Conversation
The CDN deploys were slow because `nix build` compiled Rust from scratch on the remote Linode VMs. The root cause: the CDN flake overrode moq-relay with custom RUSTFLAGS (frame pointers), creating a different derivation hash than what Cachix cached, so the cache never hit. Changes: - Move frame pointers into the main nix overlay so the CDN build matches what Cachix caches (negligible overhead, useful for profiling anywhere) - Remove the overrideAttrs from cdn/flake.nix so it uses upstream directly - Build each package explicitly in the Cachix workflow and push closures - Add `just pin <tag>` for versioned deployments (e.g., just pin moq-relay-v0.10.6) Deploy workflow becomes: pin to a release tag, then deploy. The remote downloads pre-built binaries from Cachix instead of compiling. https://claude.ai/code/session_01RFDCXbXcRsBWpcxHDoxFBt
…eployments-IccwW # Conflicts: # cdn/flake.nix # cdn/justfile
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review infoConfiguration used: Organization UI Review profile: CHILL Plan: Pro 📒 Files selected for processing (13)
💤 Files with no reviewable changes (1)
🚧 Files skipped from review as they are similar to previous changes (1)
WalkthroughThis pull request changes CI build caching to run three separate nix builds and cachix pushes for moq-relay, moq-cli, and moq-token. It adds 🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.github/workflows/cachix.yml:
- Around line 35-38: The workflow builds the wrong flake output name (it uses
.#moq-cli), causing the nix build to fail because the flake exports the package
as moq; update the GitHub Actions step that runs nix build to use .#moq instead
of .#moq-cli (keep the --print-build-logs flag and subsequent cachix push
./result unchanged) so the build references the correct flake output.
| - name: Build and cache moq-cli | ||
| run: | | ||
| nix build .#moq-cli --print-build-logs | ||
| cachix push kixelated ./result |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
set -euo pipefail
echo "== Workflow targets =="
rg -n -C2 'nix build \.#' .github/workflows/cachix.yml
echo
echo "== Overlay package attrs =="
rg -n -C3 '^\s*(moq-relay|moq-token|moq)\s*=' nix/overlay.nix
echo
echo "== Flake package/app output mappings (all flake.nix files) =="
fd -H '^flake\.nix$' | while read -r f; do
echo "--- $f ---"
rg -n -C4 '\b(packages|legacyPackages|apps)\b|moq-cli|moq-token|moq-relay|\bmoq\b' "$f" || true
doneRepository: moq-dev/moq
Length of output: 3817
Fix the flake output name: change .#moq-cli to .#moq
Line 37 builds .#moq-cli, but the root flake.nix only exports the package as moq (not moq-cli). While nix/overlay.nix defines the derivation for the CLI tool, it's named moq, and the flake outputs inherit it with that same name. This step will fail at build time. Change to nix build .#moq --print-build-logs.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In @.github/workflows/cachix.yml around lines 35 - 38, The workflow builds the
wrong flake output name (it uses .#moq-cli), causing the nix build to fail
because the flake exports the package as moq; update the GitHub Actions step
that runs nix build to use .#moq instead of .#moq-cli (keep the
--print-build-logs flag and subsequent cachix push ./result unchanged) so the
build references the correct flake output.
kixelated
changed the title
moq binary to moq-cli
2 participants
Summary
This PR improves the Nix build caching strategy to ensure CDN nodes can download pre-built binaries from Cachix instead of compiling from source. It also clarifies the moq dependency management approach and ensures build consistency across environments.
Key Changes
Enhanced Cachix workflow: Modified
.github/workflows/cachix.ymlto build and cache each package individually (moq-relay,moq-cli,moq-token) rather than building a single workspace. This ensures each package's closure is cached separately, allowing CDN nodes to download pre-built binaries.Consistent frame pointer configuration: Moved frame pointer enablement from
cdn/flake.nix(as a local override) tonix/overlay.nixas a standard build flag. This ensures the CDN build matches what Cachix caches and provides profiling support with negligible overhead.Improved moq dependency documentation: Updated comments in
cdn/flake.nixto clarify two strategies:Added
pinjustfile command: New command incdn/justfileto easily pin moq to a specific release tag for reproducible deployments.Clarified deployment messaging: Updated status messages in
cdn/justfilefrom "Building and caching packages" to "Fetching packages (from Cachix or building)" to better reflect the actual behavior.Implementation Details
The key insight is that building packages individually in CI ensures their full dependency closures are cached on Cachix. When deployment scripts run
nix buildon remote nodes, they can download pre-built artifacts instead of compiling, significantly reducing deployment time.Frame pointers are now consistently enabled in the overlay, ensuring the build artifacts match what's cached, and providing profiling support for production debugging.
https://claude.ai/code/session_01RFDCXbXcRsBWpcxHDoxFBt