DGNum/infrastructure
9
6
Fork 3
Code Issues 27 Pull requests 31 Projects 1 Releases Packages Wiki Activity Actions

feat(workflows/eval-nodes): separate workflow in multiple stage
All checks were successful
Check meta / check_dns (pull_request) Successful in 18s
Details
Check meta / check_meta (pull_request) Successful in 18s
Details
Check workflows / check_workflows (pull_request) Successful in 20s
Details
Build all the nodes / netcore01 (pull_request) Successful in 30s
Details
Build all the nodes / netcore00 (pull_request) Successful in 31s
Details
Build all the nodes / netcore02 (pull_request) Successful in 32s
Details
Build all the nodes / netaccess01 (pull_request) Successful in 34s
Details
Build all the nodes / ap01 (pull_request) Successful in 46s
Details
Build the shell / build-shell (pull_request) Successful in 27s
Details
Run pre-commit on all files / pre-commit (pull_request) Successful in 32s
Details
Build all the nodes / bridge01 (pull_request) Successful in 1m7s
Details
Build all the nodes / geo02 (pull_request) Successful in 1m10s
Details
Build all the nodes / build01 (pull_request) Successful in 1m22s
Details
Build all the nodes / tower01 (pull_request) Successful in 1m28s
Details
Build all the nodes / geo01 (pull_request) Successful in 1m33s
Details
Build all the nodes / hypervisor03 (pull_request) Successful in 1m34s
Details
Build all the nodes / rescue01 (pull_request) Successful in 1m34s
Details
Build all the nodes / storage01 (pull_request) Successful in 1m38s
Details
Build all the nodes / hypervisor01 (pull_request) Successful in 1m43s
Details
Build all the nodes / hypervisor02 (pull_request) Successful in 1m44s
Details
Build all the nodes / vault01 (pull_request) Successful in 1m34s
Details
Build all the nodes / web02 (pull_request) Successful in 1m35s
Details
Build all the nodes / web03 (pull_request) Successful in 1m35s
Details
Build all the nodes / cof02 (pull_request) Successful in 1m54s
Details
Build all the nodes / compute01 (pull_request) Successful in 1m59s
Details
Build all the nodes / web01 (pull_request) Successful in 1m44s
Details
Check workflows / check_workflows (push) Successful in 17s
Details
Build all the nodes / ap01 (push) Successful in 38s
Details
Build all the nodes / bridge01 (push) Successful in 1m1s
Details
Build all the nodes / build01 (push) Successful in 1m4s
Details
Build all the nodes / cof02 (push) Successful in 1m10s
Details
Build all the nodes / hypervisor02 (push) Successful in 57s
Details
Build all the nodes / netaccess01 (push) Successful in 23s
Details
Build all the nodes / netcore00 (push) Successful in 24s
Details
Build all the nodes / compute01 (push) Successful in 1m34s
Details
Build all the nodes / netcore01 (push) Successful in 25s
Details
Build all the nodes / netcore02 (push) Successful in 23s
Details
Build all the nodes / hypervisor03 (push) Successful in 59s
Details
Build all the nodes / geo02 (push) Successful in 1m50s
Details
Build all the nodes / geo01 (push) Successful in 1m50s
Details
Build all the nodes / hypervisor01 (push) Successful in 1m50s
Details
Build all the nodes / rescue01 (push) Successful in 1m3s
Details
Build the shell / build-shell (push) Successful in 37s
Details
Run pre-commit on all files / pre-commit (push) Successful in 40s
Details
Build all the nodes / storage01 (push) Successful in 1m5s
Details
Build all the nodes / tower01 (push) Successful in 1m5s
Details
Build all the nodes / web02 (push) Successful in 1m7s
Details
Build all the nodes / vault01 (push) Successful in 1m15s
Details
Build all the nodes / web01 (push) Successful in 1m25s
Details
Build all the nodes / web03 (push) Successful in 1m46s
Details

Browse source
This commit is contained in:
catvayor 2025-04-24 16:48:11 +02:00
parent 35bf5793a6
commit 1bc03e83e8
Signed by: lbailly
GPG key ID: CE3E645251AC63F3
6 changed files with 254 additions and 74 deletions
Download patch file Download diff file Expand all files Collapse all files

231
.forgejo/workflows/eval-nodes.yaml
View file

@ -7,231 +7,378 @@ jobs:
- uses: actions/checkout@v3
- env:
BUILD_NODE: ap01
name: Eval ap01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build ap01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache ap01
run: nix-shell -A eval-nodes --run cache-node
name: Cache ap01
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
bridge01:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
BUILD_NODE: bridge01
name: Eval bridge01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build bridge01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache bridge01
run: nix-shell -A eval-nodes --run cache-node
name: Cache bridge01
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
build01:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
BUILD_NODE: build01
name: Eval build01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build build01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache build01
run: nix-shell -A eval-nodes --run cache-node
name: Cache build01
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
cof02:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
BUILD_NODE: cof02
name: Eval cof02
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build cof02
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache cof02
run: nix-shell -A eval-nodes --run cache-node
name: Cache cof02
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
compute01:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
BUILD_NODE: compute01
name: Eval compute01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build compute01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache compute01
run: nix-shell -A eval-nodes --run cache-node
name: Cache compute01
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
geo01:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
BUILD_NODE: geo01
name: Eval geo01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build geo01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache geo01
run: nix-shell -A eval-nodes --run cache-node
name: Cache geo01
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
geo02:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
BUILD_NODE: geo02
name: Eval geo02
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build geo02
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache geo02
run: nix-shell -A eval-nodes --run cache-node
name: Cache geo02
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
hypervisor01:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
BUILD_NODE: hypervisor01
name: Eval hypervisor01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build hypervisor01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache hypervisor01
run: nix-shell -A eval-nodes --run cache-node
name: Cache hypervisor01
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
hypervisor02:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
BUILD_NODE: hypervisor02
name: Eval hypervisor02
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build hypervisor02
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache hypervisor02
run: nix-shell -A eval-nodes --run cache-node
name: Cache hypervisor02
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
hypervisor03:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
BUILD_NODE: hypervisor03
name: Eval hypervisor03
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build hypervisor03
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache hypervisor03
run: nix-shell -A eval-nodes --run cache-node
name: Cache hypervisor03
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
netaccess01:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
BUILD_NODE: netaccess01
name: Eval netaccess01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build netaccess01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache netaccess01
run: nix-shell -A eval-nodes --run cache-node
name: Cache netaccess01
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
netcore00:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
BUILD_NODE: netcore00
name: Eval netcore00
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build netcore00
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache netcore00
run: nix-shell -A eval-nodes --run cache-node
name: Cache netcore00
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
netcore01:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
BUILD_NODE: netcore01
name: Eval netcore01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build netcore01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache netcore01
run: nix-shell -A eval-nodes --run cache-node
name: Cache netcore01
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
netcore02:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
BUILD_NODE: netcore02
name: Eval netcore02
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build netcore02
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache netcore02
run: nix-shell -A eval-nodes --run cache-node
name: Cache netcore02
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
rescue01:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
BUILD_NODE: rescue01
name: Eval rescue01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build rescue01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache rescue01
run: nix-shell -A eval-nodes --run cache-node
name: Cache rescue01
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
storage01:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
BUILD_NODE: storage01
name: Eval storage01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build storage01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache storage01
run: nix-shell -A eval-nodes --run cache-node
name: Cache storage01
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
tower01:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
BUILD_NODE: tower01
name: Eval tower01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build tower01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache tower01
run: nix-shell -A eval-nodes --run cache-node
name: Cache tower01
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
vault01:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
BUILD_NODE: vault01
name: Eval vault01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build vault01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache vault01
run: nix-shell -A eval-nodes --run cache-node
name: Cache vault01
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
web01:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
BUILD_NODE: web01
name: Eval web01
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build web01
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache web01
run: nix-shell -A eval-nodes --run cache-node
name: Cache web01
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
web02:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
BUILD_NODE: web02
name: Eval web02
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build web02
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache web02
run: nix-shell -A eval-nodes --run cache-node
name: Cache web02
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
web03:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
BUILD_NODE: web03
name: Eval web03
run: "nix-shell -A eval-nodes --run 'DRV=\"$(instantiate-node)\"\necho \"DRV=$DRV\"\
\ >> $GITHUB_ENV\n'"
- name: Build web03
run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
\ >> $GITHUB_ENV\n"
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache web03
run: nix-shell -A eval-nodes --run cache-node
name: Cache web03
run: "nix-shell -A eval-nodes --run 'push-to-cache \"$STORE_PATH\"\n'"
name: Build all the nodes
on:
pull_request:

5
default.nix
View file

@ -250,7 +250,10 @@ in
passthru = mapAttrs (name: value: pkgs.mkShell (value // { inherit name; })) {
pre-commit.shellHook = git-checks.shellHook;
check-workflows.shellHook = workflows.shellHook;
eval-nodes.packages = [ scripts.cache-node ];
eval-nodes.packages = [
scripts.instantiate-node
scripts.push-to-cache
];
eval-shell.packages = [ scripts.nix-build-and-cache ];
npins-shell.packages = [ pkgs.npins ];
};

28
scripts/cache-node.sh
View file

@ -8,31 +8,5 @@ set -o nounset
set -o pipefail
shopt -s lastpipe
# Remove the `nixpkgs=` default input.
export NIX_PATH="nixpkgs="
system_type="$(colmena eval -E "{ nodes, ... }: nodes.${BUILD_NODE}.config.deployment.systemType" --show-trace)"
# Get rid of surrounding quotes.
system_type="${system_type%\"}"
system_type="${system_type#\"}"
case "$system_type" in
nixos)
toplevel_path="config.system.build.toplevel"
;;
zyxel-nwa50ax)
toplevel_path="config.system.outputs.zyxel-nwa-fit"
;;
netconf)
toplevel_path="config.netconf.rpc"
;;
*)
echo "Unsupported system type '$system_type' for caching; add an entry in 'scripts/cache-node.sh'"
exit 1
;;
esac
drv=$(colmena eval --instantiate -E "{ nodes, ... }: nodes.${BUILD_NODE}.${toplevel_path}" --show-trace)
# Build the derivation and send it to the great beyond
push-to-cache "$(nix-store --realise "$drv")"
push-to-cache "$(nix-store --realise "$(instantiate-node)")"

3
scripts/default.nix
View file

@ -20,8 +20,9 @@ let
;
scripts = {
instantiate-node = [ colmena ];
cache-node = [
colmena
self.instantiate-node
self.push-to-cache
];
push-to-cache = [ ];

35
scripts/instantiate-node.sh Executable file
View file

@ -0,0 +1,35 @@
# SPDX-FileCopyrightText: 2024 Ryan Lahfa <ryan.lahfa@dgnum.eu>
# SPDX-FileCopyrightText: 2024 Tom Hubrecht <tom.hubrecht@dgnum.eu>
#
# SPDX-License-Identifier: EUPL-1.2
set -o errexit
set -o nounset
set -o pipefail
shopt -s lastpipe
# Remove the `nixpkgs=` default input.
export NIX_PATH="nixpkgs="
system_type="$(colmena eval -E "{ nodes, ... }: nodes.${BUILD_NODE}.config.deployment.systemType" --show-trace)"
# Get rid of surrounding quotes.
system_type="${system_type%\"}"
system_type="${system_type#\"}"
case "$system_type" in
nixos)
toplevel_path="config.system.build.toplevel"
;;
zyxel-nwa50ax)
toplevel_path="config.system.outputs.zyxel-nwa-fit"
;;
netconf)
toplevel_path="config.netconf.rpc"
;;
*)
echo "Unsupported system type '$system_type' for caching; add an entry in 'scripts/cache-node.sh'"
exit 1
;;
esac
colmena eval --instantiate -E "{ nodes, ... }: nodes.${BUILD_NODE}.${toplevel_path}" --show-trace

26
workflows/eval-nodes.nix
View file

@ -22,16 +22,36 @@ in
steps = [
{ uses = "actions/checkout@v3"; }
{
name = "Build and cache ${node}";
name = "Eval ${node}";
run = nix-actions.lib.nix-shell {
script = "cache-node";
script = ''
DRV="$(instantiate-node)"
echo "DRV=$DRV" >> $GITHUB_ENV
'';
shell = "eval-nodes";
};
env.BUILD_NODE = node;
}
{
name = "Build ${node}";
run = # bash
''
STORE_PATH="$(nix-store --realise "$DRV")"
echo "STORE_PATH=$STORE_PATH" >> $GITHUB_ENV
'';
}
{
name = "Cache ${node}";
run = nix-actions.lib.nix-shell {
script = ''
push-to-cache "$STORE_PATH"
'';
shell = "eval-nodes";
};
env = {
STORE_ENDPOINT = "https://tvix-store.dgnum.eu/infra-signing/";
STORE_USER = "admin";
STORE_PASSWORD = nix-actions.lib.secret "STORE_PASSWORD";
BUILD_NODE = node;
};
}
];