sercanto/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

switch back to nixpkgs hercules ci agent

Browse source
This commit is contained in:
zowoq 2024-02-13 07:31:47 +10:00
parent dc2405a8ac
commit 252fca47eb
5 changed files with 7 additions and 74 deletions
flake.lockflake.nix
hosts/darwin02
configuration.nix
modules
darwin/hercules-ci
default.nix
nixos/hercules-ci
default.nix

67
flake.lock generated
View file

@ -66,44 +66,6 @@
"type": "github" "type": "github"
} }
}, },
"haskell-flake": {
"locked": {
"lastModified": 1684780604,
"narHash": "sha256-2uMZsewmRn7rRtAnnQNw1lj0uZBMh4m6Cs/7dV5YF08=",
"owner": "srid",
"repo": "haskell-flake",
"rev": "74210fa80a49f1b6f67223debdbf1494596ff9f2",
"type": "github"
},
"original": {
"owner": "srid",
"ref": "0.3.0",
"repo": "haskell-flake",
"type": "github"
}
},
"hercules-ci-agent": {
"inputs": {
"flake-parts": [
"flake-parts"
],
"haskell-flake": "haskell-flake",
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1709701475,
"narHash": "sha256-3hJ9jQD3hBlW0evtgPbafQs/lc2EKpknT3HpuRfIIqQ=",
"owner": "hercules-ci",
"repo": "hercules-ci-agent",
"rev": "5ac8a664284001c49bd5ab30c2df20d9c6672e31",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "hercules-ci-agent",
"type": "github"
}
},
"nix-darwin": { "nix-darwin": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -126,16 +88,16 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1709479366, "lastModified": 1709855257,
"narHash": "sha256-n6F0n8UV6lnTZbYPl1A9q1BS0p4hduAv1mGAP17CVd0=", "narHash": "sha256-1G57sSUmJ6Pi6WLlOEC3x43mEMECKU4NDkRfNdaHUs0=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "b8697e57f10292a6165a20f03d2f42920dfaf973", "rev": "c8cd65298e567e1e604431e4544361e365410f8c",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixos-unstable", "ref": "nixos-unstable-small",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
@ -143,7 +105,7 @@
"nixpkgs-update": { "nixpkgs-update": {
"inputs": { "inputs": {
"mmdoc": [], "mmdoc": [],
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_2",
"runtimeDeps": [ "runtimeDeps": [
"nixpkgs" "nixpkgs"
] ]
@ -181,22 +143,6 @@
} }
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": {
"lastModified": 1709855257,
"narHash": "sha256-1G57sSUmJ6Pi6WLlOEC3x43mEMECKU4NDkRfNdaHUs0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c8cd65298e567e1e604431e4544361e365410f8c",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable-small",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1672428209, "lastModified": 1672428209,
"narHash": "sha256-eejhqkDz2cb2vc5VeaWphJz8UXNuoNoM8/Op8eWv2tQ=", "narHash": "sha256-eejhqkDz2cb2vc5VeaWphJz8UXNuoNoM8/Op8eWv2tQ=",
@ -235,9 +181,8 @@
"buildbot-nix": "buildbot-nix", "buildbot-nix": "buildbot-nix",
"disko": "disko", "disko": "disko",
"flake-parts": "flake-parts", "flake-parts": "flake-parts",
"hercules-ci-agent": "hercules-ci-agent",
"nix-darwin": "nix-darwin", "nix-darwin": "nix-darwin",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs",
"nixpkgs-update": "nixpkgs-update", "nixpkgs-update": "nixpkgs-update",
"nixpkgs-update-github-releases": "nixpkgs-update-github-releases", "nixpkgs-update-github-releases": "nixpkgs-update-github-releases",
"nur-update": "nur-update", "nur-update": "nur-update",

4
flake.nix
View file

@ -40,10 +40,6 @@
treefmt-nix.url = "github:numtide/treefmt-nix"; treefmt-nix.url = "github:numtide/treefmt-nix";
treefmt-nix.inputs.nixpkgs.follows = "nixpkgs"; treefmt-nix.inputs.nixpkgs.follows = "nixpkgs";
hercules-ci-agent.url = "github:hercules-ci/hercules-ci-agent";
hercules-ci-agent.inputs.flake-parts.follows = "flake-parts";
#hercules-ci-agent.inputs.nixpkgs.follows = "nixpkgs";
}; };
outputs = inputs @ { flake-parts, self, ... }: outputs = inputs @ { flake-parts, self, ... }:

5
hosts/darwin02/configuration.nix
View file

@ -8,11 +8,6 @@
inputs.self.darwinModules.remote-builder inputs.self.darwinModules.remote-builder
]; ];
# can be removed when we switch back to the nixpkgs hercules-ci-agent
system.systemBuilderArgs.sandboxProfile = ''
(allow file-read* file-write* process-exec mach-lookup (subpath "${builtins.storeDir}"))
'';
nix.settings.sandbox = "relaxed"; nix.settings.sandbox = "relaxed";
nix.settings.extra-platforms = [ "x86_64-darwin" ]; nix.settings.extra-platforms = [ "x86_64-darwin" ];

2
modules/darwin/hercules-ci/default.nix
View file

@ -1,7 +1,5 @@
{ inputs, pkgs, ... }:
{ {
# hercules secrets are installed manually from ./secrets.yaml # hercules secrets are installed manually from ./secrets.yaml
# https://docs.hercules-ci.com/hercules-ci/getting-started/deploy/nix-darwin # https://docs.hercules-ci.com/hercules-ci/getting-started/deploy/nix-darwin
services.hercules-ci-agent.enable = true; services.hercules-ci-agent.enable = true;
services.hercules-ci-agent.package = inputs.hercules-ci-agent.packages.${pkgs.stdenv.hostPlatform.system}.hercules-ci-agent;
} }

3
modules/nixos/hercules-ci/default.nix
View file

@ -1,4 +1,4 @@
{ config, inputs, pkgs, ... }: { config, ... }:
let let
herculesSecret = { herculesSecret = {
owner = "hercules-ci-agent"; owner = "hercules-ci-agent";
@ -13,7 +13,6 @@ in
services.hercules-ci-agent = { services.hercules-ci-agent = {
enable = true; enable = true;
package = inputs.hercules-ci-agent.packages.${pkgs.stdenv.hostPlatform.system}.hercules-ci-agent;
settings = { settings = {
binaryCachesPath = secrets."binary-caches.json".path; binaryCachesPath = secrets."binary-caches.json".path;
clusterJoinTokenPath = secrets."cluster-join-token.key".path; clusterJoinTokenPath = secrets."cluster-join-token.key".path;