Derivations that support overrideAttrs now have their readTree
markers merged in using it, as passthru attributes.
This makes the significant difference that overriding readTree targets
using `overrideAttrs` keeps their readTree data intact.
Change-Id: Ieef635f048781bf4782c1a28532b89a66d9ca24d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5186
Tested-by: BuildkiteCI
Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
Autosubmit: tazjin <tazjin@tvl.su>
Required for using overrideAttrs in readTree (cl/5186). Since this
uses pkgs.runCommand we know that overrideAttrs is available.
Change-Id: I18fdcc34cc79872834052caf4bf74555fdb766ce
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5187
Tested-by: BuildkiteCI
Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
Autosubmit: tazjin <tazjin@tvl.su>
We've seen the famous 1 minute timeout on Buildkite again, probably
due to something (keys in targets?) increasing the overall payload
size of our chunks.
This reduces the chunk size by 25%. Lets keep an eye on it with this
value ...
Change-Id: I6bf0e9e4ab0d5b8de22773e6cd5da8d0959cc448
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5105
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
Seems like some issues to do with bytecode compilation have been fixed
at HEAD. closer-mop compiles again and an ironclad failure with the
next quicklisp/channel bump is avoided.
In this change pathname handling in ECL also changed somehow, causing it
to make the :directory part absolute by prefixing it with a slash which
made ld.bfd unhappy while linking an output path that began with a
double slash. This problem can be avoided by constructing the path as
ANSI Common Lisp intended. The truename on the out path is important to
make it recognize that it is indeed a directory.
Change-Id: I5e744022b92502f99ac0b33411a6be443707e200
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5076
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Allows users to define steps with `postBuild = true` which always run
after 🦆, but do not require human approvals.
This can be useful for things like unconditional release steps.
Change-Id: Idbf6c48a9dedcfc6cc9b7f098423364e2fa72d2d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5052
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: tazjin <tazjin@tvl.su>
The previous `condition` abstraction which allowed the full set of
Buildkite conditionals is way too leaky (it lets users to very
Buildkite-specific things which we may not want to allow, and which
are mostly not relevant to a pure evaluation).
Supporting only the `branches` condition (native to Buildkite) should
make it possible to port this to other future CI systems later.
Change-Id: Ib8adcc41db4f1a3566cbeecf13a4228403105c1f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5051
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
Autosubmit: tazjin <tazjin@tvl.su>
Adds support for extra build steps that specify a `prompt`. These
steps will be run at the end of the pipeline and will be gated by
human approval.
This mechanism can be used to, for example, stage releases of software
released from depot that are subject to approval.
Change-Id: I97bb505664a2ccf01142286f14e20a370afaa345
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5033
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
Autosubmit: tazjin <tazjin@tvl.su>
This will create `build-chunk-$n.json` files for steps that should run
_before_ duck, and `post-chunk-$n.json` files for steps that should
run after duck.
The post steps are not yet uploaded to Buildkite, but we also don't
have any right now.
Change-Id: I7e1b59cf55a8bf1d97266f6e988aa496959077bf
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5047
Tested-by: BuildkiteCI
Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
Autosubmit: tazjin <tazjin@tvl.su>
This introduces a new feature to our CI system in which targets can
declare extra steps in `meta.ci.extraSteps`.
See the comment in //nix/buildkite/default.nix for an explanation of
how these extra steps are defined.
Change-Id: Icce2890c743286dd37f43024cd390dcebac8cdba
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5008
Tested-by: BuildkiteCI
Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
The --fork-point parameter is dependent on reflog data which may get
garbage collected. This can lead to flaky behaviour where it returns
no results and fails if `git gc` recently ran (Buildkite will do this
occasionally).
Though the parameter is semantically closer to what we're looking for,
the output is *usually* the same commit since we're not dealing with
more than one thing to compare.
Change-Id: Idc31e7a26fda2b7113edfa162d9d3811b1a01bf6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5032
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
The `local` usage we had before would silently swallow non-zero exit
statuses from the substituted git commands.
For some (as of yet unknown) reason, `git merge-base` seems to
sometimes silently fail and produce no output, which broke the rest of
the script logic.
This change will lead to an earlier error, but we don't know if it is
a fix for the actual cause of the git-merge-base problem because the
shape of that problem is unclear.
Change-Id: I4555c8638da450263fa2fd2c274dfdb69f65578e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5012
Tested-by: BuildkiteCI
Reviewed-by: kn <klemens@posteo.de>
This is no longer TVL-specific and should live here with the other
generalised stuff.
Change-Id: I95a1b4c0321f34812162d6fd40568269abf639dd
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5006
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
allDeps filters the lisp deps according to the given implementation,
processing any implementation conditional attribute sets. These are not
understood by allNative, so we need to pass it the already filtered
input or evaluation would fail.
Change-Id: I9eb2d0c3b2bf70d759d03490cf31fc585283ce7f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5001
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Moves to the derivation-based git fetchers everywhere in third-party.
This might help with forward-compatibility with newer Nix versions,
though that's not our primary concern right now.
Change-Id: I565bb72585b8639893e9ea3a9e233338aede63a9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3903
Tested-by: BuildkiteCI
Reviewed-by: zseri <zseri.devel@ytrizja.de>
This changes the logic for build pipeline generation to inspect
an (optional) parentTargetMap attribute which contains the derivation
map of a target commit.
Targets that existed in a parent commit with the same drv hash will be
skipped, as they are not considered to have changed.
This does not yet wire up any logic for retrieving the target map from
storage, meaning that at this commit all targets are always built.
The intention is that we will have logic to fetch the target
map (initially from Buildkite artefact storage), which we then pass to
the depot via externalArgs when actually generating the pipeline.
Change-Id: I3373c60aaf4b56b94c6ab64e2e5eef68dea9287c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4946
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Always create a structure that maps all targets to derivations, and
persist it as a JSON file.
This relates to some of the ideas expressed in:
https://docs.google.com/document/d/16A0a5oUxH1VoiSM8hyFyLW0WiUYpNo2e2D6FTW4BlH8/edit
The file is always uploaded to Buildkite as an artifact. This allows
for retrieving it based on the commit ID in a Buildkite GraphQL query.
By default, Buildkite stores artefacts for 6 months. Storage location
can be overridden (with custom retention) through some environment
variables, but for now at TVL the Buildkite-managed storage is fine.
See also: https://buildkite.com/docs/pipelines/artifacts
In the subsequent filtering implementation, when diffing commits
across a time-range that exceeds artefact retention time, we should
simply default to building everything.
Change-Id: I6d808461cd1c1fdd6983ba8c8ef075736d42caa7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3662
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Extracts the logic for generating our Buildkite pipeline (which has
been copy&pasted and slightly modified in some places outside of
depot) into a generic //nix/buildkite library.
This should cause no change in functionality.
Change-Id: Iad3201713945de41279b39e4f1b847f697c179f7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4726
Autosubmit: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
while trying to yantsify `mkSecrets` in https://cl.tvl.fyi/c/depot/+/4688,
I(zseri) needed to debug a failing evaluation which boiled down
to a result.ok containing something which wasn't boolean,
but the error message didn't indicate where that value came from.
I debugged yants and found that the only place which didn't
simply combine boolean values or use functions which always
return booleans, I managed to isolate the error to the
`pred v` expression. To avoid the necessity to debug yants
to find this, I improve the error message for this case
to mention that
- a restriction predicate is invalid
- what's the name of the failing restriction
- the unexpected predicate return value
Change-Id: I6c570a33ccc5afc445f208e2e8855c49fb37abaf
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4698
Tested-by: BuildkiteCI
Reviewed-by: zseri <zseri.devel@ytrizja.de>
Reviewed-by: tazjin <mail@tazj.in>
Autosubmit: zseri <zseri.devel@ytrizja.de>
These targets would be the same derivation, but named differently which
is noisy and causes a few, mostly subtle issues:
* Buildkite struggles with large pipelines a bit, we can save quite a
few steps by removing these.
* Having two jobs for the same derivation sometimes causes the annoying
situation that an agent would do nothing except waiting for a lock.
* Non-nix CI we add in the future may not be able to recognize that
these targets are the same and do extra work unnecessarily.
Change-Id: I1103e719ade1d3859d222b713969ac34a8765cba
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4515
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
When preparing cl/4381 I noticed that we actually handle this case
properly. depot.nix.utils.storePathName depot.path now works as
expected.
Change-Id: Ice9329c67b2e2210852012f5abe82fbbb13193de
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4382
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Autosubmit: sterni <sternenseemann@systemli.org>
This seemed to be missing a word previously.
Change-Id: Ifa860051d6b692a626dbaddbaee44b761f2274ff
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4386
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
This behaviour was previously confusing, since readTree's data
structure treats children from Nix files and directories as identical
but only one of them would be affected by .skip-subtree
The "subtree" to be skipped here refers to all children of the
structure.
Change-Id: Idf596c9823f09cc2acf49523916bde4b801b8519
Having `prettyRes` in the execline script causes it to fail because of
the argv limit if your test suite is long enough. For the succeeding one
we can work around this by hashing it (since we only care that something
changes if the test suite changes), in the case of the failing one where
we want to print the results, we use runExecline's stdin mechanism.
Change-Id: I2489f76acfbe809351f51caefe2a477328a70ee3
This function is also generally useful for readTree consumers that
have the concept of subtargets.
Change-Id: Ic7fc03380dec6953fb288763a28e50ab3624d233
This is often used when bootstrapping a repository with readTree,
before lib is available. Having this definition in readTree is more
convenient than copy&pasting it around to callsites.
Change-Id: I6d5d27ed142bea704843fe289ad2674be8c4d360
This is generally useful for readTree users and should be part of
readTree itself.
This is a move towards exposing several readTree-related features from
the library itself, in the future also including logic like 'gather'.
Note that this has a small functional change: In error messages of the
function, the notation for accessing Nix attributes is now used rather
than the Perforce-style `//` notation common in TVL.
For example, an error at `//web/tvl/logo` will produce `web.tvl.logo`
in the error message (which corresponds to the readTree attribute
itself).
This makes more sense for non-TVL consumers of readTree, as the
Perforce-style notation is custom to us specifically.
Change-Id: I8e199e473843c40db40b404c20d2c71f48a0f658
Since the filters return 'args', this makes nesting of filters more
readable.
Change-Id: I775252460e3e077cc6db2fab6f3948414a95ecbf
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3873
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Passed strings will be treated as a relative path below the given root,
which is quite convenient when using depot.path by eliminating a lot of
repetition.
Change-Id: I3da6058094484f4a6ffbb84f89ad4472b502a00c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3704
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
This ensures in a simple example that __readTree and __readTreeChildren
are populated correctly.
Change-Id: I69a46b2ddde0d1f9bf0dff1c4780f033ac8fc27a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3655
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
In order to make readTree import symlinked directories I've been looking
into how to detect if a symlink points to a directory (since this would
allow us to use symlinks for //nix/sparseTree). I've found a hack for
this:
symlinkPointsToDir = path: isSymlink path &&
builtins.pathExists (toString path + "/.")
Unfortunately it doesn't seem to be possible to distinguish whether the
symlink target does not exist or is a regular file.
Since it's possible, I thought might as well add this to
`pathType`. To make returning the extra information workable, I've
elected to use the attribute set layout used by `//nix/tag`. This
doesn't require us to depend anything (as opposed to yants), but gives
us pattern matching (via `nix.tag.match`) and also quite idiomatic
checking of pathTypes:
pathType ./foo ? file
(pathType ./foo).symlink or null == "symlink-directory"
Nonexistent paths are encoded like this:
pathType ./foo ? missing
Of course we can't use this in readTree (since it must be zero
dependency), but we can easily inline this hack at some point.
Change-Id: I15b64a1ea69953c95dc3239ef5860623652b3089
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3535
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: tazjin <mail@tazj.in>
This was a regression introduced in cl/3554.
Change-Id: I0721693a6eb1b28976b28499875812b1c3d1c910
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3654
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
This extends the calling convention for nint in a non-breaking way: If
the called script returns an attribute set instead of a string the
following is done:
* If the attributes `stdout` and/or `stderr` exist, their content (which
must be a string currently) is written to the respective output.
* If the attribute `exit` exists, nint will exit with the given exit
code. Must be a number that can be converted to an `i32`. If it's
missing, nint will exit without indicating an error.
Change-Id: I209cf178fee3d970fdea3b26e4049e944af47457
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3547
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
* goodAss wasn't used before. Simplify it to just return a boolean, so
we can use it for partitionTests later.
* goodIt also returns unnecessary extra meta information which is not
used. Cleaning that up makes the condition extremely small, so we can
inline it into (what was) goodIts.
* goodIts is just called in one place, so we can inline it into res.
Change-Id: I70cf4fa3f61ce1467a2ee5319f841cdd42db6a66
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3548
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
This change adds a new attribute to readTree nodes, `__readTreeChildren`
which is a list of attribute names added to this node by readTree.
This is then used by `gather` for `ci.targets` to avoid evaluating
attributes unnecessarily. Especially since Nix is not as lazy as we'd
like when determining types (i. e. child ? __readTree needs to force
`child` even when it's not an attribute set), evaluating attributes
unnecessarily is sometimes problematic.
Change-Id: I0a98691d41f987e23ee7e9ba21fbe465da5fe402
If the result of the assertions changes for a successful test
suite (this happens if tests are reworded, added or removed), this
makes sure the no-op derivation is rebuilt.
This makes sure that test suites show up in buildkite on ocassions other
than channel bumps, since they are only added to the job list if their
`outPath` is missing nowadays (see cl/3427).
Change-Id: Ia1050cca5eeed8b7da84c40f6154b40760a3047f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3536
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
Both are just trivial wrappers around assertIsTag to make these lookups
more ergonomic. This also allows us to demote assertIsTag to an
implemtation detail.
Change-Id: Ib6ba2a858f4839354a57b660042b418976c4b1d9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3541
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
I *thought* I was being clever with the (cdr (member …)) call, but
somehow completely forgot that *posix-argv* and
*command-line-argument-list* are equivalent to argv, so they also
contain the program name as the first element. Dropping that made
argument parsing completely break down, so let's revert back to the
older solution which works quite well.
Change-Id: If7d3321cda0ca512bc8c23b6541ce390b81a3e24
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3538
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Since //web/bubblegum depends on nint, we need to move it to a non user
directory to conform with the policy established via cl/3434.
Note that this likely doesn't mean greater stability (which isn't
really implied in depot anyways), since I still would like to use a more
elaborate calling convention to allow for additional useful features.
Change-Id: I616f905d8df13e3363674aab69a797b0d39fdd79
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3506
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Given a path (which points to a directory and a list of paths which
are below that path, build a “sparse” version of that directory, so
that it only contains the listed paths (and their children):
$ nix-build -E 'with import ./. {}; nix.sparseTree ./. [
./default.nix
./nix/readTree
./nix/buildLisp
./third_party/nixpkgs
./third_party/overlays
]'
/nix/store/0ynj0gc613fs6mfp9snqcvdj5gfxbdzg-sparse-depot
$ lr -t 'type == d' result/
result/
result/nix
result/nix/buildLisp
result/nix/buildLisp/example
result/nix/readTree
result/nix/readTree/tests
[…]
result/third_party
result/third_party/nixpkgs
result/third_party/overlays
result/third_party/overlays/haskell
result/third_party/overlays/haskell/patches
result/third_party/overlays/patches
This is useful if a derivation depends on depot.path (e. g. if it wants
to import depot at runtime). Usually this means that on every depot
commit (or even worse, every change of .git on a local machine), this
derivation has to be rebuild. By using sparseTree you can instead depend
on a stripped down version of depot which only contains the bits you
actually depend on, avoiding unrelated rebuilds.
Change-Id: I127b108c8b177c657fb46786d0a6256516fd2c52
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3503
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
This gives a slightly prettier error message and won't leak the error
message when builtins.tryEval is used. Currently an error message from
the tests is always part of the pipeline evaluation log.
Change-Id: I9b488a440368091ed42d707ba4124f592a64bd86
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3502
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>