forked from pub-solar/os
Merge branch 'main' into teutat3s
This commit is contained in:
commit
9ef3d58d2e
169
.drone.yml
169
.drone.yml
|
@ -1,92 +1,3 @@
|
||||||
---
|
|
||||||
kind: pipeline
|
|
||||||
type: docker
|
|
||||||
name: Upstreaming
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- name: "Sync 'devos' branch with upstream"
|
|
||||||
image: alpine/git
|
|
||||||
when:
|
|
||||||
event:
|
|
||||||
- cron
|
|
||||||
cron:
|
|
||||||
- sync-main-with-upstream
|
|
||||||
environment:
|
|
||||||
GITEA_SSH_KEY:
|
|
||||||
from_secret: gitea_ssh_key
|
|
||||||
commands:
|
|
||||||
- ./.drone/setup_ssh.sh
|
|
||||||
- git remote add devos git@git.b12f.io:pub-solar/devos
|
|
||||||
- git remote set-url origin git@git.b12f.io:pub-solar/os
|
|
||||||
- git fetch --all
|
|
||||||
- git checkout -b devos --track origin/devos
|
|
||||||
- git merge -X theirs devos/main
|
|
||||||
- git push origin devos
|
|
||||||
- git remote set-url origin https://git.b12f.io/pub-solar/os.git
|
|
||||||
|
|
||||||
- name: "Sync $BRANCH with upstream"
|
|
||||||
image: alpine/git
|
|
||||||
when:
|
|
||||||
event:
|
|
||||||
- cron
|
|
||||||
cron:
|
|
||||||
- sync-main-with-upstream
|
|
||||||
- sync-b12f-with-main
|
|
||||||
- sync-teutat3s-with-main
|
|
||||||
environment:
|
|
||||||
GITEA_SSH_KEY:
|
|
||||||
from_secret: gitea_ssh_key
|
|
||||||
commands:
|
|
||||||
- git fetch origin
|
|
||||||
- git checkout origin/main
|
|
||||||
- ./.drone/setup_ssh.sh
|
|
||||||
- git remote set-url origin git@git.b12f.io:pub-solar/os
|
|
||||||
- git fetch --all
|
|
||||||
- ./.drone/upstream-branch.sh
|
|
||||||
|
|
||||||
- name: "Open pull request for failed merge"
|
|
||||||
image: nixery.dev/shell/tea
|
|
||||||
when:
|
|
||||||
status:
|
|
||||||
- failure
|
|
||||||
event:
|
|
||||||
- cron
|
|
||||||
cron:
|
|
||||||
- sync-main-with-upstream
|
|
||||||
- sync-b12f-with-main
|
|
||||||
- sync-teutat3s-with-main
|
|
||||||
environment:
|
|
||||||
TEA_CONFIG:
|
|
||||||
from_secret: tea_config
|
|
||||||
commands:
|
|
||||||
- mkdir -p ~/.config/tea
|
|
||||||
- echo "$$TEA_CONFIG" > ~/.config/tea/config.yml
|
|
||||||
- tea pulls create --base main --head devos
|
|
||||||
|
|
||||||
- name: "Notify matrix"
|
|
||||||
image: plugins/matrix
|
|
||||||
when:
|
|
||||||
status:
|
|
||||||
- failure
|
|
||||||
event:
|
|
||||||
- cron
|
|
||||||
cron:
|
|
||||||
- sync-main-with-upstream
|
|
||||||
- sync-b12f-with-main
|
|
||||||
- sync-teutat3s-with-main
|
|
||||||
settings:
|
|
||||||
homeserver: https://matrix.pub.solar
|
|
||||||
roomid: dfQBqwkhIzrFjMSsxy:pub.solar
|
|
||||||
username:
|
|
||||||
from_secret: matrix_username
|
|
||||||
password:
|
|
||||||
from_secret: matrix_password
|
|
||||||
template: "Upstreaming {{ build.status }} [{{ build.branch }}#{{ truncate build.commit 8 }}]({{ build.link }}) by {{ build.author }}. [Pull requests](https://git.b12f.io/pub-solar/os/pulls)"
|
|
||||||
|
|
||||||
trigger:
|
|
||||||
event:
|
|
||||||
- cron
|
|
||||||
|
|
||||||
---
|
---
|
||||||
kind: pipeline
|
kind: pipeline
|
||||||
type: docker
|
type: docker
|
||||||
|
@ -98,15 +9,78 @@ steps:
|
||||||
when:
|
when:
|
||||||
event:
|
event:
|
||||||
- pull_request
|
- pull_request
|
||||||
- tag
|
|
||||||
environment:
|
environment:
|
||||||
NIX_FLAGS: "--print-build-logs --verbose"
|
NIX_FLAGS: "--print-build-logs --verbose"
|
||||||
commands:
|
commands:
|
||||||
- 'echo DEBUG: Using NIX_FLAGS: $NIX_FLAGS'
|
- 'echo DEBUG: Using NIX_FLAGS: $NIX_FLAGS'
|
||||||
- nix $$NIX_FLAGS flake check
|
- nix $$NIX_FLAGS develop --command nix flake show
|
||||||
- nix $$NIX_FLAGS build ".#nixosConfigurations.PubSolarOS.config.system.build.toplevel"
|
- nix $$NIX_FLAGS build ".#nixosConfigurations.PubSolarOS.config.system.build.toplevel"
|
||||||
|
|
||||||
|
---
|
||||||
|
kind: pipeline
|
||||||
|
type: exec
|
||||||
|
name: Tests
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: "Tests"
|
||||||
|
environment:
|
||||||
|
NIX_FLAGS: "--print-build-logs --verbose"
|
||||||
|
commands:
|
||||||
|
- 'echo DEBUG: Using NIX_FLAGS: $NIX_FLAGS'
|
||||||
|
- nix $$NIX_FLAGS build ".#checks.x86_64-linux.customTestFor-PubSolarOS-firstTest"
|
||||||
|
- nix-store --read-log result
|
||||||
|
- nix $$NIX_FLAGS flake check
|
||||||
- nix $$NIX_FLAGS develop --command echo OK
|
- nix $$NIX_FLAGS develop --command echo OK
|
||||||
|
|
||||||
|
- name: "Upload artifacts"
|
||||||
|
environment:
|
||||||
|
TRITON_DONT_SOURCE_PROFILE: 1
|
||||||
|
PRIVATE_SSH_KEY:
|
||||||
|
from_secret: private_ssh_key
|
||||||
|
MANTA_USER: pub_solar
|
||||||
|
MANTA_URL: https://eu-central.manta.greenbaum.cloud
|
||||||
|
MANTA_KEY_ID: "5d:5f:3d:22:8d:37:1f:e6:d6:ab:06:18:d9:a2:04:67"
|
||||||
|
commands:
|
||||||
|
- export TARGET_DIR="ci/$${DRONE_REPO}/$${DRONE_BUILD_NUMBER}"
|
||||||
|
- echo env var TARGET_DIR is set to $$TARGET_DIR
|
||||||
|
- "mkdir ~/.ssh && chmod 700 ~/.ssh"
|
||||||
|
- echo "$$PRIVATE_SSH_KEY" > ~/.ssh/id_ed25519 && chmod 600 ~/.ssh/id_ed25519
|
||||||
|
- nix flake new --template "git+https://git.greenbaum.cloud/dev/tritonshell?ref=main" ./tritonshell
|
||||||
|
- git add tritonshell
|
||||||
|
- cd tritonshell
|
||||||
|
- nix develop --command mput -p -f ../result/foot_wayland_info.png ~~/public/$${TARGET_DIR}/foot_wayland_info.png
|
||||||
|
- nix develop --command mput -p -f ../result/test-wayland.out ~~/public/$${TARGET_DIR}/test-wayland.out
|
||||||
|
|
||||||
|
trigger:
|
||||||
|
ref:
|
||||||
|
- refs/tags/v*
|
||||||
|
- refs/tags/t*
|
||||||
|
|
||||||
|
---
|
||||||
|
kind: pipeline
|
||||||
|
type: docker
|
||||||
|
name: Notification
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: "Notify matrix"
|
||||||
|
image: plugins/matrix
|
||||||
|
settings:
|
||||||
|
homeserver: https://matrix.pub.solar
|
||||||
|
roomid: dfQBqwkhIzrFjMSsxy:pub.solar
|
||||||
|
username:
|
||||||
|
from_secret: matrix_username
|
||||||
|
password:
|
||||||
|
from_secret: matrix_password
|
||||||
|
template: "Test run triggered by tag: {{ build.tag }}. Test run exit status: {{ build.status }}. Artifacts uploaded to Manta: https://eu-central.manta.greenbaum.cloud/pub_solar/public/ci/{{ repo.Owner }}/{{ repo.Name }}/{{ build.number }}/foot_wayland_info.png"
|
||||||
|
|
||||||
|
depends_on:
|
||||||
|
- Tests
|
||||||
|
|
||||||
|
trigger:
|
||||||
|
ref:
|
||||||
|
- refs/tags/v*
|
||||||
|
- refs/tags/t*
|
||||||
|
|
||||||
---
|
---
|
||||||
kind: pipeline
|
kind: pipeline
|
||||||
type: docker
|
type: docker
|
||||||
|
@ -115,14 +89,15 @@ name: Publish ISO
|
||||||
steps:
|
steps:
|
||||||
- name: "Build ISO"
|
- name: "Build ISO"
|
||||||
image: docker.nix-community.org/nixpkgs/nix-flakes:latest
|
image: docker.nix-community.org/nixpkgs/nix-flakes:latest
|
||||||
|
environment:
|
||||||
|
NIX_FLAGS: "--print-build-logs --verbose"
|
||||||
volumes:
|
volumes:
|
||||||
- name: file-exchange
|
- name: file-exchange
|
||||||
path: /var/nix/iso-cache
|
path: /var/nix/iso-cache
|
||||||
commands:
|
commands:
|
||||||
- |
|
- |
|
||||||
nix --print-build-logs --verbose \
|
nix $$NIX_FLAGS build \
|
||||||
build \
|
'.#nixosConfigurations.bootstrap.config.system.build.isoImage'
|
||||||
'.#nixosConfigurations.bootstrap.config.system.build.bootstrapIso'
|
|
||||||
- cp $(readlink -f result)/iso/*.iso /var/nix/iso-cache/
|
- cp $(readlink -f result)/iso/*.iso /var/nix/iso-cache/
|
||||||
|
|
||||||
- name: "Publish ISO"
|
- name: "Publish ISO"
|
||||||
|
@ -148,8 +123,10 @@ depends_on:
|
||||||
- Check
|
- Check
|
||||||
|
|
||||||
trigger:
|
trigger:
|
||||||
|
branch:
|
||||||
|
- main
|
||||||
event:
|
event:
|
||||||
- tag
|
- push
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
- name: file-exchange
|
- name: file-exchange
|
||||||
|
@ -157,6 +134,6 @@ volumes:
|
||||||
|
|
||||||
---
|
---
|
||||||
kind: signature
|
kind: signature
|
||||||
hmac: da951ba8ede88996728acfb47846e01880eb0e3b91f66e47848d6c1cc727c5d9
|
hmac: 5d7c0ef5519ffe68189271b18d9084db55c9e14831f95234655f5387f9426db0
|
||||||
|
|
||||||
...
|
...
|
||||||
|
|
28
flake.lock
28
flake.lock
|
@ -162,15 +162,16 @@
|
||||||
"nixpkgs-unstable": "nixpkgs-unstable"
|
"nixpkgs-unstable": "nixpkgs-unstable"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1659622306,
|
"lastModified": 1661600857,
|
||||||
"narHash": "sha256-Kpfm2PNs+kZU0W7qcugoPATLG8I2P7FJFGTgsf1LJiU=",
|
"narHash": "sha256-KfQCcTtfvU0PXV4fD9XKIMcKx9lUUR0xWJoBgc12fKE=",
|
||||||
"owner": "divnix",
|
"owner": "pub-solar",
|
||||||
"repo": "digga",
|
"repo": "digga",
|
||||||
"rev": "d1193743a535d7fbbc7f3eda4e51295b10bd4d2c",
|
"rev": "c902b3ef0aa45cb4f336c390f647bb182c38a221",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "divnix",
|
"owner": "pub-solar",
|
||||||
|
"ref": "fix/bootstrap-iso",
|
||||||
"repo": "digga",
|
"repo": "digga",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
|
@ -355,22 +356,6 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"fork": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1659962873,
|
|
||||||
"narHash": "sha256-M9GdH4WhpHm1PHLyn8E/mDwhNohrSDtUQINwISmFncg=",
|
|
||||||
"owner": "teutat3s",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"rev": "76889bfa9fa296a47892eacfb4e82cfcff296938",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "teutat3s",
|
|
||||||
"ref": "bump/deploy-rs",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"home": {
|
"home": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
|
@ -638,7 +623,6 @@
|
||||||
"darwin": "darwin",
|
"darwin": "darwin",
|
||||||
"deploy": "deploy",
|
"deploy": "deploy",
|
||||||
"digga": "digga",
|
"digga": "digga",
|
||||||
"fork": "fork",
|
|
||||||
"home": "home",
|
"home": "home",
|
||||||
"latest": "latest_2",
|
"latest": "latest_2",
|
||||||
"master": "master",
|
"master": "master",
|
||||||
|
|
|
@ -12,7 +12,7 @@
|
||||||
latest.url = "github:nixos/nixpkgs/nixos-unstable";
|
latest.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||||
master.url = "github:nixos/nixpkgs/master";
|
master.url = "github:nixos/nixpkgs/master";
|
||||||
|
|
||||||
digga.url = "github:divnix/digga";
|
digga.url = "github:pub-solar/digga/fix/bootstrap-iso";
|
||||||
digga.inputs.nixpkgs.follows = "nixos";
|
digga.inputs.nixpkgs.follows = "nixos";
|
||||||
digga.inputs.nixlib.follows = "nixos";
|
digga.inputs.nixlib.follows = "nixos";
|
||||||
digga.inputs.home-manager.follows = "home";
|
digga.inputs.home-manager.follows = "home";
|
||||||
|
|
|
@ -1,9 +1,6 @@
|
||||||
{ profiles, ... }:
|
{ profiles, ... }:
|
||||||
{
|
{
|
||||||
# build with: `nix build '.#nixosConfigurations.bootstrap.config.system.build.bootstrapIso'`
|
# build with: `nix build ".#nixosConfigurations.bootstrap.config.system.build.isoImage"`
|
||||||
# reachable on the local link via ssh root@fe80::47%eno1
|
|
||||||
# where 'eno1' is replaced by your own machine's network
|
|
||||||
# interface that has the local link to the target machine
|
|
||||||
imports = [
|
imports = [
|
||||||
# profiles.networking
|
# profiles.networking
|
||||||
profiles.users.root # make sure to configure ssh keys
|
profiles.users.root # make sure to configure ssh keys
|
||||||
|
|
41
modules/ci-runner/default.nix
Normal file
41
modules/ci-runner/default.nix
Normal file
|
@ -0,0 +1,41 @@
|
||||||
|
{ lib, config, pkgs, self, ... }:
|
||||||
|
with lib;
|
||||||
|
let
|
||||||
|
psCfg = config.pub-solar;
|
||||||
|
cfg = config.pub-solar.ci-runner;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
options.pub-solar.ci-runner = {
|
||||||
|
enable = mkEnableOption "Enables a systemd service that runs drone-ci-runner";
|
||||||
|
};
|
||||||
|
|
||||||
|
config = mkIf cfg.enable {
|
||||||
|
systemd.user.services.ci-runner = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
|
description = "CI runner for the PubSolarOS repository that can run test VM instances with KVM.";
|
||||||
|
|
||||||
|
serviceConfig = {
|
||||||
|
Type = "simple";
|
||||||
|
Restart = "always";
|
||||||
|
};
|
||||||
|
|
||||||
|
path = [
|
||||||
|
pkgs.git
|
||||||
|
pkgs.nix
|
||||||
|
pkgs.libvirt
|
||||||
|
];
|
||||||
|
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
after = [ "network.target" "libvirtd.service" ];
|
||||||
|
|
||||||
|
script = ''${pkgs.drone-runner-exec}/bin/drone-runner-exec daemon /run/agenix/drone-runner-exec-config'';
|
||||||
|
};
|
||||||
|
|
||||||
|
age.secrets."drone-runner-exec-config" = {
|
||||||
|
file = "${self}/secrets/drone-runner-exec-config";
|
||||||
|
mode = "700";
|
||||||
|
owner = psCfg.user.name;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -61,7 +61,7 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
services.getty.autologinUser = mkIf cfg.autologin.enable "${psCfg.user.name}";
|
services.getty.autologinUser = mkIf cfg.autologin.enable (mkForce "${psCfg.user.name}");
|
||||||
|
|
||||||
qt5 = {
|
qt5 = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -6,7 +6,7 @@ self: with self; ''
|
||||||
--env=DRONE_RPC_PROTO=$DRONE_RPC_PROTO \
|
--env=DRONE_RPC_PROTO=$DRONE_RPC_PROTO \
|
||||||
--env=DRONE_RPC_HOST=$DRONE_RPC_HOST \
|
--env=DRONE_RPC_HOST=$DRONE_RPC_HOST \
|
||||||
--env=DRONE_RPC_SECRET=$(${self.libsecret}/bin/secret-tool lookup drone rpc-secret) \
|
--env=DRONE_RPC_SECRET=$(${self.libsecret}/bin/secret-tool lookup drone rpc-secret) \
|
||||||
--env=DRONE_RUNNER_CAPACITY=4 \
|
--env=DRONE_RUNNER_CAPACITY=8 \
|
||||||
--env=DRONE_RUNNER_NAME=$(${self.inetutils}/bin/hostname) \
|
--env=DRONE_RUNNER_NAME=$(${self.inetutils}/bin/hostname) \
|
||||||
--publish=3000:3000 \
|
--publish=3000:3000 \
|
||||||
--restart=always \
|
--restart=always \
|
||||||
|
|
|
@ -65,7 +65,6 @@
|
||||||
# Wait for Sway to complete startup:
|
# Wait for Sway to complete startup:
|
||||||
machine.wait_for_file("/run/user/1000/wayland-1")
|
machine.wait_for_file("/run/user/1000/wayland-1")
|
||||||
machine.wait_for_file("/tmp/sway-ipc.sock")
|
machine.wait_for_file("/tmp/sway-ipc.sock")
|
||||||
machine.wait_for_file("/run/user/1000/pipewire-0")
|
|
||||||
|
|
||||||
# Start a terminal (foot) on workspace 3:
|
# Start a terminal (foot) on workspace 3:
|
||||||
machine.wait_for_text("1")
|
machine.wait_for_text("1")
|
||||||
|
@ -77,6 +76,9 @@
|
||||||
machine.sleep(3)
|
machine.sleep(3)
|
||||||
machine.wait_for_text("pub-solar")
|
machine.wait_for_text("pub-solar")
|
||||||
machine.send_chars("test-wayland\n")
|
machine.send_chars("test-wayland\n")
|
||||||
|
machine.wait_for_file("/tmp/test-wayland-exit-ok")
|
||||||
|
print(machine.succeed("cat /tmp/test-wayland.out"))
|
||||||
|
machine.copy_from_vm("/tmp/test-wayland.out")
|
||||||
machine.sleep(3)
|
machine.sleep(3)
|
||||||
machine.screenshot("foot_wayland_info")
|
machine.screenshot("foot_wayland_info")
|
||||||
machine.send_key("meta_l-shift-q")
|
machine.send_key("meta_l-shift-q")
|
||||||
|
|
14
tests/second-test.nix
Normal file
14
tests/second-test.nix
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
{ }:
|
||||||
|
{
|
||||||
|
name = "secondTest";
|
||||||
|
|
||||||
|
nodes.test-machine2 = { suites ? null, ... }: {
|
||||||
|
imports = [
|
||||||
|
suites.iso
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
testScript = ''
|
||||||
|
machines[0].systemctl("is-system-running --wait")
|
||||||
|
'';
|
||||||
|
}
|
Loading…
Reference in a new issue