Re-work flake.nix

[lucperkins]

This overhauls the flake to be more like the standard DetSys model.

Summary by CodeRabbit

• Chores
  • Added developer environment config to enable Nix flake usage.
  • Restructured flake outputs to produce per-system apps, packages, dev shells, and checks.
  • Pinned and updated flake inputs and build tooling; exported per-system formatter.
  • Consolidated CI into a matrix-driven job for multiple platforms.
  • Bumped Rust package edition to 2024.
  • Removed TOML formatter rules and a prior license allowlist.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

Enables direnv flake usage, pins minnows-related inputs, replaces flake-utils eachDefaultSystem with explicit per-system pkgs and minnowsSystems generation, emits per-system apps/devShells/checks/packages, defines an overlay that builds the crate via crane using Cargo metadata, updates Cargo edition to 2024, and consolidates CI into a matrix.

Changes

Nix Flake Modernization

Layer / File(s)	Summary
Environment setup and input pinning .envrc, flake.nix (inputs block)	Adds .envrc (use flake) and updates flake.nix inputs by pinning minnows-related flakes and changing crane/nixpkgs references.
Custom outputs structure and minnowsSystems flake.nix (outputs core), system.nix	Replaces flake-utils.lib.eachDefaultSystem with custom pkgsFor/system enumeration, derives rust package metadata from ./Cargo.toml, and programmatically generates minnowsSystems by importing ./system.nix.
DevShells, apps, checks, and packages flake.nix (devShells/apps/checks/packages)	Generates per-system devShells using pkgs.craneLib.devShell, exposes apps.<system>.hello-minnows, reduces checks to clippy/fmt plus hello-minnows, and makes packages.<system>.default point to hello-minnows.
Overlay and crate build flake.nix (overlays.default)	Defines overlays.default that derives Cargo pname/version/meta.mainProgram, cleans Cargo source, computes cargoArtifacts via craneLib.buildDepsOnly, exports craneLib/src/commonArgs/cargoArtifacts, and builds hello-minnows.
CI matrix consolidation .github/workflows/ci.yaml	Consolidates platform jobs into a single matrix-driven checks job, updates success job dependency, and pins actions/checkout to a commit SHA.
Formatter and schemas export flake.nix	Adds per-system formatter using pkgs.nixfmt and continues to export schemas from inputs.minnows.
Cargo metadata update Cargo.toml	Updates crate edition from 2021 to 2024.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Poem

🐇 I hop into the flake, a tiny eager thing,
direnv opens doors and pins the minnows' ring.
Crane stacks the build, Cargo hums in tune,
edition bumped to 2024 — a bright new moon. 🌙

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Re-work flake.nix' directly corresponds to the main change: a comprehensive refactoring of the flake.nix file. While not maximally descriptive of all changes, it accurately reflects the primary modification.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch rework-flake

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@flake.nix`:
- Around line 61-63: The dev shell references a missing checks output via the
attribute self.checks.${system} in the block starting with default =
pkgs.craneLib.devShell { checks = self.checks.${system}; } — either restore a
top-level checks output that provides a per-system attribute set named by
${system} (so self.checks.${system} exists), or remove/replace the checks
assignment in the devShell call (e.g., omit checks or pass an empty/default
attrset) so the dev shell no longer depends on the nonexistent
self.checks.${system}; update the flake outputs accordingly and ensure any
dependent code that expected checks is updated to match the chosen approach.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 31255c37-40e2-4b03-953c-dd5f863f0717

📥 Commits

Reviewing files that changed from the base of the PR and between 2caf12b and c2a898b.

⛔ Files ignored due to path filters (1)

• flake.lock is excluded by !**/*.lock

📒 Files selected for processing (2)

• .envrc
• flake.nix

[colemickens]

Looks mostly fine but I do agree with CodeRabbit, we lost the Rust package checks with this change. Not essential, but I'd kind of like to keep them?

[lucperkins]

Yeah, I suppose the Rust service will probably end up being more ambitious than this 😀 I'll add those.

[lucperkins]

@colemickens I ported over the clippy and format checks. The nextest and Taplo checks didn't seem so useful in this context.

[coderabbitai]

🧹 Nitpick comments (1)

flake.nix (1)

78-86: 💤 Low value

Consider adding default app for convenience.

packages.default is defined, but apps.default is not, meaning nix run won't work without specifying .#hello-minnows.

Suggested addition

       apps = forEachSupportedSystem (
         { pkgs, ... }:
         {
+          default = self.apps.${system}.hello-minnows;
           hello-minnows = {
             type = "app";
             program = lib.getExe pkgs.hello-minnows;
           };
         }
       );

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@flake.nix` around lines 78 - 86, Add a default app mapping so `nix run` works
without specifying .#hello-minnows: in the apps block produced by
forEachSupportedSystem, add an entry named "default" that points to the same
program as "hello-minnows" (use the same lib.getExe pkgs.hello-minnows reference
or an alias to it) so apps.default exists alongside apps.hello-minnows; ensure
you reuse the existing pkgs/hello-minnows symbol and keep forEachSupportedSystem
behavior consistent.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@flake.nix`:
- Around line 78-86: Add a default app mapping so `nix run` works without
specifying .#hello-minnows: in the apps block produced by
forEachSupportedSystem, add an entry named "default" that points to the same
program as "hello-minnows" (use the same lib.getExe pkgs.hello-minnows reference
or an alias to it) so apps.default exists alongside apps.hello-minnows; ensure
you reuse the existing pkgs/hello-minnows symbol and keep forEachSupportedSystem
behavior consistent.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: d545fbe9-91a1-46f9-9501-6730dcbcd444

📥 Commits

Reviewing files that changed from the base of the PR and between c2a898b and 1afda24.

📒 Files selected for processing (4)

• Cargo.toml
• deny.toml
• flake.nix
• taplo.toml

💤 Files with no reviewable changes (2)

• deny.toml
• taplo.toml

✅ Files skipped from review due to trivial changes (1)

• Cargo.toml

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/ci.yaml:
- Around line 21-25: CI workflow uses floating tags for third-party actions;
replace the two occurrences of DeterminateSystems/determinate-nix-action@main
and DeterminateSystems/flakehub-cache-action@main with their respective
40-character commit SHAs (immutably pin both actions) so the workflow references
exact commits instead of `@main`; update both action lines to use the full commit
SHAs and keep the existing with: persist-credentials setting unchanged.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 265eef91-f119-4a79-9797-0bb0d7770193

📥 Commits

Reviewing files that changed from the base of the PR and between b246cd7 and 6380fc9.

📒 Files selected for processing (2)

• .github/workflows/ci.yaml
• flake.nix

🚧 Files skipped from review as they are similar to previous changes (1)

• flake.nix