From ddfddbe7563ff6004c9bfba709269fb8441a6605 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 13 Nov 2018 21:38:28 +0100 Subject: ci: register GC roots --- krebs/3modules/ci.nix | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) (limited to 'krebs/3modules/ci.nix') diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index 16c6d4315..4cfe598d6 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -30,6 +30,8 @@ let nix-instantiate --quiet -Q --eval --strict --json ./ci.nix ''; + profileRoot = "/nix/var/nix/profiles/ci"; + imp = { krebs.buildbot.master = { slaves = { @@ -98,9 +100,16 @@ let self.addBuildSteps([steps.ShellCommand( name=str(new_step), command=[ - new_steps[new_step] + "${pkgs.writeDash "build-stepper.sh" '' + set -efu + profile=${shell.escape profileRoot}/$build_name + result=$("$build_script") + ${pkgs.nix}/bin/nix-env -p "$profile" --set "$result" + ''}" ], env={ + "build_name": new_step, + "build_script": new_steps[new_step], "NIX_REMOTE": "daemon", "NIX_PATH": "secrets=/var/src/stockholm/null:/var/src", }, @@ -163,6 +172,20 @@ let password = "lasspass"; packages = with pkgs; [ gnumake jq nix populate gnutar lzma gzip ]; }; + + system.activationScripts.buildbots-nix-profile = '' + ${pkgs.coreutils}/bin/mkdir -p ${shell.escape profileRoot} + ${pkgs.coreutils}/bin/chmod 0770 ${shell.escape profileRoot} + ${pkgs.coreutils}/bin/chgrp buildbots ${shell.escape profileRoot} + ''; + + users = { + groups.buildbots.gid = genid "buildbots"; + users = { + buildbotMaster.extraGroups = [ "buildbots" ]; + buildbotSlave.extraGroups = [ "buildbots" ]; + }; + }; }; in out -- cgit v1.2.3 From c35bc044dba5260bea5574a86897c6c45b4e525a Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 27 Nov 2018 00:55:59 +0100 Subject: ci: abort if an error occurs in get_steps --- krebs/3modules/ci.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs/3modules/ci.nix') diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index 4cfe598d6..62efce44b 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -26,6 +26,7 @@ let hostname = config.networking.hostName; getJobs = pkgs.writeDash "get_jobs" '' + set -efu nix-build --no-out-link --quiet -Q ./ci.nix > /dev/null nix-instantiate --quiet -Q --eval --strict --json ./ci.nix ''; -- cgit v1.2.3 From 09ee7ca4d832bfdc836c9463513891f1e97db10b Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 27 Nov 2018 00:58:07 +0100 Subject: ci: add gcroot for build-scripts --- krebs/3modules/ci.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'krebs/3modules/ci.nix') diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index 62efce44b..d8d0e7f3d 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -28,7 +28,13 @@ let getJobs = pkgs.writeDash "get_jobs" '' set -efu nix-build --no-out-link --quiet -Q ./ci.nix > /dev/null - nix-instantiate --quiet -Q --eval --strict --json ./ci.nix + js="$(nix-instantiate --quiet -Q --eval --strict --json ./ci.nix)" + echo "$js" | jq -r 'to_entries[] | [.key, .value] | @tsv' \ + | while read -r host builder; do + gcroot=${shell.escape profileRoot}/$host-builder + ${pkgs.nix}/bin/nix-env -p "$gcroot" --set "$builder" + done + echo "$js" ''; profileRoot = "/nix/var/nix/profiles/ci"; -- cgit v1.2.3 From 00ff16d540721a5ae605cb753c7d874b44307c22 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 27 Nov 2018 20:38:59 +0100 Subject: ci get_steps: explicit pkg references --- krebs/3modules/ci.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'krebs/3modules/ci.nix') diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index d8d0e7f3d..bbc58361d 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -27,9 +27,9 @@ let hostname = config.networking.hostName; getJobs = pkgs.writeDash "get_jobs" '' set -efu - nix-build --no-out-link --quiet -Q ./ci.nix > /dev/null - js="$(nix-instantiate --quiet -Q --eval --strict --json ./ci.nix)" - echo "$js" | jq -r 'to_entries[] | [.key, .value] | @tsv' \ + ${pkgs.nix}/bin/nix-build --no-out-link --quiet -Q ./ci.nix > /dev/null + js="$(${pkgs.nix}/bin/nix-instantiate --quiet -Q --eval --strict --json ./ci.nix)" + echo "$js" | ${pkgs.jq}/bin/jq -r 'to_entries[] | [.key, .value] | @tsv' \ | while read -r host builder; do gcroot=${shell.escape profileRoot}/$host-builder ${pkgs.nix}/bin/nix-env -p "$gcroot" --set "$builder" -- cgit v1.2.3 From 856c4777d11c45c11c5cb9a74154f2fb99992d18 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 27 Nov 2018 21:06:20 +0100 Subject: ci: js -> json, output to stderr --- krebs/3modules/ci.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'krebs/3modules/ci.nix') diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index bbc58361d..a47dbe611 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -27,14 +27,14 @@ let hostname = config.networking.hostName; getJobs = pkgs.writeDash "get_jobs" '' set -efu - ${pkgs.nix}/bin/nix-build --no-out-link --quiet -Q ./ci.nix > /dev/null - js="$(${pkgs.nix}/bin/nix-instantiate --quiet -Q --eval --strict --json ./ci.nix)" - echo "$js" | ${pkgs.jq}/bin/jq -r 'to_entries[] | [.key, .value] | @tsv' \ + ${pkgs.nix}/bin/nix-build --no-out-link --quiet -Q ./ci.nix >&2 + json="$(${pkgs.nix}/bin/nix-instantiate --quiet -Q --eval --strict --json ./ci.nix)" + echo "$json" | ${pkgs.jq}/bin/jq -r 'to_entries[] | [.key, .value] | @tsv' \ | while read -r host builder; do gcroot=${shell.escape profileRoot}/$host-builder ${pkgs.nix}/bin/nix-env -p "$gcroot" --set "$builder" done - echo "$js" + echo "$json" ''; profileRoot = "/nix/var/nix/profiles/ci"; -- cgit v1.2.3 [cgit] Unable to lock slot /tmp/cgit/92300000.lock: No such file or directory (2)