forked from DGNum/infrastructure
feat(nix): Use passthru for shells and return to importing the scripts
This commit is contained in:
parent
6fbda40e5e
commit
bf06d2573b
11 changed files with 56 additions and 56 deletions
|
@ -4,7 +4,7 @@ jobs:
|
|||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- name: Check the validity of the DNS configuration
|
||||
run: nix-build meta/verify.nix -A dns --no-out-link
|
||||
run: nix-build meta/verify.nix -A dns
|
||||
check_meta:
|
||||
runs-on: nix
|
||||
steps:
|
||||
|
|
|
@ -4,7 +4,8 @@ jobs:
|
|||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- name: Check that the workflows are up to date
|
||||
run: nix-shell --run '[ $(git status --porcelain | wc -l) -eq 0 ]'
|
||||
run: nix-shell -A check-workflows --run '[ $(git status --porcelain | wc -l)
|
||||
-eq 0 ]'
|
||||
name: Check workflows
|
||||
'on':
|
||||
pull_request:
|
||||
|
|
|
@ -9,7 +9,7 @@ jobs:
|
|||
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
|
||||
STORE_USER: admin
|
||||
name: Build and cache bridge01
|
||||
run: nix-shell --run cache-node
|
||||
run: nix-shell -A eval-nodes --run cache-node
|
||||
compute01:
|
||||
runs-on: nix
|
||||
steps:
|
||||
|
@ -20,7 +20,7 @@ jobs:
|
|||
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
|
||||
STORE_USER: admin
|
||||
name: Build and cache compute01
|
||||
run: nix-shell --run cache-node
|
||||
run: nix-shell -A eval-nodes --run cache-node
|
||||
geo01:
|
||||
runs-on: nix
|
||||
steps:
|
||||
|
@ -31,7 +31,7 @@ jobs:
|
|||
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
|
||||
STORE_USER: admin
|
||||
name: Build and cache geo01
|
||||
run: nix-shell --run cache-node
|
||||
run: nix-shell -A eval-nodes --run cache-node
|
||||
geo02:
|
||||
runs-on: nix
|
||||
steps:
|
||||
|
@ -42,7 +42,7 @@ jobs:
|
|||
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
|
||||
STORE_USER: admin
|
||||
name: Build and cache geo02
|
||||
run: nix-shell --run cache-node
|
||||
run: nix-shell -A eval-nodes --run cache-node
|
||||
rescue01:
|
||||
runs-on: nix
|
||||
steps:
|
||||
|
@ -53,7 +53,7 @@ jobs:
|
|||
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
|
||||
STORE_USER: admin
|
||||
name: Build and cache rescue01
|
||||
run: nix-shell --run cache-node
|
||||
run: nix-shell -A eval-nodes --run cache-node
|
||||
storage01:
|
||||
runs-on: nix
|
||||
steps:
|
||||
|
@ -64,7 +64,7 @@ jobs:
|
|||
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
|
||||
STORE_USER: admin
|
||||
name: Build and cache storage01
|
||||
run: nix-shell --run cache-node
|
||||
run: nix-shell -A eval-nodes --run cache-node
|
||||
vault01:
|
||||
runs-on: nix
|
||||
steps:
|
||||
|
@ -75,7 +75,7 @@ jobs:
|
|||
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
|
||||
STORE_USER: admin
|
||||
name: Build and cache vault01
|
||||
run: nix-shell --run cache-node
|
||||
run: nix-shell -A eval-nodes --run cache-node
|
||||
web01:
|
||||
runs-on: nix
|
||||
steps:
|
||||
|
@ -86,7 +86,7 @@ jobs:
|
|||
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
|
||||
STORE_USER: admin
|
||||
name: Build and cache web01
|
||||
run: nix-shell --run cache-node
|
||||
run: nix-shell -A eval-nodes --run cache-node
|
||||
web02:
|
||||
runs-on: nix
|
||||
steps:
|
||||
|
@ -97,7 +97,7 @@ jobs:
|
|||
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
|
||||
STORE_USER: admin
|
||||
name: Build and cache web02
|
||||
run: nix-shell --run cache-node
|
||||
run: nix-shell -A eval-nodes --run cache-node
|
||||
web03:
|
||||
runs-on: nix
|
||||
steps:
|
||||
|
@ -108,7 +108,7 @@ jobs:
|
|||
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
|
||||
STORE_USER: admin
|
||||
name: Build and cache web03
|
||||
run: nix-shell --run cache-node
|
||||
run: nix-shell -A eval-nodes --run cache-node
|
||||
name: Build all the nodes
|
||||
'on':
|
||||
pull_request:
|
||||
|
|
|
@ -4,8 +4,8 @@ jobs:
|
|||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- name: Run pre-commit on all files
|
||||
run: nix-shell --run 'pre-commit run --all-files --hook-stage pre-push --show-diff-on-failure'
|
||||
-A shells.pre-commit ./.
|
||||
run: nix-shell -A pre-commit --run 'pre-commit run --all-files --hook-stage
|
||||
pre-push --show-diff-on-failure'
|
||||
name: Run pre-commit on all files
|
||||
'on':
|
||||
- push
|
||||
|
|
51
default.nix
51
default.nix
|
@ -43,6 +43,7 @@
|
|||
let
|
||||
inherit (pkgs.lib)
|
||||
isFunction
|
||||
mapAttrs
|
||||
mapAttrs'
|
||||
nameValuePair
|
||||
removeSuffix
|
||||
|
@ -88,6 +89,8 @@ let
|
|||
)
|
||||
) (builtins.readDir ./workflows);
|
||||
};
|
||||
|
||||
scripts = import ./scripts { inherit pkgs; };
|
||||
in
|
||||
|
||||
{
|
||||
|
@ -99,37 +102,35 @@ in
|
|||
|
||||
mkCacheSettings = import ./machines/storage01/tvix-cache/cache-settings.nix;
|
||||
|
||||
shells = {
|
||||
default = pkgs.mkShell {
|
||||
name = "dgnum-infra";
|
||||
devShell = pkgs.mkShell {
|
||||
name = "dgnum-infra";
|
||||
|
||||
packages = [
|
||||
(pkgs.nixos-generators.overrideAttrs (_: {
|
||||
version = "1.8.0-unstable";
|
||||
src = builtins.storePath sources.nixos-generators;
|
||||
}))
|
||||
pkgs.npins
|
||||
packages = [
|
||||
(pkgs.nixos-generators.overrideAttrs (_: {
|
||||
version = "1.8.0-unstable";
|
||||
src = sources.nixos-generators;
|
||||
}))
|
||||
pkgs.npins
|
||||
|
||||
(pkgs.callPackage ./lib/colmena { inherit (nix-pkgs) colmena; })
|
||||
(pkgs.callPackage "${sources.agenix}/pkgs/agenix.nix" { })
|
||||
(pkgs.callPackage "${sources.lon}/nix/packages/lon.nix" { })
|
||||
(pkgs.callPackage ./lib/colmena { inherit (nix-pkgs) colmena; })
|
||||
(pkgs.callPackage "${sources.agenix}/pkgs/agenix.nix" { })
|
||||
(pkgs.callPackage "${sources.lon}/nix/packages/lon.nix" { })
|
||||
] ++ (builtins.attrValues scripts);
|
||||
|
||||
] ++ (pkgs.callPackage ./scripts { });
|
||||
shellHook = ''
|
||||
${git-checks.shellHook}
|
||||
${workflows.shellHook}
|
||||
'';
|
||||
|
||||
shellHook = ''
|
||||
${git-checks.shellHook}
|
||||
${workflows.shellHook}
|
||||
'';
|
||||
preferLocalBuild = true;
|
||||
|
||||
preferLocalBuild = true;
|
||||
};
|
||||
###
|
||||
# Alternative shells
|
||||
|
||||
pre-commit = pkgs.mkShell {
|
||||
name = "pre-commit-shell";
|
||||
|
||||
shellHook = ''
|
||||
${git-checks.shellHook}
|
||||
'';
|
||||
passthru = mapAttrs (name: value: pkgs.mkShell (value // { inherit name; })) {
|
||||
pre-commit.shellHook = git-checks.shellHook;
|
||||
check-workflows.shellHook = workflows.shellHook;
|
||||
eval-nodes.packages = [ scripts.cache-node ];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,16 +1,14 @@
|
|||
{
|
||||
lib,
|
||||
writeShellApplication,
|
||||
|
||||
# Dependencies
|
||||
colmena,
|
||||
jq,
|
||||
nvd,
|
||||
...
|
||||
}:
|
||||
{ pkgs }:
|
||||
|
||||
let
|
||||
inherit (lib) mapAttrsToList;
|
||||
inherit (pkgs.lib) mapAttrs;
|
||||
|
||||
inherit (pkgs)
|
||||
writeShellApplication
|
||||
colmena
|
||||
jq
|
||||
nvd
|
||||
;
|
||||
|
||||
scripts = {
|
||||
cache-node = [ colmena ];
|
||||
|
@ -24,7 +22,7 @@ let
|
|||
};
|
||||
in
|
||||
|
||||
mapAttrsToList (
|
||||
mapAttrs (
|
||||
name: runtimeInputs:
|
||||
writeShellApplication {
|
||||
inherit name runtimeInputs;
|
||||
|
|
|
@ -1 +1 @@
|
|||
(import ./. { }).shells.default
|
||||
(import ./. { }).devShell
|
||||
|
|
|
@ -23,7 +23,7 @@
|
|||
{ uses = "actions/checkout@v3"; }
|
||||
{
|
||||
name = "Check the validity of the DNS configuration";
|
||||
run = "nix-build meta/verify.nix -A dns --no-out-link";
|
||||
run = "nix-build meta/verify.nix -A dns";
|
||||
}
|
||||
];
|
||||
};
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
{ uses = "actions/checkout@v3"; }
|
||||
{
|
||||
name = "Check that the workflows are up to date";
|
||||
run = "nix-shell --run '[ $(git status --porcelain | wc -l) -eq 0 ]'";
|
||||
run = "nix-shell -A check-workflows --run '[ $(git status --porcelain | wc -l) -eq 0 ]'";
|
||||
}
|
||||
];
|
||||
};
|
||||
|
|
|
@ -19,7 +19,7 @@ in
|
|||
{ uses = "actions/checkout@v3"; }
|
||||
{
|
||||
name = "Build and cache ${node}";
|
||||
run = "nix-shell --run cache-node";
|
||||
run = "nix-shell -A eval-nodes --run cache-node";
|
||||
env = {
|
||||
STORE_ENDPOINT = "https://tvix-store.dgnum.eu/infra-signing/";
|
||||
STORE_USER = "admin";
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
{ uses = "actions/checkout@v3"; }
|
||||
{
|
||||
name = "Run pre-commit on all files";
|
||||
run = "nix-shell --run 'pre-commit run --all-files --hook-stage pre-push --show-diff-on-failure' -A shells.pre-commit ./.";
|
||||
run = "nix-shell -A pre-commit --run 'pre-commit run --all-files --hook-stage pre-push --show-diff-on-failure'";
|
||||
}
|
||||
];
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue