with nix flake check the hydraJobs output is evaluated in the same way as Hydra's hydra-eval-jobs

Only run on push
[actions] Add flake check
2025-01-18 23:41:53 +01:00 · 2025-01-18 23:40:11 +01:00 · 2025-01-18 22:24:21 +01:00 · 2025-01-18 22:02:19 +01:00 · 2025-01-18 22:01:06 +01:00 · 2025-01-18 21:45:48 +01:00
5 changed files with 45 additions and 14 deletions
--- a/.gitea/workflows/eval-hydra-jobs.yml
+++ b/.gitea/workflows/eval-hydra-jobs.yml
@@ -1,9 +1,8 @@
-name: "Evaluate Hydra Jobs"
+name: "Check flake syntax"
 on:
-  pull_request:
  push:
 jobs:
-  eval-hydra-jobs:
+  flake-check:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4
@@ -11,5 +10,5 @@ jobs:
      run: |
        apt update -y
        apt install sudo -y        
-    - uses: cachix/install-nix-action@v27
-    - run: nix eval --no-update-lock-file --accept-flake-config .\#hydraJobs
+    - uses: cachix/install-nix-action@v30
+    - run: nix flake check --no-update-lock-file --accept-flake-config .
--- a/machines/configuration.nix
+++ b/machines/configuration.nix
@@ -3,6 +3,7 @@
 , nixpkgs
 , sops-nix
 , inputs
+, microvm
 , nixos-hardware
 , home-manager
 , ...
@@ -34,15 +35,14 @@ let
            };
          };
        })
-
        sops-nix.nixosModules.sops
+        microvm.nixosModules.microvm
      ];
    }
  ];
  defaultModules = baseModules;

  makeMicroVM = hostName: ipv4Addr: macAddr: modules: [
-    inputs.microvm.nixosModules.microvm
    {
      microvm = {
        hypervisor = "cloud-hypervisor";
--- a/outputs.nix
+++ b/outputs.nix
@@ -20,6 +20,7 @@ in (utils.lib.eachSystem (builtins.filter filter_system utils.lib.defaultSystems
    let
      sops = sops-nix.packages."${pkgs.system}";
      microvmpkg = microvm.packages."${pkgs.system}";
+      installed = builtins.attrNames self.legacyPackages."${pkgs.system}".scripts;
    in
    pkgs.mkShell {
      sopsPGPKeyDirs = [
@@ -37,11 +38,14 @@ in (utils.lib.eachSystem (builtins.filter filter_system utils.lib.defaultSystems
        pkgs.mdbook
        microvmpkg.microvm
      ];
+      packages = builtins.map (pkgName: self.legacyPackages."${pkgs.system}".scripts.${pkgName}) installed;
+      shellHook = ''echo "Available scripts: ${builtins.concatStringsSep " " installed}"'';
+    };
+    legacyPackages = {
+      scripts.remote-install = pkgs.writeShellScriptBin "remote-install" (builtins.readFile ./scripts/remote-install-encrypt.sh);
+      scripts.boot-unlock = pkgs.writeShellScriptBin "boot-unlock" (builtins.readFile ./scripts/unlock-boot.sh);
    };
-
    packages = {
-      remote-install = pkgs.writeShellScriptBin "remote-install" (builtins.readFile ./scripts/remote-install-encrypt.sh);
-      boot-unlock = pkgs.writeShellScriptBin "boot-unlock" (builtins.readFile ./scripts/unlock-boot.sh);
      docs = pkgs.stdenv.mkDerivation {
        name = "malobeo-docs";
        phases = [ "buildPhase" ];
--- a/scripts/remote-install-encrypt.sh
+++ b/scripts/remote-install-encrypt.sh
@@ -1,5 +1,4 @@
 set -o errexit
-set -o nounset
 set -o pipefail

 if [ $# -lt 2 ]; then
@@ -9,6 +8,21 @@ if [ $# -lt 2 ]; then
  exit 1
 fi

+if [ ! -e flake.nix ]
+    then
+    echo "flake.nix not found. Searching down."
+    while [ ! -e flake.nix ]
+        do
+        if [ $PWD = "/" ]
+            then
+            echo "Found root. Aborting."
+            exit 1
+            else
+            cd ..
+        fi
+    done
+fi
+
 hostname=$1
 ipaddress=$2

--- a/scripts/unlock-boot.sh
+++ b/scripts/unlock-boot.sh
@@ -4,19 +4,33 @@ set -o pipefail
 sshoptions="-o StrictHostKeyChecking=no -o ServerAliveInterval=1 -o ServerAliveCountMax=1 -p 222 -T"
 HOSTNAME=$1

-echo
-diskkey=$(sops -d machines/$HOSTNAME/disk.key)
+if [ ! -e flake.nix ]
+    then
+    echo "flake.nix not found. Searching down."
+    while [ ! -e flake.nix ]
+        do
+        if [ $PWD = "/" ]
+            then
+            echo "Found root. Aborting."
+            exit 1
+            else
+            cd ..
+        fi
+    done
+fi

+echo
 if [ $# = 1 ]
    then
+    diskkey=$(sops -d machines/$HOSTNAME/disk.key)
    echo "$diskkey" | ssh $sshoptions root@$HOSTNAME-initrd "systemd-tty-ask-password-agent" #storage

    echo "$diskkey" | ssh $sshoptions root@$HOSTNAME-initrd "systemd-tty-ask-password-agent" #root

 elif [ $# = 2 ]
    then
+    diskkey=$(sops -d machines/$HOSTNAME/disk.key)
    IP=$2
-    
    echo "$diskkey" | ssh $sshoptions root@$IP "systemd-tty-ask-password-agent" #storage

    echo "$diskkey" | ssh $sshoptions root@$IP "systemd-tty-ask-password-agent" #root
Author	SHA1	Message	Date
ahtlon	52824e39ee	with nix flake check the hydraJobs output is evaluated in the same way as Hydra's hydra-eval-jobs All checks were successful Check flake syntax / flake-check (push) Successful in 13m21s Details	2025-01-18 23:41:53 +01:00
ahtlon	8793120436	Only run on push	2025-01-18 23:40:11 +01:00
ahtlon	950ada1e10	[actions] Add flake check All checks were successful Evaluate Hydra Jobs / eval-hydra-jobs (push) Successful in 4m33s Details Check flake syntax / flake-check (push) Successful in 7m30s Details	2025-01-18 22:24:21 +01:00
ahtlon	1e269966ff	Merge branch 'fix-flake-check' All checks were successful Evaluate Hydra Jobs / eval-hydra-jobs (push) Successful in 5m54s Details nix flake check and show now work again	2025-01-18 22:02:19 +01:00
ahtlon	3861daaf76	[modules] move microvm module import from makeMicroVM to baseModules	2025-01-18 22:01:06 +01:00
ahtlon	3a332e77d1	[scripts] move packages to legacyPackages	2025-01-18 21:45:48 +01:00
ahtlon	79c311b45d	Merge branch 'issue51' All checks were successful Evaluate Hydra Jobs / eval-hydra-jobs (push) Successful in 6m3s Details Fixes #51	2025-01-18 20:41:06 +01:00
ahtlon	850070f987	[scripts] check for flake.nix All checks were successful Evaluate Hydra Jobs / eval-hydra-jobs (push) Successful in 4m15s Details	2025-01-18 20:39:16 +01:00
ahtlon	d242562544	[packages] make scripts available in shell without nix run All checks were successful Evaluate Hydra Jobs / eval-hydra-jobs (push) Successful in 4m7s Details	2025-01-18 20:04:22 +01:00