diff options
| author | tv <tv@krebsco.de> | 2018-11-13 21:38:28 +0100 |
|---|---|---|
| committer | tv <tv@krebsco.de> | 2018-11-13 22:04:49 +0100 |
| commit | ddfddbe7563ff6004c9bfba709269fb8441a6605 (patch) | |
| tree | f8428fec810e4d2d0715da16429dcc8ec1bdb569 /krebs/3modules/ci.nix | |
| parent | 78cbcb1e95d5af310dac922f13beab341f658e5e (diff) | |
ci: register GC roots
Diffstat (limited to 'krebs/3modules/ci.nix')
| -rw-r--r-- | krebs/3modules/ci.nix | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index 16c6d431..4cfe598d 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -30,6 +30,8 @@ let nix-instantiate --quiet -Q --eval --strict --json ./ci.nix ''; + profileRoot = "/nix/var/nix/profiles/ci"; + imp = { krebs.buildbot.master = { slaves = { @@ -98,9 +100,16 @@ let self.addBuildSteps([steps.ShellCommand( name=str(new_step), command=[ - new_steps[new_step] + "${pkgs.writeDash "build-stepper.sh" '' + set -efu + profile=${shell.escape profileRoot}/$build_name + result=$("$build_script") + ${pkgs.nix}/bin/nix-env -p "$profile" --set "$result" + ''}" ], env={ + "build_name": new_step, + "build_script": new_steps[new_step], "NIX_REMOTE": "daemon", "NIX_PATH": "secrets=/var/src/stockholm/null:/var/src", }, @@ -163,6 +172,20 @@ let password = "lasspass"; packages = with pkgs; [ gnumake jq nix populate gnutar lzma gzip ]; }; + + system.activationScripts.buildbots-nix-profile = '' + ${pkgs.coreutils}/bin/mkdir -p ${shell.escape profileRoot} + ${pkgs.coreutils}/bin/chmod 0770 ${shell.escape profileRoot} + ${pkgs.coreutils}/bin/chgrp buildbots ${shell.escape profileRoot} + ''; + + users = { + groups.buildbots.gid = genid "buildbots"; + users = { + buildbotMaster.extraGroups = [ "buildbots" ]; + buildbotSlave.extraGroups = [ "buildbots" ]; + }; + }; }; in out |