feat(shell): Add an action to cache it #200

Merged
thubrecht merged 2 commits from cache_shell into main 2024-12-24 15:15:26 +01:00
6 changed files with 71 additions and 30 deletions

View file

@ -0,0 +1,19 @@
jobs:
build-shell:
runs-on: nix
steps:
- uses: actions/checkout@v3
- env:
STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
STORE_USER: admin
name: Build and cache shell
run: nix-shell -A eval-shell --run "nix-build-and-cache -A devShell"
name: Build the shell
on:
pull_request:
branches:
- main
push:
branches:
- main

View file

@ -180,6 +180,7 @@ in
pre-commit.shellHook = git-checks.shellHook;
check-workflows.shellHook = workflows.shellHook;
eval-nodes.packages = [ scripts.cache-node ];
eval-shell.packages = [ scripts.nix-build-and-cache ];
};
};
}

View file

@ -35,23 +35,4 @@ esac
drv=$(colmena eval --instantiate -E "{ nodes, ... }: nodes.${BUILD_NODE}.${toplevel_path}" --show-trace)
# Build the derivation and send it to the great beyond
nix-store --query --requisites --force-realise --include-outputs "$drv" | grep -v '.*\.drv' >paths.txt
if [ "$STORE_PASSWORD" == "" ]; then
echo "No password given for the remote cache, uploading cannot take place."
exit 0
fi
cat <<EOF >.netrc
default
login $STORE_USER
password $STORE_PASSWORD
EOF
nix copy \
--extra-experimental-features nix-command \
--to "$STORE_ENDPOINT?compression=none" \
--netrc-file .netrc \
"$(nix-store --realise "$drv")"
rm .netrc
push-to-cache "$(nix-store --realise "$drv")"

View file

@ -20,7 +20,12 @@ let
;
scripts = {
cache-node = [ colmena ];
cache-node = [
colmena
self.push-to-cache
];
push-to-cache = [ ];
nix-build-and-cache = [ self.push-to-cache ];
check-deployment = [
colmena
jq
@ -29,13 +34,14 @@ let
launch-vm = [ colmena ];
list-nodes = [ jq ];
};
self = mapAttrs (
name: runtimeInputs:
writeShellApplication {
inherit name runtimeInputs;
text = builtins.readFile ./${name}.sh;
}
) scripts;
in
mapAttrs (
name: runtimeInputs:
writeShellApplication {
inherit name runtimeInputs;
text = builtins.readFile ./${name}.sh;
}
) scripts
self

View file

@ -0,0 +1,5 @@
# SPDX-FileCopyrightText: 2024 Maurice Debray <maurice@dgnum.eu>
#
# SPDX-License-Identifier: EUPL-1.2
push-to-cache "$(nix-build "$@")"

29
workflows/eval-shell.nix Normal file
View file

@ -0,0 +1,29 @@
# SPDX-FileCopyrightText: 2024 Tom Hubrecht <tom.hubrecht@dgnum.eu>
#
# SPDX-License-Identifier: EUPL-1.2
{
name = "Build the shell";
on = {
pull_request.branches = [ "main" ];
push.branches = [ "main" ];
};
jobs = {
build-shell = {
runs-on = "nix";
steps = [
{ uses = "actions/checkout@v3"; }
{
name = "Build and cache shell";
run = ''nix-shell -A eval-shell --run "nix-build-and-cache -A devShell"'';
env = {
STORE_ENDPOINT = "https://tvix-store.dgnum.eu/infra-signing/";
STORE_USER = "admin";
STORE_PASSWORD = "\${{ secrets.STORE_PASSWORD }}";
};
}
];
};
};
}