-
Notifications
You must be signed in to change notification settings - Fork 479
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Nix flake #1970
base: main
Are you sure you want to change the base?
Add Nix flake #1970
Conversation
Thanks for the proposal @aidenfoxivey ! Quick initial question (not knowing anything about nix): Does this have to reside in the top level project directory? |
Hi @baentsch! In every project I've worked on, flake.nix and flake.lock do reside in the top level. That said, I was curious about the question, so I looked it up. According to this reference (https://nixos.wiki/wiki/Flakes), flake.nix does have to be in the top-level. My main goal with this is to have a declarative way to build liboqs to aid debugging and avoid having to use containers. |
Thanks for the submission @aidenfoxivey! I personally don't know anything about Nix, but I think two non–Nix-related issues would need to be resolved before this lands:
|
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The flake itself looks good to me, thank you @aidenfoxivey!
Could you also update the quickstart section of README.md to include instruction on how to use the flake?
Do you know if there's some way of parameterising the flake to spin up different dev envs, say with clang instead of gcc?
I'll remove the instructions from the flake and put them in the quickstart along with other information.
I'll take a look! |
I think it's maybe better to version the flake starting from |
Not sure what I did to boggle the code formatting lol. Maybe something in how I did the README was an issue? |
@baentsch I'll look into generating it by default |
5517c28
to
935fa2c
Compare
Turns out the version tag is completely unnecessary, since it can be referred to by its git hash anyways. I'll wait for additional comments and then clean up the git history once I've sorted out any requests. |
13d5c87
to
729315f
Compare
Signed-off-by: Aiden Fox Ivey <[email protected]>
729315f
to
05edb28
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LTGM! Thanks for the contribution. Please make sure the all the tests are passed before you merge.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks good, thank for you working on this @aidenfoxivey!
Hmm -- this statement made me curious: What tests are there (to be) passed? I didn't find any (just searching for changes to .github/workflows). Wouldn't that/having such be prudent, @cothan @praveksharma ? |
Hi @baentsch , I approve the PR while there are 6 tests (unrelated to the PR) are still running, since this PR doesn't add anything to Github flow, thus I expect them all to pass, and they did (I didn't aware at the time that each PR needs 2 approval). So I comment to make sure this PR will be merged in a green state. |
I agree that having testing for the flake would be desirable @baentsch but I'm also uncertain what is the best way to go about it. I believe the current build targets are limited in that they don't allow the user to pass CMake options via the nix CLI; is that correct @aidenfoxivey? Since the project doesn't plan on moving away from CMake, at this stage it might make more sense to focus on developer quality of life improvement via Alternatively, if there is some way of transparently exposing CMake options to nix that would also be suitable. Instead of a maintainer having to ensure compatibility with CONFIGURE.md that would be handled natively by nix. |
It's not strictly impossible, but it's only possible with some pretty unpleasant hacks or writing your own Nix code. I see the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
uncertain what is the best way to go about it
OK, understood -- if we are in agreement, though, that tests should be added for a feature announced in the toplevel README (?) then there must be a way for it to happen -- and just doing it in a weekly test sounds wrong to me for a feature "prominently" announced/documented.
So I see two options:
- Remove reference to Nix from the README (basically aligning its untested status with the contents of PLATFORMS.md, i.e., where it's not mentioned as a supported environment)
- Add testing and a suitable (level) reference to PLATFORMS.md
Hmm. These are good points. My feeling about
but we also don't want to require Nix to build anything. I view it less as a platform and more as a way to develop your own tooling AND build liboqs deterministically. I'd prefer to mention it in the README just because it seems a shame to not mention it given that it can let you develop liboqs without having to worry about installing all the dependencies in your package manager. |
Agreed. What about adding an entry to Nix to https://github.com/open-quantum-safe/liboqs/wiki/Platform-specific-notes-for-building-liboqs instead of the explicit README mention? But then again, I'm anyway not particularly happy about having this information in the Wiki and not the core repo (so that it makes it into releases). Upon re-reading the README I've got to say the "Quickstart" is not exactly "quick", surely not short, so this PR is making life easier for folks using Nix (a link to Nix in the documentation --wherever that winds up-- would by good in any case). What about this thought @SWilson4 : Make the Linux/Mac quickstart section as short as the Windows one (basically just list |
I think this makes sense, I think this can also be expanded to include a set of common configurations in the future. That said, I think avoiding build options for now and including them in another PR after we've had a chance to think about suitable methods for testing them makes more sense.
I think this also makes sense but perhaps doing all of that here is out of the scope for this PR. Instead, if this PR chooses to just focus on deterministically setting up the dev environment then the "1. Install dependencies:" step under Linux and Mac can be edited to include a new "With Nix:" sub-sections. If that's okay I can create a new issue to track the streamlining of the Quick Start section. How does that sound @aidenfoxivey @baentsch ? |
This sounds reasonable to me! |
@praveksharma Just to be clear, you want changes on the README, right? |
Yes, listing the relevant nix alternatives to the apt commands under Quick Start > Linux and Mac > 1. Install dependencies is what I had in mind. |
As part of my year-end review of stalled things, can I ask what the idea is with this PR:
Which of these options would you like to pursue, @aidenfoxivey ? One, all, none, something else? |
Ah whoops! I've got to admit liboqs slipped by mind a little bit during the latter half of the term. I'm going to sort out the README section tonight. Thinking about testing, I think I wrote a solution but never pushed it. I'll look to wrap this up in the next few days. |
dfaa594
to
d480dac
Compare
Signed-off-by: Aiden Fox Ivey <[email protected]>
d480dac
to
de5beca
Compare
@praveksharma @SWilson4 As I mentioned earlier, I wrote a little nix flake that should be able to run the environment without anything other than Nix installed on the machine - in addition to being declarative.
I'm happy to add or remove packages to the flake - I mostly followed the requirements for the QuickStart, but potentially missed something.