Skip to content

refactor(devshell): improve devshell experience #1977

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
jfroche wants to merge 3 commits into
base: develop
Choose a base branch
from
+830 −898
Open

refactor(devshell): improve devshell experience #1977

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
e309529
refactor(devshell): improve devshell experience
jfroche Dec 11, 2025
36caa98
chore: migrate scripts generated by runCommand to writeShellApplication
jfroche Dec 11, 2025
efc2e26
chore: use packer from nixpkgs
jfroche Dec 11, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 21 additions & 0 deletions flake.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions flake.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@
];
};
inputs = {
devshell.url = "github:numtide/devshell";
devshell.inputs.nixpkgs.follows = "nixpkgs";
flake-parts.url = "github:hercules-ci/flake-parts";
flake-utils.url = "github:numtide/flake-utils";
git-hooks.inputs.nixpkgs.follows = "nixpkgs";
Expand Down
34 changes: 17 additions & 17 deletions nix/apps.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,32 +1,32 @@
{ ... }:
{
perSystem =
{ self', ... }:
{ self', lib, ... }:
let
mkApp = attrName: binName: {
mkApp = attrName: {
type = "app";
program = "${self'.packages."${attrName}"}/bin/${binName}";
program = lib.getExe self'.packages."${attrName}";
};
in
{
# Apps is a list of names of things that can be executed with 'nix run';
# these are distinct from the things that can be built with 'nix build',
# so they need to be listed here too.
apps = {
start-server = mkApp "start-server" "start-postgres-server";
start-client = mkApp "start-client" "start-postgres-client";
start-replica = mkApp "start-replica" "start-postgres-replica";
# migrate-postgres = mkApp "migrate-tool" "migrate-postgres";
# sync-exts-versions = mkApp "sync-exts-versions" "sync-exts-versions";
pg-restore = mkApp "pg-restore" "pg-restore";
local-infra-bootstrap = mkApp "local-infra-bootstrap" "local-infra-bootstrap";
dbmate-tool = mkApp "dbmate-tool" "dbmate-tool";
update-readme = mkApp "update-readme" "update-readme";
show-commands = mkApp "show-commands" "show-commands";
build-test-ami = mkApp "build-test-ami" "build-test-ami";
run-testinfra = mkApp "run-testinfra" "run-testinfra";
cleanup-ami = mkApp "cleanup-ami" "cleanup-ami";
trigger-nix-build = mkApp "trigger-nix-build" "trigger-nix-build";
start-server = mkApp "start-server";
start-client = mkApp "start-client";
start-replica = mkApp "start-replica";
# migrate-postgres = mkApp "migrate-tool";
# sync-exts-versions = mkApp "sync-exts-versions";
pg-restore = mkApp "pg-restore";
local-infra-bootstrap = mkApp "local-infra-bootstrap";
dbmate-tool = mkApp "dbmate-tool";
update-readme = mkApp "update-readme";
show-commands = mkApp "show-commands";
build-test-ami = mkApp "build-test-ami";
run-testinfra = mkApp "run-testinfra";
cleanup-ami = mkApp "cleanup-ami";
trigger-nix-build = mkApp "trigger-nix-build";
supascan = mkApp "supascan" "supascan";
Copy link

@coderabbitai coderabbitai bot Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

Fix the supascan app declaration - still using old two-argument form.

The mkApp helper was refactored to accept only one argument, but supascan still uses the old two-argument form. This will cause a Nix evaluation error because the result of mkApp "supascan" is an attribute set, which cannot be called as a function with the second "supascan" argument.

🐛 Proposed fix 
-        supascan = mkApp "supascan" "supascan";
+        supascan = mkApp "supascan";
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
supascan = mkApp "supascan" "supascan";
supascan = mkApp "supascan";
🤖 Prompt for AI Agents 
In `@nix/apps.nix` at line 30, The app declaration uses the old two-argument form
of mkApp; update the supascan entry to call mkApp with a single argument (remove
the second "supascan" argument) so it matches the refactored signature of mkApp
and returns the expected attribute set (i.e., change the line referencing mkApp
"supascan" "supascan" to a single-argument call to mkApp "supascan").

};
};
Expand Down
7 changes: 2 additions & 5 deletions nix/checks.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@
perSystem =
{
self',
system,
pkgs,
lib,
...
Expand Down Expand Up @@ -391,12 +390,11 @@
);
inherit (self'.packages)
wal-g-2
dbmate-tool
packer
pg_regress
goss
supascan
;
devShell = self'.devShells.default;
}
// pkgs.lib.optionalAttrs (pkgs.stdenv.isLinux) (
{
Expand All @@ -413,7 +411,6 @@
inherit self;
inherit pkgs;
})
)
// pkgs.lib.optionalAttrs (system == "x86_64-linux") ({ devShell = self'.devShells.default; });
);
};
}
106 changes: 89 additions & 17 deletions nix/devShells.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
pkgs,
self',
config,
lib,
...
}:
let
Expand Down Expand Up @@ -34,7 +35,7 @@
in
{
devShells = {
default = pkgs.mkShell {
default = pkgs.devshell.mkShell {
packages =
with pkgs;
[
Expand All @@ -45,28 +46,99 @@
shellcheck
ansible
ansible-lint
self'.packages.packer

self'.packages.start-server
self'.packages.start-client
self'.packages.start-replica
self'.packages.migrate-tool
self'.packages.sync-exts-versions
self'.packages.build-test-ami
self'.packages.run-testinfra
self'.packages.cleanup-ami
self'.packages.supascan
self'.packages.goss
aws-vault
packer
dbmate
nushell
pythonEnv
config.treefmt.build.wrapper
]
++ self'.packages.docs.nativeBuildInputs;
shellHook = ''
export HISTFILE=.history
${config.pre-commit.installationScript}
'';
devshell.startup.pre-commit.text = config.pre-commit.installationScript;
commands = [
{
name = "fmt";
help = "Format code";
command = "nix fmt";
category = "check";
}
{
name = "check";
help = "Run all checks";
command = "nix flake -L check -v";
category = "check";
}
{
name = "lint";
help = "Lint code";
command = "pre-commit run --all-files";
category = "check";
}
{
name = "watch";
help = "Watch for file changes and run all checks";
command =
let
watchExec = lib.getExe pkgs.watchexec;
nixFastBuild = ''
${lib.getExe pkgs.nix} run github:Mic92/nix-fast-build -- \
--skip-cached --retries=2 --no-download --option warn-dirty false \
--option accept-flake-config true --no-link \
--flake ".#checks.${pkgs.stdenv.hostPlatform.system}"
'';
in
"${watchExec} --on-busy-update=queue -w . --ignore '.jj/*' --timings -- ${nixFastBuild}";
category = "check";
}
{
name = "cleanup-ami";
help = "Deregister AMIs by name";
command = "${lib.getExe self'.packages.cleanup-ami} $@";
category = "ami";
}
{
name = "build-test-ami";
help = "Build AMI images for PostgreSQL testing";
command = "${lib.getExe self'.packages.build-test-ami} $@";
category = "ami";
}
{
name = "sync-exts-versions";
help = "Update extensions versions";
command = "${lib.getExe self'.packages.sync-exts-versions}";
category = "extension";
}
{
name = "start-postgres-server";
help = "Start a local Postgres server";
command = "${lib.getExe pkgs.nix} run .#start-server -- $@";
category = "postgres";
}
{
name = "start-postgres-client";
help = "Start an interactive psql with the specified Postgres version";
command = "${lib.getExe pkgs.nix} run .#start-client -- $@";
category = "postgres";
}
{
name = "start-postgres-replica";
help = "Start a local Postgres replica server";
command = "${lib.getExe pkgs.nix} run .#start-replica -- $@";
category = "postgres";
}
{
name = "migrate-postgres";
help = "Run database migrations";
command = "${lib.getExe pkgs.nix} run .#migrate-tool -- $@";
category = "postgres";
}
{
name = "dbmate-tool";
help = "Run dbmate against specified local Postgres database";
command = "${lib.getExe pkgs.nix} run .#dbmate-tool -- $@";
category = "postgres";
}
];
};
cargo-pgrx_0_11_3 = mkCargoPgrxDevShell {
pgrxVersion = "0_11_3";
Expand Down
1 change: 1 addition & 0 deletions nix/nixpkgs.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
v8_oldstable = oldstable.v8;
}
)
inputs.devshell.overlays.default
];
};
};
Expand Down
80 changes: 31 additions & 49 deletions nix/packages/build-test-ami.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,23 +1,29 @@
{ pkgs, runCommand }:
runCommand "build-test-ami"
{
buildInputs = with pkgs; [
packer
awscli2
yq
jq
openssl
git
coreutils
aws-vault
];
}
''
mkdir -p $out/bin
cat > $out/bin/build-test-ami << 'EOL'
#!/usr/bin/env bash
set -euo pipefail

{
writeShellApplication,
packer,
awscli2,
yq,
jq,
openssl,
gitMinimal,
coreutils,
aws-vault,
python3,
}:
writeShellApplication {
name = "build-test-ami";
runtimeInputs = [
packer
awscli2
yq
jq
openssl
gitMinimal
coreutils
aws-vault
python3
];
text = ''
show_help() {
cat << EOF
Usage: build-test-ami [--help] <postgres-version>
Expand Down Expand Up @@ -52,30 +58,6 @@ runCommand "build-test-ami"
exit 0
fi

export PATH="${
pkgs.lib.makeBinPath (
with pkgs;
[
packer
awscli2
yq
jq
openssl
git
coreutils
aws-vault
]
)
}:$PATH"

# Check for required tools
for cmd in packer aws-vault yq jq openssl; do
if ! command -v $cmd &> /dev/null; then
echo "Error: $cmd is required but not found"
exit 1
fi
done

# Check AWS Vault profile
if [ -z "''${AWS_VAULT:-}" ]; then
echo "Error: AWS_VAULT environment variable must be set with the profile name"
Expand Down Expand Up @@ -140,18 +122,18 @@ runCommand "build-test-ami"
VENV_DIR=$(mktemp -d)
trap 'rm -rf "$VENV_DIR"' EXIT HUP INT QUIT TERM
python3 -m venv "$VENV_DIR"
# shellcheck source=/dev/null
source "$VENV_DIR/bin/activate"

# Install required Python packages
echo "Installing required Python packages..."
pip install boto3 boto3-stubs[essential] docker ec2instanceconnectcli pytest paramiko requests
pip install boto3 'boto3-stubs[essential]' docker ec2instanceconnectcli pytest paramiko requests

# Run the tests with aws-vault
echo "Running tests for AMI: $RANDOM_STRING using AWS Vault profile: $AWS_VAULT_PROFILE"
aws-vault exec $AWS_VAULT_PROFILE -- pytest -vv -s testinfra/test_ami_nix.py
aws-vault exec "$AWS_VAULT_PROFILE" -- pytest -vv -s testinfra/test_ami_nix.py

# Deactivate virtual environment (cleanup is handled by trap)
deactivate
EOL
chmod +x $out/bin/build-test-ami
''
'';
}
Loading
Loading