From 07628a324b3a445f7d3e2f658285aecf87157f4e Mon Sep 17 00:00:00 2001 From: Morgan Helton Date: Sat, 17 Feb 2024 15:38:00 -0600 Subject: [PATCH] add hercules-ci --- flake.lock | 100 ++++++++++++++++++++- flake.nix | 245 +++++++++++++++++++++++++++++----------------------- garnix.yaml | 9 -- 3 files changed, 233 insertions(+), 121 deletions(-) delete mode 100644 garnix.yaml diff --git a/flake.lock b/flake.lock index 1c14c57..e5408dc 100644 --- a/flake.lock +++ b/flake.lock @@ -221,6 +221,44 @@ } }, "flake-parts_2": { + "inputs": { + "nixpkgs-lib": [ + "hercules-ci-effects", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1701473968, + "narHash": "sha256-YcVE5emp1qQ8ieHUnxt1wCZCC3ZfAS+SRRWZ2TMda7E=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "34fed993f1674c8d06d58b37ce1e0fe5eebcb9f5", + "type": "github" + }, + "original": { + "id": "flake-parts", + "type": "indirect" + } + }, + "flake-parts_3": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib_2" + }, + "locked": { + "lastModified": 1706830856, + "narHash": "sha256-a0NYyp+h9hlb7ddVz4LUn1vT/PLwqfrWYcHMvFB1xYg=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "b253292d9c0a5ead9bc98c4e9a26c6312e27d69f", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_4": { "inputs": { "nixpkgs-lib": [ "nix-packages", @@ -321,6 +359,26 @@ "type": "github" } }, + "hercules-ci-effects_2": { + "inputs": { + "flake-parts": "flake-parts_4", + "nixpkgs": "nixpkgs_3" + }, + "locked": { + "lastModified": 1707187737, + "narHash": "sha256-1vdTyh8dclFK/fVoxFnJmzQis370IteOKERRExn9wXU=", + "owner": "mlabs-haskell", + "repo": "hercules-ci-effects", + "rev": "832a4a30d646bf0a6fbbd7a0d88aa3f748584af8", + "type": "github" + }, + "original": { + "owner": "mlabs-haskell", + "ref": "push-cache-effect", + "repo": "hercules-ci-effects", + "type": "github" + } + }, "impermanence": { "locked": { "lastModified": 1706639736, @@ -339,8 +397,8 @@ "nix-packages": { "inputs": { "attic": "attic_2", - "flake-parts": "flake-parts", - "hercules-ci-effects": "hercules-ci-effects", + "flake-parts": "flake-parts_3", + "hercules-ci-effects": "hercules-ci-effects_2", "nixpkgs": [ "nixpkgs" ] @@ -444,6 +502,24 @@ "type": "github" } }, + "nixpkgs-lib_2": { + "locked": { + "dir": "lib", + "lastModified": 1706550542, + "narHash": "sha256-UcsnCG6wx++23yeER4Hg18CXWbgNpqNXcHIo5/1Y+hc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "97b17f32362e475016f942bbdfda4a4a72a8a652", + "type": "github" + }, + "original": { + "dir": "lib", + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs-stable": { "locked": { "lastModified": 1702780907, @@ -525,6 +601,22 @@ } }, "nixpkgs_3": { + "locked": { + "lastModified": 1703637592, + "narHash": "sha256-8MXjxU0RfFfzl57Zy3OfXCITS0qWDNLzlBAdwxGZwfY=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "cfc3698c31b1fb9cdcf10f36c9643460264d0ca8", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { "locked": { "lastModified": 1707689078, "narHash": "sha256-UUGmRa84ZJHpGZ1WZEBEUOzaPOWG8LZ0yPg1pdDF/yM=", @@ -565,11 +657,13 @@ "blocky-tailscale": "blocky-tailscale", "colmena": "colmena", "disko": "disko", + "flake-parts": "flake-parts", + "hercules-ci-effects": "hercules-ci-effects", "impermanence": "impermanence", "nix-packages": "nix-packages", "nixos-generators": "nixos-generators", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "nixpkgs-stable": "nixpkgs-stable_3", "pingshutdown": "pingshutdown", "sops-nix": "sops-nix" diff --git a/flake.nix b/flake.nix index bf40fcf..3f8d05e 100644 --- a/flake.nix +++ b/flake.nix @@ -9,6 +9,8 @@ nixos-hardware = { url = "github:NixOS/nixos-hardware"; }; + flake-parts.url = "github:hercules-ci/flake-parts"; + hercules-ci-effects.url = "github:mlabs-haskell/hercules-ci-effects/push-cache-effect"; nixos-generators = { url = "github:nix-community/nixos-generators"; inputs.nixpkgs.follows = "nixpkgs"; @@ -41,7 +43,7 @@ }; }; - outputs = { self, nixpkgs, nix-packages, nixos-generators, sops-nix, impermanence, blocky-tailscale, attic, disko, colmena, pingshutdown, ... }@inputs: + outputs = { self, nixpkgs, nix-packages, nixos-generators, flake-parts, hercules-ci-effects, sops-nix, impermanence, blocky-tailscale, attic, disko, colmena, pingshutdown, ... }@inputs: let inherit (nixpkgs.lib) genAttrs; forAllSystems = genAttrs [ "x86_64-linux" "aarch64-linux" "aarch64-darwin" ]; @@ -72,132 +74,157 @@ ./modules/nomad-client.nix ]; in - { - formatter = forAllSystems (system: legacyPackages.${system}.nixpkgs-fmt); - - # images - images = { - sophia = nixos-generators.nixosGenerate { - modules = [ - ./hosts/sophia - ]; - pkgs = legacyPackages."aarch64-linux"; - format = "sd-aarch64-installer"; - }; - blocky-fly = - let - system = "x86_64-linux"; - pkgs = legacyPackages.${system}; - in - blocky-tailscale.packages.${system}.blocky-tailscale.override { - blockyConfig = pkgs.writeText "blocky.conf" (builtins.toJSON (import ./images/blocky-fly/blocky-config.nix { })); - }; - gaia = nixos-generators.nixosGenerate { - modules = [ - ./hosts/gaia - ]; - specialArgs = { inherit inputs; }; - pkgs = legacyPackages."aarch64-linux"; - format = "sd-aarch64-installer"; - }; - pomerium = - let - system = "x86_64-linux"; - pkgs = legacyPackages.${system}; - in - pkgs.dockerTools.buildLayeredImage (import ./images/pomerium pkgs); - }; + flake-parts.lib.mkFlake { inherit inputs; } { + imports = [ + hercules-ci-effects.flakeModule + hercules-ci-effects.push-cache-effect + ]; - nixosConfigurations = { - sophia = - let system = "aarch64-linux"; - in - nixpkgs.lib.nixosSystem { - pkgs = legacyPackages."${system}"; - extraModules = [ colmena.nixosModules.deploymentOptions ]; - modules = defaultImports ++ [ - { nixpkgs.system = system; } # needed to use aarch64-linux packages - ./hosts/sophia - ./hosts/sophia/colmena.nix - ]; - }; + flake = { + formatter = forAllSystems (system: legacyPackages.${system}.nixpkgs-fmt); - chopper = - let system = "x86_64-linux"; - in - nixpkgs.lib.nixosSystem { - pkgs = legacyPackages."${system}"; - specialArgs = { inherit inputs; }; - extraModules = [ colmena.nixosModules.deploymentOptions ]; - modules = defaultImports ++ [ - ./hosts/chopper - ./hosts/chopper/colmena.nix + # images + images = { + sophia = nixos-generators.nixosGenerate { + modules = [ + ./hosts/sophia ]; + pkgs = legacyPackages."aarch64-linux"; + format = "sd-aarch64-installer"; }; - - gaia0 = - let system = "aarch64-linux"; - in - nixpkgs.lib.nixosSystem { - pkgs = legacyPackages."${system}"; - specialArgs = { inherit inputs; }; - extraModules = [ colmena.nixosModules.deploymentOptions ]; - modules = defaultImports ++ [ - { nixpkgs.system = system; } + blocky-fly = + let + system = "x86_64-linux"; + pkgs = legacyPackages.${system}; + in + blocky-tailscale.packages.${system}.blocky-tailscale.override { + blockyConfig = pkgs.writeText "blocky.conf" (builtins.toJSON (import ./images/blocky-fly/blocky-config.nix { })); + }; + gaia = nixos-generators.nixosGenerate { + modules = [ ./hosts/gaia - ./hosts/gaia/gaia0.nix ]; - }; - - gaia1 = - let system = "aarch64-linux"; - in - nixpkgs.lib.nixosSystem { - pkgs = legacyPackages."${system}"; specialArgs = { inherit inputs; }; - extraModules = [ colmena.nixosModules.deploymentOptions ]; - modules = defaultImports ++ [ - { nixpkgs.system = system; } - ./hosts/gaia - ./hosts/gaia/gaia1.nix - ]; + pkgs = legacyPackages."aarch64-linux"; + format = "sd-aarch64-installer"; }; + pomerium = + let + system = "x86_64-linux"; + pkgs = legacyPackages.${system}; + in + pkgs.dockerTools.buildLayeredImage (import ./images/pomerium pkgs); + }; + nixosConfigurations = { + sophia = + let system = "aarch64-linux"; + in + nixpkgs.lib.nixosSystem { + pkgs = legacyPackages."${system}"; + extraModules = [ colmena.nixosModules.deploymentOptions ]; + modules = defaultImports ++ [ + { nixpkgs.system = system; } # needed to use aarch64-linux packages + ./hosts/sophia + ./hosts/sophia/colmena.nix + ]; + }; + + chopper = + let system = "x86_64-linux"; + in + nixpkgs.lib.nixosSystem { + pkgs = legacyPackages."${system}"; + specialArgs = { inherit inputs; }; + extraModules = [ colmena.nixosModules.deploymentOptions ]; + modules = defaultImports ++ [ + ./hosts/chopper + ./hosts/chopper/colmena.nix + ]; + }; + + gaia0 = + let system = "aarch64-linux"; + in + nixpkgs.lib.nixosSystem { + pkgs = legacyPackages."${system}"; + specialArgs = { inherit inputs; }; + extraModules = [ colmena.nixosModules.deploymentOptions ]; + modules = defaultImports ++ [ + { nixpkgs.system = system; } + ./hosts/gaia + ./hosts/gaia/gaia0.nix + ]; + }; + + gaia1 = + let system = "aarch64-linux"; + in + nixpkgs.lib.nixosSystem { + pkgs = legacyPackages."${system}"; + specialArgs = { inherit inputs; }; + extraModules = [ colmena.nixosModules.deploymentOptions ]; + modules = defaultImports ++ [ + { nixpkgs.system = system; } + ./hosts/gaia + ./hosts/gaia/gaia1.nix + ]; + }; + + spdr = + let system = "x86_64-linux"; + in + nixpkgs.lib.nixosSystem { + pkgs = legacyPackages."${system}"; + extraModules = [ colmena.nixosModules.deploymentOptions ]; + modules = defaultImports ++ [ + ./hosts/spdr + ]; + }; + }; - - spdr = - let system = "x86_64-linux"; + colmena = + let conf = self.nixosConfigurations; in - nixpkgs.lib.nixosSystem { - pkgs = legacyPackages."${system}"; - extraModules = [ colmena.nixosModules.deploymentOptions ]; - modules = defaultImports ++ [ - ./hosts/spdr + { + meta = { + nixpkgs = legacyPackages."x86_64-linux"; + nodeSpecialArgs = builtins.mapAttrs (name: value: value._module.specialArgs) conf; + }; + } // builtins.mapAttrs (name: value: { imports = value._module.args.modules; }) conf; + + checks."x86_64-linux" = { + sophia = nixpkgs.lib.nixos.runTest { + imports = [ + ./hosts/sophia/tests.nix ]; + hostPkgs = legacyPackages."x86_64-linux"; + node.specialArgs = { inherit inputs; }; }; + }; }; - colmena = - let conf = self.nixosConfigurations; - in - { - meta = { - nixpkgs = legacyPackages."x86_64-linux"; - nodeSpecialArgs = builtins.mapAttrs (name: value: value._module.specialArgs) conf; - }; - } // builtins.mapAttrs (name: value: { imports = value._module.args.modules; }) conf; - - checks."aarch64-linux" = { - sophia = nixpkgs.lib.nixos.runTest { - imports = [ - ./hosts/sophia/tests.nix - ]; - hostPkgs = legacyPackages."aarch64-linux"; - node.specialArgs = { inherit inputs; }; + systems = [ + "x86_64-linux" + "aarch64-darwin" + "aarch64-linux" + ]; + + herculesCI = { config, lib, ... }: { + ciSystems = [ "x86_64-linux" "aarch64-linux" ]; + }; + + push-cache-effect = { + enable = true; + attic-client-pkg = attic.packages.x86_64-linux.attic-client; + caches.r2d2 = { + type = "attic"; + secretName = "attic"; + packages = map (host: self.nixosConfigurations."${host}".config.system.build.toplevel) (builtins.attrNames self.nixosConfigurations); }; }; - }; + }; } diff --git a/garnix.yaml b/garnix.yaml deleted file mode 100644 index 389cd40..0000000 --- a/garnix.yaml +++ /dev/null @@ -1,9 +0,0 @@ -builds: - exclude: [] - include: - - nixosConfigurations.chopper - - nixosConfigurations.sophia - - nixosConfigurations.spdr - - nixosConfigurations.gaia0 - - nixosConfigurations.gaia1 - - 'checks.aarch64-linux.*'