summaryrefslogtreecommitdiffstats
path: root/krebs/3modules/ci.nix
diff options
context:
space:
mode:
authorlassulus <lassulus@lassul.us>2018-11-18 21:40:11 +0100
committerlassulus <lassulus@lassul.us>2018-11-18 21:40:11 +0100
commit02b58a888426414c144f0e833bbb529fa0f53ec5 (patch)
tree717c9745f50902160f15ab7b910342388675b266 /krebs/3modules/ci.nix
parent0435b6511f87c2f74b4d7b45e28c5eef32116228 (diff)
parent083a8ca2aed285e94383b216347ee4e6ef44c6a6 (diff)
Merge remote-tracking branch 'ni/master'
Diffstat (limited to 'krebs/3modules/ci.nix')
-rw-r--r--krebs/3modules/ci.nix25
1 files changed, 24 insertions, 1 deletions
diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix
index 16c6d4315..4cfe598d6 100644
--- a/krebs/3modules/ci.nix
+++ b/krebs/3modules/ci.nix
@@ -30,6 +30,8 @@ let
nix-instantiate --quiet -Q --eval --strict --json ./ci.nix
'';
+ profileRoot = "/nix/var/nix/profiles/ci";
+
imp = {
krebs.buildbot.master = {
slaves = {
@@ -98,9 +100,16 @@ let
self.addBuildSteps([steps.ShellCommand(
name=str(new_step),
command=[
- new_steps[new_step]
+ "${pkgs.writeDash "build-stepper.sh" ''
+ set -efu
+ profile=${shell.escape profileRoot}/$build_name
+ result=$("$build_script")
+ ${pkgs.nix}/bin/nix-env -p "$profile" --set "$result"
+ ''}"
],
env={
+ "build_name": new_step,
+ "build_script": new_steps[new_step],
"NIX_REMOTE": "daemon",
"NIX_PATH": "secrets=/var/src/stockholm/null:/var/src",
},
@@ -163,6 +172,20 @@ let
password = "lasspass";
packages = with pkgs; [ gnumake jq nix populate gnutar lzma gzip ];
};
+
+ system.activationScripts.buildbots-nix-profile = ''
+ ${pkgs.coreutils}/bin/mkdir -p ${shell.escape profileRoot}
+ ${pkgs.coreutils}/bin/chmod 0770 ${shell.escape profileRoot}
+ ${pkgs.coreutils}/bin/chgrp buildbots ${shell.escape profileRoot}
+ '';
+
+ users = {
+ groups.buildbots.gid = genid "buildbots";
+ users = {
+ buildbotMaster.extraGroups = [ "buildbots" ];
+ buildbotSlave.extraGroups = [ "buildbots" ];
+ };
+ };
};
in out