DGNum/infrastructure
12
6
Fork 3
Code Issues 17 Pull requests 28 Projects 1 Releases Packages Wiki Activity Actions

chore(nix-actions): Update and take advantage of the new stuff
All checks were successful
Check workflows / check_workflows (push) Successful in 37s
Details
Build all the nodes / ap01 (push) Successful in 1m30s
Details
Build all the nodes / bridge01 (push) Successful in 2m18s
Details
Build all the nodes / geo02 (push) Successful in 2m21s
Details
Build all the nodes / geo01 (push) Successful in 2m22s
Details
Build all the nodes / hypervisor01 (push) Successful in 1m56s
Details
Build all the nodes / compute01 (push) Successful in 2m50s
Details
Build all the nodes / hypervisor02 (push) Successful in 1m43s
Details
Build all the nodes / netcore02 (push) Successful in 51s
Details
Build all the nodes / hypervisor03 (push) Successful in 1m58s
Details
Build all the nodes / rescue01 (push) Successful in 2m17s
Details
Build all the nodes / storage01 (push) Successful in 2m37s
Details
Build all the nodes / web02 (push) Successful in 2m8s
Details
Build the shell / build-shell (push) Successful in 43s
Details
Build all the nodes / vault01 (push) Successful in 2m32s
Details
Run pre-commit on all files / pre-commit (push) Successful in 37s
Details
Build all the nodes / web01 (push) Successful in 2m42s
Details
Build all the nodes / web03 (push) Successful in 1m49s
Details

Browse source
This commit is contained in:
Tom Hubrecht 2024-12-26 21:25:49 +01:00
parent 172d2920bf
commit bbdae45f4f
Signed by: thubrecht
SSH key fingerprint: SHA256:r+nK/SIcWlJ0zFZJGHtlAoRwq1Rm+WcKAm5ADYMoQPc
6 changed files with 72 additions and 58 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
.forgejo/workflows/npins-update.yaml
View file

@ -4,21 +4,24 @@ jobs:
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
with: with:
depth: 0 fetch-depth: 0
token: ${{ secrets.TEA_DGNUM_CHORES_TOKEN }} token: ${{ secrets.TEA_DGNUM_CHORES_TOKEN }}
- name: Update dependencies and open PR if necessary - env:
GIT_AUTHOR_EMAIL: tech@dgnum.eu
GIT_AUTHOR_NAME: DGNum Chores
GIT_COMMITTER_EMAIL: tech@dgnum.eu
GIT_COMMITTER_NAME: DGNum Chores
name: Update dependencies and open PR if necessary
run: "npins update\n\nif [ ! -z \"$(git diff --name-only)\" ]; then\n echo run: "npins update\n\nif [ ! -z \"$(git diff --name-only)\" ]; then\n echo
\"[+] Changes detected, pushing updates.\"\n\n git switch -C npins-update\n\ \"[+] Changes detected, pushing updates.\"\n\n git switch -C npins-update\n\
\n git add npins\n\n git config user.name \"DGNum Chores\"\n git config \n git add npins\n\n git commit --message \"chore(npins): Update\"\n git
user.email \"tech@dgnum.eu\"\n\n git commit --message \"chore(npins): Update\"\ push --set-upstream origin npins-update --force\n\n # Connect to the server
\n git push --set-upstream origin npins-update --force\n\n # Connect to with the cli\n tea login add \\\n -n dgnum-chores \\\n -t \"${{ secrets.TEA_DGNUM_CHORES_TOKEN
the server with the cli\n tea login add \\\n -n dgnum-chores \\\n -t }}\" \\\n -u https://git.dgnum.eu\n\n # Create a pull request if needed\n\
\"${{ secrets.TEA_DGNUM_CHORES_TOKEN }}\" \\\n -u https://git.dgnum.eu\n\ \ # i.e. no PR with the same title exists\n if [ -z \"$(tea pr ls -f='title,author'
\n # Create a pull request if needed\n # i.e. no PR with the same title -o simple | grep 'chore(npins): Update dgnum-chores')\" ]; then\n tea pr
exists\n if [ -z \"$(tea pr ls -f='title,author' -o simple | grep 'chore(npins): create \\\n --description \"Automatic npins update\" \\\n --title
Update dgnum-chores')\" ]; then\n tea pr create \\\n --description \"chore(npins): Update\" \\\n --head npins-update\n fi\nfi\n"
\"Automatic npins update\" \\\n --title \"chore(npins): Update\" \\\n\
\ --head npins-update\n fi\nfi\n"
name: npins update name: npins update
on: on:
schedule: schedule:

19
default.nix
View file

@ -18,6 +18,7 @@ let
; ;
nix-reuse = import sources.nix-reuse { inherit pkgs; }; nix-reuse = import sources.nix-reuse { inherit pkgs; };
nix-actions = import sources.nix-actions { inherit pkgs; };
git-checks = (import sources.git-hooks).run { git-checks = (import sources.git-hooks).run {
src = ./.; src = ./.;
@ -117,7 +118,7 @@ let
]; ];
}; };
workflows = (import sources.nix-actions { inherit pkgs; }).install { workflows = nix-actions.install {
src = ./.; src = ./.;
workflows = mapAttrs' ( workflows = mapAttrs' (
@ -125,8 +126,12 @@ let
nameValuePair (removeSuffix ".nix" name) ( nameValuePair (removeSuffix ".nix" name) (
let let
w = import ./workflows/${name}; w = import ./workflows/${name};
args = {
inherit nix-actions;
inherit (pkgs) lib;
};
in in
if isFunction w then w { inherit (pkgs) lib; } else w if (isFunction w) then (w args) else w
) )
) (builtins.readDir ./workflows); ) (builtins.readDir ./workflows);
}; };
@ -165,11 +170,11 @@ in
(pkgs.callPackage "${sources.lon}/nix/packages/lon.nix" { }) (pkgs.callPackage "${sources.lon}/nix/packages/lon.nix" { })
] ++ git-checks.enabledPackages ++ (builtins.attrValues scripts); ] ++ git-checks.enabledPackages ++ (builtins.attrValues scripts);
shellHook = '' shellHook = builtins.concatStringsSep "\n" [
${git-checks.shellHook} git-checks.shellHook
${workflows.shellHook} reuse.shellHook
${reuse.shellHook} workflows.shellHook
''; ];
preferLocalBuild = true; preferLocalBuild = true;

6
npins/sources.json
View file

@ -225,10 +225,10 @@
"pre_releases": false, "pre_releases": false,
"version_upper_bound": null, "version_upper_bound": null,
"release_prefix": null, "release_prefix": null,
"version": "v0.2.2", "version": "v0.2.3",
"revision": "b9cb5d6f945d1e3fd7b70d63848c70335e9912e8", "revision": "3c07af3887626062cf9d25967998c582c1b2d9df",
"url": null, "url": null,
"hash": "0m6bw5qlrchsigx7x4nz3xkcn3dnr14k5j0ws9lbggnldnz9qg2w" "hash": "135g3sjx885vp880ijnfjmrc7krkr85c1xxxqkdy5qagr454k1jv"
}, },
"nix-modules": { "nix-modules": {
"type": "Git", "type": "Git",

4
workflows/eval-nodes.nix
View file

@ -2,7 +2,7 @@
# #
# SPDX-License-Identifier: EUPL-1.2 # SPDX-License-Identifier: EUPL-1.2
{ lib }: { lib, nix-actions }:
let let
inherit (lib) attrNames genAttrs; inherit (lib) attrNames genAttrs;
@ -27,7 +27,7 @@ in
env = { env = {
STORE_ENDPOINT = "https://tvix-store.dgnum.eu/infra-signing/"; STORE_ENDPOINT = "https://tvix-store.dgnum.eu/infra-signing/";
STORE_USER = "admin"; STORE_USER = "admin";
STORE_PASSWORD = "\${{ secrets.STORE_PASSWORD }}"; STORE_PASSWORD = nix-actions.lib.secret "STORE_PASSWORD";
BUILD_NODE = node; BUILD_NODE = node;
}; };
} }

4
workflows/eval-shell.nix
View file

@ -2,6 +2,8 @@
# #
# SPDX-License-Identifier: EUPL-1.2 # SPDX-License-Identifier: EUPL-1.2
{ nix-actions, ... }:
{ {
name = "Build the shell"; name = "Build the shell";
on = { on = {
@ -20,7 +22,7 @@
env = { env = {
STORE_ENDPOINT = "https://tvix-store.dgnum.eu/infra-signing/"; STORE_ENDPOINT = "https://tvix-store.dgnum.eu/infra-signing/";
STORE_USER = "admin"; STORE_USER = "admin";
STORE_PASSWORD = "\${{ secrets.STORE_PASSWORD }}"; STORE_PASSWORD = nix-actions.lib.secret "STORE_PASSWORD";
}; };
} }
]; ];

70
workflows/npins-update.nix
View file

@ -2,58 +2,62 @@
# #
# SPDX-License-Identifier: EUPL-1.2 # SPDX-License-Identifier: EUPL-1.2
{ nix-actions, ... }:
{ {
name = "npins update"; name = "npins update";
on.schedule = [ on.schedule = [
# Run at 11 o'clock every wednesday # Run at 15:25 everyday
{ cron = "25 15 * * *"; } { cron = "25 15 * * *"; }
]; ];
jobs.npins_update = { jobs.npins_update = {
runs-on = "nix"; runs-on = "nix";
steps = [ steps = [
{ (nix-actions.steps.checkout {
uses = "actions/checkout@v3"; fetch-depth = 0;
"with" = { token = nix-actions.lib.secret "TEA_DGNUM_CHORES_TOKEN";
depth = 0; })
token = "\${{ secrets.TEA_DGNUM_CHORES_TOKEN }}";
};
}
{ {
name = "Update dependencies and open PR if necessary"; name = "Update dependencies and open PR if necessary";
run = '' run = # bash
npins update ''
npins update
if [ ! -z "$(git diff --name-only)" ]; then if [ ! -z "$(git diff --name-only)" ]; then
echo "[+] Changes detected, pushing updates." echo "[+] Changes detected, pushing updates."
git switch -C npins-update git switch -C npins-update
git add npins git add npins
git config user.name "DGNum Chores" git commit --message "chore(npins): Update"
git config user.email "tech@dgnum.eu" git push --set-upstream origin npins-update --force
git commit --message "chore(npins): Update" # Connect to the server with the cli
git push --set-upstream origin npins-update --force tea login add \
-n dgnum-chores \
-t "${nix-actions.lib.secret "TEA_DGNUM_CHORES_TOKEN"}" \
-u https://git.dgnum.eu
# Connect to the server with the cli # Create a pull request if needed
tea login add \ # i.e. no PR with the same title exists
-n dgnum-chores \ if [ -z "$(tea pr ls -f='title,author' -o simple | grep 'chore(npins): Update dgnum-chores')" ]; then
-t "''${{ secrets.TEA_DGNUM_CHORES_TOKEN }}" \ tea pr create \
-u https://git.dgnum.eu --description "Automatic npins update" \
--title "chore(npins): Update" \
# Create a pull request if needed --head npins-update
# i.e. no PR with the same title exists fi
if [ -z "$(tea pr ls -f='title,author' -o simple | grep 'chore(npins): Update dgnum-chores')" ]; then
tea pr create \
--description "Automatic npins update" \
--title "chore(npins): Update" \
--head npins-update
fi fi
fi '';
'';
env = {
GIT_AUTHOR_NAME = "DGNum Chores";
GIT_AUTHOR_EMAIL = "tech@dgnum.eu";
GIT_COMMITTER_NAME = "DGNum Chores";
GIT_COMMITTER_EMAIL = "tech@dgnum.eu";
};
} }
]; ];
}; };