diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
new file mode 100644
index 0000000..1f0cde0
--- /dev/null
+++ b/.devcontainer/Dockerfile
@@ -0,0 +1,66 @@
+# SPDX-FileCopyrightText: 2022 X-Truder <jaka@x-truder.net>
+# SPDX-FileCopyrightText: 2022 Félix Robles <felix@sequentech.io>
+#
+# SPDX-License-Identifier: MIT
+
+# Reuse a base image made for devcontainers.
+FROM mcr.microsoft.com/vscode/devcontainers/base:bullseye
+
+# update and install base packages
+RUN apt update -y
+RUN apt -y install --no-install-recommends \
+ sudo \
+ ca-certificates \
+ psmisc \
+ procps \
+ less \
+ xz-utils \
+ vim-tiny \
+ nano \
+ curl \
+ git \
+ ssh \
+ direnv \
+ gnupg2 \
+ iproute2 \
+ inetutils-ping \
+ rsync \
+ lsb-release \
+ dialog \
+ locales \
+ man-db \
+ bash-completion
+
+# create at least locae for en_US.UTF-8
+RUN echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen && locale-gen
+
+# create non-root user and group and add it sudoers
+ARG USERNAME=vscode
+RUN echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/devcontainer && \
+ chmod 0440 /etc/sudoers.d/devcontainer
+
+# copy nix configuration
+COPY etc/nix.conf /etc/nix/nix.conf
+
+# install nix
+ARG NIX_INSTALL_SCRIPT=https://nixos.org/nix/install
+RUN curl -L ${NIX_INSTALL_SCRIPT} | sudo -u ${USERNAME} NIX_INSTALLER_NO_MODIFY_PROFILE=1 sh
+
+# install devcontainer extra profile that loads nix and has vscode user env probe
+COPY etc/devcontainer.sh /etc/profile.d/devcontainer.sh
+
+# install bash config
+COPY etc/bash.bashrc /etc/bash.bashrc
+
+# set env for non interactve shell to load nix
+COPY etc/envrc /etc/envrc
+ENV ENV="/etc/envrc" BASH_ENV="/etc/envrc"
+
+# copy direnv config and set conig path
+COPY etc/direnv.toml /etc
+ENV DIRENV_CONFIG=/etc
+
+USER ${USERNAME}
+
+# cache /nix
+VOLUME /nix
\ No newline at end of file
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
new file mode 100644
index 0000000..ca9b4cb
--- /dev/null
+++ b/.devcontainer/devcontainer.json
@@ -0,0 +1,26 @@
+// For format details, see https://aka.ms/vscode-remote/devcontainer.json or the definition README at
+// https://github.com/microsoft/vscode-dev-containers/tree/master/containers/docker-existing-dockerfile
+{
+ "name": "strand-project",
+ "dockerFile": "Dockerfile",
+ "containerEnv": {
+ "PROJECT_DIR": "${containerWorkspaceFolder}"
+ },
+
+ "userEnvProbe": "loginShell",
+ //"updateRemoteUserUID": false,
+
+ // build development environment on creation
+ "onCreateCommand": "nix develop --command bash -c 'echo done building nix dev environment'",
+
+ // Add the IDs of extensions you want installed when the container is created.
+ "extensions": [
+ // select nix environment
+ "arrterian.nix-env-selector",
+ // extra extensions
+ "jnoortheen.nix-ide",
+ "rust-lang.rust",
+ "yzhang.markdown-all-in-one",
+ "bungcip.better-toml"
+ ]
+ }
\ No newline at end of file
diff --git a/.devcontainer/devcontainer.json.license b/.devcontainer/devcontainer.json.license
new file mode 100644
index 0000000..838c445
--- /dev/null
+++ b/.devcontainer/devcontainer.json.license
@@ -0,0 +1,4 @@
+SPDX-FileCopyrightText: 2022 X-Truder <jaka@x-truder.net>
+SPDX-FileCopyrightText: 2022 Felix Robles <felix@sequentech.io>
+
+SPDX-License-Identifier: MIT
\ No newline at end of file
diff --git a/.devcontainer/etc/bash.bashrc b/.devcontainer/etc/bash.bashrc
new file mode 100644
index 0000000..0cd24c6
--- /dev/null
+++ b/.devcontainer/etc/bash.bashrc
@@ -0,0 +1,34 @@
+# SPDX-FileCopyrightText: 2022 X-Truder <jaka@x-truder.net>
+# SPDX-FileCopyrightText: 2022 Félix Robles <felix@sequentech.io>
+#
+# SPDX-License-Identifier: MIT
+
+# System-wide .bashrc file for interactive bash(1) shells.
+
+# To enable the settings / commands in this file for login shells as well,
+# this file has to be sourced in /etc/profile.
+
+[[ $ENVRC_RUN != yes ]] && source /etc/envrc
+
+# If not running interactively, don't do anything
+[ -z "$PS1" ] && return
+
+# check the window size after each command and, if necessary,
+# update the values of LINES and COLUMNS.
+shopt -s checkwinsize
+
+# set variable identifying the chroot you work in (used in the prompt below)
+if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then
+ debian_chroot=$(cat /etc/debian_chroot)
+fi
+
+# set a fancy prompt (non-color, overwrite the one in /etc/profile)
+# but only if not SUDOing and have SUDO_PS1 set; then assume smart user.
+if ! [ -n "${SUDO_USER}" -a -n "${SUDO_PS1}" ]; then
+ PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
+fi
+
+# load direnv hook if not running as root
+if ! [ $(id -u) = 0 ]; then
+ eval "$(direnv hook bash)"
+fi
diff --git a/.devcontainer/etc/devcontainer.sh b/.devcontainer/etc/devcontainer.sh
new file mode 100644
index 0000000..089dd41
--- /dev/null
+++ b/.devcontainer/etc/devcontainer.sh
@@ -0,0 +1,4 @@
+
+#!/bin/bash
+
+[[ $ENVRC_RUN != yes ]] && source /etc/envrc
\ No newline at end of file
diff --git a/.devcontainer/etc/devcontainer.sh.license b/.devcontainer/etc/devcontainer.sh.license
new file mode 100644
index 0000000..838c445
--- /dev/null
+++ b/.devcontainer/etc/devcontainer.sh.license
@@ -0,0 +1,4 @@
+SPDX-FileCopyrightText: 2022 X-Truder <jaka@x-truder.net>
+SPDX-FileCopyrightText: 2022 Felix Robles <felix@sequentech.io>
+
+SPDX-License-Identifier: MIT
\ No newline at end of file
diff --git a/.devcontainer/etc/direnv.toml b/.devcontainer/etc/direnv.toml
new file mode 100644
index 0000000..3e7093e
--- /dev/null
+++ b/.devcontainer/etc/direnv.toml
@@ -0,0 +1,18 @@
+# SPDX-FileCopyrightText: 2022 X-Truder <jaka@x-truder.net>
+# SPDX-FileCopyrightText: 2022 Félix Robles <felix@sequentech.io>
+#
+# SPDX-License-Identifier: MIT
+
+# direnv global config
+
+[global]
+
+# increase warn timeout to 30 minutes, as it can take
+# long time to load all nix dependencies
+warn_timeout = "30m"
+
+bash_path = "/bin/bash"
+
+# whitelist all paths, since we are running in container
+[whitelist]
+prefix = [ "/" ]
\ No newline at end of file
diff --git a/.devcontainer/etc/envrc b/.devcontainer/etc/envrc
new file mode 100644
index 0000000..e71707a
--- /dev/null
+++ b/.devcontainer/etc/envrc
@@ -0,0 +1,19 @@
+# SPDX-FileCopyrightText: 2022 X-Truder <jaka@x-truder.net>
+# SPDX-FileCopyrightText: 2022 Félix Robles <felix@sequentech.io>
+#
+# SPDX-License-Identifier: MIT
+USER=$(whoami)
+
+# load nix into environment
+if [ -e $HOME/.nix-profile/etc/profile.d/nix.sh ] ; then
+ . $HOME/.nix-profile/etc/profile.d/nix.sh
+fi
+
+# add $HOME/.nix-profile/share to XDG_DATA_DIRS, so completions for packages
+# installed with nix work
+if [ -e $HOME/.nix-profile ] ; then
+ XDG_DATA_DIRS="$XDG_DATA_DIRS:$HOME/.nix-profile/share"
+fi
+XDG_DATA_DIRS="$XDG_DATA_DIRS:/usr/share"
+
+ENVRC_RUN=yes
\ No newline at end of file
diff --git a/.devcontainer/etc/nix.conf b/.devcontainer/etc/nix.conf
new file mode 100644
index 0000000..7375f66
--- /dev/null
+++ b/.devcontainer/etc/nix.conf
@@ -0,0 +1,6 @@
+# SPDX-FileCopyrightText: 2022 X-Truder <jaka@x-truder.net>
+# SPDX-FileCopyrightText: 2022 Félix Robles <felix@sequentech.io>
+#
+# SPDX-License-Identifier: MIT
+sandbox = false
+experimental-features = nix-command flakes
\ No newline at end of file
diff --git a/.envrc b/.envrc
new file mode 100644
index 0000000..2ace72e
--- /dev/null
+++ b/.envrc
@@ -0,0 +1,4 @@
+# SPDX-FileCopyrightText: 2022 Felix Robles <felix@sequentech.io>
+#
+# SPDX-License-Identifier: AGPL-3.0-only
+use_nix
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 7350171..feb5305 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -38,24 +38,30 @@ jobs:
check:
name: 'Static Analysis: cargo check'
- runs-on: ubuntu-latest
+ strategy:
+ matrix:
+ os: [ubuntu-latest]
+ runs-on: ${{ matrix.os }}
steps:
- - name: Checkout repository
- uses: actions/checkout@v2
-
- - name: Install stable toolchain
- uses: actions-rs/toolchain@v1
- with:
- profile: minimal
- toolchain: stable
- override: true
+ - uses: actions/checkout@v3.0.2
+ - uses: cachix/install-nix-action@v17
+ with:
+ install_url: https://github.com/numtide/nix-unstable-installer/releases/download/nix-2.10.0pre20220629_b7eb4ac/install
+ nix_path: nixpkgs=channel:nixos-22.05
+ extra_nix_config: |
+ experimental-features = nix-command flakes
- - uses: Swatinem/rust-cache@v1
+ - uses: cachix/cachix-action@v10
+ with:
+ name: sequentech
+ authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- - name: Run cargo check
- uses: actions-rs/cargo@v1
- with:
- command: check
+ - name: Run cargo check
+ run: |
+ nix \
+ --extra-experimental-features "nix-command flakes" \
+ develop \
+ --command bash -c "cargo check"
lints:
name: 'Static Analysis: cargo fmt & clippy'
@@ -150,20 +156,30 @@ jobs:
license_reuse:
name: Code License
- runs-on: ubuntu-latest
+ strategy:
+ matrix:
+ os: [ubuntu-latest]
+ runs-on: ${{ matrix.os }}
steps:
- - name: Checkout Repository
- uses: actions/checkout@v2
+ - uses: actions/checkout@v3.0.2
+ - uses: cachix/install-nix-action@v17
+ with:
+ install_url: https://github.com/numtide/nix-unstable-installer/releases/download/nix-2.10.0pre20220629_b7eb4ac/install
+ nix_path: nixpkgs=channel:nixos-22.05
+ extra_nix_config: |
+ experimental-features = nix-command flakes
- - name: Setup Python
- uses: actions/setup-python@v2
+ - uses: cachix/cachix-action@v10
with:
- python-version: 3.8
+ name: sequentech
+ authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- name: Check files license compliance with REUSE
run: |
- pip install --user reuse
- ~/.local/bin/reuse lint
+ nix \
+ --extra-experimental-features "nix-command flakes" \
+ develop \
+ --command bash -c "reuse lint"
benchmark:
name: Benchmark
diff --git a/.gitignore b/.gitignore
index 5e8e73e..615f6c2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -22,3 +22,4 @@ rust-toolchain
# generated by nix
result
pkg
+.env
\ No newline at end of file
diff --git a/LICENSES/MIT.txt b/LICENSES/MIT.txt
new file mode 100644
index 0000000..6cf71df
--- /dev/null
+++ b/LICENSES/MIT.txt
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) X-Truder. All rights reserved.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE
\ No newline at end of file
diff --git a/README.md b/README.md
index 16da28a..2ef4474 100644
--- a/README.md
+++ b/README.md
@@ -62,7 +62,7 @@ issues that appear.
the information (in master branch) to [codecov].
6. **License compliance**: Check using [REUSE] for license compliance within
the project, verifying that every file is REUSE-compliant and thus has a
-copyright notice header.
+copyright notice header. Try fixing it with `reuse lint`.
7. **Dependencies scan**: Audit dependencies for security vulnerabilities in the
[RustSec Advisory Database], unmaintained dependencies, incompatible licenses
and banned packages using [cargo-deny]. Use `cargo deny fix` or
@@ -79,9 +79,22 @@ on the `browserstack` folder to try it locally. You'll need to configure the env
## Development environment
+Strand uses [Github dev containers] to facilitate development. To start developing strand,
+clone the github repo locally, and open the folder in Visual Studio Code in a container. This
+will configure the same environment that strand developers use, including installing required
+packages and VS Code plugins.
+
+We've tested this dev container for Linux x86_64 and Mac Os arch64 architectures. Unfortunately
+at the moment it doesn't work with Github Codespaces as nix doesn't work on Github Codespaces yet.
+Also the current dev container configuration for strand doesn't allow commiting to the git repo
+from the dev container, you should use git on a local terminal.
+
+## Nix reproducible builds
+
strand uses the [Nix Package Manager] as its package
builder. To build strand, **first [install Nix]** correctly
-in your system.
+in your system. If you're running the project on a dev container,
+you shouldn't need to install it.
After you have installed Nix, enter the development environment with:
@@ -161,6 +174,7 @@ See [here](https://github.com/sequentech/strand/tree/main/benches).
[Crypto.getRandomValues]: https://www.w3.org/TR/WebCryptoAPI/#Crypto-method-getRandomValues
[Nix Package Manager]: https://nixos.org/
[install Nix]: https://nixos.org/
+[Github dev containers]: https://docs.github.com/en/codespaces/setting-up-your-project-for-codespaces/introduction-to-dev-containers
[slack-badge]: https://img.shields.io/badge/Join_us_on_Slack!-sequent--talk-blue.svg?longCache=true&logo=slack
[slack-link]: https://join.slack.com/t/sequentech/shared_invite/zt-1bve9z0px-IF4Je04NJM8AEkCAcdBVWg
diff --git a/flake.lock b/flake.lock
index 21c601f..8b42ae2 100644
--- a/flake.lock
+++ b/flake.lock
@@ -32,17 +32,17 @@
},
"nixpkgs": {
"locked": {
- "lastModified": 1656763421,
- "narHash": "sha256-IigCRM2EJvXnZKOysz/C1arA/HmukVBwpg1GgVIBx4E=",
+ "lastModified": 1658846108,
+ "narHash": "sha256-gkSStUcON/XlVi4NwrTVVosoHr4jAyWiaA5Cf8Dn7IE=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "1c0eb6898ea646f0f760bb710c0b661eac6b1f9a",
+ "rev": "f26b767ef0776c081b5e642bc3ddb7959772781f",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "1c0eb6898ea646f0f760bb710c0b661eac6b1f9a",
+ "rev": "f26b767ef0776c081b5e642bc3ddb7959772781f",
"type": "github"
}
},
diff --git a/flake.nix b/flake.nix
index 58429b8..7e04cb8 100644
--- a/flake.nix
+++ b/flake.nix
@@ -5,7 +5,7 @@
description = "Flake to test rust code";
inputs.rust-overlay.url = "github:oxalica/rust-overlay";
- inputs.nixpkgs.url = "github:NixOS/nixpkgs/1c0eb6898ea646f0f760bb710c0b661eac6b1f9a"; # master branch 2022-07-17: 1c0eb6898ea646f0f760bb710c0b661eac6b1f9a
+ inputs.nixpkgs.url = "github:NixOS/nixpkgs/f26b767ef0776c081b5e642bc3ddb7959772781f"; # master branch 2022-07-26: f26b767ef0776c081b5e642bc3ddb7959772781f
inputs.flake-utils.url = "github:numtide/flake-utils";
outputs = { self, nixpkgs, flake-utils, rust-overlay }:
@@ -48,6 +48,7 @@
nativeBuildInputs = [
rust-wasm
pkgs.nodePackages.npm
+ pkgs.binaryen
pkgs.wasm-pack
pkgs.wasm-bindgen-cli
];
@@ -79,9 +80,10 @@
devShell = (
pkgs.mkShell.override { stdenv = pkgs.clangStdenv; }
) {
+ nativeBuildInputs =
+ defaultPackage.nativeBuildInputs;
buildInputs =
- defaultPackage.nativeBuildInputs ++
- [ pkgs.bash ];
+ [ pkgs.bash pkgs.reuse ];
};
}
);