From e5f8b9698f6fd95630f03623c3467126a53dda0c Mon Sep 17 00:00:00 2001 From: Kenichi Kamiya Date: Sat, 23 Mar 2024 10:34:15 +0900 Subject: [PATCH 1/3] Pin bash and asdf-vm versions with Nix for stable development --- .envrc | 3 ++ .github/workflows/ci-dev.yml | 17 ++++--- .github/workflows/dependency-review.yml | 1 + .github/workflows/merge-bot-pr.yml | 23 ++++++++-- .gitignore | 1 + CONTRIBUTING.md | 4 ++ README.md | 1 + flake.lock | 61 +++++++++++++++++++++++++ flake.nix | 41 +++++++++++++++++ 9 files changed, 140 insertions(+), 12 deletions(-) create mode 100644 .envrc create mode 100644 .gitignore create mode 100644 flake.lock create mode 100644 flake.nix diff --git a/.envrc b/.envrc new file mode 100644 index 0000000..b9238c3 --- /dev/null +++ b/.envrc @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +use flake diff --git a/.github/workflows/ci-dev.yml b/.github/workflows/ci-dev.yml index 19571cc..80bff80 100644 --- a/.github/workflows/ci-dev.yml +++ b/.github/workflows/ci-dev.yml @@ -28,11 +28,14 @@ jobs: runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v4 - - uses: asdf-vm/actions/setup@v3 + - uses: DeterminateSystems/nix-installer-action@v10 + - run: nix develop --command echo 'This step should be done before any other "nix develop" steps because of measuring Nix build time' - run: | - asdf plugin-add cargo-make https://github.com/kachick/asdf-cargo-make.git - asdf plugin update cargo-make ${{ github.ref }} # https://github.com/asdf-vm/asdf/issues/1201 - asdf install cargo-make - makers help - makers setup - makers check + nix develop --command bash -c ' + asdf plugin-add cargo-make https://github.com/kachick/asdf-cargo-make.git + asdf plugin update cargo-make ${{ github.ref }} # https://github.com/asdf-vm/asdf/issues/1201 + asdf install cargo-make + makers help + makers setup + makers check + ' diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 9ac2290..14c2ba1 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -19,3 +19,4 @@ jobs: with: # https://spdx.org/licenses/ allow-licenses: MIT, BSD-3-Clause, BSD-2-Clause, 0BSD, Unlicense, ISC, Apache-2.0 + allow-dependencies-licenses: pkg:githubactions/DeterminateSystems/nix-installer-action diff --git a/.github/workflows/merge-bot-pr.yml b/.github/workflows/merge-bot-pr.yml index ba5ef7d..ddbd8d5 100644 --- a/.github/workflows/merge-bot-pr.yml +++ b/.github/workflows/merge-bot-pr.yml @@ -8,22 +8,35 @@ permissions: # actions: read # For private repositories jobs: - dependabot: + judge-dependabot: + timeout-minutes: 5 runs-on: ubuntu-latest + outputs: + merge: ${{ steps.conclusion.outputs.merge }} if: ${{ github.actor == 'dependabot[bot]' }} steps: - name: Dependabot metadata - id: metadata - uses: dependabot/fetch-metadata@v1.6.0 + id: dependabot + uses: dependabot/fetch-metadata@v2.0.0 + - name: Judge + id: conclusion + if: >- + steps.dependabot.outputs.update-type != 'version-update:semver-major' || + contains(steps.dependabot.outputs.dependency-names, 'DeterminateSystems') + run: echo -n 'merge=true' | tee -a "$GITHUB_OUTPUT" + dependabot: + needs: [judge-dependabot] + if: ${{ needs.judge-dependabot.outputs.merge == 'true' }} + timeout-minutes: 30 + runs-on: ubuntu-latest + steps: - name: Wait other jobs - if: ${{steps.metadata.outputs.update-type != 'version-update:semver-major'}} uses: kachick/wait-other-jobs@v2 timeout-minutes: 30 with: retry-method: 'equal_intervals' min-interval-seconds: '15' - name: Approve and merge - if: ${{steps.metadata.outputs.update-type != 'version-update:semver-major'}} run: gh pr review --approve "$PR_URL" && gh pr merge --auto --squash "$PR_URL" env: PR_URL: ${{github.event.pull_request.html_url}} diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..92b2793 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.direnv diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index c859abb..dec46fa 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,5 +1,9 @@ # Contributing +Maintaining this repository assumes that you are not using old versions of bash such as 3.x, which is included in MacOS\ +I recommend using the [Nix package manager](https://nixos.org/) to prepare base environments.\ +This repository contains the [flake.nix](flake.nix). + After installing asdf, running below command in this repo finishes setups. ```console diff --git a/README.md b/README.md index 9a07b98..21355b6 100644 --- a/README.md +++ b/README.md @@ -7,6 +7,7 @@ Tested also [mise](https://github.com/jdx/mise). # Dependencies +- `asdf-vm` or `mise` - `bash`, `curl`, `unzip`: generic POSIX utilities. This plugin requires `unzip` to be installed. diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..2921cfd --- /dev/null +++ b/flake.lock @@ -0,0 +1,61 @@ +{ + "nodes": { + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1711124224, + "narHash": "sha256-l0zlN/3CiodvWDtfBOVxeTwYSRz93muVbXWSpaMjXxM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "56528ee42526794d413d6f244648aaee4a7b56c0", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..93aa3a3 --- /dev/null +++ b/flake.nix @@ -0,0 +1,41 @@ +{ + inputs = { + # Candidate channels + # - https://github.com/kachick/anylang-template/issues/17 + # - https://discourse.nixos.org/t/differences-between-nix-channels/13998 + # How to update the revision + # - `nix flake update --commit-lock-file` # https://nixos.org/manual/nix/stable/command-ref/new-cli/nix3-flake-update.html + nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11"; + flake-utils.url = "github:numtide/flake-utils"; + }; + + outputs = { self, nixpkgs, flake-utils }: + flake-utils.lib.eachDefaultSystem (system: + let + pkgs = nixpkgs.legacyPackages.${system}; + in + { + formatter = pkgs.nixpkgs-fmt; + devShells.default = with pkgs; + mkShell { + buildInputs = [ + # - Use newest bash to avoid darwin old bash problems. For example #139 + # - Avoid https://github.com/NixOS/nix/issues/730#issuecomment-162323824 + bashInteractive + + # Keep minimum tools in nix layer, this repository should depend them with the asdf or mise itself(.tool-versions) + # So written here should be also clarified in [depedndencies](README.md#Dependencies) + curl + unzip + asdf-vm + # Also do not specify mise to avoid conflict with asdf + # mise + ]; + + shellHook = '' + . "${pkgs.asdf-vm}/share/asdf-vm/asdf.sh" + ''; + }; + } + ); +} From c41263bec7310dda452c4596a785356b91c11479 Mon Sep 17 00:00:00 2001 From: Kenichi Kamiya Date: Sat, 23 Mar 2024 10:38:55 +0900 Subject: [PATCH 2/3] `dprint config update --yes && dprint fmt` --- dprint.json | 2 +- scripts/format.bash | 3 +++ scripts/lint.bash | 3 +++ 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/dprint.json b/dprint.json index 90903d2..6585996 100644 --- a/dprint.json +++ b/dprint.json @@ -17,6 +17,6 @@ "https://plugins.dprint.dev/json-0.19.2.wasm", "https://plugins.dprint.dev/markdown-0.16.4.wasm", "https://plugins.dprint.dev/toml-0.6.1.wasm", - "https://plugins.dprint.dev/prettier-0.36.0.json@5cc11bcb86b783ba9e33d171ee5caefe413a6ee31a4f1521592ccb28363412af" + "https://plugins.dprint.dev/prettier-0.39.0.json@896b70f29ef8213c1b0ba81a93cee9c2d4f39ac2194040313cd433906db7bc7c" ] } diff --git a/scripts/format.bash b/scripts/format.bash index 9393f3d..7a18548 100755 --- a/scripts/format.bash +++ b/scripts/format.bash @@ -2,6 +2,9 @@ set -euxo pipefail +# This option don't work in old bash as 3.x that installed in macOS +shopt -s globstar + shfmt --language-dialect bash --write \ ./**/* diff --git a/scripts/lint.bash b/scripts/lint.bash index c4abe78..f53015e 100755 --- a/scripts/lint.bash +++ b/scripts/lint.bash @@ -2,6 +2,9 @@ set -euxo pipefail +# This option don't work in old bash as 3.x that installed in macOS +shopt -s globstar + shellcheck --shell=bash --external-sources \ bin/* --source-path=lib/ \ lib/* \ From 0e491ad2740449cbecaf212976ac2c0f7dcc2b12 Mon Sep 17 00:00:00 2001 From: Kenichi Kamiya Date: Sat, 23 Mar 2024 10:43:02 +0900 Subject: [PATCH 3/3] Use globstar only in scripts/ again --- scripts/format.bash | 2 +- scripts/lint.bash | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/format.bash b/scripts/format.bash index 7a18548..e323e56 100755 --- a/scripts/format.bash +++ b/scripts/format.bash @@ -6,6 +6,6 @@ set -euxo pipefail shopt -s globstar shfmt --language-dialect bash --write \ - ./**/* + ./**/*.bash bin/**/* dprint fmt diff --git a/scripts/lint.bash b/scripts/lint.bash index f53015e..89d9d64 100755 --- a/scripts/lint.bash +++ b/scripts/lint.bash @@ -11,7 +11,7 @@ shellcheck --shell=bash --external-sources \ scripts/* shfmt --language-dialect bash --diff \ - ./**/* + ./**/*.bash bin/**/* dprint check