Give some more context about what these mean. Mostly copied from the
descriptions in nix-eval.sh
Change-Id: I845f4227206f7035bcd185a708c14877a040c46a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11778
Tested-by: BuildkiteCI
Reviewed-by: Ilan Joselevich <personal@ilanjoselevich.com>
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: flokli <flokli@flokli.de>
At least terraform wants all parameters passed via JSON to be strings.
It can't accept maps.
This means, allowing to pass a `argstr` JSON dict isn't really possible.
However, terraform is perfectly able to JSON-encode a map. So accept a
`argstr_json` argument instead, which `jq` will JSON-decode before
further processing it.
I dropped `argstr` support again so the jq expression still fits on my
screen, if anyone else (started) using this, I'm happy to review a CL
adding this. We should probably move the jq expression to some multiline
format then, though.
Change-Id: I5ab7a1169ab7305d3ab02db31c27732d9d1ab4e8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11228
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
If this is set to true (and only then), also invoke `nix-build` on the
previously-instantiated .drv to cause builds/substitutions on the local
machine.
There's no terraform example for this in here, but this is useful if you
want to perform builds locally, for example to upload nix-built blobs
elsewhere through terraform.
Change-Id: Idcf7b8527aa9c27f6f9ca60ca607c29d82e1cce9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11215
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
We already did all the instantiation, grabbing the calculated output
path too is cheap.
Change-Id: Id591865c65159409da739f706a9de29a9f50456a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11214
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
This documents the input and output format, and also removes some
references to Terraform and evaluating NixOS system configurations.
It can be used to evaluate anything.
Change-Id: I8492cc3e386f89b299469c78e586644ee82a708f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11213
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
This allows setting argstr to a map of keys and values.
We use jq to construct "--argstr k v" arguments, which are passed to
nix-instantiate.
Change-Id: I720a597ca2276364bc7005c156064d938f143041
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11141
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
This is the result of a `"reuse annotate --copyright "The TVL Authors"
--license MIT"` in that directory, making it conformant with the REUSE
Specification:
https://reuse.software/spec
Change-Id: I13e069b4621e8d5ccb7a09c12f772d70dea40a11
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10170
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
In case `target_user_ssh_key` points to an empty string, nixos-copy.sh
just doesn't set `IdentityFile=` at all.
This allows using deploy-nixos without any explicitly passed ssh keys,
but picking up whatever ssh setup the user has configured locally.
Change-Id: If335ce8434627e61da13bf6923b9767085af08a5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8576
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
We missed renaming this as well while iterating over
https://cl.tvl.fyi/c/depot/+/7950.
Change-Id: I704d3b60bb3beb1a2148e27bdd4a49075a6649b3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8230
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
This allows passing in custom triggers to trigger a (re)deploy.
For example, a caller can put an AWS instance ID into the triggers to
cause a redeploy whenever the instance ID has changed.
The `target_name` terraform variable was doing something similar, but
`triggers` is more generic, allowing multiple triggers, without having
to stringify them.
We also don't need to trigger on the attrpath - it can be changed, and
as long as it still evaluates to the same
`data.external.nixos_system.result.drv` (which is checked on every
plan), no redeploy needs to be made.
Change-Id: I94ce787a50830b87b6f53c08e042e4abe4036bdd
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8191
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: flokli <flokli@flokli.de>
This adds an additional parameter `entrypoint`, pointing to a .nix file
(or a directory containing a `default.nix` file) that's providing the
attribute path asked for.
If not set / kept at the default (empty string), it falls back to the
root dir of the repository as before.
Change-Id: I2e63114f21660c842153ac15424b3491d66624d2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8190
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
This module makes it fairly easy to deploy NixOS system closures using
Terraform, while properly separating the evaluation of a
derivation (to determine whether a deploy is needed) from the building
and copying of the closure itself.
This has been on my stack for a while. It was originally developed for
Resoptima, who agreed to open-sourcing it in depot back when we
completed our work with them. Their contribution has been acknowledged
in the README.
Co-Authored-By: Florian Klink <flokli@flokli.de>
Change-Id: Ica4c170658cd25f1fb7072c9a45735fcc4351474
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7950
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
