• Stars
    star
    285
  • Rank 145,115 (Top 3 %)
  • Language Starlark
  • License
    Apache License 2.0
  • Created almost 7 years ago
  • Updated 2 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Rules for importing Nixpkgs packages into Bazel.

Nixpkgs rules for Bazel

Continuous integration

Use Nix and the Nixpkgs package set to import external dependencies (like system packages) into Bazel hermetically. If the version of any dependency changes, Bazel will correctly rebuild targets, and only those targets that use the external dependencies that changed.

Links:

See examples for how to use rules_nixpkgs with different toolchains.

Rules

Setup

Add the following to your WORKSPACE file, and select a $COMMIT accordingly.

load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")

http_archive(
    name = "io_tweag_rules_nixpkgs",
    strip_prefix = "rules_nixpkgs-$COMMIT",
    urls = ["https://github.com/tweag/rules_nixpkgs/archive/$COMMIT.tar.gz"],
)

load("@io_tweag_rules_nixpkgs//nixpkgs:repositories.bzl", "rules_nixpkgs_dependencies")
rules_nixpkgs_dependencies()

load("@io_tweag_rules_nixpkgs//nixpkgs:nixpkgs.bzl", "nixpkgs_git_repository", "nixpkgs_package", "nixpkgs_cc_configure")

load("@io_tweag_rules_nixpkgs//nixpkgs:toolchains/go.bzl", "nixpkgs_go_configure") # optional

If you use rules_nixpkgs to configure a toolchain, then you will also need to configure the build platform to include the @rules_nixpkgs_core//constraints:support_nix constraint. For example by adding the following to .bazelrc:

build --host_platform=@rules_nixpkgs_core//platforms:host

Example

nixpkgs_git_repository(
    name = "nixpkgs",
    revision = "17.09", # Any tag or commit hash
    sha256 = "" # optional sha to verify package integrity!
)

nixpkgs_package(
    name = "hello",
    repositories = { "nixpkgs": "@nixpkgs//:default.nix" }
)

Migration from older releases

path Attribute (removed in 0.3)

path was an attribute from the early days of rules_nixpkgs, and its ability to reference arbitrary paths is a danger to build hermeticity.

Replace it with either nixpkgs_git_repository if you need a specific version of nixpkgs. If you absolutely must depend on a local folder, use Bazel's local_repository workspace rule. Both approaches work well with the repositories attribute of nixpkgs_package.

local_repository(
  name = "local-nixpkgs",
  path = "/path/to/nixpkgs",
)

nixpkgs_package(
  name = "somepackage",
  repositories = {
    "nixpkgs": "@local-nixpkgs//:default.nix",
  },
)

Reference documentation

nixpkgs_cc_configure

nixpkgs_cc_configure(name, attribute_path, nix_file, nix_file_content, nix_file_deps, repositories,
                     repository, nixopts, quiet, fail_not_supported, exec_constraints,
                     target_constraints, register, cc_lang)

Use a CC toolchain from Nixpkgs. No-op if not a nix-based platform.

By default, Bazel auto-configures a CC toolchain from commands (e.g. gcc) available in the environment. To make builds more hermetic, use this rule to specify explicitly which commands the toolchain should use.

Specifically, it builds a Nix derivation that provides the CC toolchain tools in the bin/ path and constructs a CC toolchain that uses those tools. Tools that aren't found are replaced by ${coreutils}/bin/false. You can inspect the resulting @<name>_info//:CC_TOOLCHAIN_INFO to see which tools were discovered.

If you specify the nix_file or nix_file_content argument, the CC toolchain is discovered by evaluating the corresponding expression. In addition, you may use the attribute_path argument to select an attribute from the result of the expression to use as the CC toolchain (see example below).

If neither the nix_file nor nix_file_content argument is used, the toolchain is discovered from the stdenv.cc and the stdenv.cc.bintools attributes of the given <nixpkgs> repository.

# use GCC 11
nixpkgs_cc_configure(
  repository = "@nixpkgs",
  nix_file_content = "(import <nixpkgs> {}).gcc11",
)
# use GCC 11 (same result as above)
nixpkgs_cc_configure(
  repository = "@nixpkgs",
  attribute_path = "gcc11",
  nix_file_content = "import <nixpkgs> {}",
)
# alternate usage without specifying `nix_file` or `nix_file_content`
nixpkgs_cc_configure(
  repository = "@nixpkgs",
  attribute_path = "gcc11",
)
# use the `stdenv.cc` compiler (the default of the given @nixpkgs repository)
nixpkgs_cc_configure(
  repository = "@nixpkgs",
)

This rule depends on rules_cc.

Note: You need to configure --crosstool_top=@<name>//:toolchain to activate this toolchain.

Parameters

name

optional. default is "local_config_cc"

attribute_path

optional. default is ""

optional, string, Obtain the toolchain from the Nix expression under this attribute path. Uses default repository if no nix_file or nix_file_content is provided.

nix_file

optional. default is None

optional, Label, Obtain the toolchain from the Nix expression defined in this file. Specify only one of nix_file or nix_file_content.

nix_file_content

optional. default is ""

optional, string, Obtain the toolchain from the given Nix expression. Specify only one of nix_file or nix_file_content.

nix_file_deps

optional. default is []

optional, list of Label, Additional files that the Nix expression depends on.

repositories

optional. default is {}

dict of Label to string, Provides <nixpkgs> and other repositories. Specify one of repositories or repository.

repository

optional. default is None

Label, Provides <nixpkgs>. Specify one of repositories or repository.

nixopts

optional. default is []

optional, list of string, Extra flags to pass when calling Nix. See nixopts attribute to nixpkgs_package for further details.

quiet

optional. default is False

bool, Whether to hide nix-build output.

fail_not_supported

optional. default is True

bool, Whether to fail if nix-build is not available.

exec_constraints

optional. default is None

Constraints for the execution platform.

target_constraints

optional. default is None

Constraints for the target platform.

register

optional. default is True

bool, enabled by default, Whether to register (with register_toolchains) the generated toolchain and install it as the default cc_toolchain.

cc_lang

optional. default is "c++"

string, "c++" by default. Used to populate CXX_FLAG so the compiler is called in C++ mode. Can be set to "none" together with appropriate copts in the cc_library call: see above.

nixpkgs_cc_configure_deprecated

nixpkgs_cc_configure_deprecated(repository, repositories, nix_file, nix_file_deps, nix_file_content,
                                nixopts)

Use a CC toolchain from Nixpkgs. No-op if not a nix-based platform.

Tells Bazel to use compilers and linkers from Nixpkgs for the CC toolchain. By default, Bazel auto-configures a CC toolchain from commands available in the environment (e.g. gcc). Overriding this autodetection makes builds more hermetic and is considered a best practice.

Example

nixpkgs_cc_configure(repository = "@nixpkgs//:default.nix")

Parameters

repository

optional. default is None

A repository label identifying which Nixpkgs to use. Equivalent to repositories = { "nixpkgs": ...}.

repositories

optional. default is {}

A dictionary mapping NIX_PATH entries to repository labels.

Setting it to

repositories = { "myrepo" : "//:myrepo" }

for example would replace all instances of <myrepo> in the called nix code by the path to the target "//:myrepo". See the relevant section in the nix manual for more information.

Specify one of repository or repositories.

nix_file

optional. default is None

An expression for a Nix environment derivation. The environment should expose all the commands that make up a CC toolchain (cc, ld etc). Exposes all commands in stdenv.cc and binutils by default.

nix_file_deps

optional. default is None

Dependencies of nix_file if any.

nix_file_content

optional. default is None

An expression for a Nix environment derivation.

nixopts

optional. default is []

Options to forward to the nix command.

nixpkgs_flake_package

nixpkgs_flake_package(name, nix_flake_file, nix_flake_lock_file, nix_flake_file_deps, package,
                      build_file, build_file_content, nixopts, quiet, fail_not_supported, kwargs)

Make the content of a local Nix Flake package available in the Bazel workspace.

Parameters

name

required.

A unique name for this repository.

nix_flake_file

required.

Label to flake.nix that will be evaluated.

nix_flake_lock_file

required.

Label to flake.lock that corresponds to nix_flake_file.

nix_flake_file_deps

optional. default is []

Additional dependencies of nix_flake_file if any.

package

optional. default is None

Nix Flake package to make available. The default package will be used if not specified.

build_file

optional. default is None

The file to use as the BUILD file for this repository. See nixpkgs_package for more information.

build_file_content

optional. default is ""

Like build_file, but a string of the contents instead of a file name. See nixpkgs_package for more information.

nixopts

optional. default is []

Extra flags to pass when calling Nix. See nixpkgs_package for more information.

quiet

optional. default is False

Whether to hide the output of the Nix command.

fail_not_supported

optional. default is True

If set to True (default) this rule will fail on platforms which do not support Nix (e.g. Windows). If set to False calling this rule will succeed but no output will be generated.

kwargs

optional.

nixpkgs_git_repository

nixpkgs_git_repository(name, revision, remote, sha256, kwargs)

Name a specific revision of Nixpkgs on GitHub or a local checkout.

Parameters

name

required.

String

A unique name for this repository.

revision

required.

String

Git commit hash or tag identifying the version of Nixpkgs to use.

remote

optional. default is "https://github.com/NixOS/nixpkgs"

String

The URI of the remote Git repository. This must be a HTTP URL. There is currently no support for authentication. Defaults to upstream nixpkgs.

sha256

optional. default is None

String

The SHA256 used to verify the integrity of the repository.

kwargs

optional.

Additional arguments to forward to the underlying repository rule.

nixpkgs_http_repository

nixpkgs_http_repository(name, url, urls, auth, strip_prefix, integrity, sha256, kwargs)

Download a Nixpkgs repository over HTTP.

Parameters

name

required.

String

A unique name for this repository.

url

optional. default is None

String

A URL to download the repository from.

This must be a file, http or https URL. Redirections are followed.

More flexibility can be achieved by the urls parameter that allows to specify alternative URLs to fetch from.

urls

optional. default is None

List of String

A list of URLs to download the repository from.

Each entry must be a file, http or https URL. Redirections are followed.

URLs are tried in order until one succeeds, so you should list local mirrors first. If all downloads fail, the rule will fail.

auth

optional. default is None

Dict of String

An optional dict mapping host names to custom authorization patterns.

If a URL's host name is present in this dict the value will be used as a pattern when generating the authorization header for the http request. This enables the use of custom authorization schemes used in a lot of common cloud storage providers.

The pattern currently supports 2 tokens: <login> and <password>, which are replaced with their equivalent value in the netrc file for the same host name. After formatting, the result is set as the value for the Authorization field of the HTTP request.

Example attribute and netrc for a http download to an oauth2 enabled API using a bearer token:

auth_patterns = {
    "storage.cloudprovider.com": "Bearer <password>"
}

netrc:

machine storage.cloudprovider.com
        password RANDOM-TOKEN

The final HTTP request would have the following header:

Authorization: Bearer RANDOM-TOKEN

strip_prefix

optional. default is None

String

A directory prefix to strip from the extracted files.

Many archives contain a top-level directory that contains all of the useful files in archive. This field can be used to strip it from all of the extracted files.

For example, suppose you are using nixpkgs-22.11.zip, which contains the directory nixpkgs-22.11/ under which there is the default.nix file and the pkgs/ directory. Specify strip_prefix = "nixpkgs-22.11" to use the nixpkgs-22.11 directory as your top-level directory.

Note that if there are files outside of this directory, they will be discarded and inaccessible (e.g., a top-level license file). This includes files/directories that start with the prefix but are not in the directory (e.g., nixpkgs-22.11.release-notes). If the specified prefix does not match a directory in the archive, Bazel will return an error.

integrity

optional. default is None

String

Expected checksum in Subresource Integrity format of the file downloaded.

This must match the checksum of the file downloaded. It is a security risk to omit the checksum as remote files can change. At best omitting this field will make your build non-hermetic. It is optional to make development easier but either this attribute or sha256 should be set before shipping.

sha256

optional. default is None

String The expected SHA-256 of the file downloaded.

This must match the SHA-256 of the file downloaded. It is a security risk to omit the SHA-256 as remote files can change. At best omitting this field will make your build non-hermetic. It is optional to make development easier but should be set before shipping.

kwargs

optional.

Additional arguments to forward to the underlying repository rule.

nixpkgs_java_configure

nixpkgs_java_configure(name, attribute_path, java_home_path, repository, repositories, nix_file,
                       nix_file_content, nix_file_deps, nixopts, fail_not_supported, quiet, toolchain,
                       register, toolchain_name, toolchain_version, exec_constraints,
                       target_constraints)

Define a Java runtime provided by nixpkgs.

Creates a nixpkgs_package for a java_runtime instance. Optionally, you can also create & register a Java toolchain. This only works with Bazel >= 5.0 Bazel can use this instance to run JVM binaries and tests, refer to the Bazel documentation for details.

Example

Bazel 4

Add the following to your WORKSPACE file to import a JDK from nixpkgs:

load("@io_tweag_rules_nixpkgs//nixpkgs:nixpkgs.bzl", "nixpkgs_java_configure")
nixpkgs_java_configure(
    attribute_path = "jdk11.home",
    repository = "@nixpkgs",
)

Add the following configuration to .bazelrc to enable this Java runtime:

build --javabase=@nixpkgs_java_runtime//:runtime
build --host_javabase=@nixpkgs_java_runtime//:runtime
# Adjust this to match the Java version provided by this runtime.
# See `bazel query 'kind(java_toolchain, @bazel_tools//tools/jdk:all)'` for available options.
build --java_toolchain=@bazel_tools//tools/jdk:toolchain_java11
build --host_java_toolchain=@bazel_tools//tools/jdk:toolchain_java11
Bazel 5

Add the following to your WORKSPACE file to import a JDK from nixpkgs:

load("@io_tweag_rules_nixpkgs//nixpkgs:nixpkgs.bzl", "nixpkgs_java_configure")
nixpkgs_java_configure(
    attribute_path = "jdk11.home",
    repository = "@nixpkgs",
    toolchain = True,
    toolchain_name = "nixpkgs_java",
    toolchain_version = "11",
)

Add the following configuration to .bazelrc to enable this Java runtime:

build --host_platform=@io_tweag_rules_nixpkgs//nixpkgs/platforms:host
build --java_runtime_version=nixpkgs_java
build --tool_java_runtime_version=nixpkgs_java
Bazel 6

Add the following to your WORKSPACE file to import a JDK from nixpkgs:

load("@io_tweag_rules_nixpkgs//nixpkgs:nixpkgs.bzl", "nixpkgs_java_configure")
nixpkgs_java_configure(
    attribute_path = "jdk11.home",
    repository = "@nixpkgs",
    toolchain = True,
    toolchain_name = "nixpkgs_java",
    toolchain_version = "11",
)

Add the following configuration to .bazelrc to enable this Java runtime:

build --host_platform=@io_tweag_rules_nixpkgs//nixpkgs/platforms:host
build --java_runtime_version=nixpkgs_java_11
build --tool_java_runtime_version=nixpkgs_java_11
build --java_language_version=11
build --tool_java_language_version=11

Parameters

name

optional. default is "nixpkgs_java_runtime"

The name-prefix for the created external repositories.

attribute_path

optional. default is None

string, The nixpkgs attribute path for jdk.home.

java_home_path

optional. default is ""

optional, string, The path to JAVA_HOME within the package.

repository

optional. default is None

See nixpkgs_package.

repositories

optional. default is {}

See nixpkgs_package.

nix_file

optional. default is None

optional, Label, Obtain the runtime from the Nix expression defined in this file. Specify only one of nix_file or nix_file_content.

nix_file_content

optional. default is ""

optional, string, Obtain the runtime from the given Nix expression. Specify only one of nix_file or nix_file_content.

nix_file_deps

optional. default is None

See nixpkgs_package.

nixopts

optional. default is []

See nixpkgs_package.

fail_not_supported

optional. default is True

See nixpkgs_package.

quiet

optional. default is False

See nixpkgs_package.

toolchain

optional. default is False

Create a Bazel toolchain based on the Java runtime.

register

optional. default is None

Register the created toolchain. Requires toolchain to be True. Defaults to the value of toolchain.

toolchain_name

optional. default is None

The name of the toolchain that can be used in --java_runtime_version.

toolchain_version

optional. default is None

The version of the toolchain that can be used in --java_runtime_version.

exec_constraints

optional. default is None

Constraints for the execution platform.

target_constraints

optional. default is None

Constraints for the target platform.

nixpkgs_local_repository

nixpkgs_local_repository(name, nix_file, nix_file_deps, nix_file_content, nix_flake_lock_file,
                         kwargs)

Create an external repository representing the content of Nixpkgs.

Based on a Nix expression stored locally or provided inline. One of nix_file or nix_file_content must be provided.

Parameters

name

required.

String

A unique name for this repository.

nix_file

optional. default is None

Label

A file containing an expression for a Nix derivation.

nix_file_deps

optional. default is None

List of labels

Dependencies of nix_file if any.

nix_file_content

optional. default is None

String

An expression for a Nix derivation.

nix_flake_lock_file

optional. default is None

String

A flake lock file that can be used on the provided nixpkgs repository.

kwargs

optional.

Additional arguments to forward to the underlying repository rule.

nixpkgs_nodejs_configure

nixpkgs_nodejs_configure(name, attribute_path, repository, repositories, nix_platform, nix_file,
                         nix_file_content, nix_file_deps, nixopts, fail_not_supported, quiet,
                         exec_constraints, target_constraints, register)

Parameters

name

optional. default is "nixpkgs_nodejs"

attribute_path

optional. default is "nodejs"

repository

optional. default is None

repositories

optional. default is {}

nix_platform

optional. default is None

nix_file

optional. default is None

nix_file_content

optional. default is None

nix_file_deps

optional. default is None

nixopts

optional. default is []

fail_not_supported

optional. default is True

quiet

optional. default is False

exec_constraints

optional. default is None

target_constraints

optional. default is None

register

optional. default is True

nixpkgs_nodejs_configure_platforms

nixpkgs_nodejs_configure_platforms(name, platforms_mapping, attribute_path, repository,
                                   repositories, nix_platform, nix_file, nix_file_content,
                                   nix_file_deps, nixopts, fail_not_supported, quiet,
                                   exec_constraints, target_constraints, register, kwargs)

Runs nixpkgs_nodejs_configure for each platform.

Since rules_nodejs adds platform suffix to repository name, this can be helpful if one wants to use npm_install and reference js dependencies from npm repo. See the example directory.

Parameters

name

optional. default is "nixpkgs_nodejs"

platforms_mapping

optional. default is {"aarch64-darwin": struct(exec_constraints = ["@platforms//os:macos", "@platforms//cpu:arm64"], rules_nodejs_platform = "darwin_arm64", target_constraints = ["@platforms//os:macos", "@platforms//cpu:arm64"]), "x86_64-linux": struct(exec_constraints = ["@platforms//os:linux", "@platforms//cpu:x86_64"], rules_nodejs_platform = "linux_amd64", target_constraints = ["@platforms//os:linux", "@platforms//cpu:x86_64"]), "x86_64-darwin": struct(exec_constraints = ["@platforms//os:macos", "@platforms//cpu:x86_64"], rules_nodejs_platform = "darwin_amd64", target_constraints = ["@platforms//os:macos", "@platforms//cpu:x86_64"]), "aarch64-linux": struct(exec_constraints = ["@platforms//os:linux", "@platforms//cpu:arm64"], rules_nodejs_platform = "linux_arm64", target_constraints = ["@platforms//os:linux", "@platforms//cpu:arm64"])}

struct describing mapping between nix platform and rules_nodejs bazel platform with target and exec constraints

attribute_path

optional. default is "nodejs"

repository

optional. default is None

repositories

optional. default is {}

nix_platform

optional. default is None

nix_file

optional. default is None

nix_file_content

optional. default is None

nix_file_deps

optional. default is None

nixopts

optional. default is []

fail_not_supported

optional. default is True

quiet

optional. default is False

exec_constraints

optional. default is None

target_constraints

optional. default is None

register

optional. default is True

kwargs

optional.

nixpkgs_package

nixpkgs_package(name, attribute_path, nix_file, nix_file_deps, nix_file_content, repository,
                repositories, build_file, build_file_content, nixopts, quiet, fail_not_supported,
                kwargs)

Make the content of a Nixpkgs package available in the Bazel workspace.

If repositories is not specified, you must provide a nixpkgs clone in nix_file or nix_file_content.

Parameters

name

required.

A unique name for this repository.

attribute_path

optional. default is ""

Select an attribute from the top-level Nix expression being evaluated. The attribute path is a sequence of attribute names separated by dots.

nix_file

optional. default is None

A file containing an expression for a Nix derivation.

nix_file_deps

optional. default is []

Dependencies of nix_file if any.

nix_file_content

optional. default is ""

An expression for a Nix derivation.

repository

optional. default is None

A repository label identifying which Nixpkgs to use. Equivalent to repositories = { "nixpkgs": ...}

repositories

optional. default is {}

A dictionary mapping NIX_PATH entries to repository labels.

Setting it to

repositories = { "myrepo" : "//:myrepo" }

for example would replace all instances of <myrepo> in the called nix code by the path to the target "//:myrepo". See the relevant section in the nix manual for more information.

Specify one of repository or repositories.

build_file

optional. default is None

The file to use as the BUILD file for this repository.

Its contents are copied into the file BUILD in root of the nix output folder. The Label does not need to be named BUILD, but can be.

For common use cases we provide filegroups that expose certain files as targets:

:bin
Everything in the bin/ directory.
:lib
All .so, .dylib and .a files that can be found in subdirectories of lib/.
:include
All .h, .hh, .hpp and .hxx files that can be found in subdirectories of include/.

If you need different files from the nix package, you can reference them like this:

package(default_visibility = [ "//visibility:public" ])
filegroup(
    name = "our-docs",
    srcs = glob(["share/doc/ourpackage/**/*"]),
)

See the bazel documentation of filegroup and glob.

build_file_content

optional. default is ""

Like build_file, but a string of the contents instead of a file name.

nixopts

optional. default is []

Extra flags to pass when calling Nix.

Subject to location expansion, any instance of $(location LABEL) will be replaced by the path to the file referenced by LABEL relative to the workspace root.

Note, labels to external workspaces will resolve to paths that contain ~ characters if the Bazel flag --enable_bzlmod is true. Nix does not support ~ characters in path literals at the time of writing, see #7742. Meaning, the result of location expansion may not form a valid Nix path literal. Use ./$${"$(location @for//:example)"} to work around this limitation if you need to pass a path argument via --arg, or pass the resulting path as a string value using --argstr and combine it with an additional --arg workspace_root ./. argument using workspace_root + ("/" + path_str).

quiet

optional. default is False

Whether to hide the output of the Nix command.

fail_not_supported

optional. default is True

If set to True (default) this rule will fail on platforms which do not support Nix (e.g. Windows). If set to False calling this rule will succeed but no output will be generated.

kwargs

optional.

nixpkgs_python_configure

nixpkgs_python_configure(name, python2_attribute_path, python2_bin_path, python3_attribute_path,
                         python3_bin_path, repository, repositories, nix_file_deps, nixopts,
                         fail_not_supported, quiet, exec_constraints, target_constraints, register)

Define and register a Python toolchain provided by nixpkgs.

Creates nixpkgs_packages for Python 2 or 3 py_runtime instances and a corresponding py_runtime_pair and toolchain. The toolchain is automatically registered and uses the constraint:

"@io_tweag_rules_nixpkgs//nixpkgs/constraints:support_nix"

Parameters

name

optional. default is "nixpkgs_python_toolchain"

The name-prefix for the created external repositories.

python2_attribute_path

optional. default is None

The nixpkgs attribute path for python2.

python2_bin_path

optional. default is "bin/python"

The path to the interpreter within the package.

python3_attribute_path

optional. default is "python3"

The nixpkgs attribute path for python3.

python3_bin_path

optional. default is "bin/python"

The path to the interpreter within the package.

repository

optional. default is None

See nixpkgs_package.

repositories

optional. default is {}

See nixpkgs_package.

nix_file_deps

optional. default is None

See nixpkgs_package.

nixopts

optional. default is []

See nixpkgs_package.

fail_not_supported

optional. default is True

See nixpkgs_package.

quiet

optional. default is False

See nixpkgs_package.

exec_constraints

optional. default is None

Constraints for the execution platform.

target_constraints

optional. default is None

Constraints for the target platform.

register

optional. default is True

nixpkgs_python_repository

nixpkgs_python_repository(name, repository, repositories, nix_file, nix_file_deps, quiet)

Define a collection of python packages based on a nix file.

The only entry point is a nix_file which should expose a pkgs and a python attributes. python is the python interpreter, and pkgs a set of python packages that will be made available to bazel.

⚠️ All the packages in pkgs are built by this rule. It is therefore not a good idea to expose something as big as pkgs.python3 as provided by nixpkgs.

This rule is instead intended to expose an ad-hoc set of packages for your project, as can be built by poetry2nix, mach-nix, dream2nix or by manually picking the python packages you need from nixpkgs.

The format is generic to support the many ways to generate such packages sets with nixpkgs. See our python tests and examples to get started.

This rule is intended to mimic as closely as possible the rules_python API. nixpkgs_python_repository should be a drop-in replacement of pip_parse. As such, it also provides a requirement function.

⚠️ Using the requirement fucntion inherits the same advantages and limitations as the one in rules_python. All the function does is create a label of the form @{nixpkgs_python_repository_name}//:{package_name}. While depending on such a label directly will work, the layout may change in the future. To be on the safe side, define and import your own requirement function if you need to play with these labels.

⚠️ Just as with rules_python, nothing is done to enforce consistency between the version of python used to generate this repository and the one configured in your toolchain, even if you use nixpkgs_python_toolchain. You should ensure they both use the same python from the same nixpkgs version.

⚠️ packages names exposed by this rule are determined by the pname attribute of the corresponding nix package. These may vary slightly from names used by rules_python. Should this be a problem, you can provide you own requirement function, for example one that lowercases its argument.

Parameters

name

required.

The name for the created package set.

repository

optional. default is None

See nixpkgs_package.

repositories

optional. default is {}

See nixpkgs_package.

nix_file

optional. default is None

See nixpkgs_package.

nix_file_deps

optional. default is []

See nixpkgs_package.

quiet

optional. default is False

See nixpkgs_package.

nixpkgs_rust_configure

nixpkgs_rust_configure(name, default_edition, repository, repositories, nix_file, nix_file_deps,
                       nix_file_content, nixopts, fail_not_supported, quiet, exec_constraints,
                       target_constraints, register)

Parameters

name

optional. default is "nixpkgs_rust"

default_edition

optional. default is "2018"

repository

optional. default is None

repositories

optional. default is {}

nix_file

optional. default is None

nix_file_deps

optional. default is None

nix_file_content

optional. default is None

nixopts

optional. default is []

fail_not_supported

optional. default is True

quiet

optional. default is False

exec_constraints

optional. default is None

target_constraints

optional. default is None

register

optional. default is True

nixpkgs_sh_posix_configure

nixpkgs_sh_posix_configure(name, packages, exec_constraints, register, kwargs)

Create a POSIX toolchain from nixpkgs.

Loads the given Nix packages, scans them for standard Unix tools, and generates a corresponding sh_posix_toolchain.

Make sure to call nixpkgs_sh_posix_configure before sh_posix_configure, if you use both. Otherwise, the local toolchain will always be chosen in favor of the nixpkgs one.

Parameters

name

optional. default is "nixpkgs_sh_posix_config"

Name prefix for the generated repositories.

packages

optional. default is ["stdenv.initialPath"]

List of Nix attribute paths to draw Unix tools from.

exec_constraints

optional. default is None

Constraints for the execution platform.

register

optional. default is True

Automatically register the generated toolchain if set to True.

kwargs

optional.

More Repositories

1

nickel

Better configuration for less
Rust
2,275
star
2

asterius

DEPRECATED in favor of ghc wasm backend, see https://www.tweag.io/blog/2022-11-22-wasm-backend-merged-in-ghc
Haskell
1,978
star
3

ormolu

A formatter for Haskell source code
Haskell
958
star
4

jupyenv

Declarative and reproducible Jupyter environments - powered by Nix
Nix
660
star
5

HaskellR

The full power of R in Haskell.
Haskell
583
star
6

topiary

Rust
486
star
7

sparkle

Haskell on Apache Spark.
Haskell
447
star
8

monad-bayes

A library for probabilistic programming in Haskell.
Jupyter Notebook
407
star
9

awesome-learning-haskell

A collection of resources which were useful to Tweagers for learning Haskell and its various aspects
399
star
10

funflow

Functional workflows
Haskell
361
star
11

linear-base

Standard library for linear types in Haskell.
Haskell
335
star
12

rules_haskell

Haskell rules for Bazel.
Starlark
265
star
13

inline-java

Haskell/Java interop via inline Java code in Haskell modules.
Haskell
230
star
14

capability

Extensional capabilities and deriving combinators
Haskell
214
star
15

FawltyDeps

Python dependency checker
Python
192
star
16

clodl

Turn dynamically linked ELF binaries and libraries into self-contained closures.
Starlark
170
star
17

inline-js

Call JavaScript from Haskell, and vice versa!
Haskell
128
star
18

opam-nix

Turn opam-based OCaml projects into Nix derivations
Nix
111
star
19

nixtract

A CLI tool to extract the graph of derivations from a Nix flake.
Rust
81
star
20

nix-hour

Questions for the weekly Nix Hour
Nix
77
star
21

linear-types

Drafts, notes and resources for adding linear typing to GHC.
TeX
75
star
22

python-monorepo-example

Example of a python monorepo using pip, the poetry backend, and Pants
Python
75
star
23

terraform-provider-nixos

Terraform provider for NixOS and NixOps
Go
70
star
24

tf-ncl

Terraform Configurations with Nickel
Rust
65
star
25

distributed-closure

Serializable closures for distributed programming.
Haskell
63
star
26

terraform-provider-secret

Terraform secret provider
Shell
62
star
27

guides

Designing, programming and deploying, in style.
58
star
28

servant-template

A modern template for a Servant
Haskell
51
star
29

nix_bazel_codelab

Nix+Bazel Codelab
Starlark
49
star
30

kernmantle

Braiding extensible effects together in a pipeline/workflow of tasks
Haskell
47
star
31

pirouette

Language-generic workbench for building static analysis
Haskell
47
star
32

python-nix

Python-Nix FFI library using the new C API
Python
45
star
33

skyscope

A tool for visualising and exploring Bazel Skyframe graphs.
Haskell
45
star
34

rules_sh

Shell rules for Bazel
Starlark
42
star
35

nix-ux

Nix UX improvements
Nix
36
star
36

genealogos

Genealogos, a Nix sbom generator
Rust
36
star
37

blog-resources

Extra resources for Tweag's blog posts.
Jupyter Notebook
35
star
38

cooked-validators

Haskell
35
star
39

lagoon

Data centralization tool
Haskell
35
star
40

webauthn

A library for parsing and validating webauthn/fido2 credentials
Haskell
34
star
41

haskell-training

Material for Haskell training
Haskell
31
star
42

hyperion

A lab for future Criterion features.
Haskell
29
star
43

ghc-wasm-miso-examples

Haskell
24
star
44

rust-alpine-mimalloc

Shell
23
star
45

network-transport-zeromq

ZeroMQ transport for distributed-process (aka Cloud Haskell)
Haskell
22
star
46

nix-remote-rust

Rust
21
star
47

haskell-stack-nix-example

Examples of valid and invalid Stack + Nix integration
Nix
20
star
48

timestats

A library to profile time in a Haskell program
Haskell
17
star
49

ssh-participation

An ssh server that creates new users on-the-fly, great for letting users participate in a demo
Nix
16
star
50

nix_gazelle_extension

Gazelle language extension for nix files
Go
15
star
51

epcb

Nix RFC draft on evaluation purity and caching builtins
15
star
52

nixpkgs-graph-explorer

Explore the nixpkgs dependency graph
Python
14
star
53

nixpkgs-graph

Generate a graph from nixpkgs
Python
14
star
54

haskell-binaryen

Haskell bindings to binaryen.
WebAssembly
14
star
55

gazelle_cabal

A gazelle extension to produce Haskell rules from cabal files
Haskell
13
star
56

smtlib-backends

A Haskell library providing low-level functions for SMTLIB-based interaction with SMT solvers.
Haskell
13
star
57

chainsail

Replica Exchange sampling as-a-service
Python
11
star
58

rust-wasm-threads

Examples of Web Workers using rust and WASM
Rust
11
star
59

random-quality

Framework for testing quality of random number generators
Nix
10
star
60

rules_haskell_examples

Examples of using Bazel's Haskell rules.
9
star
61

funflow2

Compose and run computational workflows
Haskell
9
star
62

rust-wasm-nix

Nix
9
star
63

store-graph

simple haskell code that builds a graph from the nix store
Shell
9
star
64

purescript-unlift

MonadBase, MonadUnliftEffect, MonadUnliftAff, and MonadUnlift
Nix
9
star
65

stackage-head

Stackage builds based on GHC HEAD
Haskell
9
star
66

nix-installer-generator

Nix installer generator
Nix
8
star
67

functionless

CLI tool for packaging Haskell executables for AWS Lambda
Java
8
star
68

formik-apollo

A little bit of for using Formik with Apollo
TypeScript
8
star
69

ch-nixops-example

Example deployment of Cloud Haskell app using NixOps.
Haskell
8
star
70

nix-store-gcs-proxy

A HTTP nix store that proxies requests to Google Storage
Nix
8
star
71

ghc-wasm32-wasi

DEPRECATED, new home https://gitlab.haskell.org/ghc/ghc-wasm-meta
Nix
7
star
72

python-nix-flake-template

Bootstrap a reproducible yet flexible Python development environment using Nix
Nix
7
star
73

ghc-wasm-bindists

Stable links for various GHC WASM bindists
Haskell
7
star
74

terraform-gcp-cdn-bucket

A Google Storage Bucket + CDN configuration
HCL
7
star
75

servant-oauth2

A modern servant wrapper around the wai-middleware-auth OAuth2 provider implementations.
Haskell
7
star
76

chainsail-resources

Examples, documentation and other additional resources related to Chainsail
Python
6
star
77

hello-plutarch

Template project for smart-contracts in Plutarch
Nix
6
star
78

summer-of-nix-modules

Incremental module system buildup for Summer of Nix
Nix
6
star
79

tendermint-bazel

Building Go with Bazel
Go
6
star
80

linear-constraints

TeX
6
star
81

ghc-asterius

DEPRECATED, new home https://gitlab.haskell.org/ghc/ghc
Haskell
6
star
82

remote-execution-nix

nix to bazel-re proxy
Rust
6
star
83

work-daigest

Create a digest of your work week using a LLM
Python
6
star
84

tf-ncl-examples

Examples of Terraform configuration with Nickel
NCL
5
star
85

nickel-lang.org

The website of the Nickel language
JavaScript
5
star
86

nix-marp

Run Marp tools via Nix
Nix
5
star
87

nickel-kubernetes

Typecheck, template and modularize your Kubernetes definitions with Nickel
Rust
5
star
88

pyfunflow

Declarative composable typed workflows in Python
Python
5
star
89

duckling

a Haskell library that parses text into structured data
Haskell
4
star
90

graft

Haskell
4
star
91

nix-unit-testing

A showcase of different unit testing frameworks for Nix.
Python
4
star
92

rules_purescript

Python
4
star
93

toronto_reproducibility_workshop

Slides and toy project for the talk at the Toronto Workshop on Reproducibility
Python
4
star
94

nixos-specialisation-dual-boot

Nix
4
star
95

organist-example

Python
4
star
96

gh-migration-scripts

Repository to house scripts to help with GH migration projects
JavaScript
4
star
97

gazelle_haskell_modules

A gazelle extension to generate haskell_module rules
Haskell
4
star
98

inputs

Utilities for building forms with React
TypeScript
3
star
99

pthread

Bindings for the pthread library
Haskell
3
star
100

cooked-smart-contracts

Smart contracts for the Cardano blockchain written with Cooked-validators
Haskell
3
star