oceanbox/Poseidon
6
0
Fork 0
Code Issues 48 Pull Requests 6 Actions Packages Projects Releases 149 Wiki Activity

feat: migrate to nix-actions and modernize build infrastructure

Browse Source 
This commit series completes a major infrastructure overhaul:

- Migrate from manual GitHub Actions YAML to nix-actions workflow generation
- Add automated dependency update workflow with scheduled runs
- Add comprehensive Nix package definitions for all components (atlantis, sorcerer, archivist, etc.)
- Create containerized builds with proper Docker support
- Wrap scripts inside nix for better dependency management and shellcheck

The build system now uses pure Nix expressions for both local development
and CI/CD, providing better reproducibility and maintainability.
This commit is contained in:
Moritz Jörg
2025-08-09 12:18:07 +02:00
parent 9b69b91199
commit 27e54a7e1d
38 changed files with 963 additions and 2124 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.envrc
View File

@@ -3,7 +3,7 @@
watch_file npins/sources.json
# Load .env file if it exists
dotenv_if_exists .env
dotenv_if_exists
# Activate development shell
if type -P lorri &>/dev/null; then
@@ -12,3 +12,6 @@ else
echo 'while direnv evaluated .envrc, could not find the command "lorri" [https://github.com/nix-community/lorri]'
use nix
fi
# Shellhooks
eval "$shellHook"

50
.github/workflows/build.yaml vendored Normal file
View File

@@ -0,0 +1,50 @@
###
# This file was automatically generated with nix-actions.
env:
FORCE_COLOR: '1'
jobs:
build-nix:
if: "!contains(github.event.head_commit.message, 'chore(release):') && !startsWith(github.event.head_commit.message,
'WIP:') && !startsWith(github.event.head_commit.message, 'wip:') && !contains(github.event.head_commit.message,
'[ci skip]') && !startsWith(github.event.head_commit.message, 'skip:') && !startsWith(github.event.head_commit.message,
'ci skip:')"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: '0'
- name: Set up Netrc for Package Registry
run: sudo mkdir -p /etc/nix && echo ${{ secrets.NETRC }} | sudo tee /etc/nix/netrc
> /dev/null
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@main
with:
diagnostic-endpoint: ''
github-token: ${{ secrets.GITHUB_TOKEN }}
source-url: https://install.lix.systems/lix/lix-installer-x86_64-linux
- name: Set up Cache
uses: DeterminateSystems/magic-nix-cache-action@main
- name: Build ${{ matrix.package }}
run: nix-build default.nix -A ${{ matrix.package }}
strategy:
matrix:
package:
- containers.atlantis-container
- containers.sorcerer-container
name: Build and Checks
on:
pull_request:
branches:
- main
- master
- review/**
push:
branches:
- main
- master
- review/**
tags:
- v*.*.*
- '*.*.*'
workflow_dispatch: {}

32
.github/workflows/ci.yml vendored
View File

@@ -1,32 +0,0 @@
name: "Build packages and checks"
on:
push:
branches: [main]
pull_request:
merge_group:
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
package: [atlantis-container, sorcerer-container]
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Create .netrc file
run: |
sudo mkdir -p /etc/nix
echo ${{ secrets.NETRC }} | sudo tee /etc/nix/netrc > /dev/null
- uses: DeterminateSystems/nix-installer-action@main
with:
diagnostic-endpoint: ""
source-url: "https://install.lix.systems/lix/lix-installer-x86_64-linux"
- uses: DeterminateSystems/magic-nix-cache-action@main
- name: Build ${{ matrix.package }}
run: nix-build -A ${{ matrix.package }}
env:
FORCE_COLOR: 1

41
.github/workflows/update.yaml vendored Normal file
View File

@@ -0,0 +1,41 @@
###
# This file was automatically generated with nix-actions.
env:
FORCE_COLOR: '1'
jobs:
update:
permissions:
contents: write
issues: write
pull-requests: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Netrc for Package Registry
run: sudo mkdir -p /etc/nix && echo ${{ secrets.NETRC }} | sudo tee /etc/nix/netrc
> /dev/null
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@main
with:
diagnostic-endpoint: ''
github-token: ${{ secrets.GITHUB_TOKEN }}
source-url: https://install.lix.systems/lix/lix-installer-x86_64-linux
- run: "nix-shell -A npins-update --run 'set -o pipefail\nset -o nounset\nset
-o errexit\nnpins update'"
- name: Create PR
uses: peter-evans/create-pull-request@v7
with:
base: main
body: "Automatic npins update performed by GitHub Actions\n"
branch: npins-auto-update
commit-message: 'chore: npins update'
delete-branch: true
title: 'chore: weekly npins update'
token: ${{ secrets.GITHUB_TOKEN }}
name: Update dependencies
on:
schedule:
- cron: 6 6 * * 3
workflow_dispatch: {}

1
.gitignore vendored
View File

@@ -28,3 +28,4 @@ NuGet.Config
sync.list
packages.lock.json
package-lock.json
.deps*

9
README.md
View File

@@ -1,8 +1,13 @@
[![built with nix](https://img.shields.io/badge/built%20with-nix-%235277C3?logo=nixos)](https://nixos.org/)
# Atlantis
# Poseidon
Oceanbox's Single Page Application used for Visualizations and Analysis.
Oceanbox's comprehensive platform for oceanic data visualization, analysis, and processing.
## Documentation
- **[Nix Build System](nix/README.md)** - Comprehensive guide to the Nix-based build system, packages, containers, and workflows
- **[Scripts](scripts/README.md)** - Available utility scripts for development and deployment
## Bootstrapping Guide

33
default.nix
View File

@@ -18,8 +18,12 @@ let
version = builtins.readFile ./VERSION;
in
clean version;
dotnet-sdk = pkgs.dotnetCorePackages.sdk_9_0;
dotnet-runtime = pkgs.dotnetCorePackages.aspnetcore_9_0;
scripts = import ./scripts { inherit pkgs sources; };
packages = import ./nix/packages {
inherit
pkgs
@@ -31,33 +35,20 @@ let
in
rec {
inherit packages;
default = packages.atlantis;
atlantis = packages.atlantis;
poseidon = packages.poseidon;
interfaces = packages.interfaces;
serverpack = packages.serverpack;
dataagent = packages.dataagent;
sorcerer = packages.sorcerer;
common = packages.common;
petimeter = packages.petimeter;
hipster = packages.hipster;
archmaester = packages.archmaester;
archivist = packages.archivist;
atlantis-client = packages.atlantis-client;
inherit scripts;
# Expose atlantis as default packages
default = packages.atlantis;
# Docker and Singurlarity images
containers = pkgs.callPackage ./nix/containers.nix {
inherit
version
inherit (packages)
atlantis
sorcerer
atlantis-client
archivist
;
};
inherit (containers) atlantis-container sorcerer-container archivist-singularity;
checks = {
pre-commit = import ./nix/pre-commit.nix;
inherit version;
};
}

91
nix/README.md Normal file
View File

@@ -0,0 +1,91 @@
# Nix
This directory contains Nix expressions defining the packages, containers and workflows used to run/build Poseidon.
## Directory Structure
```
nix/
├── packages/ # Individual Poseidon service packages
│ ├── default.nix # Entry point - builds all packages with dependencies
│ ├── common.nix
│ ├── serverpack.nix
│ ├── dataagent.nix
│ ├── atlantis.nix
│ ├── atlantis-client.nix
│ ├── atlantis-client.json # Client dependencies metadata
│ ├── atlantis-deps.json # Atlantis backend dependencies metadata
│ ├── sorcerer.nix
│ ├── archivist.nix
│ ├── archmaester.nix
│ ├── petimeter.nix
│ ├── hipster.nix
│ └── bun.nix # JavaScript/TypeScript dependencies via Bun
├── workflows/ # GitHub Actions workflows
│ ├── build.nix
│ └── update.nix
├── containers.nix # Docker & Singularity container definitions
│ ├── atlantis-container
│ ├── sorcerer-container
│ └── archivist-singularity
├── workflows.nix # GitHub Actions workflow orchestration
└── pre-commit.nix # Pre-commit hooks for code quality
```
## Usage
Note: `nix-build` can be switched for `nom-build` for a pretty-printed output (using [Nix Output Monitor](https://github.com/maralorn/nix-output-monitor))
### Building Individual Packages
```bash
# Build a specific service
nix-build -A packages.atlantis
nix-build -A packages.sorcerer
# Build all packages
nix-build -A packages
```
### Building Container Images
```bash
# Build Docker containers
nix-build -A containers.atlantis-container
nix-build -A containers.sorcerer-container
# Build Singularity container for HPC
nix-build -A containers.archivist-singularity
```
### Development Shell
```bash
# Enter development environment
nix-shell
# Or use a specific package's shell
nix-shell -A packages.atlantis
```
### Generating Github Actions
```bash
# Updates the generate workflows in `.githhub/workflows`
nix-shell -A workflows --run "echo Generate"
```
### Running Services
```bash
# Run Atlantis server
./result/bin/atlantis
# Run Sorcerer API
./result/bin/sorcerer
```
## Dependencies
The build system automatically handles:
- .NET SDK and runtime dependencies
- JavaScript packages via Bun
- Private NuGet packages from the Oceanbox registry
- System libraries (NetCDF, etc.)
For updating dependencies, see the [scripts documentation](../scripts/README.md).

4
nix/packages/archivist.nix
View File

@@ -37,9 +37,9 @@ buildDotnetModule' {
;
name = "Archivist";
pname = "Archivist";
src = pkgs.nix-gitignore.gitignoreSource [ ] ../../.;
src = lib.cleanSource ../../.;
projectFile = "src/Archivist/src/Cli/Archivist.fsproj";
nugetDeps = ./atlantis-deps.json; # Using same deps as other packages
nugetDeps = ./atlantis-deps.json;
doCheck = false;
nativeBuildInputs = [

26
nix/packages/atlantis-client.nix
View File

@@ -1,7 +1,7 @@
{
pkgs,
lib,
version,
nix-gitignore,
dotnet-sdk,
dotnet-runtime,
dotnetCorePackages,
@@ -9,12 +9,11 @@
sources ? import ../../npins,
}:
let
# Import bun2nix components
mkBunNodeModules = pkgs.callPackage "${sources.bun2nix}/nix/lib/mkBunNodeModules.nix" { };
mkBunDerivation = pkgs.callPackage "${sources.bun2nix}/nix/lib/mkBunDerivation.nix" {
inherit mkBunNodeModules;
};
buildDotnetModule' = buildDotnetModule.override {
addNuGetDeps = dotnetCorePackages.addNuGetDeps.override {
fetchNupkg = dotnetCorePackages.fetchNupkg.override {
@@ -38,19 +37,19 @@ let
root = ../../.;
pname = "Atlantis-Client";
src = nix-gitignore.gitignoreSource [ ] root;
src = lib.cleanSource root;
nodeDeps = mkBunDerivation {
pname = "atlantis-node-deps";
version = "0.0.0";
src = root;
bunNix = "${root}/bun.nix";
bunNix = ./bun.nix;
# Only install dependencies, don't build
buildPhase = ''
echo "Dependencies installed"
'';
installPhase = ''
mkdir -p $out
cp -r node_modules $out/
@@ -63,7 +62,7 @@ let
pname = "${pname}-client";
projectFile = "src/Atlantis/src/Client/Client.fsproj";
nugetDeps = ./atlantis-client.json;
nugetDeps = ./atlantis-client.json; # nix-build -A packages.atlantis-client.fetch-deps && ./result src/Atlantis/nix/atlantis-client.json
# Skip the default dotnet build since we're using Fable
dontDotnetBuild = true;
@@ -86,13 +85,11 @@ let
export PATH="$PWD/node_modules/.bin:$PATH"
cd src/Atlantis/src/Client
${pkgs.fable}/bin/fable -e .jsx -o build --test:MSBuildCracker --optimize
# popd
# # Run vite from the Atlantis directory with proper config
# pushd src/Atlantis/src/Client
# NOTE(mrtz): Uses fable from nixpkgs instead of dotnet (Could be out of sync).
${pkgs.fable}/bin/fable -e .jsx -o build --test:MSBuildCracker --optimize
# Run vite from the Atlantis directory with proper config.
${pkgs.bun}/bin/bun ../../../../node_modules/.bin/vite build -c ../../vite.config.js --emptyOutDir --outDir dist/public --mode production
# popd
runHook postBuild
'';
@@ -100,6 +97,7 @@ let
installPhase = ''
runHook preInstall
# Copy output (*.js, *.css and *.html) to `/public`.
mkdir -p $out/public
cp -r dist/public/* $out/public/

111
nix/packages/atlantis-deps.json
View File

@@ -188,7 +188,7 @@
"hash": "sha256-WBrMkaiYggkXc3ncnsuMDNflqHCa2+GAWpdOVFdFMP4=",
"url": "https://gitlab.com/api/v4/projects/40255650/packages/nuget/download/fable.signalr.shared/2.1.0/fable.signalr.shared.2.1.0.nupkg"
},
{
{
"pname": "fantomas",
"version": "7.0.2",
"hash": "sha256-BAaENIm/ksTiXrUImRgKoIXTGIlgsX7ch6ayoFjhJXA="
@@ -308,36 +308,21 @@
"version": "3.26.1",
"hash": "sha256-1tHxDuJwwvJWZ3H9ooPFAKuaJIthSdTDlmjHlxH/euc="
},
{
"pname": "Google.Protobuf",
"version": "3.27.3",
"hash": "sha256-Fm3t09sFmKLxs8NrjYO4KEe4ueE+OGAUXsHqsEPTVRI="
},
{
"pname": "Google.Protobuf",
"version": "3.30.2",
"hash": "sha256-GbyaRLeBNyvJrx4+SkgewClk1nCTtdE7sNqnSjk8VBM="
},
{
"pname": "Grpc",
"version": "2.46.6",
"hash": "sha256-UvshzRfdXji+35rPAlS5Kcc5On6OxvFJ0Lbhk+CRQv4="
},
{
"pname": "Grpc.Core",
"version": "2.46.6",
"hash": "sha256-/8HjIi72DMNH8WMCHcinEmNwdHWudZlc3s7K3hEV3tM="
},
{
"pname": "Grpc.Core.Api",
"version": "2.46.6",
"hash": "sha256-HjqMERYygA3hrkPVJ489qMsANGXYxuh/23xbLeBAsLA="
},
{
"pname": "Grpc.Core.Api",
"version": "2.52.0",
"hash": "sha256-ISgN3zWwvV8qD7JFkaYveLbke09+UtUBy3Tux+ZHLNc="
},
{
"pname": "Grpc.Core.Api",
"version": "2.62.0",
"hash": "sha256-I1egi17ENy2ip1DdDeqLjnRVr87E2ls7r+WuGjTn0H8="
},
{
"pname": "Grpc.Core.Api",
"version": "2.71.0",
@@ -353,11 +338,6 @@
"version": "2.62.0",
"hash": "sha256-uEMgIJh2mXcZal2GuNxbaPMjC0rrJik70gIOGbbKT5U="
},
{
"pname": "Grpc.Net.Client",
"version": "2.65.0",
"hash": "sha256-ZTaIuhC7W/Oyr4BGH3TDctdDSwRlNmM8dAd1Us0D7os="
},
{
"pname": "Grpc.Net.Client",
"version": "2.71.0",
@@ -370,8 +350,8 @@
},
{
"pname": "Grpc.Net.Common",
"version": "2.65.0",
"hash": "sha256-WsUmrHumKqamxYu/Ayj2NVg+Q0jervFHy9lJAGb7jTU="
"version": "2.62.0",
"hash": "sha256-a/L4uKYMzZULTzFxbeaAhDmLDKVn2qsP97CTHSjCbxc="
},
{
"pname": "Grpc.Net.Common",
@@ -698,6 +678,11 @@
"version": "9.0.1",
"hash": "sha256-NZV/R7g0CszBcE5Tjhfb2xX9i2rHT+Xc5QaxbhzRsg8="
},
{
"pname": "Microsoft.Extensions.Configuration",
"version": "3.1.0",
"hash": "sha256-KI1WXvnF/Xe9cKTdDjzm0vd5h9bmM+3KinuWlsF/X+c="
},
{
"pname": "Microsoft.Extensions.Configuration",
"version": "6.0.1",
@@ -718,6 +703,11 @@
"version": "2.0.0",
"hash": "sha256-jveXZPNvx30uWT3q80OA1YaSb4K/KGOhlyun97IXn8Y="
},
{
"pname": "Microsoft.Extensions.Configuration.Abstractions",
"version": "3.1.0",
"hash": "sha256-GMxvf0iAiWUWo0awlDczzcxNo8+MITBLp0/SqqYo8Lg="
},
{
"pname": "Microsoft.Extensions.Configuration.Abstractions",
"version": "6.0.0",
@@ -743,6 +733,11 @@
"version": "9.0.2",
"hash": "sha256-icRtfbi0nDRUYDErtKYx0z6A1gWo5xdswsSM6o4ozxc="
},
{
"pname": "Microsoft.Extensions.Configuration.Binder",
"version": "3.1.0",
"hash": "sha256-/B7WjPZPvRM+CPgfaCQunSi2mpclH4orrFxHGLs8Uo4="
},
{
"pname": "Microsoft.Extensions.Configuration.Binder",
"version": "9.0.0",
@@ -753,6 +748,11 @@
"version": "9.0.2",
"hash": "sha256-lYWUfvSnpp9M4N4wIfFnMlB+8K79g9uUa1NXsgnxs0k="
},
{
"pname": "Microsoft.Extensions.DependencyInjection",
"version": "3.1.0",
"hash": "sha256-S72hzDAYWzrfCH5JLJBRtwPEM/Xjh17HwcKuA3wLhvU="
},
{
"pname": "Microsoft.Extensions.DependencyInjection",
"version": "6.0.0",
@@ -783,6 +783,16 @@
"version": "2.0.0",
"hash": "sha256-H1rEnq/veRWvmp8qmUsrQkQIcVlKilUNzmmKsxJ0md8="
},
{
"pname": "Microsoft.Extensions.DependencyInjection.Abstractions",
"version": "2.2.0",
"hash": "sha256-pf+UQToJnhAe8VuGjxyCTvua1nIX8n5NHzAUk3Jz38s="
},
{
"pname": "Microsoft.Extensions.DependencyInjection.Abstractions",
"version": "3.1.0",
"hash": "sha256-cG0XS3ibJ9siu8eaQGJnyRwlEbQ9c/eGCtvPjs7Rdd8="
},
{
"pname": "Microsoft.Extensions.DependencyInjection.Abstractions",
"version": "6.0.0",
@@ -928,6 +938,11 @@
"version": "9.0.2",
"hash": "sha256-HXTlWs/Y6u0YLeN1L74Dq5GKkECbnLJPzJhkjJVoR00="
},
{
"pname": "Microsoft.Extensions.Logging",
"version": "3.1.0",
"hash": "sha256-BDrsqgiLYAphIOlnEuXy6iLoED/ykFO53merHCSGfrQ="
},
{
"pname": "Microsoft.Extensions.Logging",
"version": "6.0.0",
@@ -958,6 +973,11 @@
"version": "3.0.3",
"hash": "sha256-UFawgCAhbN5HCtJy39XO4sz5N/P/Zyrs0uqrQHc4SPI="
},
{
"pname": "Microsoft.Extensions.Logging.Abstractions",
"version": "3.1.0",
"hash": "sha256-D3GHIGN0r6zLHHP2/5jt6hB0oMvRyl5ysvVrPVmmyv8="
},
{
"pname": "Microsoft.Extensions.Logging.Abstractions",
"version": "6.0.0",
@@ -1018,6 +1038,11 @@
"version": "2.2.0",
"hash": "sha256-YBtPoWBEs+dlHPQ7qOmss+U9gnvG0T1irZY8NwD0QKw="
},
{
"pname": "Microsoft.Extensions.Options",
"version": "3.1.0",
"hash": "sha256-0EOsmu/oLAz9WXp1CtMlclzdvs5jea0zJmokeyFnbCo="
},
{
"pname": "Microsoft.Extensions.Options",
"version": "6.0.0",
@@ -1063,6 +1088,11 @@
"version": "2.2.0",
"hash": "sha256-DMCTC3HW+sHaRlh/9F1sDwof+XgvVp9IzAqzlZWByn4="
},
{
"pname": "Microsoft.Extensions.Primitives",
"version": "3.1.0",
"hash": "sha256-K/cDq+LMfK4cBCvKWkmWAC+IB6pEWolR1J5zL60QPvA="
},
{
"pname": "Microsoft.Extensions.Primitives",
"version": "6.0.0",
@@ -1304,11 +1334,6 @@
"version": "2.2.8",
"hash": "sha256-4wKlgwM14Ik6WyB/MBDPKhfx9GHeZD2R20OLyRz2sF0="
},
{
"pname": "Polly",
"version": "7.1.0",
"hash": "sha256-rnp9GSJsm0BScqBlECaJCmtY1ThhrL1pKVHm3ix+p5c="
},
{
"pname": "Polly",
"version": "7.2.4",
@@ -1496,6 +1521,11 @@
"version": "2.7.27",
"hash": "sha256-tQFdpD1EouCnHHbrPHKNd0d4YacqrlRIjltEOZ/7Ok8="
},
{
"pname": "System.Buffers",
"version": "4.4.0",
"hash": "sha256-KTxAhYawFG2V5VX1jw3pzx3IrQXRgn1TsvgjPgxAbqA="
},
{
"pname": "System.Buffers",
"version": "4.5.0",
@@ -1516,6 +1546,11 @@
"version": "7.0.0",
"hash": "sha256-9an2wbxue2qrtugYES9awshQg+KfJqajhnhs45kQIdk="
},
{
"pname": "System.ComponentModel.Annotations",
"version": "4.5.0",
"hash": "sha256-15yE2NoT9vmL9oGCaxHClQR1jLW1j1ef5hHMg55xRso="
},
{
"pname": "System.Composition",
"version": "7.0.0",
@@ -1596,6 +1631,11 @@
"version": "7.0.0",
"hash": "sha256-W2181khfJUTxLqhuAVRhCa52xZ3+ePGOLIPwEN8WisY="
},
{
"pname": "System.Memory",
"version": "4.5.1",
"hash": "sha256-7JhQNSvE6JigM1qmmhzOX3NiZ6ek82R4whQNb+FpBzg="
},
{
"pname": "System.Memory",
"version": "4.5.3",
@@ -1671,6 +1711,11 @@
"version": "4.4.0",
"hash": "sha256-SeTI4+yVRO2SmAKgOrMni4070OD+Oo8L1YiEVeKDyig="
},
{
"pname": "System.Runtime.CompilerServices.Unsafe",
"version": "4.5.1",
"hash": "sha256-Lucrfpuhz72Ns+DOS7MjuNT2KWgi+m4bJkg87kqXmfU="
},
{
"pname": "System.Runtime.CompilerServices.Unsafe",
"version": "6.0.0",

22
nix/packages/atlantis.nix
View File

@@ -1,19 +1,24 @@
{
lib,
version,
dotnet-sdk,
dotnet-runtime,
dotnetCorePackages,
buildDotnetModule,
nix-gitignore,
common,
petimeter,
hipster,
archmaester
# NOTE(mrtz): Used directly instead of as dependencies
# common,
# petimeter,
# hipster,
# archmaester
}:
let
buildDotnetModule' = buildDotnetModule.override {
addNuGetDeps = dotnetCorePackages.addNuGetDeps.override {
fetchNupkg = dotnetCorePackages.fetchNupkg.override {
# NOTE(mrtz): The default way of fetching urls is using curl inside a build sandbox. This is a powerful
# command, but it will not use (and cannot use) a netrc file that is outside of the build sandbox which
# we need to access credentials (netrc) for private nuget registries.
# [ref](https://wiki.nixos.org/wiki/Enterprise)
fetchurl =
{
url,
@@ -40,9 +45,12 @@ buildDotnetModule' {
;
name = "Atlantis";
pname = "Atlantis";
src = nix-gitignore.gitignoreSource [ ] ../../.;
# NOTE(mrtz): Ensures reproducibility and reduces closure size,
# by filtering out irrelevant files and `.git` which changes between commits.
# [ref](https://noogle.dev/f/lib/cleanSource)
src = lib.cleanSource ../../.;
projectFile = "src/Atlantis/src/Server/Server.fsproj";
nugetDeps = ./atlantis-deps.json; # nix-build -A default.fetch-deps && ./result nix/packages/deps.json
nugetDeps = ./atlantis-deps.json; # nix-build -A default.fetch-deps && ./result nix/packages/atlantis-deps.json
doCheck = false;
# buildInputs = [
# common

0
bun.nix → nix/packages/bun.nix
View File

3
nix/packages/common.nix
View File

@@ -5,7 +5,6 @@
dotnet-runtime,
dotnetCorePackages,
buildDotnetModule,
# interfaces,
dataagent,
serverpack,
}:
@@ -41,7 +40,7 @@ buildDotnetModule' {
pname = "Common";
src = lib.cleanSource ../../.;
projectFile = "src/Atlantis/src/Server/Common/Common.fsproj";
nugetDeps = ./atlantis-deps.json; # nix-build -A default.fetch-deps && ./result nix/deps.json
nugetDeps = ./atlantis-deps.json;
doCheck = false;
# buildInputs = [

4
nix/packages/dataagent.nix
View File

@@ -36,9 +36,9 @@ buildDotnetModule' {
;
name = "Oceanbox.DataAgent";
pname = "Oceanbox.DataAgent";
src = lib.cleanSource ../../.; # Point to root to include all project dependencies
src = lib.cleanSource ../../.;
projectFile = "src/DataAgent/src/DataAgent/Oceanbox.DataAgent.fsproj";
nugetDeps = ./deps.json; # nix-build -A dataagent.fetch-deps && ./result src/DataAgent/nix/deps.json
nugetDeps = ./atlantis-deps.json;
doCheck = false;
# packNupkg = true;
}

12
nix/packages/default.nix
View File

@@ -58,10 +58,10 @@ rec {
version
dotnet-sdk
dotnet-runtime
common
petimeter
hipster
archmaester
# common
# petimeter
# hipster
# archmaester
;
};
sorcerer = pkgs.callPackage ./sorcerer.nix {
@@ -69,8 +69,8 @@ rec {
version
dotnet-sdk
dotnet-runtime
dataagent
serverpack
# dataagent
# serverpack
;
};

1939
nix/packages/deps.json
View File

File diff suppressed because it is too large Load Diff

1
nix/packages/hipster.nix
View File

@@ -40,7 +40,6 @@ buildDotnetModule' {
src = lib.cleanSource ../../.;
projectFile = "src/Atlantis/src/Server/Hipster/Hipster.fsproj";
nugetDeps = ./atlantis-deps.json;
# nugetDeps = ./deps.json;
doCheck = false;
buildInputs = [

2
nix/packages/serverpack.nix
View File

@@ -38,6 +38,6 @@ buildDotnetModule' {
pname = "Oceanbox.ServerPack";
src = lib.cleanSource ../../.;
projectFile = "src/ServerPack/src/Oceanbox.ServerPack.fsproj";
nugetDeps = ./deps.json; # nix-build -A serverpack.fetch-deps && ./result src/ServerPack/nix/deps.json
nugetDeps = ./atlantis-deps.json;
# packNupgk = true;
}

12
nix/packages/sorcerer.nix
View File

@@ -1,13 +1,13 @@
{
pkgs,
lib,
version,
dotnet-sdk,
dotnet-runtime,
dotnetCorePackages,
buildDotnetModule,
nix-gitignore,
serverpack,
dataagent,
# NOTE(mrtz): Build as individual packages instead
# serverpack,
# dataagent,
}:
let
buildDotnetModule' = buildDotnetModule.override {
@@ -39,9 +39,9 @@ buildDotnetModule' {
;
name = "Sorcerer";
pname = "Sorcerer";
src = nix-gitignore.gitignoreSource [ ] ../../.;
src = lib.cleanSource ../../.;
projectFile = "src/Sorcerer/src/Server/Sorcerer.fsproj";
nugetDeps = ./atlantis-deps.json; # nix-build -A sorcerer.fetch-deps && ./result src/Sorcerer/nix/deps.json
nugetDeps = ./atlantis-deps.json;
doCheck = false;
# buildInputs = [
# serverpack

10
nix/pre-commit.nix
View File

@@ -9,7 +9,7 @@ let
pre-commit = import sources.pre-commit;
in
pre-commit.run {
src = ./.;
src = ../.;
# Do not run at pre-commit time
default_stages = [
"pre-push"
@@ -19,11 +19,15 @@ pre-commit.run {
enable = true;
package = pkgs.nixfmt-rfc-style;
};
statix = {
enable = true;
settings.ignore = [ "npins/default.nix" ];
};
fantomas = {
enable = true;
name = "fantomas";
entry = "${pkgs.fantomas}/bin/fantomas src example";
files = "(\\.fs$)|(\\.fsx$)";
entry = "${pkgs.fantomas}/bin/fantomas src";
files = "(\\.fs$)|(\\.fsx$)|(\\.fsi$)";
};
};
}

28
nix/workflows.nix Normal file
View File

@@ -0,0 +1,28 @@
let
sources = import ../npins;
system = builtins.currentSystem;
pkgs = import sources.nixpkgs {
inherit system;
config = { };
overlays = [ ];
};
nix-actions = import sources.nix-actions { inherit pkgs; };
lib = pkgs.lib;
in
nix-actions.install {
src = ../.;
platform = "github";
workflows = lib.mapAttrs' (
name: _:
lib.nameValuePair (lib.removeSuffix ".nix" name) (
let
w = import ./workflows/${name};
args = {
inherit nix-actions;
inherit (pkgs) lib;
};
in
if (lib.isFunction w) then (w args) else w
)
) (builtins.readDir ./workflows);
}

70
nix/workflows/build.nix Normal file
View File

@@ -0,0 +1,70 @@
{ nix-actions, ... }:
let
inherit (nix-actions.lib) expr secret;
in
{
name = "Build and Checks";
on = {
push = {
branches = [ "main" "master" "review/**" ];
tags = [ "v*.*.*" "*.*.*" ];
};
pull_request = {
branches = [ "main" "master" "review/**" ];
};
workflow_dispatch = {};
};
env = {
FORCE_COLOR = "1";
};
jobs = {
build-nix = {
runs-on = "ubuntu-latest";
"if" = "!contains(github.event.head_commit.message, 'chore(release):') && !startsWith(github.event.head_commit.message, 'WIP:') && !startsWith(github.event.head_commit.message, 'wip:') && !contains(github.event.head_commit.message, '[ci skip]') && !startsWith(github.event.head_commit.message, 'skip:') && !startsWith(github.event.head_commit.message, 'ci skip:')";
strategy = {
matrix = {
package = [
"containers.atlantis-container"
"containers.sorcerer-container"
];
};
};
steps = [
{
name = "Checkout";
uses = "actions/checkout@v4";
"with".fetch-depth = "0"; # Fetch all history for all branches and tags
}
{
name = "Set up Netrc for Package Registry";
run = "sudo mkdir -p /etc/nix && echo ${secret "NETRC"} | sudo tee /etc/nix/netrc > /dev/null";
}
{
name = "Install Nix";
uses = "DeterminateSystems/nix-installer-action@main";
"with" = {
github-token = secret "GITHUB_TOKEN";
diagnostic-endpoint = "";
source-url = "https://install.lix.systems/lix/lix-installer-x86_64-linux";
};
}
{
name = "Set up Cache";
uses = "DeterminateSystems/magic-nix-cache-action@main";
}
# {
# name = "Set up cachix";
# uses = "cachix/cachix-action@v16";
# "with" = {
# name = "poseidon";
# authToken = "\${{ secrets.CACHIX_AUTH_TOKEN }}";
# };
# }
{
name = "Build ${expr "matrix.package"}";
run = "nix-build default.nix -A ${expr "matrix.package"}";
}
];
};
};
}

84
nix/workflows/update.nix Normal file
View File

@@ -0,0 +1,84 @@
{ nix-actions, ... }:
let
inherit (nix-actions.lib) nix-shell secret;
in
{
name = "Update dependencies";
on = {
schedule = [
# Run at 06:06 on Wednesday
# This should avoid spikes in usage caused by other scheduled jobs
{ cron = "6 6 * * 3"; }
];
# Allow manual trigger
workflow_dispatch = { };
};
env = {
FORCE_COLOR = "1";
};
jobs = {
update = {
runs-on = "ubuntu-latest";
permissions = {
contents = "write";
pull-requests = "write";
issues = "write";
};
steps = [
{
uses = "actions/checkout@v4";
"with".fetch-depth = 0;
}
{
name = "Set up Netrc for Package Registry";
run = "sudo mkdir -p /etc/nix && echo ${secret "NETRC"} | sudo tee /etc/nix/netrc > /dev/null";
}
{
name = "Install Nix";
uses = "DeterminateSystems/nix-installer-action@main";
"with" = {
github-token = secret "GITHUB_TOKEN";
diagnostic-endpoint = "";
source-url = "https://install.lix.systems/lix/lix-installer-x86_64-linux";
};
}
{
run = nix-shell {
script = "npins update";
shell = "npins-update";
};
}
# {
# name = "Update dependencies";
# run = nix-shell {
# script = ''
# set -o pipefail
# set -o nounset
# set -o errexit
# # Build and run the update-deps script
# nix-build -A scripts.update-deps --no-out-link
# ./result/bin/update-deps --no-backup
# '';
# shell = "";
# };
# }
{
name = "Create PR";
uses = "peter-evans/create-pull-request@v7";
"with" = {
token = secret "GITHUB_TOKEN";
commit-message = "chore: npins update";
title = "chore: weekly npins update";
body = ''
Automatic npins update performed by GitHub Actions
'';
branch = "npins-auto-update";
delete-branch = true;
base = "main";
};
}
];
};
};
}

25
npins/sources.json
View File

@@ -16,11 +16,26 @@
"url": "https://api.github.com/repos/baileyluTCD/bun2nix/tarball/1.5.1",
"hash": "0qqcq6dv63m3v567j7w9h7hlaj1xwnj7crw444y2cbil6h0mqjmd"
},
"nix-actions": {
"type": "GitRelease",
"repository": {
"type": "Git",
"url": "https://git.dgnum.eu/DGNum/nix-actions.git"
},
"pre_releases": false,
"version_upper_bound": null,
"release_prefix": null,
"submodules": false,
"version": "v0.5.1",
"revision": "06847b3256df402da0475dccb290832ec92a9f8c",
"url": null,
"hash": "03s87spp56n1xpd14xp7j84619zpv2xxz1jj83iclzclm1s9j4yv"
},
"nixpkgs": {
"type": "Channel",
"name": "nixpkgs-unstable",
"url": "https://releases.nixos.org/nixpkgs/nixpkgs-25.11pre839900.cab778239e70/nixexprs.tar.xz",
"hash": "1zy44bvlzw42wmnhymz4kwmkv6bg2xmyxyaig8sfl2vd8i6mqirs"
"url": "https://releases.nixos.org/nixpkgs/nixpkgs-25.11pre841951.1ef586712f85/nixexprs.tar.xz",
"hash": "04wnfjdvdd5ng2js5n2h8ind5j85ml6c60rza063ra26qsmcaakl"
},
"pre-commit": {
"type": "Git",
@@ -31,9 +46,9 @@
},
"branch": "master",
"submodules": false,
"revision": "16ec914f6fb6f599ce988427d9d94efddf25fe6d",
"url": "https://github.com/cachix/git-hooks.nix/archive/16ec914f6fb6f599ce988427d9d94efddf25fe6d.tar.gz",
"hash": "065m86nm89vv29anqb0a8bp3y877q80nadsfqnjlvz70gnjfj9n2"
"revision": "9c52372878df6911f9afc1e2a1391f55e4dfc864",
"url": "https://github.com/cachix/git-hooks.nix/archive/9c52372878df6911f9afc1e2a1391f55e4dfc864.tar.gz",
"hash": "1w51bksfkzp7s7sr6d79lj6m493kikh0rim1qw953i9x8k8a1b3k"
}
},
"version": 5

20
scripts/README.md Normal file
View File

@@ -0,0 +1,20 @@
# Scripts
Development helper scripts.
```
├── update-deps.sh
│ └─ Updates dependencies for the Poseidon project, including both .NET and npm.
├── configure-manifests.sh
│ └─ Configures Kubernetes manifests by replacing placeholders and applying them to a namespace.
├── get-barentswatch-token.sh
│ └─ Retrieves an authentication token from the Barentswatch API using client credentials.
├── init-namespace.sh
│ └─ Creates a Kubernetes namespace if it doesn't already exist.
├── run_lgtm.sh
│ └─ Runs the LGTM (Loki, Grafana, Tempo, Mimir) observability stack in Docker.
├── start-postgres.sh
│ └─ Starts a PostgreSQL development server using Docker with persistent volume.
└── trackFga.sh
└─ Toggles Fine-Grained Authorization tracking in the Archmaester service.
```

12
scripts/configure-manifests.sh
View File

@@ -1,8 +1,8 @@
#!/usr/bin/env bash
top="$(cd "$(dirname "$BASH_SOURCE[0]")" >/dev/null 2>&1 && pwd)"
top="$(cd "$(dirname "${BASH_SOURCE[0]}")" >/dev/null 2>&1 && pwd)"
if [ $# = 1 -o $# = 2 ]; then
if [ $# = 1 ] || [ $# = 2 ]; then
env=$1
ns=${2:-atlantis}
else
@@ -10,10 +10,10 @@ else
exit 1
fi
$top/init-namespace.sh $ns
"$top/init-namespace.sh" "$ns"
if [ -d $top/../manifests ]; then
for i in $top/../manifests/*.yaml; do
sed "s/<x>-/$env-/g" $i | kubectl apply -n $ns -f -
if [ -d "$top/../manifests" ]; then
for i in "$top"/../manifests/*.yaml; do
sed "s/<x>-/$env-/g" "$i" | kubectl apply -n "$ns" -f -
done
fi

62
scripts/default.nix Normal file
View File

@@ -0,0 +1,62 @@
{ sources, pkgs }:
let
inherit (pkgs.lib) mapAttrs;
inherit (pkgs)
writeShellApplication
jaq
fd
ripgrep
coreutils
kubectl
curl
gnused
;
bun2nix = import "${sources.bun2nix}/nix/package.nix" {
flake = sources.bun2nix;
inherit pkgs;
};
scripts = {
update-deps = [
jaq
coreutils
fd
ripgrep
bun2nix
];
configure-manifests = [
coreutils
kubectl
gnused
];
get-barentswatch-token = [
curl
];
init-namespace = [
kubectl
coreutils
];
run_lgtm = [
ripgrep
coreutils
];
start-postgres = [
coreutils
];
trackFga = [
curl
];
};
self = mapAttrs (
name: runtimeInputs:
writeShellApplication {
inherit name runtimeInputs;
text = builtins.readFile ./${name}.sh;
}
) scripts;
in
self

4
scripts/init-namespace.sh
View File

@@ -3,7 +3,7 @@
ns=${1:-oceanbox}
init_namespace() {
kubectl create ns $ns
kubectl create ns "$ns"
}
kubectl get ns $ns > /dev/null 2>&1 || init_namespace
kubectl get ns "$ns" > /dev/null 2>&1 || init_namespace

4
scripts/run_lgtm.sh
View File

@@ -1,8 +1,6 @@
#!/bin/sh
docker ps 2>&1 | grep -q zipkin
if [ $? = 0 ]; then
if docker ps 2>&1 | grep -q zipkin; then
echo "Please stop the running Zipkin Docker instance and try again"
exit 1
fi

3
scripts/start-postgres.sh
View File

@@ -2,8 +2,7 @@
echo "Starting postgresql server with docker"
docker volume inspect archmaester_dev > /dev/null 2>&1
if [ $? -ne 0 ]; then
if ! docker volume inspect archmaester_dev > /dev/null 2>&1; then
echo -n "Creating separate dev volume"
docker volume create archmaester_dev
fi

2
scripts/trackFga.sh
View File

@@ -8,4 +8,4 @@ esac
curl \
-H "Authorization: bearer $ARCHMAESTER_AUTH" \
-d "$toggle" \
https://$USER-atlantis.dev.oceanbox.io/internal/trackFga
"https://${USER}-atlantis.dev.oceanbox.io/internal/trackFga"

299
scripts/update-deps.sh Executable file
View File

@@ -0,0 +1,299 @@
#!/usr/bin/env bash
set -o errexit
set -o nounset
set -o pipefail
shopt -s lastpipe
# Determine project root - handle both direct execution and nix result execution
if [[ "${BASH_SOURCE[0]}" == */result/bin/* ]]; then
# Running from nix result, find project root by looking for default.nix
PROJECT_ROOT="$(pwd)"
while [[ "$PROJECT_ROOT" != "/" && ! -f "$PROJECT_ROOT/default.nix" ]]; do
PROJECT_ROOT="$(dirname "$PROJECT_ROOT")"
done
if [[ ! -f "$PROJECT_ROOT/default.nix" ]]; then
echo "Error: Could not find project root with default.nix" >&2
exit 1
fi
else
# Running directly from scripts directory
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
fi
PACKAGES_DIR="$PROJECT_ROOT/nix/packages"
info() {
echo -e "\033[36m[INFO]\033[0m $*"
}
success() {
echo -e "\033[32m[SUCCESS]\033[0m $*"
}
error() {
echo -e "\033[31m[ERROR]\033[0m $*"
}
warn() {
echo -e "\033[33m[WARN]\033[0m $*"
}
declare -A PRIVATE_DEPS=(
["Drifters.Api"]="https://gitlab.com/api/v4/projects/37086336/packages/nuget/download/drifters.api"
["Fable.SignalR.AspNetCore"]="https://gitlab.com/api/v4/projects/40255650/packages/nuget/download/fable.signalr.aspnetcore"
["Fable.SignalR.Saturn"]="https://gitlab.com/api/v4/projects/40255650/packages/nuget/download/fable.signalr.saturn"
["Fable.SignalR.Shared"]="https://gitlab.com/api/v4/projects/40255650/packages/nuget/download/fable.signalr.shared"
["Fable.SignalR"]="https://gitlab.com/api/v4/projects/40255650/packages/nuget/download/fable.signalr"
["Fable.SignalR.Elmish"]="https://gitlab.com/api/v4/projects/40255650/packages/nuget/download/fable.signalr.elmish"
["Fable.Lit"]="https://gitlab.com/api/v4/projects/61744837/packages/nuget/download/fable.lit"
["Fable.Lit.Elmish"]="https://gitlab.com/api/v4/projects/61744837/packages/nuget/download/fable.lit.elmish"
["Fable.Lit.React"]="https://gitlab.com/api/v4/projects/61744837/packages/nuget/download/fable.lit.react"
["Fable.OpenLayers"]="https://gitlab.com/api/v4/projects/36202053/packages/nuget/download/fable.openlayers"
["Oceanbox.FvcomKit"]="https://gitlab.com/api/v4/projects/35569541/packages/nuget/download/oceanbox.fvcomkit"
["ProjNet.FSharp"]="https://gitlab.com/api/v4/projects/35009572/packages/nuget/download/projnet.fsharp"
["SDSLite.Oceanbox"]="https://gitlab.com/api/v4/projects/34025102/packages/nuget/download/sdslite.oceanbox"
["Matplotlib.ColorMaps"]="https://gitlab.com/api/v4/projects/36675671/packages/nuget/download/matplotlib.colormaps"
)
# Function to add private URLs to a .NET deps JSON file
add_private_urls() {
local json_file="$1"
local temp_file="${json_file}.tmp"
info "Processing private URLs for $json_file"
# NOTE: Thanks in large to Claude :) for this monstrosity
# shellcheck disable=SC2016
local jaq_filter='map(if $private_deps[.pname] then . + {"url": ($url_map[.pname] + "/" + (.version | ascii_downcase) + "/" + (.pname | ascii_downcase) + "." + (.version | ascii_downcase) + ".nupkg")} else . end)'
jaq --argjson private_deps "$(printf '%s\n' "${!PRIVATE_DEPS[@]}" | jaq -R . | jaq -s 'map({key: ., value: 1}) | from_entries')" \
--argjson url_map "$(for pkg in "${!PRIVATE_DEPS[@]}"; do
echo "{\"$pkg\": \"${PRIVATE_DEPS[$pkg]}\"}"
done | jaq -s 'add')" \
"$jaq_filter" "$json_file" > "$temp_file"
if [[ -s "$temp_file" ]]; then
mv "$temp_file" "$json_file"
success "Updated private URLs in $json_file"
else
error "Failed to update $json_file"
rm -f "$temp_file"
return 1
fi
}
# Function to update .NET dependencies
update_dotnet_deps() {
local package_name="$1"
local json_file="$2"
info "Updating .NET dependencies for $package_name"
cd "$PROJECT_ROOT"
# Run nix-build to generate new dependencies
if nix-build -A "packages.$package_name.fetch-deps" --no-out-link > /dev/null 2>&1; then
local result_path
result_path=$(nix-build -A "packages.$package_name.fetch-deps" --no-out-link)
# Run the result to update the JSON file
if "$result_path" "$json_file"; then
success "Generated new dependencies for $package_name"
# Add private URLs if this JSON file has any
if [[ -f "$json_file" ]]; then
add_private_urls "$json_file"
fi
else
error "Failed to generate dependencies for $package_name"
return 1
fi
else
error "Failed to build fetch-deps for $package_name"
return 1
fi
}
# Function to update bun dependencies
update_bun_deps() {
info "Updating bun dependencies"
cd "$PROJECT_ROOT"
# Check if bun2nix is available
if ! command -v bun2nix &> /dev/null; then
error "bun2nix not found in PATH. Please ensure bun2nix is installed."
return 1
fi
# Update bun.nix from the project root where package.json and bun.lock are located
if bun2nix --lock-file "$PROJECT_ROOT/bun.lock" -o "$PACKAGES_DIR/bun.nix"; then
success "Updated bun.nix"
else
error "Failed to update bun.nix"
return 1
fi
}
# Function to backup files
backup_files() {
local timestamp
timestamp=$(date +%Y%m%d_%H%M%S)
local backup_dir="$PROJECT_ROOT/.deps_backup_$timestamp"
info "Creating backup in $backup_dir"
mkdir -p "$backup_dir"
cp "$PACKAGES_DIR/atlantis-deps.json" "$backup_dir/" 2>/dev/null || true
cp "$PACKAGES_DIR/atlantis-client.json" "$backup_dir/" 2>/dev/null || true
cp "$PACKAGES_DIR/bun.nix" "$backup_dir/" 2>/dev/null || true
success "Backup created in $backup_dir"
}
# Function to show usage
usage() {
cat << EOF
Usage: $0 [OPTIONS]
Update Poseidon project dependencies including .NET packages and bun dependencies.
OPTIONS:
-h, --help Show this help message
-b, --backup Create backup before updating (default: true)
--no-backup Skip creating backup
--atlantis-only Update only atlantis dependencies
--client-only Update only atlantis-client dependencies
--bun-only Update only bun dependencies
--dry-run Show what would be updated without making changes
EXAMPLES:
$0 Update all dependencies
$0 --atlantis-only Update only atlantis server dependencies
$0 --bun-only Update only JavaScript dependencies
$0 --dry-run Preview changes without applying them
EOF
}
main() {
local create_backup=true
local update_atlantis=true
local update_client=true
local update_bun=true
local dry_run=false
while [[ $# -gt 0 ]]; do
case $1 in
-h|--help)
usage
exit 0
;;
-b|--backup)
create_backup=true
shift
;;
--no-backup)
create_backup=false
shift
;;
--atlantis-only)
update_client=false
update_bun=false
shift
;;
--client-only)
update_atlantis=false
update_bun=false
shift
;;
--bun-only)
update_atlantis=false
update_client=false
shift
;;
--dry-run)
dry_run=true
shift
;;
*)
error "Unknown option: $1"
usage
exit 1
;;
esac
done
info "Starting dependency update process"
if [[ "$dry_run" == "true" ]]; then
warn "DRY RUN MODE - No files will be modified"
if [[ "$update_atlantis" == "true" ]]; then
info "Would update: atlantis-deps.json"
fi
if [[ "$update_client" == "true" ]]; then
info "Would update: atlantis-client.json"
fi
if [[ "$update_bun" == "true" ]]; then
info "Would update: bun.nix"
fi
exit 0
fi
# Verify we're in the right directory
if [[ ! -f "$PROJECT_ROOT/default.nix" ]] || [[ ! -d "$PACKAGES_DIR" ]]; then
error "This script must be run from the Poseidon project root or scripts directory"
exit 1
fi
# Check dependencies
if ! command -v jaq &> /dev/null; then
error "jaq not found in PATH. Please install jaq."
exit 1
fi
if ! command -v nix-build &> /dev/null; then
error "nix-build not found in PATH. Please install Nix."
exit 1
fi
# Create backup if requested
if [[ "$create_backup" == "true" ]]; then
backup_files
fi
# Update dependencies
local exit_code=0
if [[ "$update_atlantis" == "true" ]]; then
if ! update_dotnet_deps "atlantis" "$PACKAGES_DIR/atlantis-deps.json"; then
exit_code=1
fi
fi
if [[ "$update_client" == "true" ]]; then
if ! update_dotnet_deps "atlantis-client" "$PACKAGES_DIR/atlantis-client.json"; then
exit_code=1
fi
fi
if [[ "$update_bun" == "true" ]]; then
if ! update_bun_deps; then
exit_code=1
fi
fi
if [[ $exit_code -eq 0 ]]; then
success "All dependency updates completed successfully!"
info "You may want to commit these changes:"
info " git add nix/packages/"
info " git commit -m 'chore: update dependencies'"
else
error "Some dependency updates failed. Check the output above."
fi
exit $exit_code
}
main "$@"

44
shell.nix
View File

@@ -6,30 +6,44 @@
config = { };
overlays = [ ];
},
pre-commit ? import ./nix/pre-commit.nix,
workflows ? import ./nix/workflows.nix,
}:
let
dotnet-sdk = pkgs.dotnetCorePackages.sdk_9_0_3xx;
k8s-packages = [
# NOTE(mrtz): Should match the version in `default.nix`
dotnet-sdk = pkgs.dotnetCorePackages.sdk_9_0;
in
pkgs.mkShellNoCC {
# .NET
buildInputs = [ dotnet-sdk ];
packages = [
# JavaScript
pkgs.bun
pkgs.nodejs-slim
# Development tools
pkgs.npins
pkgs.mkcert
pkgs.dive
pkgs.nix-output-monitor
# Kubernetes tools
pkgs.tilt
pkgs.dapr-cli
pkgs.kustomize
pkgs.kubernetes-helm
];
in
pkgs.mkShellNoCC {
buildInputs = [ dotnet-sdk ];
packages = [
pkgs.bun
pkgs.npins
pkgs.mkcert
pkgs.nodejs-slim
pkgs.dive
]
++ k8s-packages;
# Environment variables
DOTNET_ROOT = dotnet-sdk;
DOTNET_CLI_TELEMETRY_OPTOUT = "true";
LOG_LEVEL = "verbose";
# Alternative shells
passthru = pkgs.lib.mapAttrs (name: value: pkgs.mkShellNoCC (value // { inherit name; })) {
pre-commit.shellHook = pre-commit.shellHook;
workflows.shellHook = workflows.shellHook;
npins-update.packages = [ pkgs.npins ];
};
}

7
src/Archivist/shell.nix
View File

@@ -1,11 +1,6 @@
{
sources ? import ./../../npins,
system ? builtins.currentSystem,
pkgs ? import sources.nixpkgs {
inherit system;
config = { };
overlays = [ ];
},
pkgs ? import sources.nixpkgs { },
}:
let
port = 9000;

7
src/Atlantis/shell.nix
View File

@@ -1,11 +1,6 @@
{
sources ? import ./../../npins,
system ? builtins.currentSystem,
pkgs ? import sources.nixpkgs {
inherit system;
config = { };
overlays = [ ];
},
pkgs ? import sources.nixpkgs { },
}:
let
port = 8000;

1
src/Atlantis/src/Server/Server.fsproj
View File

@@ -29,6 +29,7 @@
<PackageReference Include="Dapr.Actors.AspNetCore" Version="1.15.4"/>
<PackageReference Include="Dapr.AspNetCore" Version="1.15.4"/>
<PackageReference Include="Dapr.Client" Version="1.15.4"/>
<PackageReference Include="Fargo.CmdLine" Version="1.7.5"/>
<PackageReference Include="Fable.Remoting.DotnetClient" Version="3.35.0"/>
<PackageReference Include="Fable.Remoting.Giraffe" Version="5.21.0"/>
<PackageReference Include="Fable.Remoting.MsgPack" Version="1.24.0"/>

7
src/Sorcerer/shell.nix
View File

@@ -1,11 +1,6 @@
{
sources ? import ./../../npins,
system ? builtins.currentSystem,
pkgs ? import sources.nixpkgs {
inherit system;
config = { };
overlays = [ ];
},
pkgs ? import sources.nixpkgs { },
}:
let
port = 9000;