mdebray/tvl-depot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tvl-depot/default.nix

161 lines
5.2 KiB
Nix
Raw Normal View History

refactor: Introduce new layout with nixpkgs in third_party This is not the final layout yet, but makes it so that my top-level attribute set is no longer overlaid into nixpkgs itself. This is useful for other people who are importing my monorepo.
2019-12-09 03:40:48 +01:00
# This file sets up the top-level package set by traversing the package tree
refactor(readTree): Initialise repo roots without recursing Plumbs an additional internal argument through readTree that indicates whether the top-level of a tree is being read, and avoids recursing into itself in that case. This changes the externally visible behaviour of readTree (it is now expected to be called a level higher than previously). This allows us to reduce the amount of boilerplate needed to bootstrap the TVL repository (by not having to specify the individual folders that need to be read). For reasons related to an infinite recursion we could not (be bothered to) debug, the top-level `config` key (which held the attribute set passed on by readTree) has been removed. This is not needed, as it is already passed on by readTree ... Co-Authored-By: Florian Klink <flokli@flokli.de> Change-Id: Id6e39b57b2f5b3473c4b695a72dd1d01fcfb7a66 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2961 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: grfn <grfn@gws.fyi>
2021-04-12 21:49:36 +02:00
# (see //nix/readTree for details) and constructing a matching attribute set
refactor: Introduce new layout with nixpkgs in third_party This is not the final layout yet, but makes it so that my top-level attribute set is no longer overlaid into nixpkgs itself. This is useful for other people who are importing my monorepo.
2019-12-09 03:40:48 +01:00
# tree.
feat(build): Add top-level package index file
2019-06-29 15:12:24 +02:00
feat(3p/nixpkgs): Plumb through externalArgs.nixpkgsBisectPath This lets the import of the depot root accept an additional argument called `externalArgs`, which can be used to pass additional arguments into a depot package set. This is used in //third_party/nixpkgs for replacing the source of the nixos-unstable channel with a path. With this we can bisect the nixpkgs used in third_party easily. Change-Id: I4f65eb3d6b521ed9f437649b7b068f1e6ab8210f Reviewed-on: https://cl.tvl.fyi/c/depot/+/2925 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-04-10 23:43:41 +02:00
{ nixpkgsBisectPath ? null, ... }@args:
fix(build): Make repository callable in Nix This is required for some things that expect package sets to be callable, e.g. Nixery.
2019-12-13 22:32:35 +01:00
feat(build): Add top-level package index file
2019-06-29 15:12:24 +02:00
let
refactor(readTree): Initialise repo roots without recursing Plumbs an additional internal argument through readTree that indicates whether the top-level of a tree is being read, and avoids recursing into itself in that case. This changes the externally visible behaviour of readTree (it is now expected to be called a level higher than previously). This allows us to reduce the amount of boilerplate needed to bootstrap the TVL repository (by not having to specify the individual folders that need to be read). For reasons related to an infinite recursion we could not (be bothered to) debug, the top-level `config` key (which held the attribute set passed on by readTree) has been removed. This is not needed, as it is already passed on by readTree ... Co-Authored-By: Florian Klink <flokli@flokli.de> Change-Id: Id6e39b57b2f5b3473c4b695a72dd1d01fcfb7a66 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2961 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: grfn <grfn@gws.fyi>
2021-04-12 21:49:36 +02:00
inherit (builtins)
attrValues
concatMap
feat(depot): Disallow access to //users from outside of it Code under this depot path is essentially unstable and potentially unreviewed - this is a good thing (people can play around with cursed stuff all they want), but we should not make the rest of the repository depend on any of it. Any cursed things that are required outside of users can be moved to a different depot path if people agree with that. Change-Id: I46a34a0e9662069c01b43d9a653e5545e325e587 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3434 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-08-26 19:00:03 +02:00
elem
elemAt
refactor(readTree): Initialise repo roots without recursing Plumbs an additional internal argument through readTree that indicates whether the top-level of a tree is being read, and avoids recursing into itself in that case. This changes the externally visible behaviour of readTree (it is now expected to be called a level higher than previously). This allows us to reduce the amount of boilerplate needed to bootstrap the TVL repository (by not having to specify the individual folders that need to be read). For reasons related to an infinite recursion we could not (be bothered to) debug, the top-level `config` key (which held the attribute set passed on by readTree) has been removed. This is not needed, as it is already passed on by readTree ... Co-Authored-By: Florian Klink <flokli@flokli.de> Change-Id: Id6e39b57b2f5b3473c4b695a72dd1d01fcfb7a66 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2961 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: grfn <grfn@gws.fyi>
2021-04-12 21:49:36 +02:00
filter
;
refactor: Introduce new layout with nixpkgs in third_party This is not the final layout yet, but makes it so that my top-level attribute set is no longer overlaid into nixpkgs itself. This is useful for other people who are importing my monorepo.
2019-12-09 03:40:48 +01:00
# This definition of fix is identical to <nixpkgs>.lib.fix, but the global
# package set is not available here.
fix = f: let x = f x; in x;
feat(depot): Disallow access to //users from outside of it Code under this depot path is essentially unstable and potentially unreviewed - this is a good thing (people can play around with cursed stuff all they want), but we should not make the rest of the repository depend on any of it. Any cursed things that are required outside of users can be moved to a different depot path if people agree with that. Change-Id: I46a34a0e9662069c01b43d9a653e5545e325e587 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3434 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-08-26 19:00:03 +02:00
refactor(depot): Generalise folder restriction readTree filter This refactors the readTree filter which disallows access to //users from outside of //users into a reusable function. The only change in functionality is that the error message has changed slightly. I thought it is useful to keep the message consistent (i.e. always including a path), thus only a part of the error is templated in (describing the reason for why a specific sub path is unavailable). Change-Id: I30ad38b2677be5aa502c753c8c71e7ba3efc87be Reviewed-on: https://cl.tvl.fyi/c/depot/+/3872 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-11-13 18:25:02 +01:00
# Create a readTree filter disallowing access to the specified
# top-level folder in other parts of the depot, except for specific
# exceptions specified by their (full) paths.
refactor(readTree): Flip argument order of argFilter Since the filters return 'args', this makes nesting of filters more readable. Change-Id: I775252460e3e077cc6db2fab6f3948414a95ecbf Reviewed-on: https://cl.tvl.fyi/c/depot/+/3873 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-11-13 18:33:34 +01:00
restrictFolder = { folder, exceptions ? [], reason }: parts: args:
refactor(depot): Generalise folder restriction readTree filter This refactors the readTree filter which disallows access to //users from outside of //users into a reusable function. The only change in functionality is that the error message has changed slightly. I thought it is useful to keep the message consistent (i.e. always including a path), thus only a part of the error is templated in (describing the reason for why a specific sub path is unavailable). Change-Id: I30ad38b2677be5aa502c753c8c71e7ba3efc87be Reviewed-on: https://cl.tvl.fyi/c/depot/+/3872 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-11-13 18:25:02 +01:00
if (elemAt parts 0) == folder || elem parts exceptions
feat(depot): Disallow access to //users from outside of it Code under this depot path is essentially unstable and potentially unreviewed - this is a good thing (people can play around with cursed stuff all they want), but we should not make the rest of the repository depend on any of it. Any cursed things that are required outside of users can be moved to a different depot path if people agree with that. Change-Id: I46a34a0e9662069c01b43d9a653e5545e325e587 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3434 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-08-26 19:00:03 +02:00
then args
else args // {
depot = args.depot // {
refactor(depot): Generalise folder restriction readTree filter This refactors the readTree filter which disallows access to //users from outside of //users into a reusable function. The only change in functionality is that the error message has changed slightly. I thought it is useful to keep the message consistent (i.e. always including a path), thus only a part of the error is templated in (describing the reason for why a specific sub path is unavailable). Change-Id: I30ad38b2677be5aa502c753c8c71e7ba3efc87be Reviewed-on: https://cl.tvl.fyi/c/depot/+/3872 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-11-13 18:25:02 +01:00
"${folder}" = throw ''
Access to targets under //${folder} is not permitted from
other depot paths. Specific exceptions are configured at the
top-level.
feat(depot): Disallow access to //users from outside of it Code under this depot path is essentially unstable and potentially unreviewed - this is a good thing (people can play around with cursed stuff all they want), but we should not make the rest of the repository depend on any of it. Any cursed things that are required outside of users can be moved to a different depot path if people agree with that. Change-Id: I46a34a0e9662069c01b43d9a653e5545e325e587 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3434 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-08-26 19:00:03 +02:00
refactor(depot): Generalise folder restriction readTree filter This refactors the readTree filter which disallows access to //users from outside of //users into a reusable function. The only change in functionality is that the error message has changed slightly. I thought it is useful to keep the message consistent (i.e. always including a path), thus only a part of the error is templated in (describing the reason for why a specific sub path is unavailable). Change-Id: I30ad38b2677be5aa502c753c8c71e7ba3efc87be Reviewed-on: https://cl.tvl.fyi/c/depot/+/3872 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-11-13 18:25:02 +01:00
${reason}
style(depot): Use depot path format for args filter errors As pointed out by sterni, we don't need lib for this. Change-Id: Ide9719641098f770a098a938d047afa0dcb5dc6d Reviewed-on: https://cl.tvl.fyi/c/depot/+/3439 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2021-08-26 22:50:56 +02:00
At location: //${builtins.concatStringsSep "/" parts}
feat(depot): Disallow access to //users from outside of it Code under this depot path is essentially unstable and potentially unreviewed - this is a good thing (people can play around with cursed stuff all they want), but we should not make the rest of the repository depend on any of it. Any cursed things that are required outside of users can be moved to a different depot path if people agree with that. Change-Id: I46a34a0e9662069c01b43d9a653e5545e325e587 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3434 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-08-26 19:00:03 +02:00
'';
};
};
refactor(depot): Generalise folder restriction readTree filter This refactors the readTree filter which disallows access to //users from outside of //users into a reusable function. The only change in functionality is that the error message has changed slightly. I thought it is useful to keep the message consistent (i.e. always including a path), thus only a part of the error is templated in (describing the reason for why a specific sub path is unavailable). Change-Id: I30ad38b2677be5aa502c753c8c71e7ba3efc87be Reviewed-on: https://cl.tvl.fyi/c/depot/+/3872 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-11-13 18:25:02 +01:00
# Disallow access to //users from other depot parts.
usersFilter = restrictFolder {
folder = "users";
reason = ''
Code under //users is not considered stable or dependable in the
wider depot context. If a project under //users is required by
something else, please move it to a different depot path.
'';
exceptions = [
# whitby is allowed to access //users for several reasons:
#
# 1. User SSH keys are set in //users.
# 2. Some personal websites or demo projects are served from it.
[ "ops" "machines" "whitby" ]
# Due to evaluation order this also affects these targets.
# TODO(tazjin): Can this one be removed somehow?
[ "ops" "nixos" ]
[ "ops" "machines" "all-systems" ]
];
};
chore(depot): Restrict access to targets from //corp This folder is used for some TVL corp stuff, like the website and maybe some documents and future projects, that are not under the same license as the rest of depot. To avoid accidental licensing issues, access to it is restricted to other stuff within //corp. In general, TVL corp projects *should* also be free software and live outside of //corp - the folder is primarily intended for stuff that is relevant to the company operations (also for the sake of transparency). Change-Id: I15e7e72e82d8ac1c875899f16becd731f64f6b3a Reviewed-on: https://cl.tvl.fyi/c/depot/+/3875 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-11-13 21:37:43 +01:00
# Disallow access to //corp from other depot parts.
corpFilter = restrictFolder {
folder = "corp";
reason = ''
Code under //corp may use incompatible licensing terms with
other depot parts and should not be used anywhere else.
'';
exceptions = [
# For the same reason as above, whitby is exempt to serve the
# corp website.
[ "ops" "machines" "whitby" ]
[ "ops" "nixos" ]
[ "ops" "machines" "all-systems" ]
];
};
refactor(depot): Generalise folder restriction readTree filter This refactors the readTree filter which disallows access to //users from outside of //users into a reusable function. The only change in functionality is that the error message has changed slightly. I thought it is useful to keep the message consistent (i.e. always including a path), thus only a part of the error is templated in (describing the reason for why a specific sub path is unavailable). Change-Id: I30ad38b2677be5aa502c753c8c71e7ba3efc87be Reviewed-on: https://cl.tvl.fyi/c/depot/+/3872 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-11-13 18:25:02 +01:00
readDepot = depotArgs: import ./nix/readTree {} {
args = depotArgs;
path = ./.;
chore(depot): Restrict access to targets from //corp This folder is used for some TVL corp stuff, like the website and maybe some documents and future projects, that are not under the same license as the rest of depot. To avoid accidental licensing issues, access to it is restricted to other stuff within //corp. In general, TVL corp projects *should* also be free software and live outside of //corp - the folder is primarily intended for stuff that is relevant to the company operations (also for the sake of transparency). Change-Id: I15e7e72e82d8ac1c875899f16becd731f64f6b3a Reviewed-on: https://cl.tvl.fyi/c/depot/+/3875 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-11-13 21:37:43 +01:00
filter = parts: args: corpFilter parts (usersFilter parts args);
refactor(depot): Generalise folder restriction readTree filter This refactors the readTree filter which disallows access to //users from outside of //users into a reusable function. The only change in functionality is that the error message has changed slightly. I thought it is useful to keep the message consistent (i.e. always including a path), thus only a part of the error is templated in (describing the reason for why a specific sub path is unavailable). Change-Id: I30ad38b2677be5aa502c753c8c71e7ba3efc87be Reviewed-on: https://cl.tvl.fyi/c/depot/+/3872 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-11-13 18:25:02 +01:00
scopedArgs = {
__findFile = _: _: throw "Do not import from NIX_PATH in the depot!";
feat(depot): Disallow access to //users from outside of it Code under this depot path is essentially unstable and potentially unreviewed - this is a good thing (people can play around with cursed stuff all they want), but we should not make the rest of the repository depend on any of it. Any cursed things that are required outside of users can be moved to a different depot path if people agree with that. Change-Id: I46a34a0e9662069c01b43d9a653e5545e325e587 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3434 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-08-26 19:00:03 +02:00
};
refactor(depot): Generalise folder restriction readTree filter This refactors the readTree filter which disallows access to //users from outside of //users into a reusable function. The only change in functionality is that the error message has changed slightly. I thought it is useful to keep the message consistent (i.e. always including a path), thus only a part of the error is templated in (describing the reason for why a specific sub path is unavailable). Change-Id: I30ad38b2677be5aa502c753c8c71e7ba3efc87be Reviewed-on: https://cl.tvl.fyi/c/depot/+/3872 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-11-13 18:25:02 +01:00
};
refactor: Introduce new layout with nixpkgs in third_party This is not the final layout yet, but makes it so that my top-level attribute set is no longer overlaid into nixpkgs itself. This is useful for other people who are importing my monorepo.
2019-12-09 03:40:48 +01:00
feat: Implement automatic CI target detection for the depot Automatically walk the entire depot tree and pick out things that are "buildable", then include them in the attribute `ci.targets` (which is now also the target for CI builds). A long time ago, in a land far away, we (well, I, at the time) had a prototype of this which ran into constant issues with infinite recursions while trying to walk the tree. In fact, this is why readTree originally gained the `__readTree`-attribute which marks things that were imported automatically. Based on some code edef whipped up earlier (with the breakthrough being that we also add the attribute to top-level folders, which suddenly resolves a whole bunch of problems), I've now implemented this actually working version. At the moment all builds still happen as one big bag of builds, but at some point we will granularise this. Change-Id: I86f12ce7f63dae98e7e5c6646a4e9d220de783f2 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1854 Tested-by: BuildkiteCI Reviewed-by: kanepyork <rikingcoding@gmail.com> Reviewed-by: glittershark <grfn@gws.fyi>
2020-08-27 01:11:11 +02:00
# To determine build targets, we walk through the depot tree and
# fetch attributes that were imported by readTree and are buildable.
#
# Any build target that contains `meta.ci = false` will be skipped.
# Is this tree node eligible for build inclusion?
eligible = node: (node ? outPath) && (node.meta.ci or true);
# Walk the tree starting with 'node', recursively extending the list
# of build targets with anything that looks buildable.
feat(ci): Add subtarget support for builds We have naturally evolved a distinction between logical and physical targets. Physical targets are those which correspond directly to a tree location on disk and can be built with `-A path.to.files`, while logical targets are those that are exported from within an expression but do not have a corresponding file on disk. This change adds support for exporting logical targets from any tree location by adding a `meta.targets` attribute containing keys into itself, which will be consumed by the CI target gathering logic and included in the generated pipeline. Note that the labels for subtargets are syntactically different to emphasise that they do not correspond to a file location. For example, this change enables 'ops.nixos.whitbySystem' as a subtarget, which is labeled in CI as `ops/nixos:whitbySystem`. Change-Id: Ied09647a62c2ba98e3914548e3742ad422c63ecf Reviewed-on: https://cl.tvl.fyi/c/depot/+/1893 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi>
2020-08-31 02:36:03 +02:00
#
# Any tree node can specify logical targets by exporting a
# 'meta.targets' attribute containing a list of keys in itself. This
# enables target specifications that do not exist on disk directly.
feat: Implement automatic CI target detection for the depot Automatically walk the entire depot tree and pick out things that are "buildable", then include them in the attribute `ci.targets` (which is now also the target for CI builds). A long time ago, in a land far away, we (well, I, at the time) had a prototype of this which ran into constant issues with infinite recursions while trying to walk the tree. In fact, this is why readTree originally gained the `__readTree`-attribute which marks things that were imported automatically. Based on some code edef whipped up earlier (with the breakthrough being that we also add the attribute to top-level folders, which suddenly resolves a whole bunch of problems), I've now implemented this actually working version. At the moment all builds still happen as one big bag of builds, but at some point we will granularise this. Change-Id: I86f12ce7f63dae98e7e5c6646a4e9d220de783f2 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1854 Tested-by: BuildkiteCI Reviewed-by: kanepyork <rikingcoding@gmail.com> Reviewed-by: glittershark <grfn@gws.fyi>
2020-08-27 01:11:11 +02:00
gather = node:
if node ? __readTree then
feat(ci): Add subtarget support for builds We have naturally evolved a distinction between logical and physical targets. Physical targets are those which correspond directly to a tree location on disk and can be built with `-A path.to.files`, while logical targets are those that are exported from within an expression but do not have a corresponding file on disk. This change adds support for exporting logical targets from any tree location by adding a `meta.targets` attribute containing keys into itself, which will be consumed by the CI target gathering logic and included in the generated pipeline. Note that the labels for subtargets are syntactically different to emphasise that they do not correspond to a file location. For example, this change enables 'ops.nixos.whitbySystem' as a subtarget, which is labeled in CI as `ops/nixos:whitbySystem`. Change-Id: Ied09647a62c2ba98e3914548e3742ad422c63ecf Reviewed-on: https://cl.tvl.fyi/c/depot/+/1893 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi>
2020-08-31 02:36:03 +02:00
# Include the node itself if it is eligible.
(if eligible node then [ node ] else [])
# Include eligible children of the node
feat(nix/readTree): record list of children added by readTree This change adds a new attribute to readTree nodes, `__readTreeChildren` which is a list of attribute names added to this node by readTree. This is then used by `gather` for `ci.targets` to avoid evaluating attributes unnecessarily. Especially since Nix is not as lazy as we'd like when determining types (i. e. child ? __readTree needs to force `child` even when it's not an attribute set), evaluating attributes unnecessarily is sometimes problematic. Change-Id: I0a98691d41f987e23ee7e9ba21fbe465da5fe402
2021-09-15 13:22:54 +02:00
++ concatMap gather (map (attr: node."${attr}") node.__readTreeChildren)
feat(ci): Add subtarget support for builds We have naturally evolved a distinction between logical and physical targets. Physical targets are those which correspond directly to a tree location on disk and can be built with `-A path.to.files`, while logical targets are those that are exported from within an expression but do not have a corresponding file on disk. This change adds support for exporting logical targets from any tree location by adding a `meta.targets` attribute containing keys into itself, which will be consumed by the CI target gathering logic and included in the generated pipeline. Note that the labels for subtargets are syntactically different to emphasise that they do not correspond to a file location. For example, this change enables 'ops.nixos.whitbySystem' as a subtarget, which is labeled in CI as `ops/nixos:whitbySystem`. Change-Id: Ied09647a62c2ba98e3914548e3742ad422c63ecf Reviewed-on: https://cl.tvl.fyi/c/depot/+/1893 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi>
2020-08-31 02:36:03 +02:00
# Include specified sub-targets of the node
++ filter eligible (map
(k: (node."${k}" or {}) // {
# Keep the same tree location, but explicitly mark this
# node as a subtarget.
__readTree = node.__readTree;
feat(nix/readTree): record list of children added by readTree This change adds a new attribute to readTree nodes, `__readTreeChildren` which is a list of attribute names added to this node by readTree. This is then used by `gather` for `ci.targets` to avoid evaluating attributes unnecessarily. Especially since Nix is not as lazy as we'd like when determining types (i. e. child ? __readTree needs to force `child` even when it's not an attribute set), evaluating attributes unnecessarily is sometimes problematic. Change-Id: I0a98691d41f987e23ee7e9ba21fbe465da5fe402
2021-09-15 13:22:54 +02:00
__readTreeChildren = [];
feat(ci): Add subtarget support for builds We have naturally evolved a distinction between logical and physical targets. Physical targets are those which correspond directly to a tree location on disk and can be built with `-A path.to.files`, while logical targets are those that are exported from within an expression but do not have a corresponding file on disk. This change adds support for exporting logical targets from any tree location by adding a `meta.targets` attribute containing keys into itself, which will be consumed by the CI target gathering logic and included in the generated pipeline. Note that the labels for subtargets are syntactically different to emphasise that they do not correspond to a file location. For example, this change enables 'ops.nixos.whitbySystem' as a subtarget, which is labeled in CI as `ops/nixos:whitbySystem`. Change-Id: Ied09647a62c2ba98e3914548e3742ad422c63ecf Reviewed-on: https://cl.tvl.fyi/c/depot/+/1893 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi>
2020-08-31 02:36:03 +02:00
__subtarget = k;
})
(node.meta.targets or []))
feat: Implement automatic CI target detection for the depot Automatically walk the entire depot tree and pick out things that are "buildable", then include them in the attribute `ci.targets` (which is now also the target for CI builds). A long time ago, in a land far away, we (well, I, at the time) had a prototype of this which ran into constant issues with infinite recursions while trying to walk the tree. In fact, this is why readTree originally gained the `__readTree`-attribute which marks things that were imported automatically. Based on some code edef whipped up earlier (with the breakthrough being that we also add the attribute to top-level folders, which suddenly resolves a whole bunch of problems), I've now implemented this actually working version. At the moment all builds still happen as one big bag of builds, but at some point we will granularise this. Change-Id: I86f12ce7f63dae98e7e5c6646a4e9d220de783f2 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1854 Tested-by: BuildkiteCI Reviewed-by: kanepyork <rikingcoding@gmail.com> Reviewed-by: glittershark <grfn@gws.fyi>
2020-08-27 01:11:11 +02:00
else [];
feat: Add 'depotPath' to depot root import This is useful for things like including NixOS modules in configurations without creating long and error-prone relative paths. Change-Id: I4a5ebb1a0e5adf90b6bc50e884db453e12461001 Reviewed-on: https://cl.tvl.fyi/c/depot/+/243 Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-06-13 22:39:48 +02:00
refactor(readTree): Pass all readTree parameters as function args Instead of having a mix of depot-passed args (for the filter) and args to the readTree function itself, make everything a single attribute set of arguments passed to the function. This also makes it a bit easier to extend this in the future. Change-Id: I633c1fc96026d137b451bb604ef92be32571a0f5 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3498 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-09-08 17:16:11 +02:00
in fix(self: (readDepot {
refactor(readTree): Initialise repo roots without recursing Plumbs an additional internal argument through readTree that indicates whether the top-level of a tree is being read, and avoids recursing into itself in that case. This changes the externally visible behaviour of readTree (it is now expected to be called a level higher than previously). This allows us to reduce the amount of boilerplate needed to bootstrap the TVL repository (by not having to specify the individual folders that need to be read). For reasons related to an infinite recursion we could not (be bothered to) debug, the top-level `config` key (which held the attribute set passed on by readTree) has been removed. This is not needed, as it is already passed on by readTree ... Co-Authored-By: Florian Klink <flokli@flokli.de> Change-Id: Id6e39b57b2f5b3473c4b695a72dd1d01fcfb7a66 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2961 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: grfn <grfn@gws.fyi>
2021-04-12 21:49:36 +02:00
depot = self;
# Pass third_party as 'pkgs' (for compatibility with external
# imports for certain subdirectories)
pkgs = self.third_party.nixpkgs;
# Expose lib attribute to packages.
lib = self.third_party.nixpkgs.lib;
# Pass arguments passed to the entire depot through, for packages
# that would like to add functionality based on this.
#
# Note that it is intended for exceptional circumstance, such as
# debugging by bisecting nixpkgs.
externalArgs = args;
refactor(readTree): Pass all readTree parameters as function args Instead of having a mix of depot-passed args (for the filter) and args to the readTree function itself, make everything a single attribute set of arguments passed to the function. This also makes it a bit easier to extend this in the future. Change-Id: I633c1fc96026d137b451bb604ef92be32571a0f5 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3498 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-09-08 17:16:11 +02:00
}) // {
refactor: Replace 'depotPath' with 'depot.path' Instead of having two ways of accessing the path to the depot (one of which was stuttering, depot.depotPath) we settle on only one: depot.path. This was mostly used for NixOS module imports. Co-Authored-By: Florian Klink <flokli@flokli.de> Change-Id: I2c0db23383fc34f6ca76baaad4cc4af2d9dfae15 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2962 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi> Reviewed-by: sterni <sternenseemann@systemli.org>
2021-04-12 22:26:55 +02:00
# Make the path to the depot available for things that might need it
# (e.g. NixOS module inclusions)
refactor(depot): Import depot.path using lib.cleanSource This imports a copy of the depot as `depot.path` without including the .git directory and other stuff that isn't tracked in the tree. Significantly reduces thie amount of data copied into the store. Change-Id: I567c0f969d1cea81d121588548f6db627c8f3432 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3601 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-09-19 13:33:53 +02:00
path = self.third_party.nixpkgs.lib.cleanSource ./.;
refactor(ci-builds): Split up CI builds into multiple buckets These categories separate CI targets, which hopefully avoids the out-of-space errors we have been seeing on Sourcehut. The sets of CI build targets are made available in the depot itself so that besadii can be updated to create a new build for each target group. For convenience, 'ciBuilds' contains an '__allTargets' attribute which combines the contents of each target batch - this makes it possible to still invoke a build for everything by using: nix-build -A ciBuilds.__allTargets Note: Some targets that were previously built in CI aren't anymore, most importantly my NixOS systems which don't fit on Sourcehut. Change-Id: Ia15ed7b743c8add51ae08ce0827a0ddfacd637e2 Reviewed-on: https://cl.tvl.fyi/c/depot/+/570 Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-06-24 04:08:53 +02:00
feat: Implement automatic CI target detection for the depot Automatically walk the entire depot tree and pick out things that are "buildable", then include them in the attribute `ci.targets` (which is now also the target for CI builds). A long time ago, in a land far away, we (well, I, at the time) had a prototype of this which ran into constant issues with infinite recursions while trying to walk the tree. In fact, this is why readTree originally gained the `__readTree`-attribute which marks things that were imported automatically. Based on some code edef whipped up earlier (with the breakthrough being that we also add the attribute to top-level folders, which suddenly resolves a whole bunch of problems), I've now implemented this actually working version. At the moment all builds still happen as one big bag of builds, but at some point we will granularise this. Change-Id: I86f12ce7f63dae98e7e5c6646a4e9d220de783f2 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1854 Tested-by: BuildkiteCI Reviewed-by: kanepyork <rikingcoding@gmail.com> Reviewed-by: glittershark <grfn@gws.fyi>
2020-08-27 01:11:11 +02:00
# List of all buildable targets, for CI purposes.
#
feat(ops/pipelines): Dynamically generate CI pipeline from targets Create the pipeline by outputting a file that contains nix-build invocations for each target's *derivation path*. Each invocation has a generated Nix expression passed to it with `-E` which fetches the correct target from the tree while correctly handling targets with strange characters (such as in Go-packages). This makes it possible to run target-level granular pipelines. We're getting somewhere! Change-Id: Ia6946e389dafd1d4926130bb8891446d6e17133b Reviewed-on: https://cl.tvl.fyi/c/depot/+/1855 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-08-27 02:05:45 +02:00
# Note: To prevent infinite recursion, this *must* be a nested
# attribute set (which does not have a __readTree attribute).
ci.targets = gather (self // {
# remove the pipelines themselves from the set over which to
# generate pipelines because that also leads to infinite
# recursion.
ops = self.ops // { pipelines = null; };
refactor: Move nixpkgs attribute to `third_party.nixpkgs` Please read b/108 to make sense of this. This gets rid of the explicit list of exposed packages from nixpkgs, and instead makes the entire package set available at `third_party.nixpkgs`. To accommodate this, a LOT of things have to be very slightly shuffled around. Some of this was done in already submitted CLs, but this change is unfortunately still quite noisy. Pay extra attention to: * overlay-like functionality that was partially moved to actual overlays (partially as in, the minimum required to get a green build) * modified uses of the package set path, esp. in NixOS systems Special notes: * xanthous has been disabled in CI because of issues with the Haskell overlay * //third_party/nix has been disabled because of other unclear dependency issues Both of these will be tackled in a followup CL. Change-Id: I2f9c60a4d275fdb5209264be0addfd7e06c53118 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2910 Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2021-04-10 18:05:16 +02:00
# remove nixpkgs from the set, for obvious reasons.
third_party = self.third_party // { nixpkgs = null; };
feat(ops/pipelines): Dynamically generate CI pipeline from targets Create the pipeline by outputting a file that contains nix-build invocations for each target's *derivation path*. Each invocation has a generated Nix expression passed to it with `-E` which fetches the correct target from the tree while correctly handling targets with strange characters (such as in Go-packages). This makes it possible to run target-level granular pipelines. We're getting somewhere! Change-Id: Ia6946e389dafd1d4926130bb8891446d6e17133b Reviewed-on: https://cl.tvl.fyi/c/depot/+/1855 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-08-27 02:05:45 +02:00
});
feat(ops/pipelines): Add gcroots for depot builds on canon Adds a conditional build step that only runs on the canon branch, and only if :duck: (the status reporting step) succeeds, which creates a new Nix GC root for all depot targets named `depot-canon`. In practice this might be a bit racey, as canon builds are not guaranteed to succeed in order (though it is likely). This shouldn't matter much in practice: We only want to prevent rebuilds of the whole world. This fixes b/102 Change-Id: Id3d0bf4158bffcb1ed6929888a29d31609b6ece1 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2904 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi>
2021-04-11 12:19:18 +02:00
# Derivation that gcroots all depot targets.
ci.gcroot = self.third_party.nixpkgs.symlinkJoin {
name = "depot-gcroot";
paths = self.ci.targets;
};
refactor(readTree): Initialise repo roots without recursing Plumbs an additional internal argument through readTree that indicates whether the top-level of a tree is being read, and avoids recursing into itself in that case. This changes the externally visible behaviour of readTree (it is now expected to be called a level higher than previously). This allows us to reduce the amount of boilerplate needed to bootstrap the TVL repository (by not having to specify the individual folders that need to be read). For reasons related to an infinite recursion we could not (be bothered to) debug, the top-level `config` key (which held the attribute set passed on by readTree) has been removed. This is not needed, as it is already passed on by readTree ... Co-Authored-By: Florian Klink <flokli@flokli.de> Change-Id: Id6e39b57b2f5b3473c4b695a72dd1d01fcfb7a66 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2961 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: grfn <grfn@gws.fyi>
2021-04-12 21:49:36 +02:00
})
Reference in a new issue Copy permalink