://ftp.gnu.org/gnu/binutils/binutils-${version}.tar.gz"; + hash = "sha256-LUvvkE9/7fSrSFDBOqghKSQbLjWhKGXLUacpySHMwdY="; + }; + enableParallelBuilding = true; + configureFlags = [ "--target=${gnu-target}" ]; + }; + + gcc = + let + freebsd-base = + let + version = "${toString freebsd-major}.${toString freebsd-minor}"; + in + fetchzip { + url = "https://ftp.freebsd.org/pub/FreeBSD/releases/${freebsd-arch}/${version}-RELEASE/base.txz"; + hash = "sha256-5UIyd6oZjBzcnC2E4MFftocorQfnIpbwAgZt0dhIDXE="; + stripRoot = false; + }; + fetch-gnu-src = { name, version, hash, compression ? "bz2" }: fetchzip { + inherit hash; + url = "https://gcc.gnu.org/pub/gcc/infrastructure/${name}-${version}.tar.${compression}"; + }; + mpfr-src = fetch-gnu-src { + name = "mpfr"; + version = "2.4.2"; + hash = "sha256-LwiN1dYyIKLKLDWj4O1qzkTgh9iYLY8VTxpTPLtt5Bo="; + }; + gmp-src = fetch-gnu-src { + name = "gmp"; + version = "4.3.2"; + hash = "sha256-JJAmw32NfAl0Lq7AbK6EPCwqEWVBYHqvcg9gwuurbaQ="; + }; + mpc-src = fetch-gnu-src { + name = "mpc"; + version = "0.8.1"; + hash = "sha256-RElyn5c1mu18wiPiDC3s2QDss/sTCBM0On492Jk6K6k="; + compression = "gz"; + }; + in + stdenv.mkDerivation + rec { + pname = "gcc-${gnu-target}"; + version = "6.4.0"; + src = fetchzip { + url = "https://ftp.gnu.org/gnu/gcc/gcc-${version}/gcc-${version}.tar.gz"; + hash = "sha256-TkyEvTY36r84a6rQDgvNRdy3W2uIYJ0e+KWquPc9GEs="; + }; + nativeBuildInputs = [ binutils ]; + enableParallelBuilding = true; + hardeningDisable = [ "format" "pie" ]; + sourceRoot = "."; + postUnpack = /* bash */ '' + ln -sf ${mpfr-src} source/mpfr + ln -sf ${gmp-src} source/gmp + ln -sf ${mpc-src} source/mpc + mkdir build && cd build + ''; + configureScript = "../source/configure"; + configureFlags = [ + "--disable-libada" + "--disable-libcilkrt" + "--disable-libcilkrts" + "--disable-libgomp" + "--disable-libquadmath" + "--disable-libquadmath-support" + "--disable-libsanitizer" + "--disable-libssp" + "--disable-libvtv" + "--disable-lto" + "--disable-nls" + "--enable-languages=c,c++" + "--target=${gnu-target}" + "--with-sysroot=${freebsd-base}" + ]; + passthru.linker = "${gnu-target}-gcc"; + }; +in +{ + depsBuildBuild = [ binutils gcc ]; + CARGO_BUILD_TARGET = rust-target; + CARGO_TARGET_X86_64_UNKNOWN_FREEBSD_LINKER = gcc.linker; +} diff --git a/nix/platforms/junos/jetez.nix b/nix/platforms/junos/jetez.nix new file mode 100644 index 0000000..b44e2a8 --- /dev/null +++ b/nix/platforms/junos/jetez.nix @@ -0,0 +1,50 @@ +{ jetez-src, pkgs }: +let + jetez = pkgs.callPackage + ({ src, lib, python3, openssl, cdrtools, ... }: + python3.pkgs.buildPythonApplication { + pname = "jetez"; + version = "v1.0.7"; + inherit src; + buildInputs = [ + openssl + ]; + propagatedBuildInputs = with python3.pkgs; [ + pyyaml + lxml + ]; + makeWrapperArgs = [ + "--prefix PATH : ${lib.makeBinPath [ openssl cdrtools ] }" + ]; + }) + { src = jetez-src; }; + writeManifest = pkg: + pkgs.writeText "${pkg.name}-jet-manifest" /* yaml */ '' + basename: ${pkg.pname} + comment: ${pkg.meta.description} + copyright: "Copyright 2023, Workonline Communications" + arch: "x86" + abi: "64" + files: + - source: ${pkg.out}/bin/${pkg.meta.mainProgram} + destination: /var/db/scripts/jet/${pkg.meta.mainProgram} + ''; +in +{ + mkJetPackage = { pkg, meta, passthru }: + pkgs.runCommand + "${pkg.name}-jet-package" + { inherit meta passthru; } + /* bash */ '' + mkdir -p "$out" + cd "$out" + ${jetez}/bin/jetez \ + --source '.' \ + --version ${pkg.version} \ + --jet ${writeManifest pkg} \ + --cert "/certs/cert.pem" \ + --key "/certs/key.pem" \ + --build "../build" \ + --debug + ''; +} diff --git a/nix/rust.nix b/nix/rust.nix new file mode 100644 index 0000000..e86b185 --- /dev/null +++ b/nix/rust.nix @@ -0,0 +1,45 @@ +{ crane, fenix, pkgs, platforms }: +let + inherit (pkgs) system lib; + inherit (builtins) removeAttrs fromTOML readFile listToAttrs map; + inherit (lib) mapAttrsToList nameValuePair; + + toolchain = with fenix.packages.${system}; combine ([ + stable.rustc + stable.cargo + ] ++ mapAttrsToList + (_: { rustTarget ? null, ... }: + targets.${rustTarget}.stable.rust-std) + (removeAttrs platforms [ "native" ])); + + craneLib = (crane.mkLib pkgs).overrideToolchain toolchain; + + src = craneLib.cleanCargoSource (craneLib.path ./..); + + manifest = fromTOML (readFile (src + "/Cargo.toml")); + +in +{ + buildPackage = + { pname + , bin ? pname + , defaultPlatform ? platforms.native + , extraPlatforms ? [ ] + }: + let + baseArgs = { + inherit pname src; + strictDeps = true; + cargoExtraArgs = "--bin ${bin}"; + meta = { + inherit (manifest.workspace.package) description; + mainProgram = bin; + }; + }; + passthru.platforms = listToAttrs (map + ({ platformName, mkPackage }: + nameValuePair platformName (mkPackage craneLib.buildPackage baseArgs)) + extraPlatforms); + in + defaultPlatform.mkPackage craneLib.buildPackage (baseArgs // { inherit passthru; }); +}