### Nix Configuration for a Development Environment Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/development.md Defines a development environment named 'example' that includes the 'hello' package. This configuration is part of a larger Nix flake or project setup. ```nix { inputs, ... }: { inputs = { nixpkgs = fetchNixpkgs { rev = "f88fc7a04249cf230377dd11e04bf125d45e9abe"; sha256 = "1dkwcsgwyi76s1dqbrxll83a232h9ljwn4cps88w9fam68rf8qv3"; }; }; dev = { example = { # A development environment with `hello` package bin = [ inputs.nixpkgs.hello ]; }; } } ``` -------------------------------- ### Nix example using libGit Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/secondary-functions/others.md This Nix example demonstrates how to use `makeScript` with `libGit` to set up functions in the current scope, specifically using `require_git_repository`. ```nix { libGit, makeScript, ... }: { jobs."myLibGit" = makeScript { entrypoint = '' require_git_repository /some-path-that-do-not-exists echo other business logic goes here ... ''; name = "myLibGit"; searchPaths.source = [ libGit ]; }; } ``` -------------------------------- ### Install Makes using Nix Source: https://github.com/fluidattacks/makes/blob/main/docs/src/getting-started.md Installs the Makes tool from a specific tarball version using the Nix package manager. ```bash nix-env -if https://github.com/fluidattacks/makes/archive/24.12.tar.gz ``` -------------------------------- ### Example Usage of makeSearchPaths Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/core-functions.md Demonstrates how to use makeSearchPaths to configure PATH, CPATH, and source shell scripts. ```nix { inputs, makeSearchPaths, ... }: { jobs."mySearchPaths" = makeSearchPaths { bin = [ inputs.nixpkgs.git ]; source = [ [ ./template.sh "a" "b" "c" ] # add more as you need ... ]; export = [ [ "PATH" inputs.nixpkgs.bash "/bin"] [ "CPATH" inputs.nixpkgs.glib.dev "/include/glib-2.0"] # add more as you need ... ]; }; } ``` -------------------------------- ### Travis CI Integration Source: https://github.com/fluidattacks/makes/blob/main/docs/src/running-makes/container.md Configure Travis CI to use Nix and run Makes jobs. This example demonstrates installing a specific version of Nix and then executing a Makes command. ```yaml # .travis.yml os: linux language: nix nix: 2.3.12 install: nix-env -if https://github.com/fluidattacks/makes/archive/24.12.tar.gz jobs: include: - script: m . /lintNix ``` -------------------------------- ### Install Ruby Gems with makeRubyGemsInstall Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/secondary-functions/ruby.md Use `makeRubyGemsInstall` to fetch and install specified Ruby gems. It requires a name, Ruby version, and a `sourcesYaml` file. Optional `searchPaths` can be provided. ```nix { makeRubyGemsInstall, ... }: { jobs."myRubyGemsInstall" = makeRubyGemsInstall { name = "example"; ruby = "3.1"; sourcesYaml = projectPath "/makes/example/sources.yaml"; }; } ``` -------------------------------- ### Example makeScript Configuration in makes.nix Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/core-functions.md Demonstrates how to configure a build step using `makeScript` in a makes.nix file. Includes placeholder replacement and adding executables to the search path. ```nix { inputs, makeScript, ... }: { jobs."myScript" = makeScript { replace.__argVersion__ = "1.0"; entrypoint = '' debug Version is __argVersion__ info pwd is $PWD info Running tree command on $STATE mkdir $STATE/dir touch $STATE/dir/file tree $STATE ''; name = "example"; searchPaths.bin = [ inputs.nixpkgs.tree ]; }; } ``` -------------------------------- ### Basic makes.nix Configuration Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/index.md This is a basic example of a `makes.nix` file. It imports another makes file, defines inputs like `nixpkgs`, and sets up a simple job for 'helloWorld'. ```nix { makeScript, ... }: { imports = [ ./another/subdirectory/makes.nix ]; inputs = { nixpkgs = fetchNixpkgs { rev = "f88fc7a04249cf230377dd11e04bf125d45e9abe"; sha256 = "1dkwcsgwyi76s1dqbrxll83a232h9ljwn4cps88w9fam68rf8qv3"; }; }; jobs = { "/helloWorld" = makeScript { name = "/helloWorld"; entrypoint = "echo 'Hello World!'" }; }; } ``` -------------------------------- ### Manual PATH export example Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/core-functions.md This example shows the manual way to export the PATH environment variable, which makeSearchPaths abstracts away. It is typically used for setting the PATH to include executable directories. ```bash export PATH="/nix/store/m5kp2jhiga25ynk3iq61f4psaqixg7ib-git-2.32.0/bin${PATH:+:}${PATH:-}" ``` -------------------------------- ### Ruby Dependencies YAML Example Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/utilities.md An example of a YAML file specifying RubyGems and their version constraints. This file is used as input for the makeRubyLock utility. ```yaml rubocop: "1.43.0" slim: "~> 4.1" ``` -------------------------------- ### Run Local Repository Job Source: https://github.com/fluidattacks/makes/blob/main/docs/src/running-makes/cli.md Example of running a Makes job from the current local repository. ```bash # While standing in the root of your repo m . ``` -------------------------------- ### Nix Configuration for deployContainerManifest Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/deploy.md Configure the `deployContainerManifest` function in Nix. This example shows how to set credentials, the primary image, multi-architecture manifests, signing, and secondary tags. ```nix { outputs, ... }: { deployContainerManifest = { makes = { credentials = { token = "GITHUB_TOKEN"; user = "GITHUB_ACTOR"; }; image = "ghcr.io/fluidattacks/makes:latest"; manifests = [ { image = "ghcr.io/fluidattacks/makes:amd64"; platform = { architecture = "amd64"; os = "linux"; }; } { image = "ghcr.io/fluidattacks/makes:arm64"; platform = { architecture = "arm64"; os = "linux"; }; } ]; sign = true; tags = [ "24.12" ]; }; }; } ``` -------------------------------- ### Building a Container Image with makeContainerImage Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/secondary-functions/containers.md This example demonstrates how to use makeContainerImage to build a container image. It includes setting environment variables, a working directory, and custom layers using Nix derivations. Use this for defining custom container images within a Nix project. ```nix { inputs, makeContainerImage, makeDerivation, ... }: { jobs."/myContainer" = makeContainerImage { config = { Env = [ # Do not use this for sensitive values, it's not safe. "EXAMPLE_ENV_VAR=example-value" ]; WorkingDir = "/working-dir"; }; layers = [ inputs.nixpkgs.coreutils # ls, cat, etc ( makeDerivation { name = "custom-layer"; builder = '' # $out represents the final container root file system: / # # The following commands are equivalent in Docker to: # RUN mkdir /working-dir # RUN echo my-file-contents > /working-dir/my-file # mkdir -p $out/working-dir echo my-file-contents > $out/working-dir/my-file ''; } ) ]; }; } ``` -------------------------------- ### Configure Local DynamoDB Database Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/database.md Example of configuring a local DynamoDB database named 'usersdb' with custom host, infrastructure path, data path, and daemon mode enabled. This setup is useful for local development and testing. ```nix { projectPath, ... }: { dynamoDb = { usersdb = { host = "localhost"; infra = projectPath "/test/database/infra"; data = [ projectPath "/test/database/data" ]; daemonMode = true; }; }; } ``` -------------------------------- ### Python Project pyproject.toml Example Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/utilities.md An example of a pyproject.toml file for a Python project managed with Poetry. This file defines project metadata and dependencies. ```toml [tool.poetry] name = "test" version = "0.1.0" description = "" authors = ["Your Name "] readme = "README.md" [tool.poetry.dependencies] python = "^3.11" Django = "3.2.0" psycopg2 = "2.9.1" [build-system] requires = ["poetry-core"] build-backend = "poetry.core.masonry.api" ``` -------------------------------- ### Run GitHub Repository Job Source: https://github.com/fluidattacks/makes/blob/main/docs/src/running-makes/cli.md Example of running a Makes job from a GitHub repository without cloning it. ```bash # Allows you to run jobs from repositories without cloning them! m github:fluidattacks/makes@main ``` -------------------------------- ### Create Python Poetry Environment Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/secondary-functions/python.md Use this snippet to create a Python virtual environment with poetry2nix. Ensure you have `pyproject.toml` and `poetry.lock` files in your project directory. This example demonstrates setting `preferWheels` and overriding build attributes for a specific package like `pygments` to ensure proper building with `setuptools` and purity. ```nix { makePythonPoetryEnvironment, projectPath, ... }: { jobs."myPythonPoetryEnvironment" = makePythonPoetryEnvironment { pythonProjectDir = projectPath "/makes/example"; pythonVersion = "3.11"; preferWheels = true; # Consider pygments requiring setuptools to build properly overrides = self: super: { pygments = super.pygments.overridePythonAttrs ( old: { preUnpack = '' export HOME=$(mktemp -d) rm -rf /homeless-shelter '' + (old.preUnpack or ""); buildInputs = [super.setuptools]; } ); }; }; } ``` -------------------------------- ### Create Python Pyproject Package Bundle Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/secondary-functions/python.md This snippet demonstrates how to create a Python package bundle using makePythonPyprojectPackage. It specifies the source code, build functions for environments and packages, and dependencies (runtime, build, and test). The example also shows how to define a script job that uses the runtime environment. ```nix { inputs, makeScript, makePythonPyprojectPackage, ... }: let nixpkgs = inputs.nixpkgs; python_version = "python311"; python_pkgs = nixpkgs."${python_version}Packages"; bundle = makePythonPyprojectPackage { src = ./.; buildEnv = nixpkgs."${python_version}".buildEnv.override; buildPythonPackage = nixpkgs."${python_version}".pkgs.buildPythonPackage; pkgDeps = { runtime_deps = with python_pkgs; [click]; build_deps = with python_pkgs; [flit-core]; test_deps = with python_pkgs; [ mypy pytest ]; }; }; env = bundle.env.runtime; in { jobs."myPythonPyprojectPackage" = makeScript { name = "myPythonPyprojectPackage"; searchPaths.bin = [ env ]; entrypoint = ''my-cli "$@"''; # Assuming that the pyproject conf has # a definition of `my-cli` as a cli entrypoint }; } ``` -------------------------------- ### Create Python Virtual Environment Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/secondary-functions/python.md Use this snippet to create a Python virtual environment with Poetry. Ensure you have `pyproject.toml` and `poetry.lock` files in your project directory. This example demonstrates setting the Python version, preferring wheels, and overriding build attributes for specific packages like `pygments`. ```nix { makePythonEnvironment, projectPath, ... }: { jobs."myPythonEnvironment" = makePythonEnvironment { pythonProjectDir = projectPath "/makes/example"; pythonVersion = "3.11"; preferWheels = true; # Consider pygments requiring setuptools to build properly overrides = self: super: { pygments = super.pygments.overridePythonAttrs ( old: { preUnpack = '' export HOME=$(mktemp -d) rm -rf /homeless-shelter '' + (old.preUnpack or ""); buildInputs = [super.setuptools]; } ); }; }; } ``` -------------------------------- ### Example Shell Script Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/core-functions.md A simple shell script that echoes its arguments. ```bash # /path/to/my/project/makes/example/template echo "${@}" ``` -------------------------------- ### makeRubyGemsInstall Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/secondary-functions/ruby.md Fetches and installs specified Ruby gems from RubyGems. It allows custom naming, Ruby version selection, and configuration of search paths and sources. ```APIDOC ## makeRubyGemsInstall Fetch and install the specified Ruby gems from the [RubyGems][rubygems]. ### Function Signature `makeRubyGemsInstall(name: str, ruby: enum["3.1", "3.2", "3.3"], searchPaths: asIn makeSearchPaths?, sourcesYaml: package) -> package` ### Parameters * **name** (str) - Required - Custom name to assign to the build step. * **ruby** (enum ["3.1", "3.2", "3.3"]) - Required - Version of the Ruby interpreter. * **searchPaths** (asIn makeSearchPaths) - Optional - Arguments passed to `makeSearchPaths`. Defaults to `makeSearchPaths`'s defaults. * **sourcesYaml** (package) - Required - `sources.yaml` file computed as explained in the pre-requisites section. ### Example ```nix { makeRubyGemsInstall, ... }: { jobs."myRubyGemsInstall" = makeRubyGemsInstall { name = "example"; ruby = "3.1"; sourcesYaml = projectPath "/makes/example/sources.yaml"; }; } ``` ### Tip Refer to [makeRubyLock](/api/builtins/utilities/#makerubylock) to learn how to generate a `sourcesYaml`. ``` -------------------------------- ### Run GitLab Repository Job Source: https://github.com/fluidattacks/makes/blob/main/docs/src/running-makes/cli.md Example of running a Makes job from a GitLab repository without cloning it. ```bash # Allows you to run jobs from repositories without cloning them! m gitlab:fluidattacks/makes-example-2@main ``` -------------------------------- ### Using makeTemplate to Replace Placeholders Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/core-functions.md This example demonstrates how to use the makeTemplate function to replace placeholders like '__argBash__' and '__argVersion__' within a template string. The 'replace' attribute maps placeholder names to their corresponding values. ```nix { inputs, makeTemplate, ... }: { jobs."myTemplate" = makeTemplate { name = "example"; replace = { __argBash__ = inputs.nixpkgs.bash; __argVersion__ = "1.0"; }; template = '' Bash is: __argBash__ Version is: __argVersion__ ''; }; } ``` -------------------------------- ### GitHub Actions CI/CD Integration Source: https://github.com/fluidattacks/makes/blob/main/docs/src/running-makes/container.md Integrate the Makes container into your GitHub Actions workflow to run linting jobs. This example uses the `actions/checkout` and a Docker service to run Makes. ```yaml # .github/workflows/dev.yml name: Makes CI on: [push, pull_request] jobs: lintNix: runs-on: ubuntu-latest steps: - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222 - uses: docker://ghcr.io/fluidattacks/makes:24.12 name: lintNix with: args: sh -c "chown -R root:root /github/workspace && m . /lintNix" ``` -------------------------------- ### GitLab CI/CD Integration Source: https://github.com/fluidattacks/makes/blob/main/docs/src/running-makes/container.md Use the Makes container image directly in your GitLab CI configuration to execute Makes commands. This snippet shows a basic setup for running a linting job. ```yaml # .gitlab-ci.yml /lintNix: image: ghcr.io/fluidattacks/makes:24.12 script: - m . /lintNix ``` -------------------------------- ### Nix Idioms for Loading Secrets Source: https://github.com/fluidattacks/makes/blob/main/docs/src/security/threat-model.md Examples of Nix idioms that could inadvertently load secrets into the /nix/store, making them potentially public via binary caches. This applies to plain text files and fetching private repositories. ```nix [ // Nix would load the secrets in plain-text to the `/nix/store` ./file-with-secrets-in-plain-text.txt // Nix would load the git repository to the `/nix/store` // This also applies to other builtins.fetch* that could // fetch private information (builtins.fetchGit { // Private repository (with potential intellectual property) url = "git@github.com:company/secrets.git"; }) ] ``` -------------------------------- ### AWS Batch Job Configuration Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/deploy.md Example of configuring a job to be submitted to AWS Batch using the computeOnAwsBatch module in makes.nix. This configuration specifies job details like attempts, duration, command, memory, vCPUs, and environment variables. ```nix { computeOnAwsBatch, outputs, ... }: { computeOnAwsBatch = { myJob = { attempts = 1; attemptDurationSeconds = 43200; command = [ "m" "github:fluidattacks/makes@main" "/myJob" ]; definition = "makes"; environment = [ "ENV_VAR_FOR_WHATEVER" ]; memory = 1800; queue = "ec2_spot"; setup = [ # Use default authentication for AWS outputs."/secretsForAwsFromEnv/__default__" ]; tags = { "Management:Product" = "awesome_app"; }; vcpus = 1; }; }; } ``` -------------------------------- ### Configure AWS Secrets for GitLab CI Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/secrets.md Example of configuring `secretsForAwsFromGitlab` to define AWS roles, session durations, and retries for development and production environments. This setup is used to integrate with GitLab CI for secure AWS access. ```nix { outputs, lintTerraform, secretsForAwsFromGitlab, ... }: { secretsForAwsFromGitlab = { makesDev = { roleArn = "arn:aws:iam::123456789012:role/dev"; duration = 3600; retries = 30; }; makesProd = { roleArn = "arn:aws:iam::123456789012:role/prod"; duration = 7200; retries = 30; }; }; lintTerraform = { modules = { moduleDev = { setup = [ outputs."/secretsForAwsFromGitlab/makesDev" ]; src = "/my/module1"; version = "0.14"; }; moduleProd = { setup = [ outputs."/secretsForAwsFromGitlab/makesProd" ]; src = "/my/module2"; version = "0.14"; }; }; }; } ``` -------------------------------- ### Define and Use Inputs Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/essentials.md Shows how to define custom inputs like 'myUser' and use them within job entrypoints. Inputs allow passing dynamic values into your build jobs. ```nix # makes.nix { inputs, makeScript, ... }: { inputs = { myUser = "John"; }; jobs = { "/helloUser" = makeScript { name = "helloUser"; entrypoint = "echo 'Hello ${inputs.myUser}!'"; }; }; } ``` -------------------------------- ### Serve Docs Locally Source: https://github.com/fluidattacks/makes/blob/main/docs/src/contributing.md Serve the documentation site on localhost by running 'm . /docs/dev'. ```bash m . /docs/dev ``` -------------------------------- ### Define a Simple Makes Job Source: https://github.com/fluidattacks/makes/blob/main/docs/src/getting-started.md Creates a makes.nix file to define a basic 'helloWorld' job that echoes 'Hello World!'. This is the entry point for using Makes in a project. ```nix { makeScript, ...}: { jobs = { "/helloWorld" = makeScript { name = "helloWorld"; entrypoint = "echo 'Hello World!'"; }; }; } ``` -------------------------------- ### Node.js PATH and NODE_PATH Configuration Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/core-functions.md Configure PATH and NODE_PATH for Node.js projects by appending paths from a list of strings. ```nix # Append /.bin of each element in the list to PATH. # Defaults to [ ] nodeBin = [ ] # Append / of each element in the list to NODE_PATH. # Defaults to [ ] nodeModule = [ ] ``` -------------------------------- ### Import Other Makes Files Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/essentials.md Demonstrates how to include configurations from other `makes.nix` files using the `imports` attribute. This is useful for modularizing build configurations. ```nix { imports = [ ./another/subdirectory/makes.nix ]; } ``` -------------------------------- ### Ruby PATH and GEM_PATH Configuration Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/core-functions.md Configure PATH and GEM_PATH for Ruby projects by appending paths from a list of strings. ```nix # Append /bin of each element in the list to PATH. # Defaults to [ ] rubyBin = [ ] # Append / of each element in the list to GEM_PATH. # Defaults to [ ] rubyGemPath = [ ] ``` -------------------------------- ### Extract sublist from a list Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/secondary-functions/others.md The `sublist` function returns a portion of a given list based on a starting and ending index. Both indices are inclusive. ```nix { sublist, ... }: let list = [0 1 2 3 4 5 6 7 8 9]; sublist = sublist list 3 5; # [3 4] in { jobs."mySublist" = sublist; } ``` -------------------------------- ### Get full Git commit from revision Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/secondary-functions/others.md Use `get_commit_from_rev` to retrieve the full commit hash for a given revision. Returns an error if unavailable. ```bash # Would return the full commit (e026a413...) get_commit_from_rev /path/to/anywhere HEAD ``` -------------------------------- ### Get abbreviated Git revision Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/secondary-functions/others.md Use `get_abbrev_rev` to obtain an abbreviated name for a Git revision if available. Otherwise, the revision is returned unchanged. ```bash # Would return main, trunk, develop, etc get_abbrev_rev /path/to/anywhere HEAD ``` -------------------------------- ### Reuse Jobs with Outputs Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/essentials.md Illustrates how to define multiple jobs and then reuse their results or configurations in another job using `outputs`. This promotes code reuse and dependency management. ```nix { makeScript, outputs, ... }: { jobs = { "/helloJohn" = makeScript { name = "helloJohn"; entrypoint = "echo 'Hello John!'"; }; "/helloJane" = makeScript { name = "helloJane"; entrypoint = "echo 'Hello Jane!'"; }; "/helloAll" = makeScript { name = "helloAll"; searchPaths.source = [ outputs."/helloJohn" outputs."/helloJane" ]; }; }; } ``` -------------------------------- ### Fetch a file from a URL Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/secondary-functions/fetchers.md Use fetchUrl to download a file from a given URL. Provide the SHA256 hash for verification. If the hash is incorrect or omitted, Makes will report the expected hash. ```nix { fetchUrl, ... }: { jobs."myUrl" = fetchUrl { url = "https://github.com/fluidattacks/makes/blob/16aafa1e3ed4cc99eb354842341fbf6f478a211c/README.md"; sha256 = "18scrymrar0bv7s92hfqfb01bv5pibyjw6dxp3i8nylmnh6gjv15"; }; } ``` -------------------------------- ### Nix Configuration for Deploying Container Images Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/deploy.md Configure deployContainer for amd64 and arm64 architectures. Specify registry credentials, image path, source OCI image, and enable signing. ```nix { outputs, ... }: { deployContainer = { makesAmd64 = { credentials = { token = "GITHUB_TOKEN"; user = "GITHUB_ACTOR"; }; image = "ghcr.io/fluidattacks/makes:amd64"; src = outputs."/container-image"; sign = true; }; makesArm64 = { credentials = { token = "GITHUB_TOKEN"; user = "GITHUB_ACTOR"; }; image = "ghcr.io/fluidattacks/makes:arm64"; src = outputs."/container-image"; sign = true; }; }; } ``` -------------------------------- ### Define a Simple Job Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/essentials.md Defines a basic 'helloWorld' job that prints 'Hello World!' to the console. This is a fundamental unit of work in Makes. ```nix { makeScript, ... }: { jobs = { "/helloWorld" = makeScript { name = "helloWorld"; entrypoint = "echo 'Hello World!'"; }; }; } ``` -------------------------------- ### Fetch and unpack an archive from a URL Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/secondary-functions/fetchers.md Use fetchArchive to download and unpack Zip or Tar archives. The stripRoot option can be set to false if the archive does not have a top-level directory to discard. Provide the SHA256 hash for verification. ```nix { fetchArchive, ... }: { jobs."myArchive" = fetchArchive { url = "https://github.com/fluidattacks/makes/archive/16aafa1e3ed4cc99eb354842341fbf6f478a211c.zip"; sha256 = "16zx89lzv5n048h5l9f8dgpvdj0l38hx7aapc7h1d1mjc1ca2i6a"; }; } ``` -------------------------------- ### Create Ruby Gems Environment with makeRubyGemsEnvironment Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/secondary-functions/ruby.md Use `makeRubyGemsEnvironment` to create an environment with specified Ruby gems available. It requires a name, Ruby version, and `sourcesYaml`. You can configure build and runtime search paths. ```nix { inputs, makeRubyGemsEnvironment, makeScript, ... }: let env = makeRubyGemsEnvironment { name = "example"; ruby = "3.1"; searchPathsBuild.bin = [ inputs.nixpkgs.gcc ]; searchPathsRuntime.rpath = [ inputs.nixpkgs.gcc.cc.lib ]; sourcesYaml = projectPath "/makes/example/sources.yaml"; }; in { jobs."myRubyGemsEnvironment" = makeScript { entrypoint = "slimrb --version"; name = "example"; searchPaths.source = [ env ]; }; } ``` -------------------------------- ### Enable and Configure formatNix Builtin Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/index.md This snippet shows how to enable the `formatNix` builtin and specify the targets for formatting within a `makes.nix` file. ```nix { formatNix = { enable = true targets = [ "/" ] } } ``` -------------------------------- ### Configure Nix Formatting Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/format.md Enable and specify targets for Nix code formatting using nixfmt. Defaults to formatting the entire project if targets are not specified. ```nix { formatNix = { enable = true; targets = [ "/" # Entire project "/file.nix" # A file "/directory" # A directory within the project ]; }; } ``` -------------------------------- ### Invocation with GitHub Credentials Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/deploy.md Invoke the deployment using `m` with GitHub credentials. Ensure the environment variables `GITHUB_ACTOR` and `GITHUB_TOKEN` are set. ```bash GITHUB_ACTOR=user GITHUB_TOKEN=123 m . /deployContainerManifest/makes ``` -------------------------------- ### Makes CLI Syntax Source: https://github.com/fluidattacks/makes/blob/main/docs/src/running-makes/cli.md Basic syntax for the Makes command. Specify the repository and job to run. ```bash m ``` -------------------------------- ### Enable License Testing Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/test.md Enable the license test for a project by setting `enable` to `true`. This utilizes the reuse tool for verification. ```nix { testLicense = { enable = true; }; } ``` -------------------------------- ### Configure YAML Formatting Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/format.md Enable and specify targets for YAML code formatting using yamlfix. Defaults to formatting the entire project if targets are not specified. ```nix { formatYaml = { enable = true; targets = [ "/" # Entire project "/main.yaml" # A file "/yamls/" # A directory within the project ]; }; } ``` -------------------------------- ### Direnv Configuration for Remote Project Development Environment Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/development.md Sets up direnv to automatically load a development environment from a remote Makes project. When entering the directory, the 'hello' command becomes available. The environment is unloaded upon exiting the directory. ```bash $ cat /path/to/some/dir/.envrc source "$(m github:fluidattacks/makes@main /dev/example)/template" # Now every time you enter /path/to/some/dir # the shell will automatically load the environment $ cd /path/to/some/dir direnv: loading /path/to/some/dir/.envrc direnv: export ~PATH /path/to/some/dir $ hello Hello, world! # If you exit the directory, the development environment is unloaded /path/to/some/dir $ cd .. direnv: unloading /path/to/some $ hello hello: command not found ``` -------------------------------- ### Invocation with GitLab Credentials Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/deploy.md Invoke the deployment using `m` with GitLab credentials. Ensure the environment variables `CI_REGISTRY_USER` and `CI_REGISTRY_PASSWORD` are set. ```bash CI_REGISTRY_USER=user CI_REGISTRY_PASSWORD=123 m . /deployContainerManifest/makes ``` -------------------------------- ### Configure NixOS Read Cache Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/essentials.md Configures Makes to use the NixOS read cache. Ensure `readNixos` is set to `true` to enable reading from `https://cache.nixos.org`. ```nix { cache = { readNixos = true; extra = { main = { enable = true; pubKey = "makes.cachix.org-1:zO7UjWLTRR8Vfzkgsu1PESjmb6ymy1e4OE9YfMmCQR4="; token = "CACHIX_AUTH_TOKEN"; type = "nixos"; url = "https://makes.cachix.org?priority=2"; write = true; }; }; }; } ``` -------------------------------- ### Define PATH with makeSearchPaths Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/core-functions.md Use makeSearchPaths to simplify setting the PATH environment variable. This function takes a list of packages and automatically appends their /bin directories to PATH. ```nix makeSearchPaths { bin = [ inputs.nixpkgs.git ]; } ``` -------------------------------- ### Copy Project Path to Nix Store Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/core-functions.md Copies a specified path from the current Makes project to the Nix store. Ensures purity and reproducibility by assuming the repository is located at '/'. Use this when you need to reference project files within Nix derivations. ```nix # Consider the following path within the repository: /src/nix { makeScript, projectPath, ... }: { jobs."myProjectPath" = makeScript { replace = { __argPath__ = projectPath "/src/nix"; }; entrypoint = '' info Path is: __argPath__ info Path contents are: ls __argPath__ ''; name = "myProjectPath"; }; } ``` -------------------------------- ### Generated Environment Variables and Script Execution Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/core-functions.md Shows the equivalent bash commands for exporting environment variables and sourcing a script. ```bash export PATH"/nix/store/...-git/bin${PATH:+:}${PATH:-}" export PATH"/nix/store/...-bash/bin${PATH:+:}${PATH:-}" export CPATH"/nix/store/...-glib-dev/include/glib-2.0${CPATH:+:}${CPATH:-}" if test -e "/nix/store/...-template/template" then source "/nix/store/...-template/template" '1' '2' '3' else source "/nix/store/...-template" '1' '2' '3' fi ``` -------------------------------- ### Configure Terraform Formatting Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/format.md Enable and specify targets for Terraform code formatting using Terraform FMT. Defaults to formatting the entire project if targets are not specified. ```nix { formatTerraform = { enable = true; targets = [ "/" # Entire project "/main.tf" # A file "/terraform/module" # A directory within the project ]; }; } ``` -------------------------------- ### Pin Makes Framework Version with makes.lock.nix Source: https://github.com/fluidattacks/makes/blob/main/docs/src/versioning.md Use this snippet to ensure your project is evaluated with a specific version of the Makes framework. It utilizes `builtins.fetchTarball` for reproducibility, which is recommended over `builtins.fetchGit`. ```nix # /path/to/my/project/makes.lock.nix { makesSrc = builtins.fetchTarball { sha256 = ""; # Tarball sha256 url = "https://api.github.com/repos/fluidattacks/makes/tarball/24.12"; }; } ``` -------------------------------- ### Configure Bash Formatting Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/format.md Enable and specify targets for Bash code formatting using shfmt. Defaults to formatting the entire project if targets are not specified. ```nix { formatBash = { enable = true; targets = [ "/" # Entire project "/file.sh" # A file "/directory" # A directory within the project ]; }; } ``` -------------------------------- ### Import Makes via Nix Source: https://github.com/fluidattacks/makes/blob/main/docs/src/getting-started.md Imports the Makes framework directly within a Nix expression, fetching it from a tarball. This allows for programmatic use of Makes utilities. ```nix let # Import the framework makes = import "${builtins.fetchTarball { sha256 = ""; # Tarball sha256 url = "https://api.github.com/repos/fluidattacks/makes/tarball/24.12"; }}/src/args/agnostic.nix" { }; in # Use the framework makes.makePythonEnvironment { pythonProjectDir = ./.; pythonVersion = "3.11"; } ``` -------------------------------- ### Convert Nix expression to YAML file Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/secondary-functions/format-conversion.md Use `toFileYaml` to write a Nix expression to a YAML file. Provide the desired filename and the Nix expression to be converted. ```nix { toFileYaml, makeDerivation, ... }: { jobs."myFileYaml" = makeDerivation { env = { envFile = toFileYaml "example.yaml" { name = "value"; }; }; builder = '' cat $envFile ''; name = "myFileYaml"; }; } ``` -------------------------------- ### Configure JSON/YAML Linting with ajv-cli Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/lint.md Enable linting for JSON and YAML data files using ajv-cli and JSON Schemas. Define schemas and their corresponding target data files. ```nix { lintWithAjv = { users = { schema = "/users/schema.json"; targets = [ "/users/data1.json" "/users/data.yaml" ]; }; colors = { schema = "/colors/schema.json"; targets = [ "/colors/data1.json" "/colors/data2.yaml" ]; }; }; } ``` -------------------------------- ### Run Local Changes Source: https://github.com/fluidattacks/makes/blob/main/docs/src/contributing.md Execute local changes by running the 'm . ' command. Ensure new files are added with 'git add' before running. ```bash m . ``` -------------------------------- ### Create Python Environment Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/secondary-functions/index.md Defines a job to create a Python environment using the `makePythonEnvironment` function. Specify the project directory and Python version. ```nix { makePythonEnvironment, projectPath, ... }: { jobs = { "/myPythonEnvironment" = makePythonEnvironment { pythonProjectDir = projectPath "/my/python/project"; pythonVersion = "3.11"; }; }; } ``` -------------------------------- ### Python MYPYPATH Configuration Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/core-functions.md Configure MYPYPATH for different Python versions by appending paths from a list of strings. ```nix # Append / of each element in the list to MYPYPATH. # Defaults to [ ] pythonMypy = [ ] # Append /lib/python3.9/site-packages of each element in the list to MYPYPATH. # Defaults to [ ] pythonMypy39 = [ ] # Append /lib/python3.10/site-packages of each element in the list to MYPYPATH. # Defaults to [ ] pythonMypy310 = [ ] # Append /lib/python3.11/site-packages of each element in the list to MYPYPATH. # Defaults to [ ] pythonMypy311 = [ ] ``` -------------------------------- ### Python PYTHONPATH Configuration Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/core-functions.md Configure PYTHONPATH for different Python versions by appending paths from a list of strings. ```nix # Append / of each element in the list to PYTHONPATH. # Defaults to [ ] pythonPackage = [ ] # Append /lib/python3.9/site-packages of each element in the list to PYTHONPATH. # Defaults to [ ] pythonPackage39 = [ ] # Append /lib/python3.10/site-packages of each element in the list to PYTHONPATH. # Defaults to [ ] pythonPackage310 = [ ] # Append /lib/python3.11/site-packages of each element in the list to PYTHONPATH. # Defaults to [ ] pythonPackage311 = [ ] ``` -------------------------------- ### Configure Environment Variables with envVars Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/environment.md Use envVars to map environment variables from a name to a value. Do not propagate sensitive information here; use Makes Secrets instead. ```nix { inputs, outputs, ...: }: { envVars = { example = { # Equals to: export awsDefaultRegion=us-east-1 awsDefaultRegion = "us-east-1"; }; otherExample = { # Equals to: export license=/nix/store/...-my-license license = outputs."/MyLicense"; # Equals to: export bash=/nix/store/...-bash bash = inputs.nixpkgs.bash; }; }; inputs = { nixpkgs = fetchNixpkgs { rev = "f88fc7a04249cf230377dd11e04bf125d45e9abe"; sha256 = "1dkwcsgwyi76s1dqbrxll83a232h9ljwn4cps88w9fam68rf8qv3"; }; }; } ``` -------------------------------- ### Invocation with DockerHub Credentials Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/deploy.md Invoke the deployment using `m` with DockerHub credentials. Ensure the environment variables `DOCKER_HUB_USER` and `DOCKER_HUB_PASS` are set. ```bash DOCKER_HUB_USER=user DOCKER_HUB_PASS=123 m . /deployContainerManifest/makes ``` -------------------------------- ### Configure Nix Code Linting with Statix Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/lint.md Enable and configure Statix for linting Nix code. Specify files or directories to target for linting. ```nix { lintNix = { enable = true; targets = [ "/" # Entire project "/file.nix" # A file "/directory" # A directory within the project ]; }; } ``` -------------------------------- ### Configure Bash Linting with ShellCheck Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/builtins/lint.md Enable and configure ShellCheck for linting Bash code. Specify files or directories to target for linting. ```nix { lintBash = { enable = true; targets = [ "/" # Entire project "/file.sh" # A file "/directory" # A directory within the project ]; }; } ``` -------------------------------- ### fetchArchive Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/secondary-functions/fetchers.md Fetches a Zip or Tape Archive from a URL and unpacks it. It supports URL, SHA256 for integrity, and an optional `stripRoot` boolean to control the discarding of the top-level directory. ```APIDOC ## fetchArchive ### Description Fetch a Zip (.zip) or Tape Archive (.tar) from the specified URL and unpack it. ### Parameters #### Path Parameters - **url** (str) - Required - URL to download. - **sha256** (str) - Required - SHA256 of the expected output. In order to get the SHA256 you can omit this parameter and execute Makes, Makes will tell you the correct SHA256 on failure. - **stripRoot** (bool) - Optional - Most archives have a symbolic top-level directory that is discarded during unpack phase. If this is not the case you can set this flag to `false`. Defaults to `true`. ### Request Example ```nix { fetchArchive, ... }: { jobs."myArchive" = fetchArchive { url = "https://github.com/fluidattacks/makes/archive/16aafa1e3ed4cc99eb354842341fbf6f478a211c.zip"; sha256 = "16zx89lzv5n048h5l9f8dgpvdj0l38hx7aapc7h1d1mjc1ca2i6a"; }; } ``` ``` -------------------------------- ### makeRubyGemsEnvironment Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/secondary-functions/ruby.md Creates an environment where specified Ruby gems from RubyGems are available. It supports custom naming, Ruby version selection, and configuration of build and runtime search paths, as well as sources. ```APIDOC ## makeRubyGemsEnvironment Create an environment where the specified Ruby gems from [RubyGems][rubygems] are available. ### Function Signature `makeRubyGemsEnvironment(name: str, ruby: enum["3.1", "3.2", "3.3"], searchPathsBuild: asIn makeSearchPaths?, searchPathsRuntime: asIn makeSearchPaths?, sourcesYaml: package) -> package` ### Parameters * **name** (str) - Required - Custom name to assign to the build step. * **ruby** (enum ["3.1", "3.2", "3.3"]) - Required - Version of the Ruby interpreter. * **searchPathsBuild** (asIn makeSearchPaths) - Optional - Arguments passed to `makeSearchPaths` and used while installing gems. Defaults to `makeSearchPaths`'s defaults. * **searchPathsRuntime** (asIn makeSearchPaths) - Optional - Arguments passed to `makeSearchPaths` and propagated to the runtime environment. Defaults to `makeSearchPaths`'s defaults. * **sourcesYaml** (package) - Required - `sources.yaml` file computed as explained in the pre-requisites section. ### Example ```nix { inputs, makeRubyGemsEnvironment, makeScript, ... }: let env = makeRubyGemsEnvironment { name = "example"; ruby = "3.1"; searchPathsBuild.bin = [ inputs.nixpkgs.gcc ]; searchPathsRuntime.rpath = [ inputs.nixpkgs.gcc.cc.lib ]; sourcesYaml = projectPath "/makes/example/sources.yaml"; }; in { jobs."myRubyGemsEnvironment" = makeScript { entrypoint = "slimrb --version"; name = "example"; searchPaths.source = [ env ]; }; } ``` ### Tip Refer to [makeRubyLock](/api/builtins/utilities/#makerubylock) to learn how to generate a `sourcesYaml`. ``` -------------------------------- ### Define a Derivation with makeDerivation Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/core-functions.md Defines a build step using makeDerivation. The builder script runs in an isolated environment and must produce output in the $out directory. Dependencies like 'tree' can be specified in searchPaths. ```nix { inputs, makeDerivation, ... }: { jobs."myDerivation" = makeDerivation { env.envVersion = "1.0"; builder = '' debug Version is $envVersion info Running tree command on $PWD mkdir dir touch dir/file tree dir > $out ''; name = "myDerivation"; searchPaths.bin = [ inputs.nixpkgs.tree ]; }; } ``` -------------------------------- ### fetchUrl Source: https://github.com/fluidattacks/makes/blob/main/docs/src/configuration/secondary-functions/fetchers.md Fetches a file from a specified URL. It requires the URL and optionally accepts a SHA256 hash for integrity verification. If the SHA256 is omitted, Makes will provide it upon failure. ```APIDOC ## fetchUrl ### Description Fetch a file from the specified URL. ### Parameters #### Path Parameters - **url** (str) - Required - URL to download. - **sha256** (str) - Required - SHA256 of the expected output. In order to get the SHA256 you can omit this parameter and execute Makes, Makes will tell you the correct SHA256 on failure. ### Request Example ```nix { fetchUrl, ... }: { jobs."myUrl" = fetchUrl { url = "https://github.com/fluidattacks/makes/blob/16aafa1e3ed4cc99eb354842341fbf6f478a211c/README.md"; sha256 = "18scrymrar0bv7s92hfqfb01bv5pibyjw6dxp3i8nylmnh6gjv15"; }; } ``` ``` -------------------------------- ### Test Git Mailmap Source: https://github.com/fluidattacks/makes/blob/main/docs/src/contributing.md Test the .mailmap file locally using the command 'm . /lintGitMailMap'. ```bash m . /lintGitMailMap ```