From 2c89e8dc20e4bc73058c607ca8c3abaa33f2261b Mon Sep 17 00:00:00 2001 From: oluceps Date: Sun, 18 Feb 2024 09:54:24 +0800 Subject: [PATCH] + nur compat --- .github/dependabot.yaml | 6 +++ .github/workflows/nur-build.yaml | 60 ++++++++++++++++++++++++++++++ .github/workflows/sync-trival.yaml | 23 ++++++++++++ ci.nix | 42 +++++++++++++++++++++ default.nix | 30 ++++++++++++++- 5 files changed, 160 insertions(+), 1 deletion(-) create mode 100644 .github/dependabot.yaml create mode 100644 .github/workflows/nur-build.yaml create mode 100644 .github/workflows/sync-trival.yaml create mode 100644 ci.nix diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml new file mode 100644 index 000000000..5ace4600a --- /dev/null +++ b/.github/dependabot.yaml @@ -0,0 +1,6 @@ +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" diff --git a/.github/workflows/nur-build.yaml b/.github/workflows/nur-build.yaml new file mode 100644 index 000000000..45e60019e --- /dev/null +++ b/.github/workflows/nur-build.yaml @@ -0,0 +1,60 @@ +name: "Build and populate cache" +on: + pull_request: + workflow_dispatch: + push: + branches: + - master + schedule: + # rebuild everyday at 2:51 + # TIP: Choose a random time here so not all repositories are build at once: + # https://www.random.org/clock-times/?num=1&earliest=01%3A00&latest=08%3A00&interval=5&format=html&rnd=new + - cron: '13 10 * * *' +jobs: + tests: + strategy: + matrix: + nurRepo: + - oluceps + cachixName: + - nur-pkgs + nixPath: + - nixpkgs=channel:nixos-unstable + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Install nix + uses: cachix/install-nix-action@v25 + with: + nix_path: "${{ matrix.nixPath }}" + extra_nix_config: | + experimental-features = nix-command flakes + access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} + + - name: Show nixpkgs version + run: nix-instantiate --eval -E '(import {}).lib.version' + - name: Setup cachix + uses: cachix/cachix-action@v14 + # Don't replace here! + if: ${{ matrix.cachixName != '' }} + with: + name: ${{ matrix.cachixName }} + signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}' + authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' + - name: Check evaluation + run: | + nix-env -f . -qa \* --meta --xml \ + --allowed-uris https://static.rust-lang.org \ + --option restrict-eval true \ + --option allow-import-from-derivation true \ + --drv-path --show-trace \ + -I nixpkgs=$(nix-instantiate --find-file nixpkgs) \ + -I $PWD + - name: Build nix packages + run: nix shell -f '' nix-build-uncached -c nix-build-uncached ci.nix -A cacheOutputs + - name: Trigger NUR update + # Don't replace here! + if: ${{ matrix.nurRepo != '' }} + run: curl -XPOST "https://nur-update.herokuapp.com/update?repo=${{ matrix.nurRepo }}" diff --git a/.github/workflows/sync-trival.yaml b/.github/workflows/sync-trival.yaml new file mode 100644 index 000000000..5d752e57f --- /dev/null +++ b/.github/workflows/sync-trival.yaml @@ -0,0 +1,23 @@ +on: + workflow_dispatch: + push: + branches: [ master ] + schedule: + # same as build ci + - cron: '13 10 * * *' + + +jobs: + repo-sync: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + persist-credentials: false + - name: repo-sync + uses: repo-sync/github-sync@v2 + if: github.repository == 'oluceps/nur-pkgs' + with: + source_repo: "https://github.com/oluceps/nixos-config" + source_branch: "trival" + destination_branch: "master" diff --git a/ci.nix b/ci.nix new file mode 100644 index 000000000..c3e395a65 --- /dev/null +++ b/ci.nix @@ -0,0 +1,42 @@ +{ pkgs ? import { } }: + +with builtins; +let + isReserved = n: n == "lib" || n == "overlays" || n == "modules"; + isDerivation = p: isAttrs p && p ? type && p.type == "derivation"; + isBuildable = p: !(p.meta.broken or false) && p.meta.license.free or true; + isCacheable = p: !(p.preferLocalBuild or false); + shouldRecurseForDerivations = p: isAttrs p && p.recurseForDerivations or false; + + nameValuePair = n: v: { name = n; value = v; }; + + concatMap = builtins.concatMap or (f: xs: concatLists (map f xs)); + + flattenPkgs = s: + let + f = p: + if shouldRecurseForDerivations p then flattenPkgs p + else if isDerivation p then [ p ] + else [ ]; + in + concatMap f (attrValues s); + + outputsOf = p: map (o: p.${o}) p.outputs; + + nurAttrs = import ./default.nix { inherit pkgs; }; + + nurPkgs = + flattenPkgs + (listToAttrs + (map (n: nameValuePair n nurAttrs.${n}) + (filter (n: !isReserved n) + (attrNames nurAttrs)))); + +in +rec { + buildPkgs = filter isBuildable nurPkgs; + cachePkgs = filter isCacheable buildPkgs; + + buildOutputs = concatMap outputsOf buildPkgs; + cacheOutputs = concatMap outputsOf cachePkgs; +} diff --git a/default.nix b/default.nix index d54c66d61..2b294e8cb 100644 --- a/default.nix +++ b/default.nix @@ -1,2 +1,30 @@ -{ pkgs ? import }: (builtins.getFlake (toString ./.)).packages.x86_64-linux +{ pkgs ? import { } }: +let + # ugly redefine + genFilteredDirAttrsV2 = dir: excludes: + with pkgs.lib; genAttrs + (with builtins; filter + (n: !elem n excludes) + (map (removeSuffix ".nix") + (attrNames + (readDir dir)))); + shadowedPkgs = [ + "tcp-brutal" + "shufflecake" + + # use things from flake that not pass strict eval + "arch-run" + "guix-run" + "lunar-run" + "opulr-a-run" + "runbkworm" + "runwin" + "ubt-rv-run" + + "restls" + "shadow-tls" + ]; +in +(genFilteredDirAttrsV2 ./pkgs shadowedPkgs + (name: pkgs.callPackage (./pkgs + "/${name}.nix") { }))