infra/terraform/hydra.nix
Pierre Bourdon ca904d7b4e
tf: use tf.ref instead of config.resource.* when dependencies matter
Using config.resource.* gets interpolated by Nix, whereas tf.ref gets
interpolated by Terraform. The latter ends up generating implicit
dependencies between resources.

In practice, the lack of dependencies was only showing up when creating
a new Hydra project + jobset at the same time - the concurrent /
misordered creation sometimes required two different TF applications to
create first the project then the jobset (the first application would
end up with a failure).
2024-08-12 19:36:50 +02:00

329 lines
8 KiB
Nix

{ lib, config, ... }:
let
inherit (lib) mkEnableOption mkIf types mkOption tf;
cfg = config.bagel.hydra;
in
{
options.bagel.hydra = {
enable = mkEnableOption "the Hydra jobsets";
};
config = mkIf cfg.enable {
terraform.required_providers.hydra = {
version = "~> 0.1";
source = "DeterminateSystems/hydra";
};
resource.secret_resource.hydra_password.lifecycle.prevent_destroy = true;
provider.hydra = {
host = "https://hydra.forkos.org";
username = "terraform";
password = tf.ref "resource.secret_resource.hydra_password.value";
};
resource.hydra_project.forkos = {
name = "forkos";
display_name = "ForkOS";
description = "ForkOS packages collection";
homepage = "https://cl.forkos.org";
owner = "terraform";
enabled = true;
visible = true;
};
resource.hydra_jobset.k900-experiments = {
project = tf.ref "resource.hydra_project.forkos.name";
state = "enabled";
visible = true;
name = "nixpkgs-experiments";
type = "legacy";
description = "experiments branch to test things for K900";
nix_expression = {
file = "nixos/release.nix";
input = "nixpkgs";
};
check_interval = 0;
scheduling_shares = 3000;
keep_evaluations = 3;
email_notifications = false;
input = [
{
name = "nixpkgs";
type = "git";
value = "https://github.com/nixos/nixpkgs 03ff49192b044786362c8c94d8501eac5c6eada4";
notify_committers = false;
}
{
name = "officialRelease";
type = "boolean";
value = false;
}
{
name = "supportedSystems";
type = "nix";
value = ''[ "x86_64-linux" ]'';
}
];
};
resource.hydra_jobset.raito-nixos-rolling-small = {
project = tf.ref "resource.hydra_project.forkos.name";
state = "enabled";
visible = true;
name = "raito-nixos-rolling-small";
type = "legacy";
description = "master branch for raito-nixos";
nix_expression = {
file = "pkgs/top-level/release.nix";
input = "nixpkgs";
};
check_interval = 0;
scheduling_shares = 3000;
keep_evaluations = 3;
email_notifications = false;
input = [
{
name = "nixpkgs";
type = "git";
value = "https://cl.forkos.org/nixpkgs";
notify_committers = false;
}
{
name = "officialRelease";
type = "boolean";
value = "false";
notify_committers = false;
}
{
name = "supportedSystems";
type = "nix";
value = ''[ "x86_64-linux" ]'';
}
];
};
resource.hydra_jobset.delroth-nixpkgs-staging-small = {
project = tf.ref "resource.hydra_project.forkos.name";
state = "enabled";
visible = true;
name = "delroth-nixpkgs-staging-small";
type = "legacy";
description = "small eval of nixpkgs staging for testing";
nix_expression = {
file = "pkgs/top-level/release-small.nix";
input = "nixpkgs";
};
check_interval = 0;
scheduling_shares = 3000;
keep_evaluations = 3;
email_notifications = false;
input = [
{
name = "nixpkgs";
type = "git";
value = "https://github.com/nixos/nixpkgs staging";
notify_committers = false;
}
{
name = "officialRelease";
type = "boolean";
value = "false";
notify_committers = false;
}
{
name = "supportedSystems";
type = "nix";
value = ''[ "x86_64-linux" ]'';
}
];
};
resource.hydra_project.infra = {
name = "infra";
display_name = "ForkOS Infra";
description = "ForkOS infra repository";
homepage = "https://git.lix.system/the-distro/infra";
owner = "terraform";
enabled = true;
visible = true;
};
resource.hydra_jobset.infra_main = {
project = tf.ref "resource.hydra_project.infra.name";
state = "enabled";
visible = true;
name = "main";
type = "flake";
description = "main branch for the infra repo";
flake_uri = "git+https://git.lix.systems/the-distro/infra";
check_interval = 600;
scheduling_shares = 3000;
keep_evaluations = 5;
email_notifications = false;
};
resource.hydra_project.hydra = {
name = "hydra";
display_name = "ForkOS Hydra";
description = "ForkOS hydra fork";
homepage = "https://git.lix.system/lix-project/hydra";
owner = "terraform";
enabled = true;
visible = true;
};
resource.hydra_jobset.hydra_main = {
project = tf.ref "resource.hydra_project.hydra.name";
state = "enabled";
visible = true;
name = "main";
type = "flake";
description = "main branch for the hydra repo";
flake_uri = "git+https://git.lix.systems/lix-project/hydra";
check_interval = 600;
scheduling_shares = 3000;
keep_evaluations = 5;
email_notifications = false;
};
resource.hydra_jobset.nixos-staging-next-small = {
project = tf.ref "resource.hydra_project.forkos.name";
state = "enabled";
visible = true;
name = "nixos-staging-next-small";
type = "legacy";
description = "nixos jobset for the staging-next branch";
nix_expression = {
file = "nixos/release-small.nix";
input = "nixpkgs";
};
check_interval = 0;
scheduling_shares = 3000;
keep_evaluations = 3;
email_notifications = false;
input = [
{
name = "nixpkgs";
type = "git";
value = "https://cl.forkos.org/nixpkgs staging-next";
notify_committers = false;
}
{
name = "officialRelease";
type = "boolean";
value = "false";
notify_committers = false;
}
{
name = "supportedSystems";
type = "nix";
value = ''[ "x86_64-linux" ]'';
}
];
};
resource.hydra_jobset.nixpkgs-staging-next = {
project = tf.ref "resource.hydra_project.forkos.name";
state = "enabled";
visible = true;
name = "nixpkgs-staging-next";
type = "legacy";
description = "nixpkgs jobset for the staging-next branch";
nix_expression = {
file = "pkgs/top-level/release.nix";
input = "nixpkgs";
};
check_interval = 0;
scheduling_shares = 3000;
keep_evaluations = 3;
email_notifications = false;
input = [
{
name = "nixpkgs";
type = "git";
value = "https://cl.forkos.org/nixpkgs staging-next";
notify_committers = false;
}
{
name = "officialRelease";
type = "boolean";
value = "false";
notify_committers = false;
}
{
name = "supportedSystems";
type = "nix";
value = ''[ "x86_64-linux" ]'';
}
];
};
resource.hydra_jobset.nixos-main = {
project = tf.ref "resource.hydra_project.forkos.name";
state = "enabled";
visible = true;
name = "nixos-main";
type = "legacy";
description = "nixos jobset for the main branch";
nix_expression = {
file = "nixos/release-combined.nix";
input = "nixpkgs";
};
check_interval = 0;
scheduling_shares = 3000;
keep_evaluations = 3;
email_notifications = false;
input = [
{
name = "nixpkgs";
type = "git";
value = "https://cl.forkos.org/nixpkgs main";
notify_committers = false;
}
{
name = "officialRelease";
type = "boolean";
value = "false";
notify_committers = false;
}
{
name = "supportedSystems";
type = "nix";
value = ''[ "x86_64-linux" ]'';
}
];
};
};
}