diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 197c96a9e9e2f82b27bfa679270f676d1b43e60a..ad94191fe16b94234fd9fd169e179a7da9e67619 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -6,12 +6,30 @@ stages:
variables:
GIT_SUBMODULE_STRATEGY: recursive
GIT_DEPTH: 0
+ CACHIX_CACHE_NAME: flow3r
+ BUILD_IMAGE_NAME: ${CI_REGISTRY_IMAGE}/flow3r-build:${CI_COMMIT_SHA}
default:
# built via:
# docker load < $(nix-build nix/docker-image.nix)
image: registry.gitlab.com/flow3r-badge/flow3r-build:kfjixcricw2358zp5vg15b784l9jnpzz
+nix-deps:
+ image: docker.nix-community.org/nixpkgs/nix-flakes
+ stage: .pre
+ script:
+ - set +e +o pipefail
+ # cache development environment
+ - nix run .#build-and-cache -- devShell
+ # build docker image and cache if not already in cache
+ - nix run .#build-and-cache -- dockerImage
+ # push docker image
+ # FIXME: disabled because the gitlab registry is broken
+ #- |
+ # echo "${CI_REGISTRY_PASSWORD}" \
+ # | skopeo login --username="${CI_REGISTRY_USER}" --password-stdin "${CI_REGISTRY}"
+ #- skopeo copy --tmpdir /tmp --insecure-policy "docker-archive://${PWD}/result" "docker://${BUILD_IMAGE_NAME}"
+
clang-tidy:
stage: check
script:
diff --git a/flake.nix b/flake.nix
index 66ecd503b892de68dc34bed1ea62336442921df6..baac093990ccbff6e2fbd1a045a86bffcbe53a90 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,6 +1,17 @@
{
description = "flow3r badge flake";
+ nixConfig = {
+ substituters = [
+ "https://cache.nixos.org"
+ "https://flow3r.cachix.org"
+ ];
+ trusted-public-keys = [
+ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
+ "flow3r.cachix.org-1:/v8059Hm6UdEVNKE15uxltpYM0z+pulaTpobjIvFM5A="
+ ];
+ };
+
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
flake-compat = {
@@ -69,6 +80,8 @@
{
overlays.default = import ./nix/overlay;
+ legacyPackages = forAllPkgs (pkgs: pkgs);
+
packages = forAllPkgs (pkgs:
{
dockerImage = pkgs.dockerTools.buildImage {
@@ -84,9 +97,8 @@
pathsToLink = [ "/bin" ];
};
- runAsRoot = ''
- #!${pkgs.runtimeShell}
- mkdir -p /tmp
+ extraCommands = ''
+ mkdir -m 1777 tmp
'';
config = {
@@ -102,6 +114,44 @@
};
});
+ hydraJobs = let inherit (nixpkgs.lib) hydraJob; in {
+ dockerImage = forAllSystems (system: hydraJob self.packages.${system}.dockerImage);
+ devShell = forAllSystems (system: hydraJob self.devShells.${system}.default);
+ };
+
+ apps = forAllPkgs (pkgs: {
+ cache-flake-inputs = {
+ type = "app";
+ program = toString (pkgs.writers.writeBash "cache-flake-inputs" ''
+ set +e +o pipefail
+ nix flake archive --json \
+ | ${pkgs.jq}/bin/jq -r '.path,(.inputs|to_entries[].value.path)' \
+ | ${pkgs.cachix}/bin/cachix push flow3r
+ '');
+ };
+ build-and-cache = {
+ type = "app";
+ program = toString (pkgs.writers.writeBash "build-and-cache" ''
+ set +e +o pipefail
+ PACKAGE="$1"
+
+ IS_CACHED=$(
+ ${pkgs.nix-eval-jobs}/bin/nix-eval-jobs \
+ --gc-roots-dir gcroot \
+ --flake ".#hydraJobs.$PACKAGE" \
+ --check-cache-status \
+ | ${pkgs.jq}/bin/jq '.isCached'
+ )
+
+ if [ "$IS_CACHED" == "false" ]; then
+ nix build -L --json ".#hydraJobs.$PACKAGE.${pkgs.system}" \
+ | ${pkgs.jq}/bin/jq -r '.[].outputs | to_entries[].value' \
+ | ${pkgs.cachix}/bin/cachix push flow3r
+ fi
+ '');
+ };
+ });
+
devShells = forAllPkgs (pkgs:
{
default = pkgs.mkShell {