aboutsummaryrefslogtreecommitdiff
path: root/shell.nix
blob: 12daa502050e73d8b56060ef21d1bb586bda8f22 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
{ system ? builtins.currentSystem, }:

with import ./nix/common.nix;

let
  pkgs = import pkgsSrc {
    inherit system;
  };
  winscp = (import ./nix/winscp.nix) pkgs;
in
{
  # --- Dev shell inherited from flake.nix ---
  devShell = devShells.default;

  # --- Continuous integration shell ---
  # The shell used for all CI jobs (along with devShell)
  ci = pkgs.mkShell {
    nativeBuildInputs = with pkgs; [
      winscp

      kaniko
      manifest-tool
      awscli2
      file
      s3cmd
      minio-client
      rclone
      socat
      psmisc
      which
      openssl
      curl
      jq
    ];
    shellHook = ''
      function to_s3 {
        aws \
            --endpoint-url https://garage.deuxfleurs.fr \
            --region garage \
          s3 cp \
            ./result-bin/bin/garage \
            s3://garagehq.deuxfleurs.fr/_releases/''${CI_COMMIT_TAG:-$CI_COMMIT_SHA}/''${TARGET}/garage
      }

      function to_docker {
        executor  \
          --force \
          --customPlatform="''${DOCKER_PLATFORM}" \
          --destination "''${CONTAINER_NAME}:''${CONTAINER_TAG}" \
          --context dir://`pwd` \
          --verbosity=debug
      }

      function multiarch_docker {
              manifest-tool push from-spec <(cat <<EOF
      image: dxflrs/garage:''${CONTAINER_TAG}
      manifests:
        -
          image: dxflrs/arm64_garage:''${CONTAINER_TAG}
          platform:
            architecture: arm64
            os: linux
        -
          image: dxflrs/amd64_garage:''${CONTAINER_TAG}
          platform:
            architecture: amd64
            os: linux
        -
          image: dxflrs/386_garage:''${CONTAINER_TAG}
          platform:
            architecture: 386
            os: linux
        -
          image: dxflrs/arm_garage:''${CONTAINER_TAG}
          platform:
            architecture: arm
            os: linux
      EOF
              )
      }

      function refresh_index {
        aws \
            --endpoint-url https://garage.deuxfleurs.fr \
            --region garage \
          s3 ls \
            --recursive \
            s3://garagehq.deuxfleurs.fr/_releases/ \
        > aws-list.txt

        nix-build nix/build_index.nix

        aws \
            --endpoint-url https://garage.deuxfleurs.fr \
            --region garage \
          s3 cp \
            result/share/_releases.json \
            s3://garagehq.deuxfleurs.fr/

        aws \
            --endpoint-url https://garage.deuxfleurs.fr \
            --region garage \
          s3 cp \
            result/share/_releases.html \
            s3://garagehq.deuxfleurs.fr/
      }
    '';

  };

  # --- Cache shell ---
  # A shell for refreshing caches
  cache = pkgs.mkShell {
    shellHook = ''
      function refresh_cache {
        pass show deuxfleurs/nix_priv_key > /tmp/nix-signing-key.sec
        for attr in clippy.amd64 test.amd64 pkgs.{amd64,i386,arm,arm64}.release; do
          echo "Updating cache for ''${attr}"
          nix copy -j8 \
            --to 's3://nix?endpoint=garage.deuxfleurs.fr&region=garage&secret-key=/tmp/nix-signing-key.sec' \
            $(nix path-info ''${attr} --file default.nix --derivation --recursive | sed 's/\.drv$/.drv^*/')

        done
        rm /tmp/nix-signing-key.sec
      }
    '';
  };
}