Am I out of touch?

No, it’s the forward-thinking generation of software engineers that want elegant, reliable, declarative systems that are wrong.

  • demesisx@infosec.pubOP
    link
    fedilink
    English
    arrow-up
    22
    ·
    edit-2
    5 months ago

    I’d look into building all of that in a flake just so you can encapsulate (and have a central version control of) all of your dependencies in case something does change.

    I’m a bit of a Nix dork but I tend to try and declare my entire dev stack in a flake so it can follow me to every machine. It offers some of the “it works on every machine” guarantees that Docker offers while also forcing the compilation of the stack to happen natively (or at least pulls in some content addressed cache that offers security by being the exact hash for the whole dependency graph). I like that

    Here’s how I used the Nix way to declare an interactive Python scraper the other day. With this method, I can lock dependencies between machines as a matter of course without having to use Docker:

    {
      description = “Weed Scraper”;
    
      inputs = {
        nixpkgs.url = “github:NixOS/nixpkgs?ref=nixpkgs-unstable”;
        utils.url = “github:numtide/flake-utils”;
      };
    
      outputs = { self, nixpkgs, utils }: utils.lib.eachSystem [“x86_64-linux”] (system: let
        pkgs = import nixpkgs { system = system; };
      in rec {
        packages = {
          pythonEnv =
            pkgs.python3.withPackages (ps: with ps; [ webdriver-manager openpyxl pandas requests beautifulsoup4 websocket-client selenium keyboard ]);
        };
    
        devShell = pkgs.mkShell {
          buildInputs = [
            pkgs.chromium
            pkgs.undetected-chromedriver
            packages.pythonEnv
          ];
    
          shellHook = ‘’
            export PATH=${pkgs.chromium}/bin:${pkgs.undetected-chromedriver}/bin:$PATH
          ‘’;
        };
      });
    }