Skip to content

nix-make demo #9

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
edolstra wants to merge 5 commits into
base: main
Choose a base branch
from
Draft

nix-make demo #9

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
87097b2
WASM function for building C++ projects
edolstra Mar 2, 2026
f056ca8
C++ improvements
edolstra Mar 3, 2026
5cf3111
Checkpoint
edolstra Mar 3, 2026
e15f743
Auto-detect buildInputs
edolstra Mar 3, 2026
9e5572d
Rename
edolstra Mar 6, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ members = [
"nix-wasm-plugin-test",
"nix-wasm-plugin-quickjs",
"nix-wasm-plugin-grep",
"nix-wasm-plugin-nix-make",
]
resolver = "2"

Expand Down
2 changes: 1 addition & 1 deletion flake.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@
'';
workspaceVendor = rustPlatform.fetchCargoVendor {
src = self;
hash = "sha256-vkTdv3StxslmBOKy8mFfz5afOiMjBujFd4IU6pkgqGc=";
hash = "sha256-7+qf/W+ZAPWWghAzF33RDBLwZUrA51USjkGujXBRF4U=";
};
stdlibVendor = rustPlatform.fetchCargoVendor {
src = rustPlatform.rustcSrc;
Expand Down
10 changes: 10 additions & 0 deletions nix-wasm-plugin-nix-make/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
[package]
name = "nix-wasm-plugin-nix-make"
version = "0.1.0"
edition = "2021"

[lib]
crate-type = ["cdylib"]

[dependencies]
nix-wasm-rust = { path = "../nix-wasm-rust" }
180 changes: 180 additions & 0 deletions nix-wasm-plugin-nix-make/demo.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,180 @@
with import <nixpkgs> {};

rec {
getDeps = builtins.wasm {
path = ../target/wasm32-unknown-unknown/release/nix_wasm_plugin_nix_make.wasm;
function = "getDeps";
};
Comment on lines +4 to +7
Copy link
Contributor

@coderabbitai coderabbitai bot Mar 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Build the wasm plugin through Nix instead of ../target/....

This demo depends on a mutable Cargo artifact outside the store, so a clean checkout cannot evaluate it and the result is not reproducible.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@nix-wasm-plugin-nix-make/demo.nix` around lines 4 - 7, The current getDeps
uses a hardcoded path to a mutable Cargo artifact; replace that with a Nix-built
derivation that produces the wasm binary and pass its output to builtins.wasm.
Create a derivation (e.g., via pkgs.rustPlatform.buildRustPackage or a small
stdenv.mkDerivation) that builds the crate producing
nix_wasm_plugin_nix_make.wasm, then update getDeps to use the derivation’s
output path (instead of "../target/...") while keeping function = "getDeps" and
using builtins.wasm as before so evaluation is reproducible and hermetic.


compileCpp = source: runCommandCC
"${builtins.baseNameOf source.path}.o"
{
__structuredAttrs = true;
includes = source.includes;
srcPath = source.path;
src = source.src;
buildInputs = map (dep: pkgs'.${dep}) source.deps;
inherit (source) deps;
}
''
for name in "''${!includes[@]}"; do
mkdir -p "$(dirname "$name")"
ln -s "''${includes[$name]}" "$name"
done

srcDir="$(dirname "$srcPath")"
mkdir -p "$srcDir"
ln -s "$src" "$srcPath"

mkdir -p "$out/$srcDir"
# FIXME: figure out the -I flags automatically.
gcc -std=c++23 -O1 -c "$srcPath" -o "$out/$srcDir/$(basename "$srcPath").o" -I . -I include -I unix/include -I linux/include -I windows/include -I widecharwidth
'';

link = name: objects: runCommandCC
name
{
inherit objects;
buildInputs = map (dep: pkgs'.${dep}) (builtins.concatLists (map (obj: obj.deps) objects));
}
''
mkdir -p $out/lib
g++ -o $out/lib/$name.so \
$(find $objects -name '*.o' -type f) \
-lboost_context -lboost_iostreams -lboost_url -larchive -lcrypto -lsodium -lblake3 -lbrotlicommon -lbrotlienc -lbrotlidec -lcpuid -shared
'';
Comment on lines +34 to +45
Copy link
Contributor

@coderabbitai coderabbitai bot Mar 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Generate linker flags from the same dependency set as buildInputs.

buildInputs is filtered by obj.deps, but the link command always passes every -l... flag. As soon as one of those libraries is not in the computed deps, the link step loses that search path and fails.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@nix-wasm-plugin-nix-make/demo.nix` around lines 34 - 45, The link command
unconditionally emits hard-coded -l flags while buildInputs is computed from
builtins.concatLists (map (obj: obj.deps) objects); change the link step in
runCommandCC's link function to derive the linker flags from that same
dependency list (the value used for buildInputs) instead of hard-coding them:
compute the deps list from builtins.concatLists (map (obj: obj.deps) objects)
(the same expression used for buildInputs) and map that list to the appropriate
-l flags, then use that generated flags string in the g++ invocation so the
linker only requests libraries actually present in buildInputs.


sources = getDeps {
inherit builtins;
dirs = [
{ root = /home/eelco/Dev/nix/src/libutil;
prefix = "";
Comment on lines +50 to +51
Copy link
Contributor

@coderabbitai coderabbitai bot Mar 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Parameterize the checkout and output paths.

The hard-coded /home/eelco/... roots make the demo machine-specific, and the generated headers embed those same local paths into the build. Anyone else evaluating this will either fail immediately or compile with wrong constants.

Also applies to: 84-87, 111-112, 145-148

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@nix-wasm-plugin-nix-make/demo.nix` around lines 50 - 51, The demo.nix
currently embeds machine-specific hard-coded paths (e.g., the attr values root =
/home/eelco/... and prefix = "" and similar occurrences later) which causes
non-portable generated headers; change the file to accept these paths as
parameters (e.g., add function args like root, prefix, checkoutDir, outPath) or
derive sensible defaults from environment (e.g., builtins.getEnv "HOME") and
replace every hard-coded occurrence (root, prefix and the other repeated path
literals) with those parameters; ensure defaults are documented in the function
signature so callers can override them when evaluating the demo.

}
#{ root = /home/eelco/Dev/nix/src/libstore;
# prefix = "";
#}
];
files = {
"nix/store/config.hh" = builtins.toFile "config.hh"
''
#pragma once
#define NIX_LOCAL_SYSTEM "x86_64-linux"
#define NIX_SUPPORT_ACL 1
#define NIX_WITH_AWS_AUTH 1
'';
"util-config-private.hh" = builtins.toFile "util-config-private.hh"
''
#pragma once
#define HAVE_LIBCPUID 1
#define HAVE_POSIX_FALLOCATE 1
'';
"store-config-private.hh" = pkgs.writeText "store-config-private.hh"
''
#pragma once
#define CAN_LINK_SYMLINK 1
#define DETERMINATE_NIX_VERSION "3.16.3"
#define HAVE_EMBEDDED_SANDBOX_SHELL 0
#define HAVE_LCHOWN 1
#define HAVE_POSIX_FALLOCATE 1
#define HAVE_SECCOMP 1
#define HAVE_STATVFS 1
#undef IS_STATIC
#define LSOF "lsof"
#define NIX_CONF_DIR "/etc/nix"
#define NIX_DATA_DIR "/home/eelco/Dev/nix/outputs/out/share"
#define NIX_LOG_DIR "/nix/var/log/nix"
#define NIX_MAN_DIR "/home/eelco/Dev/nix/outputs/out/share/man"
#define NIX_PREFIX "/home/eelco/Dev/nix/outputs/out"
#define NIX_STATE_DIR "/nix/var/nix"
#define NIX_STORE_DIR "/nix/store"
#define NIX_USE_WASMTIME 1
#define PACKAGE_VERSION "2.33.3"
#define SANDBOX_SHELL "${pkgs.busybox}/bin/busybox"
'';
"util-unix-config-private.hh" = builtins.toFile "util-unix-config-private.hh"
''
#pragma once
#define HAVE_CLOSE_RANGE 1
#define HAVE_DECL_AT_SYMLINK_NOFOLLOW 1
#define HAVE_LUTIMES 1
#define HAVE_PIPE2 1
#define HAVE_STRSIGNAL 1
#define HAVE_SYSCONF 1
#define HAVE_UTIMENSAT 1
'';
};
};

allSources = getDeps {
inherit builtins;
dirs = [
{ root = /home/eelco/Dev/nix/src;
prefix = "";
}
#{ root = /home/eelco/Dev/nix/src/libstore;
# prefix = "";
#}
];
files = {
"nix/store/config.hh" = builtins.toFile "config.hh"
''
#pragma once
#define NIX_LOCAL_SYSTEM "x86_64-linux"
#define NIX_SUPPORT_ACL 1
#define NIX_WITH_AWS_AUTH 1
'';
"util-config-private.hh" = builtins.toFile "util-config-private.hh"
''
#pragma once
#define HAVE_LIBCPUID 1
#define HAVE_POSIX_FALLOCATE 1
'';
"store-config-private.hh" = pkgs.writeText "store-config-private.hh"
''
#pragma once
#define CAN_LINK_SYMLINK 1
#define DETERMINATE_NIX_VERSION "3.16.3"
#define HAVE_EMBEDDED_SANDBOX_SHELL 0
#define HAVE_LCHOWN 1
#define HAVE_POSIX_FALLOCATE 1
#define HAVE_SECCOMP 1
#define HAVE_STATVFS 1
#undef IS_STATIC
#define LSOF "lsof"
#define NIX_CONF_DIR "/etc/nix"
#define NIX_DATA_DIR "/home/eelco/Dev/nix/outputs/out/share"
#define NIX_LOG_DIR "/nix/var/log/nix"
#define NIX_MAN_DIR "/home/eelco/Dev/nix/outputs/out/share/man"
#define NIX_PREFIX "/home/eelco/Dev/nix/outputs/out"
#define NIX_STATE_DIR "/nix/var/nix"
#define NIX_STORE_DIR "/nix/store"
#define NIX_USE_WASMTIME 1
#define PACKAGE_VERSION "2.33.3"
#define SANDBOX_SHELL "${pkgs.busybox}/bin/busybox"
'';
"util-unix-config-private.hh" = builtins.toFile "util-unix-config-private.hh"
''
#pragma once
#define HAVE_CLOSE_RANGE 1
#define HAVE_DECL_AT_SYMLINK_NOFOLLOW 1
#define HAVE_LUTIMES 1
#define HAVE_PIPE2 1
#define HAVE_STRSIGNAL 1
#define HAVE_SYSCONF 1
#define HAVE_UTIMENSAT 1
'';
};
};


pkgs' = pkgs // {
libcpuid = pkgs.runCommand "libcpuid" { inherit (pkgs) libcpuid; }
''
ln -s $libcpuid $out
'';
};

all = map compileCpp sources;

libutil = link "libnixutil.so" (map compileCpp sources);
}
Loading
Loading