From 252fca47ebe9b7d29d6355539d8c3fc22e017d63 Mon Sep 17 00:00:00 2001
From: zowoq <59103226+zowoq@users.noreply.github.com>
Date: Tue, 13 Feb 2024 07:31:47 +1000
Subject: [PATCH] switch back to nixpkgs hercules ci agent
---
flake.lock | 67 +++-----------------------
flake.nix | 4 --
hosts/darwin02/configuration.nix | 5 --
modules/darwin/hercules-ci/default.nix | 2 -
modules/nixos/hercules-ci/default.nix | 3 +-
5 files changed, 7 insertions(+), 74 deletions(-)
diff --git a/flake.lock b/flake.lock
index 8063073..f6625cb 100644
--- a/flake.lock
+++ b/flake.lock
@@ -66,44 +66,6 @@
"type": "github"
}
},
- "haskell-flake": {
- "locked": {
- "lastModified": 1684780604,
- "narHash": "sha256-2uMZsewmRn7rRtAnnQNw1lj0uZBMh4m6Cs/7dV5YF08=",
- "owner": "srid",
- "repo": "haskell-flake",
- "rev": "74210fa80a49f1b6f67223debdbf1494596ff9f2",
- "type": "github"
- },
- "original": {
- "owner": "srid",
- "ref": "0.3.0",
- "repo": "haskell-flake",
- "type": "github"
- }
- },
- "hercules-ci-agent": {
- "inputs": {
- "flake-parts": [
- "flake-parts"
- ],
- "haskell-flake": "haskell-flake",
- "nixpkgs": "nixpkgs"
- },
- "locked": {
- "lastModified": 1709701475,
- "narHash": "sha256-3hJ9jQD3hBlW0evtgPbafQs/lc2EKpknT3HpuRfIIqQ=",
- "owner": "hercules-ci",
- "repo": "hercules-ci-agent",
- "rev": "5ac8a664284001c49bd5ab30c2df20d9c6672e31",
- "type": "github"
- },
- "original": {
- "owner": "hercules-ci",
- "repo": "hercules-ci-agent",
- "type": "github"
- }
- },
"nix-darwin": {
"inputs": {
"nixpkgs": [
@@ -126,16 +88,16 @@
},
"nixpkgs": {
"locked": {
- "lastModified": 1709479366,
- "narHash": "sha256-n6F0n8UV6lnTZbYPl1A9q1BS0p4hduAv1mGAP17CVd0=",
+ "lastModified": 1709855257,
+ "narHash": "sha256-1G57sSUmJ6Pi6WLlOEC3x43mEMECKU4NDkRfNdaHUs0=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "b8697e57f10292a6165a20f03d2f42920dfaf973",
+ "rev": "c8cd65298e567e1e604431e4544361e365410f8c",
"type": "github"
},
"original": {
"owner": "NixOS",
- "ref": "nixos-unstable",
+ "ref": "nixos-unstable-small",
"repo": "nixpkgs",
"type": "github"
}
@@ -143,7 +105,7 @@
"nixpkgs-update": {
"inputs": {
"mmdoc": [],
- "nixpkgs": "nixpkgs_3",
+ "nixpkgs": "nixpkgs_2",
"runtimeDeps": [
"nixpkgs"
]
@@ -181,22 +143,6 @@
}
},
"nixpkgs_2": {
- "locked": {
- "lastModified": 1709855257,
- "narHash": "sha256-1G57sSUmJ6Pi6WLlOEC3x43mEMECKU4NDkRfNdaHUs0=",
- "owner": "NixOS",
- "repo": "nixpkgs",
- "rev": "c8cd65298e567e1e604431e4544361e365410f8c",
- "type": "github"
- },
- "original": {
- "owner": "NixOS",
- "ref": "nixos-unstable-small",
- "repo": "nixpkgs",
- "type": "github"
- }
- },
- "nixpkgs_3": {
"locked": {
"lastModified": 1672428209,
"narHash": "sha256-eejhqkDz2cb2vc5VeaWphJz8UXNuoNoM8/Op8eWv2tQ=",
@@ -235,9 +181,8 @@
"buildbot-nix": "buildbot-nix",
"disko": "disko",
"flake-parts": "flake-parts",
- "hercules-ci-agent": "hercules-ci-agent",
"nix-darwin": "nix-darwin",
- "nixpkgs": "nixpkgs_2",
+ "nixpkgs": "nixpkgs",
"nixpkgs-update": "nixpkgs-update",
"nixpkgs-update-github-releases": "nixpkgs-update-github-releases",
"nur-update": "nur-update",
diff --git a/flake.nix b/flake.nix
index d61e473..d3d550e 100644
--- a/flake.nix
+++ b/flake.nix
@@ -40,10 +40,6 @@
treefmt-nix.url = "github:numtide/treefmt-nix";
treefmt-nix.inputs.nixpkgs.follows = "nixpkgs";
-
- hercules-ci-agent.url = "github:hercules-ci/hercules-ci-agent";
- hercules-ci-agent.inputs.flake-parts.follows = "flake-parts";
- #hercules-ci-agent.inputs.nixpkgs.follows = "nixpkgs";
};
outputs = inputs @ { flake-parts, self, ... }:
diff --git a/hosts/darwin02/configuration.nix b/hosts/darwin02/configuration.nix
index a3d9a43..447dda0 100644
--- a/hosts/darwin02/configuration.nix
+++ b/hosts/darwin02/configuration.nix
@@ -8,11 +8,6 @@
inputs.self.darwinModules.remote-builder
];
- # can be removed when we switch back to the nixpkgs hercules-ci-agent
- system.systemBuilderArgs.sandboxProfile = ''
- (allow file-read* file-write* process-exec mach-lookup (subpath "${builtins.storeDir}"))
- '';
-
nix.settings.sandbox = "relaxed";
nix.settings.extra-platforms = [ "x86_64-darwin" ];
diff --git a/modules/darwin/hercules-ci/default.nix b/modules/darwin/hercules-ci/default.nix
index abf623b..73f9bcb 100644
--- a/modules/darwin/hercules-ci/default.nix
+++ b/modules/darwin/hercules-ci/default.nix
@@ -1,7 +1,5 @@
-{ inputs, pkgs, ... }:
{
# hercules secrets are installed manually from ./secrets.yaml
# https://docs.hercules-ci.com/hercules-ci/getting-started/deploy/nix-darwin
services.hercules-ci-agent.enable = true;
- services.hercules-ci-agent.package = inputs.hercules-ci-agent.packages.${pkgs.stdenv.hostPlatform.system}.hercules-ci-agent;
}
diff --git a/modules/nixos/hercules-ci/default.nix b/modules/nixos/hercules-ci/default.nix
index 4140d17..5f0b8c8 100644
--- a/modules/nixos/hercules-ci/default.nix
+++ b/modules/nixos/hercules-ci/default.nix
@@ -1,4 +1,4 @@
-{ config, inputs, pkgs, ... }:
+{ config, ... }:
let
herculesSecret = {
owner = "hercules-ci-agent";
@@ -13,7 +13,6 @@ in
services.hercules-ci-agent = {
enable = true;
- package = inputs.hercules-ci-agent.packages.${pkgs.stdenv.hostPlatform.system}.hercules-ci-agent;
settings = {
binaryCachesPath = secrets."binary-caches.json".path;
clusterJoinTokenPath = secrets."cluster-join-token.key".path;