Files
nexu-io-open-design/flake.nix
PerishFire 0bf1b6d6b8 [codex] converge release workflows and stable dry-runs (#4390)
* fix(tools-pack): use junctions for Windows standalone peer deps

* fix(desktop): expose IPC during startup

* fix(tools-pack): preserve Windows inspect diagnostics

* fix(tools-pack): report Windows inspect status errors

* fix(packaged): use Electron net fetch for app protocol

* fix(packaged): load Windows renderer from web sidecar

* fix(desktop): show Windows packaged window during startup

* fix(packaged): disable Windows GPU startup

* fix(tools-pack): keep Windows core smoke observable

* fix(packaged): remove Windows startup probes

* fix(tools-pack): trace Windows desktop IPC status

* fix(tools-pack): add Windows IPC diagnose loop

* fix(release): default beta-s Windows updater feed

* chore: clean merged test eof

* refactor(release): unify prerelease channel model

* chore(release): close prerelease doc escape hatches

* refactor(release): converge release channel workflows

* fix(release): install toolchain in metadata jobs

* fix(release): build release package before contracts

* chore(release): bump development version to 0.10.1

* fix(e2e): seed windows packaged smoke runtime config

* fix(release): install toolchain for metadata publish

* fix(release): materialize betas metadata checkout

* chore(release): bump development version to 0.10.2

* fix(release): allow betas metadata cold start from s3

* fix(e2e): support betas packaged update scenarios

* fix(release): pass betas channel into packaged smoke

* fix(release): set betas channel during self-hosted builds

* fix(release): verify counted channel reservations

* fix(release): use pnpm cmd for betas windows publish

* fix(release): add betas manifest artifact fallback

* fix(release): skip beta-s public metadata fetch

* fix(release): read beta-s manifests from storage

* fix(release): cache beta windows tools-pack builds

* fix(release): inline beta mac tools-pack builds

* fix(pack): deep sign unsigned mac bundles

* docs(pack): document payload-first beta updater validation

* fix(release): align preview tools-pack cache flow

* fix(release): align prerelease tools-pack cache flow

* fix(release): pass github token to prerelease metadata

* fix(release): setup pnpm before feishu notify

* fix(release): add stable dry-run prepublish flow

* fix(release): accept completed prerelease metadata gate

* fix(release): require stable release branches

* fix(release): converge r2 access checks

* fix(updater): use release channel parser for defaults

* fix(updater): harden windows payload relaunch

* fix(release): converge updater smoke fixture contract

* test(e2e): require silent updater fixture output

* fix(release): align stable windows smoke build path

* fix(ci): include release workspace in validation

* fix(ci): repair release validation lanes

Generated-By: looper 0.9.10+codex.autoclean (runner=fixer, agent=codex)

* fix(ci): restore zero-install Feishu notification

Generated-By: looper 0.9.10+codex.autoclean (runner=fixer, agent=codex)

---------

Co-authored-by: Looper <looper@noreply.github.com>
2026-06-23 06:13:21 +00:00

206 lines
6.2 KiB
Nix

{
description = "Open Design local-first design product. Daemon (`od` CLI) + Next.js static web frontend.";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
flake-utils.url = "github:numtide/flake-utils";
dream2nix = {
url = "github:nix-community/dream2nix";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = {
self,
nixpkgs,
flake-utils,
dream2nix,
home-manager,
}: let
filterProjectSource = includePaths:
nixpkgs.lib.cleanSourceWith {
src = self;
filter = path: type: let
root = toString self;
pathStr = toString path;
rel = nixpkgs.lib.removePrefix (root + "/") pathStr;
matches = includePath:
rel == includePath
|| nixpkgs.lib.hasPrefix (includePath + "/") rel
|| (type == "directory" && nixpkgs.lib.hasPrefix (rel + "/") includePath);
in
rel == ""
|| builtins.any matches includePaths;
};
perSystem = flake-utils.lib.eachDefaultSystem (system: let
pkgs = import nixpkgs {inherit system;};
nodejs = pkgs.nodejs_24;
workspacePackageManifests = workspacePaths:
map (workspacePath: "${workspacePath}/package.json") workspacePaths;
# Keep in sync with .github/workflows/ci.yml change_scopes
# nix_validation_required filter.
daemonWorkspacePaths = [
"packages/release"
"packages/contracts"
"packages/registry-protocol"
"packages/agui-adapter"
"packages/plugin-runtime"
"packages/sidecar-proto"
"packages/sidecar"
"packages/platform"
"packages/diagnostics"
"apps/daemon"
];
# Keep in sync with .github/workflows/ci.yml change_scopes
# nix_validation_required filter.
webWorkspacePaths = [
"packages/release"
"packages/components"
"packages/contracts"
"packages/host"
"packages/platform"
"packages/sidecar"
"packages/sidecar-proto"
"apps/web"
];
daemonSrc = filterProjectSource ([
"package.json"
"pnpm-lock.yaml"
"pnpm-workspace.yaml"
"tsconfig.json"
"assets"
"plugins"
"skills"
"design-systems"
"design-templates"
"craft"
"prompt-templates"
]
++ daemonWorkspacePaths);
webSrc = filterProjectSource ([
"package.json"
"pnpm-lock.yaml"
"pnpm-workspace.yaml"
"tsconfig.json"
]
++ webWorkspacePaths);
pnpmDepsBaseInputs = [
"package.json"
"pnpm-lock.yaml"
"pnpm-workspace.yaml"
];
daemonPnpmDepsSrc = filterProjectSource (
pnpmDepsBaseInputs ++ workspacePackageManifests daemonWorkspacePaths
);
webPnpmDepsSrc = filterProjectSource (
pnpmDepsBaseInputs ++ workspacePackageManifests webWorkspacePaths
);
# nixpkgs ships pnpm 10.33.0; the repo's package.json declares
# `engines.pnpm: ">=10.33.2 <11"` and pnpm refuses to install
# against an older binary. Override the upstream tarball to
# the exact version pinned by `packageManager`. Bump the url
# + hash in lockstep with package.json#packageManager.
#
# When bumping versions, run the following to get a new hash:
#
# ```bash
# nix store prefetch-file --hash-type sha256 \
# https://registry.npmjs.org/pnpm/-/pnpm-${NEW_VERSION}.tgz
# ```
pnpm_10 = pkgs.pnpm_10.overrideAttrs (_old: rec {
version = "10.33.2";
src = pkgs.fetchurl {
url = "https://registry.npmjs.org/pnpm/-/pnpm-${version}.tgz";
hash = "sha256-envPE9f2zrOUbAOXg3PZm+n94cr8MAC9/tTE95EWdhA=";
};
});
daemon = pkgs.callPackage ./nix/package-daemon.nix {
inherit dream2nix nixpkgs system nodejs pnpm_10;
src = daemonSrc;
pnpmDepsSrc = daemonPnpmDepsSrc;
workspacePaths = daemonWorkspacePaths;
};
web = pkgs.callPackage ./nix/package-web.nix {
inherit dream2nix nixpkgs system nodejs pnpm_10;
src = webSrc;
pnpmDepsSrc = webPnpmDepsSrc;
workspacePaths = webWorkspacePaths;
};
in {
packages = {
inherit daemon web;
default = daemon;
};
# Wrap `od` with `--no-open` for `nix run`: the daemon package
# builds the daemon workspace only, not `apps/web/out/`, so the
# browser would otherwise auto-open onto an empty static dir.
#
# Set OD_DATA_DIR to a writable location when unset. The Nix store
# is read-only at runtime, so the daemon cannot write to its default
# `<projectRoot>/.od` location under `nix run`.
apps.default = {
type = "app";
program = "${pkgs.writeShellScript "od-nix-run" ''
export OD_DATA_DIR="''${OD_DATA_DIR:-$HOME/.od}"
exec ${daemon}/bin/od --no-open "$@"
''}";
meta.description = "Open Design local daemon (`od`)";
};
devShells.default = pkgs.mkShell {
packages = [
nodejs
pnpm_10
];
shellHook = ''
echo "🎨 Open Design dev shell loaded!"
echo ""
echo "Language runtimes:"
echo " - 🐢 Node.js: $(node --version 2>/dev/null || echo 'not found')"
echo " - 📦 pnpm: $(pnpm --version 2>/dev/null || echo 'not found')"
echo ""
echo "Quick start:"
echo " - 🚀 pnpm install"
echo " - 🚀 pnpm tools-dev # local lifecycle entry point"
echo ""
'';
};
checks = {
daemon = daemon;
web = web;
};
formatter = pkgs.nixpkgs-fmt;
});
moduleCommon = import ./nix/module-common.nix;
in
perSystem
// {
homeManagerModules = rec {
open-design = import ./nix/home-manager.nix {
inherit moduleCommon;
flake = self;
};
default = open-design;
};
nixosModules = rec {
open-design = import ./nix/nixos.nix {
inherit moduleCommon;
flake = self;
};
default = open-design;
};
};
}