Merge branch 'main' into teutat3s

This commit is contained in:
teutat3s 2022-08-29 15:39:48 +02:00
commit 9ef3d58d2e
Signed by untrusted user: teutat3s
GPG key ID: 4FA1D3FA524F22C1
9 changed files with 141 additions and 126 deletions

View file

@ -1,92 +1,3 @@
---
kind: pipeline
type: docker
name: Upstreaming
steps:
- name: "Sync 'devos' branch with upstream"
image: alpine/git
when:
event:
- cron
cron:
- sync-main-with-upstream
environment:
GITEA_SSH_KEY:
from_secret: gitea_ssh_key
commands:
- ./.drone/setup_ssh.sh
- git remote add devos git@git.b12f.io:pub-solar/devos
- git remote set-url origin git@git.b12f.io:pub-solar/os
- git fetch --all
- git checkout -b devos --track origin/devos
- git merge -X theirs devos/main
- git push origin devos
- git remote set-url origin https://git.b12f.io/pub-solar/os.git
- name: "Sync $BRANCH with upstream"
image: alpine/git
when:
event:
- cron
cron:
- sync-main-with-upstream
- sync-b12f-with-main
- sync-teutat3s-with-main
environment:
GITEA_SSH_KEY:
from_secret: gitea_ssh_key
commands:
- git fetch origin
- git checkout origin/main
- ./.drone/setup_ssh.sh
- git remote set-url origin git@git.b12f.io:pub-solar/os
- git fetch --all
- ./.drone/upstream-branch.sh
- name: "Open pull request for failed merge"
image: nixery.dev/shell/tea
when:
status:
- failure
event:
- cron
cron:
- sync-main-with-upstream
- sync-b12f-with-main
- sync-teutat3s-with-main
environment:
TEA_CONFIG:
from_secret: tea_config
commands:
- mkdir -p ~/.config/tea
- echo "$$TEA_CONFIG" > ~/.config/tea/config.yml
- tea pulls create --base main --head devos
- name: "Notify matrix"
image: plugins/matrix
when:
status:
- failure
event:
- cron
cron:
- sync-main-with-upstream
- sync-b12f-with-main
- sync-teutat3s-with-main
settings:
homeserver: https://matrix.pub.solar
roomid: dfQBqwkhIzrFjMSsxy:pub.solar
username:
from_secret: matrix_username
password:
from_secret: matrix_password
template: "Upstreaming {{ build.status }} [{{ build.branch }}#{{ truncate build.commit 8 }}]({{ build.link }}) by {{ build.author }}. [Pull requests](https://git.b12f.io/pub-solar/os/pulls)"
trigger:
event:
- cron
---
kind: pipeline
type: docker
@ -98,15 +9,78 @@ steps:
when:
event:
- pull_request
- tag
environment:
NIX_FLAGS: "--print-build-logs --verbose"
commands:
- 'echo DEBUG: Using NIX_FLAGS: $NIX_FLAGS'
- nix $$NIX_FLAGS flake check
- nix $$NIX_FLAGS develop --command nix flake show
- nix $$NIX_FLAGS build ".#nixosConfigurations.PubSolarOS.config.system.build.toplevel"
---
kind: pipeline
type: exec
name: Tests
steps:
- name: "Tests"
environment:
NIX_FLAGS: "--print-build-logs --verbose"
commands:
- 'echo DEBUG: Using NIX_FLAGS: $NIX_FLAGS'
- nix $$NIX_FLAGS build ".#checks.x86_64-linux.customTestFor-PubSolarOS-firstTest"
- nix-store --read-log result
- nix $$NIX_FLAGS flake check
- nix $$NIX_FLAGS develop --command echo OK
- name: "Upload artifacts"
environment:
TRITON_DONT_SOURCE_PROFILE: 1
PRIVATE_SSH_KEY:
from_secret: private_ssh_key
MANTA_USER: pub_solar
MANTA_URL: https://eu-central.manta.greenbaum.cloud
MANTA_KEY_ID: "5d:5f:3d:22:8d:37:1f:e6:d6:ab:06:18:d9:a2:04:67"
commands:
- export TARGET_DIR="ci/$${DRONE_REPO}/$${DRONE_BUILD_NUMBER}"
- echo env var TARGET_DIR is set to $$TARGET_DIR
- "mkdir ~/.ssh && chmod 700 ~/.ssh"
- echo "$$PRIVATE_SSH_KEY" > ~/.ssh/id_ed25519 && chmod 600 ~/.ssh/id_ed25519
- nix flake new --template "git+https://git.greenbaum.cloud/dev/tritonshell?ref=main" ./tritonshell
- git add tritonshell
- cd tritonshell
- nix develop --command mput -p -f ../result/foot_wayland_info.png ~~/public/$${TARGET_DIR}/foot_wayland_info.png
- nix develop --command mput -p -f ../result/test-wayland.out ~~/public/$${TARGET_DIR}/test-wayland.out
trigger:
ref:
- refs/tags/v*
- refs/tags/t*
---
kind: pipeline
type: docker
name: Notification
steps:
- name: "Notify matrix"
image: plugins/matrix
settings:
homeserver: https://matrix.pub.solar
roomid: dfQBqwkhIzrFjMSsxy:pub.solar
username:
from_secret: matrix_username
password:
from_secret: matrix_password
template: "Test run triggered by tag: {{ build.tag }}. Test run exit status: {{ build.status }}. Artifacts uploaded to Manta: https://eu-central.manta.greenbaum.cloud/pub_solar/public/ci/{{ repo.Owner }}/{{ repo.Name }}/{{ build.number }}/foot_wayland_info.png"
depends_on:
- Tests
trigger:
ref:
- refs/tags/v*
- refs/tags/t*
---
kind: pipeline
type: docker
@ -115,14 +89,15 @@ name: Publish ISO
steps:
- name: "Build ISO"
image: docker.nix-community.org/nixpkgs/nix-flakes:latest
environment:
NIX_FLAGS: "--print-build-logs --verbose"
volumes:
- name: file-exchange
path: /var/nix/iso-cache
commands:
- |
nix --print-build-logs --verbose \
build \
'.#nixosConfigurations.bootstrap.config.system.build.bootstrapIso'
nix $$NIX_FLAGS build \
'.#nixosConfigurations.bootstrap.config.system.build.isoImage'
- cp $(readlink -f result)/iso/*.iso /var/nix/iso-cache/
- name: "Publish ISO"
@ -148,8 +123,10 @@ depends_on:
- Check
trigger:
branch:
- main
event:
- tag
- push
volumes:
- name: file-exchange
@ -157,6 +134,6 @@ volumes:
---
kind: signature
hmac: da951ba8ede88996728acfb47846e01880eb0e3b91f66e47848d6c1cc727c5d9
hmac: 5d7c0ef5519ffe68189271b18d9084db55c9e14831f95234655f5387f9426db0
...

View file

@ -162,15 +162,16 @@
"nixpkgs-unstable": "nixpkgs-unstable"
},
"locked": {
"lastModified": 1659622306,
"narHash": "sha256-Kpfm2PNs+kZU0W7qcugoPATLG8I2P7FJFGTgsf1LJiU=",
"owner": "divnix",
"lastModified": 1661600857,
"narHash": "sha256-KfQCcTtfvU0PXV4fD9XKIMcKx9lUUR0xWJoBgc12fKE=",
"owner": "pub-solar",
"repo": "digga",
"rev": "d1193743a535d7fbbc7f3eda4e51295b10bd4d2c",
"rev": "c902b3ef0aa45cb4f336c390f647bb182c38a221",
"type": "github"
},
"original": {
"owner": "divnix",
"owner": "pub-solar",
"ref": "fix/bootstrap-iso",
"repo": "digga",
"type": "github"
}
@ -355,22 +356,6 @@
"type": "github"
}
},
"fork": {
"locked": {
"lastModified": 1659962873,
"narHash": "sha256-M9GdH4WhpHm1PHLyn8E/mDwhNohrSDtUQINwISmFncg=",
"owner": "teutat3s",
"repo": "nixpkgs",
"rev": "76889bfa9fa296a47892eacfb4e82cfcff296938",
"type": "github"
},
"original": {
"owner": "teutat3s",
"ref": "bump/deploy-rs",
"repo": "nixpkgs",
"type": "github"
}
},
"home": {
"inputs": {
"nixpkgs": [
@ -638,7 +623,6 @@
"darwin": "darwin",
"deploy": "deploy",
"digga": "digga",
"fork": "fork",
"home": "home",
"latest": "latest_2",
"master": "master",

View file

@ -12,7 +12,7 @@
latest.url = "github:nixos/nixpkgs/nixos-unstable";
master.url = "github:nixos/nixpkgs/master";
digga.url = "github:divnix/digga";
digga.url = "github:pub-solar/digga/fix/bootstrap-iso";
digga.inputs.nixpkgs.follows = "nixos";
digga.inputs.nixlib.follows = "nixos";
digga.inputs.home-manager.follows = "home";

View file

@ -1,9 +1,6 @@
{ profiles, ... }:
{
# build with: `nix build '.#nixosConfigurations.bootstrap.config.system.build.bootstrapIso'`
# reachable on the local link via ssh root@fe80::47%eno1
# where 'eno1' is replaced by your own machine's network
# interface that has the local link to the target machine
# build with: `nix build ".#nixosConfigurations.bootstrap.config.system.build.isoImage"`
imports = [
# profiles.networking
profiles.users.root # make sure to configure ssh keys

View file

@ -0,0 +1,41 @@
{ lib, config, pkgs, self, ... }:
with lib;
let
psCfg = config.pub-solar;
cfg = config.pub-solar.ci-runner;
in
{
options.pub-solar.ci-runner = {
enable = mkEnableOption "Enables a systemd service that runs drone-ci-runner";
};
config = mkIf cfg.enable {
systemd.user.services.ci-runner = {
enable = true;
description = "CI runner for the PubSolarOS repository that can run test VM instances with KVM.";
serviceConfig = {
Type = "simple";
Restart = "always";
};
path = [
pkgs.git
pkgs.nix
pkgs.libvirt
];
wantedBy = [ "multi-user.target" ];
after = [ "network.target" "libvirtd.service" ];
script = ''${pkgs.drone-runner-exec}/bin/drone-runner-exec daemon /run/agenix/drone-runner-exec-config'';
};
age.secrets."drone-runner-exec-config" = {
file = "${self}/secrets/drone-runner-exec-config";
mode = "700";
owner = psCfg.user.name;
};
};
}

View file

@ -61,7 +61,7 @@ in
};
};
services.getty.autologinUser = mkIf cfg.autologin.enable "${psCfg.user.name}";
services.getty.autologinUser = mkIf cfg.autologin.enable (mkForce "${psCfg.user.name}");
qt5 = {
enable = true;

View file

@ -6,7 +6,7 @@ self: with self; ''
--env=DRONE_RPC_PROTO=$DRONE_RPC_PROTO \
--env=DRONE_RPC_HOST=$DRONE_RPC_HOST \
--env=DRONE_RPC_SECRET=$(${self.libsecret}/bin/secret-tool lookup drone rpc-secret) \
--env=DRONE_RUNNER_CAPACITY=4 \
--env=DRONE_RUNNER_CAPACITY=8 \
--env=DRONE_RUNNER_NAME=$(${self.inetutils}/bin/hostname) \
--publish=3000:3000 \
--restart=always \

View file

@ -65,7 +65,6 @@
# Wait for Sway to complete startup:
machine.wait_for_file("/run/user/1000/wayland-1")
machine.wait_for_file("/tmp/sway-ipc.sock")
machine.wait_for_file("/run/user/1000/pipewire-0")
# Start a terminal (foot) on workspace 3:
machine.wait_for_text("1")
@ -77,6 +76,9 @@
machine.sleep(3)
machine.wait_for_text("pub-solar")
machine.send_chars("test-wayland\n")
machine.wait_for_file("/tmp/test-wayland-exit-ok")
print(machine.succeed("cat /tmp/test-wayland.out"))
machine.copy_from_vm("/tmp/test-wayland.out")
machine.sleep(3)
machine.screenshot("foot_wayland_info")
machine.send_key("meta_l-shift-q")

14
tests/second-test.nix Normal file
View file

@ -0,0 +1,14 @@
{ }:
{
name = "secondTest";
nodes.test-machine2 = { suites ? null, ... }: {
imports = [
suites.iso
];
};
testScript = ''
machines[0].systemctl("is-system-running --wait")
'';
}