forked from fediversity/fediversity
Infra: expose and use checks for vmOptions and nixosConfigurations (#488)
Following Fediversity/Fediversity#478 (comment), here is a PR that plugs the infra's `vmOptions` and `nixosConfigurations` outputs into flake checks, instead of calling random Nix commands from the CI. There is still a bit of magic in the CI, but that's because we don't have yet a Nix-aware CI that exposes one job per flake check. Reviewed-on: Fediversity/Fediversity#488 Reviewed-by: kiara Grouwstra <kiara@procolix.eu> Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com> Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
This commit is contained in:
parent
df3a070fa4
commit
588bb77a94
20 changed files with 93 additions and 61 deletions
|
@ -69,9 +69,16 @@ jobs:
|
||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@v4
|
||||||
- run: |
|
- run: |
|
||||||
set -euC
|
set -euC
|
||||||
|
echo ==================== [ VM Options ] ====================
|
||||||
|
machines=$(nix eval --impure --raw --expr 'with builtins; toString (attrNames (getFlake (toString ./.)).vmOptions)')
|
||||||
|
for machine in $machines; do
|
||||||
|
echo ~~~~~~~~~~~~~~~~~~~~~: $machine :~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
nix build .#checks.x86_64-linux.vmOptions-$machine
|
||||||
|
done
|
||||||
|
echo
|
||||||
|
echo ==================== [ NixOS Configurations ] ====================
|
||||||
machines=$(nix eval --impure --raw --expr 'with builtins; toString (attrNames (getFlake (toString ./.)).nixosConfigurations)')
|
machines=$(nix eval --impure --raw --expr 'with builtins; toString (attrNames (getFlake (toString ./.)).nixosConfigurations)')
|
||||||
for machine in $machines; do
|
for machine in $machines; do
|
||||||
echo ==================== [ $machine ] ====================
|
echo ~~~~~~~~~~~~~~~~~~~~~: $machine :~~~~~~~~~~~~~~~~~~~~~
|
||||||
nix eval .#vmOptions.$machine
|
nix build .#checks.x86_64-linux.nixosConfigurations-$machine
|
||||||
nix build .#nixosConfigurations.$machine.config.system.build.toplevel
|
|
||||||
done
|
done
|
||||||
|
|
|
@ -20,16 +20,13 @@ in
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
proxmox = mkOption {
|
isFediversityVm = mkOption {
|
||||||
type = types.nullOr (
|
type = types.bool;
|
||||||
types.enum [
|
|
||||||
"procolix"
|
|
||||||
"fediversity"
|
|
||||||
]
|
|
||||||
);
|
|
||||||
description = ''
|
description = ''
|
||||||
The Proxmox instance. This is used for provisioning only and should be
|
Whether the machine is a Fediversity VM or not. This is used to
|
||||||
set to `null` if the machine is not a VM.
|
determine whether the machine should be provisioned via Proxmox or not.
|
||||||
|
Machines that are _not_ Fediversity VM could be physical machines, or
|
||||||
|
VMs that live outside Fediversity, eg. on Procolix's Proxmox.
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -14,6 +14,10 @@ let
|
||||||
mkOption
|
mkOption
|
||||||
evalModules
|
evalModules
|
||||||
filterAttrs
|
filterAttrs
|
||||||
|
attrsToList
|
||||||
|
map
|
||||||
|
listToAttrs
|
||||||
|
deepSeq
|
||||||
;
|
;
|
||||||
inherit (lib.attrsets) genAttrs;
|
inherit (lib.attrsets) genAttrs;
|
||||||
|
|
||||||
|
@ -134,27 +138,39 @@ let
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
};
|
};
|
||||||
|
|
||||||
makeVmOptions = isTestVm: vmName: {
|
makeVmOptions =
|
||||||
inherit ((makeResourceConfig { inherit vmName isTestVm; }).fediversityVm)
|
isTestVm: vmName:
|
||||||
proxmox
|
let
|
||||||
|
config = (makeResourceConfig { inherit vmName isTestVm; }).fediversityVm;
|
||||||
|
in
|
||||||
|
if config.isFediversityVm then
|
||||||
|
{
|
||||||
|
inherit (config)
|
||||||
vmId
|
vmId
|
||||||
description
|
description
|
||||||
|
|
||||||
sockets
|
sockets
|
||||||
cores
|
cores
|
||||||
memory
|
memory
|
||||||
diskSize
|
diskSize
|
||||||
|
|
||||||
hostPublicKey
|
hostPublicKey
|
||||||
unsafeHostPrivateKey
|
unsafeHostPrivateKey
|
||||||
;
|
;
|
||||||
};
|
}
|
||||||
|
else
|
||||||
|
null;
|
||||||
|
|
||||||
listSubdirectories = path: attrNames (filterAttrs (_: type: type == "directory") (readDir path));
|
listSubdirectories = path: attrNames (filterAttrs (_: type: type == "directory") (readDir path));
|
||||||
|
|
||||||
machines = listSubdirectories ../machines/dev;
|
machines = listSubdirectories ../machines/dev;
|
||||||
testMachines = listSubdirectories ../machines/operator;
|
testMachines = listSubdirectories ../machines/operator;
|
||||||
|
|
||||||
|
nixosConfigurations =
|
||||||
|
genAttrs machines (makeConfiguration false)
|
||||||
|
// genAttrs testMachines (makeConfiguration true);
|
||||||
|
vmOptions =
|
||||||
|
filterAttrs (_: value: value != null) # Filter out non-Fediversity VMs
|
||||||
|
(genAttrs machines (makeVmOptions false) // genAttrs testMachines (makeVmOptions true));
|
||||||
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
_class = "flake";
|
_class = "flake";
|
||||||
|
@ -178,10 +194,33 @@ in
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
};
|
};
|
||||||
flake.nixosConfigurations =
|
flake = { inherit nixosConfigurations vmOptions; };
|
||||||
genAttrs machines (makeConfiguration false)
|
|
||||||
// genAttrs testMachines (makeConfiguration true);
|
perSystem =
|
||||||
flake.vmOptions =
|
{ pkgs, ... }:
|
||||||
genAttrs machines (makeVmOptions false)
|
{
|
||||||
// genAttrs testMachines (makeVmOptions true);
|
checks =
|
||||||
|
listToAttrs (
|
||||||
|
map (
|
||||||
|
{ name, value }:
|
||||||
|
{
|
||||||
|
name = "nixosConfigurations-${name}";
|
||||||
|
value = value.config.system.build.toplevel;
|
||||||
|
}
|
||||||
|
) (attrsToList nixosConfigurations)
|
||||||
|
)
|
||||||
|
// listToAttrs (
|
||||||
|
map (
|
||||||
|
{ name, value }:
|
||||||
|
{
|
||||||
|
name = "vmOptions-${name}";
|
||||||
|
## Check that VM options builds/evaluates correctly. `deepSeq e1
|
||||||
|
## e2` evaluates `e1` strictly in depth before returning `e2`. We
|
||||||
|
## use this trick because checks need to be derivations, which VM
|
||||||
|
## options are not.
|
||||||
|
value = deepSeq value pkgs.hello;
|
||||||
|
}
|
||||||
|
) (attrsToList vmOptions)
|
||||||
|
);
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -179,15 +179,9 @@ grab_vm_options () {
|
||||||
--log-format raw --quiet
|
--log-format raw --quiet
|
||||||
)
|
)
|
||||||
|
|
||||||
proxmox=$(echo "$options" | jq -r .proxmox)
|
|
||||||
vm_id=$(echo "$options" | jq -r .vmId)
|
vm_id=$(echo "$options" | jq -r .vmId)
|
||||||
description=$(echo "$options" | jq -r .description)
|
description=$(echo "$options" | jq -r .description)
|
||||||
|
|
||||||
if [ "$proxmox" != fediversity ]; then
|
|
||||||
die "I do not know how to provision things that are not Fediversity VMs,
|
|
||||||
but I got proxmox = '%s' for VM %s." "$proxmox" "$vm_name"
|
|
||||||
fi
|
|
||||||
|
|
||||||
sockets=$(echo "$options" | jq -r .sockets)
|
sockets=$(echo "$options" | jq -r .sockets)
|
||||||
cores=$(echo "$options" | jq -r .cores)
|
cores=$(echo "$options" | jq -r .cores)
|
||||||
memory=$(echo "$options" | jq -r .memory)
|
memory=$(echo "$options" | jq -r .memory)
|
||||||
|
|
|
@ -167,16 +167,10 @@ grab_vm_options () {
|
||||||
--log-format raw --quiet
|
--log-format raw --quiet
|
||||||
)
|
)
|
||||||
|
|
||||||
proxmox=$(echo "$options" | jq -r .proxmox)
|
|
||||||
vm_id=$(echo "$options" | jq -r .vmId)
|
vm_id=$(echo "$options" | jq -r .vmId)
|
||||||
|
|
||||||
if [ "$proxmox" != fediversity ]; then
|
printf 'done grabing VM options for VM %s. Got id: %d.\n' \
|
||||||
die "I do not know how to remove things that are not Fediversity VMs,
|
"$vm_name" "$vm_id"
|
||||||
but I got proxmox = '%s' for VM %s." "$proxmox" "$vm_name"
|
|
||||||
fi
|
|
||||||
|
|
||||||
printf 'done grabing VM options for VM %s. Found VM %d on %s Proxmox.\n' \
|
|
||||||
"$vm_name" "$vm_id" "$proxmox"
|
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -3,8 +3,8 @@
|
||||||
|
|
||||||
fediversityVm = {
|
fediversityVm = {
|
||||||
name = "fedi200";
|
name = "fedi200";
|
||||||
|
isFediversityVm = true;
|
||||||
vmId = 200;
|
vmId = 200;
|
||||||
proxmox = "fediversity";
|
|
||||||
description = "Testing machine for Hans";
|
description = "Testing machine for Hans";
|
||||||
|
|
||||||
domain = "abundos.eu";
|
domain = "abundos.eu";
|
||||||
|
|
|
@ -3,8 +3,8 @@
|
||||||
|
|
||||||
fediversityVm = {
|
fediversityVm = {
|
||||||
name = "fedi201";
|
name = "fedi201";
|
||||||
|
isFediversityVm = true;
|
||||||
vmId = 201;
|
vmId = 201;
|
||||||
proxmox = "fediversity";
|
|
||||||
description = "FediPanel";
|
description = "FediPanel";
|
||||||
|
|
||||||
domain = "abundos.eu";
|
domain = "abundos.eu";
|
||||||
|
|
|
@ -22,6 +22,7 @@ in
|
||||||
fediversityVm = {
|
fediversityVm = {
|
||||||
name = "forgejo-ci";
|
name = "forgejo-ci";
|
||||||
domain = "procolix.com";
|
domain = "procolix.com";
|
||||||
|
isFediversityVm = false;
|
||||||
|
|
||||||
ipv4 = {
|
ipv4 = {
|
||||||
interface = "enp1s0f0";
|
interface = "enp1s0f0";
|
||||||
|
|
|
@ -3,8 +3,8 @@
|
||||||
|
|
||||||
fediversityVm = {
|
fediversityVm = {
|
||||||
name = "vm02116";
|
name = "vm02116";
|
||||||
|
isFediversityVm = false;
|
||||||
vmId = 2116;
|
vmId = 2116;
|
||||||
proxmox = "procolix";
|
|
||||||
description = "Forgejo";
|
description = "Forgejo";
|
||||||
|
|
||||||
ipv4.address = "185.206.232.34";
|
ipv4.address = "185.206.232.34";
|
||||||
|
|
|
@ -3,8 +3,8 @@
|
||||||
|
|
||||||
fediversityVm = {
|
fediversityVm = {
|
||||||
name = "vm02187";
|
name = "vm02187";
|
||||||
|
isFediversityVm = false;
|
||||||
vmId = 2187;
|
vmId = 2187;
|
||||||
proxmox = "procolix";
|
|
||||||
description = "Wiki";
|
description = "Wiki";
|
||||||
|
|
||||||
ipv4.address = "185.206.232.187";
|
ipv4.address = "185.206.232.187";
|
||||||
|
|
|
@ -3,8 +3,8 @@
|
||||||
|
|
||||||
fediversityVm = {
|
fediversityVm = {
|
||||||
name = "test01";
|
name = "test01";
|
||||||
|
isFediversityVm = true;
|
||||||
vmId = 7001;
|
vmId = 7001;
|
||||||
proxmox = "fediversity";
|
|
||||||
|
|
||||||
hostPublicKey = builtins.readFile ./ssh_host_ed25519_key.pub;
|
hostPublicKey = builtins.readFile ./ssh_host_ed25519_key.pub;
|
||||||
unsafeHostPrivateKey = builtins.readFile ./ssh_host_ed25519_key;
|
unsafeHostPrivateKey = builtins.readFile ./ssh_host_ed25519_key;
|
||||||
|
|
|
@ -3,8 +3,8 @@
|
||||||
|
|
||||||
fediversityVm = {
|
fediversityVm = {
|
||||||
name = "test02";
|
name = "test02";
|
||||||
|
isFediversityVm = true;
|
||||||
vmId = 7002;
|
vmId = 7002;
|
||||||
proxmox = "fediversity";
|
|
||||||
|
|
||||||
hostPublicKey = builtins.readFile ./ssh_host_ed25519_key.pub;
|
hostPublicKey = builtins.readFile ./ssh_host_ed25519_key.pub;
|
||||||
unsafeHostPrivateKey = builtins.readFile ./ssh_host_ed25519_key;
|
unsafeHostPrivateKey = builtins.readFile ./ssh_host_ed25519_key;
|
||||||
|
|
|
@ -3,8 +3,8 @@
|
||||||
|
|
||||||
fediversityVm = {
|
fediversityVm = {
|
||||||
name = "test03";
|
name = "test03";
|
||||||
|
isFediversityVm = true;
|
||||||
vmId = 7003;
|
vmId = 7003;
|
||||||
proxmox = "fediversity";
|
|
||||||
|
|
||||||
hostPublicKey = builtins.readFile ./ssh_host_ed25519_key.pub;
|
hostPublicKey = builtins.readFile ./ssh_host_ed25519_key.pub;
|
||||||
unsafeHostPrivateKey = builtins.readFile ./ssh_host_ed25519_key;
|
unsafeHostPrivateKey = builtins.readFile ./ssh_host_ed25519_key;
|
||||||
|
|
|
@ -3,8 +3,8 @@
|
||||||
|
|
||||||
fediversityVm = {
|
fediversityVm = {
|
||||||
name = "test04";
|
name = "test04";
|
||||||
|
isFediversityVm = true;
|
||||||
vmId = 7004;
|
vmId = 7004;
|
||||||
proxmox = "fediversity";
|
|
||||||
|
|
||||||
hostPublicKey = builtins.readFile ./ssh_host_ed25519_key.pub;
|
hostPublicKey = builtins.readFile ./ssh_host_ed25519_key.pub;
|
||||||
unsafeHostPrivateKey = builtins.readFile ./ssh_host_ed25519_key;
|
unsafeHostPrivateKey = builtins.readFile ./ssh_host_ed25519_key;
|
||||||
|
|
|
@ -3,8 +3,8 @@
|
||||||
|
|
||||||
fediversityVm = {
|
fediversityVm = {
|
||||||
name = "test05";
|
name = "test05";
|
||||||
|
isFediversityVm = true;
|
||||||
vmId = 7005;
|
vmId = 7005;
|
||||||
proxmox = "fediversity";
|
|
||||||
|
|
||||||
hostPublicKey = builtins.readFile ./ssh_host_ed25519_key.pub;
|
hostPublicKey = builtins.readFile ./ssh_host_ed25519_key.pub;
|
||||||
unsafeHostPrivateKey = builtins.readFile ./ssh_host_ed25519_key;
|
unsafeHostPrivateKey = builtins.readFile ./ssh_host_ed25519_key;
|
||||||
|
|
|
@ -3,8 +3,8 @@
|
||||||
|
|
||||||
fediversityVm = {
|
fediversityVm = {
|
||||||
name = "test06";
|
name = "test06";
|
||||||
|
isFediversityVm = true;
|
||||||
vmId = 7006;
|
vmId = 7006;
|
||||||
proxmox = "fediversity";
|
|
||||||
|
|
||||||
hostPublicKey = builtins.readFile ./ssh_host_ed25519_key.pub;
|
hostPublicKey = builtins.readFile ./ssh_host_ed25519_key.pub;
|
||||||
unsafeHostPrivateKey = builtins.readFile ./ssh_host_ed25519_key;
|
unsafeHostPrivateKey = builtins.readFile ./ssh_host_ed25519_key;
|
||||||
|
|
|
@ -3,8 +3,8 @@
|
||||||
|
|
||||||
fediversityVm = {
|
fediversityVm = {
|
||||||
name = "test11";
|
name = "test11";
|
||||||
|
isFediversityVm = true;
|
||||||
vmId = 7011;
|
vmId = 7011;
|
||||||
proxmox = "fediversity";
|
|
||||||
|
|
||||||
hostPublicKey = builtins.readFile ./ssh_host_ed25519_key.pub;
|
hostPublicKey = builtins.readFile ./ssh_host_ed25519_key.pub;
|
||||||
unsafeHostPrivateKey = builtins.readFile ./ssh_host_ed25519_key;
|
unsafeHostPrivateKey = builtins.readFile ./ssh_host_ed25519_key;
|
||||||
|
|
|
@ -3,8 +3,8 @@
|
||||||
|
|
||||||
fediversityVm = {
|
fediversityVm = {
|
||||||
name = "test12";
|
name = "test12";
|
||||||
|
isFediversityVm = true;
|
||||||
vmId = 7012;
|
vmId = 7012;
|
||||||
proxmox = "fediversity";
|
|
||||||
|
|
||||||
hostPublicKey = builtins.readFile ./ssh_host_ed25519_key.pub;
|
hostPublicKey = builtins.readFile ./ssh_host_ed25519_key.pub;
|
||||||
unsafeHostPrivateKey = builtins.readFile ./ssh_host_ed25519_key;
|
unsafeHostPrivateKey = builtins.readFile ./ssh_host_ed25519_key;
|
||||||
|
|
|
@ -3,8 +3,8 @@
|
||||||
|
|
||||||
fediversityVm = {
|
fediversityVm = {
|
||||||
name = "test13";
|
name = "test13";
|
||||||
|
isFediversityVm = true;
|
||||||
vmId = 7013;
|
vmId = 7013;
|
||||||
proxmox = "fediversity";
|
|
||||||
|
|
||||||
hostPublicKey = builtins.readFile ./ssh_host_ed25519_key.pub;
|
hostPublicKey = builtins.readFile ./ssh_host_ed25519_key.pub;
|
||||||
unsafeHostPrivateKey = builtins.readFile ./ssh_host_ed25519_key;
|
unsafeHostPrivateKey = builtins.readFile ./ssh_host_ed25519_key;
|
||||||
|
|
|
@ -3,8 +3,8 @@
|
||||||
|
|
||||||
fediversityVm = {
|
fediversityVm = {
|
||||||
name = "test14";
|
name = "test14";
|
||||||
|
isFediversityVm = true;
|
||||||
vmId = 7014;
|
vmId = 7014;
|
||||||
proxmox = "fediversity";
|
|
||||||
|
|
||||||
hostPublicKey = builtins.readFile ./ssh_host_ed25519_key.pub;
|
hostPublicKey = builtins.readFile ./ssh_host_ed25519_key.pub;
|
||||||
unsafeHostPrivateKey = builtins.readFile ./ssh_host_ed25519_key;
|
unsafeHostPrivateKey = builtins.readFile ./ssh_host_ed25519_key;
|
||||||
|
|
Loading…
Add table
Reference in a new issue