DGNum/infrastructure
9
6
Fork 3
Code Issues 27 Pull requests 31 Projects 1 Releases Packages Wiki Activity Actions

feat(workflows/eval-nodes): separate workflow in multiple stage
All checks were successful
Check meta / check_dns (pull_request) Successful in 18s
Details
Check meta / check_meta (pull_request) Successful in 18s
Details
Check workflows / check_workflows (pull_request) Successful in 20s
Details
Build all the nodes / netcore01 (pull_request) Successful in 30s
Details
Build all the nodes / netcore00 (pull_request) Successful in 31s
Details
Build all the nodes / netcore02 (pull_request) Successful in 32s
Details
Build all the nodes / netaccess01 (pull_request) Successful in 34s
Details
Build all the nodes / ap01 (pull_request) Successful in 46s
Details
Build the shell / build-shell (pull_request) Successful in 27s
Details
Run pre-commit on all files / pre-commit (pull_request) Successful in 32s
Details
Build all the nodes / bridge01 (pull_request) Successful in 1m7s
Details
Build all the nodes / geo02 (pull_request) Successful in 1m10s
Details
Build all the nodes / build01 (pull_request) Successful in 1m22s
Details
Build all the nodes / tower01 (pull_request) Successful in 1m28s
Details
Build all the nodes / geo01 (pull_request) Successful in 1m33s
Details
Build all the nodes / hypervisor03 (pull_request) Successful in 1m34s
Details
Build all the nodes / rescue01 (pull_request) Successful in 1m34s
Details
Build all the nodes / storage01 (pull_request) Successful in 1m38s
Details
Build all the nodes / hypervisor01 (pull_request) Successful in 1m43s
Details
Build all the nodes / hypervisor02 (pull_request) Successful in 1m44s
Details
Build all the nodes / vault01 (pull_request) Successful in 1m34s
Details
Build all the nodes / web02 (pull_request) Successful in 1m35s
Details
Build all the nodes / web03 (pull_request) Successful in 1m35s
Details
Build all the nodes / cof02 (pull_request) Successful in 1m54s
Details
Build all the nodes / compute01 (pull_request) Successful in 1m59s
Details
Build all the nodes / web01 (pull_request) Successful in 1m44s
Details
Check workflows / check_workflows (push) Successful in 17s
Details
Build all the nodes / ap01 (push) Successful in 38s
Details
Build all the nodes / bridge01 (push) Successful in 1m1s
Details
Build all the nodes / build01 (push) Successful in 1m4s
Details
Build all the nodes / cof02 (push) Successful in 1m10s
Details
Build all the nodes / hypervisor02 (push) Successful in 57s
Details
Build all the nodes / netaccess01 (push) Successful in 23s
Details
Build all the nodes / netcore00 (push) Successful in 24s
Details
Build all the nodes / compute01 (push) Successful in 1m34s
Details
Build all the nodes / netcore01 (push) Successful in 25s
Details
Build all the nodes / netcore02 (push) Successful in 23s
Details
Build all the nodes / hypervisor03 (push) Successful in 59s
Details
Build all the nodes / geo02 (push) Successful in 1m50s
Details
Build all the nodes / geo01 (push) Successful in 1m50s
Details
Build all the nodes / hypervisor01 (push) Successful in 1m50s
Details
Build all the nodes / rescue01 (push) Successful in 1m3s
Details
Build the shell / build-shell (push) Successful in 37s
Details
Run pre-commit on all files / pre-commit (push) Successful in 40s
Details
Build all the nodes / storage01 (push) Successful in 1m5s
Details
Build all the nodes / tower01 (push) Successful in 1m5s
Details
Build all the nodes / web02 (push) Successful in 1m7s
Details
Build all the nodes / vault01 (push) Successful in 1m15s
Details
Build all the nodes / web01 (push) Successful in 1m25s
Details
Build all the nodes / web03 (push) Successful in 1m46s
Details

Browse source
This commit is contained in:
catvayor 2025-04-24 16:48:11 +02:00
parent 35bf5793a6
commit 1bc03e83e8
Signed by: lbailly
GPG key ID: CE3E645251AC63F3
6 changed files with 254 additions and 74 deletions
Download patch file Download diff file Expand all files Collapse all files

231
.forgejo/workflows/eval-nodes.yaml
View file

@ -7,231 +7,378 @@ jobs:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: ap01 BUILD_NODE: ap01
name: Eval ap01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build ap01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache ap01 name: Cache ap01
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
bridge01: bridge01:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: bridge01 BUILD_NODE: bridge01
name: Eval bridge01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build bridge01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache bridge01 name: Cache bridge01
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
build01: build01:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: build01 BUILD_NODE: build01
name: Eval build01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build build01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache build01 name: Cache build01
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
cof02: cof02:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: cof02 BUILD_NODE: cof02
name: Eval cof02
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build cof02
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache cof02 name: Cache cof02
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
compute01: compute01:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: compute01 BUILD_NODE: compute01
name: Eval compute01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build compute01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache compute01 name: Cache compute01
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
geo01: geo01:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: geo01 BUILD_NODE: geo01
name: Eval geo01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build geo01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache geo01 name: Cache geo01
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
geo02: geo02:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: geo02 BUILD_NODE: geo02
name: Eval geo02
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build geo02
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache geo02 name: Cache geo02
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
hypervisor01: hypervisor01:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: hypervisor01 BUILD_NODE: hypervisor01
name: Eval hypervisor01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build hypervisor01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache hypervisor01 name: Cache hypervisor01
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
hypervisor02: hypervisor02:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: hypervisor02 BUILD_NODE: hypervisor02
name: Eval hypervisor02
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build hypervisor02
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache hypervisor02 name: Cache hypervisor02
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
hypervisor03: hypervisor03:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: hypervisor03 BUILD_NODE: hypervisor03
name: Eval hypervisor03
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build hypervisor03
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache hypervisor03 name: Cache hypervisor03
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
netaccess01: netaccess01:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: netaccess01 BUILD_NODE: netaccess01
name: Eval netaccess01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build netaccess01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache netaccess01 name: Cache netaccess01
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
netcore00: netcore00:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: netcore00 BUILD_NODE: netcore00
name: Eval netcore00
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build netcore00
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache netcore00 name: Cache netcore00
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
netcore01: netcore01:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: netcore01 BUILD_NODE: netcore01
name: Eval netcore01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build netcore01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache netcore01 name: Cache netcore01
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
netcore02: netcore02:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: netcore02 BUILD_NODE: netcore02
name: Eval netcore02
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build netcore02
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache netcore02 name: Cache netcore02
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
rescue01: rescue01:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: rescue01 BUILD_NODE: rescue01
name: Eval rescue01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build rescue01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache rescue01 name: Cache rescue01
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
storage01: storage01:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: storage01 BUILD_NODE: storage01
name: Eval storage01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build storage01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache storage01 name: Cache storage01
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
tower01: tower01:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: tower01 BUILD_NODE: tower01
name: Eval tower01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build tower01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache tower01 name: Cache tower01
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
vault01: vault01:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: vault01 BUILD_NODE: vault01
name: Eval vault01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build vault01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache vault01 name: Cache vault01
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
web01: web01:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: web01 BUILD_NODE: web01
name: Eval web01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build web01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache web01 name: Cache web01
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
web02: web02:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: web02 BUILD_NODE: web02
name: Eval web02
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build web02
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache web02 name: Cache web02
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
web03: web03:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- env: - env:
BUILD_NODE: web03 BUILD_NODE: web03
name: Eval web03
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build web03
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin STORE_USER: admin
name: Build and cache web03 name: Cache web03
run: nix-shell -A eval-nodes --run cache-node run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
name: Build all the nodes name: Build all the nodes
on: on:
pull_request: pull_request:

5
default.nix
View file

@ -250,7 +250,10 @@ in
passthru = mapAttrs (name: value: pkgs.mkShell (value // { inherit name; })) { passthru = mapAttrs (name: value: pkgs.mkShell (value // { inherit name; })) {
pre-commit.shellHook = git-checks.shellHook; pre-commit.shellHook = git-checks.shellHook;
check-workflows.shellHook = workflows.shellHook; check-workflows.shellHook = workflows.shellHook;
eval-nodes.packages = [ scripts.cache-node ]; eval-nodes.packages = [
scripts.instantiate-node
scripts.push-to-cache
];
eval-shell.packages = [ scripts.nix-build-and-cache ]; eval-shell.packages = [ scripts.nix-build-and-cache ];
npins-shell.packages = [ pkgs.npins ]; npins-shell.packages = [ pkgs.npins ];
}; };

28
scripts/cache-node.sh
View file

@ -8,31 +8,5 @@ set -o nounset
set -o pipefail set -o pipefail
shopt -s lastpipe shopt -s lastpipe
# Remove the `nixpkgs=` default input.
export NIX_PATH="nixpkgs="
system_type="$(colmena eval -E "{ nodes, ... }: nodes.${BUILD_NODE}.config.deployment.systemType" --show-trace)"
# Get rid of surrounding quotes.
system_type="${system_type%\"}"
system_type="${system_type#\"}"
case "$system_type" in
nixos)
toplevel_path="config.system.build.toplevel"
;;
zyxel-nwa50ax)
toplevel_path="config.system.outputs.zyxel-nwa-fit"
;;
netconf)
toplevel_path="config.netconf.rpc"
;;
*)
echo "Unsupported system type '$system_type' for caching; add an entry in 'scripts/cache-node.sh'"
exit 1
;;
esac
drv=$(colmena eval --instantiate -E "{ nodes, ... }: nodes.${BUILD_NODE}.${toplevel_path}" --show-trace)
# Build the derivation and send it to the great beyond # Build the derivation and send it to the great beyond
push-to-cache "$(nix-store --realise "$drv")" push-to-cache "$(nix-store --realise "$(instantiate-node)")"

3
scripts/default.nix
View file

@ -20,8 +20,9 @@ let
; ;
scripts = { scripts = {
instantiate-node = [ colmena ];
cache-node = [ cache-node = [
colmena self.instantiate-node
self.push-to-cache self.push-to-cache
]; ];
push-to-cache = [ ]; push-to-cache = [ ];

35
scripts/instantiate-node.sh Executable file
View file

@ -0,0 +1,35 @@
# SPDX-FileCopyrightText: 2024 Ryan Lahfa <ryan.lahfa@dgnum.eu>
# SPDX-FileCopyrightText: 2024 Tom Hubrecht <tom.hubrecht@dgnum.eu>
#
# SPDX-License-Identifier: EUPL-1.2
set -o errexit
set -o nounset
set -o pipefail
shopt -s lastpipe
# Remove the `nixpkgs=` default input.
export NIX_PATH="nixpkgs="
system_type="$(colmena eval -E "{ nodes, ... }: nodes.${BUILD_NODE}.config.deployment.systemType" --show-trace)"
# Get rid of surrounding quotes.
system_type="${system_type%\"}"
system_type="${system_type#\"}"
case "$system_type" in
nixos)
toplevel_path="config.system.build.toplevel"
;;
zyxel-nwa50ax)
toplevel_path="config.system.outputs.zyxel-nwa-fit"
;;
netconf)
toplevel_path="config.netconf.rpc"
;;
*)
echo "Unsupported system type '$system_type' for caching; add an entry in 'scripts/cache-node.sh'"
exit 1
;;
esac
colmena eval --instantiate -E "{ nodes, ... }: nodes.${BUILD_NODE}.${toplevel_path}" --show-trace

26
workflows/eval-nodes.nix
View file

@ -22,16 +22,36 @@ in
steps = [ steps = [
{ uses = "actions/checkout@v3"; } { uses = "actions/checkout@v3"; }
{ {
name = "Build and cache ${node}"; name = "Eval ${node}";
run = nix-actions.lib.nix-shell { run = nix-actions.lib.nix-shell {
script = "cache-node"; script = ''
DRV="$(instantiate-node)"
echo "DRV=$DRV" >> $GITHUB_ENV
'';
shell = "eval-nodes";
};
env.BUILD_NODE = node;
}
{
name = "Build ${node}";
run = # bash
''
STORE_PATH="$(nix-store --realise "$DRV")"
echo "STORE_PATH=$STORE_PATH" >> $GITHUB_ENV
'';
}
{
name = "Cache ${node}";
run = nix-actions.lib.nix-shell {
script = ''
push-to-cache "$STORE_PATH"
'';
shell = "eval-nodes"; shell = "eval-nodes";
}; };
env = { env = {
STORE_ENDPOINT = "https://tvix-store.dgnum.eu/infra-signing/"; STORE_ENDPOINT = "https://tvix-store.dgnum.eu/infra-signing/";
STORE_USER = "admin"; STORE_USER = "admin";
STORE_PASSWORD = nix-actions.lib.secret "STORE_PASSWORD"; STORE_PASSWORD = nix-actions.lib.secret "STORE_PASSWORD";
BUILD_NODE = node;
}; };
} }
]; ];