69b7a315ef
into next |
||
---|---|---|
doc | ||
ircbot | ||
log-api | ||
nix | ||
ofborg | ||
php | ||
scripts | ||
.gitignore | ||
CODE_OF_CONDUCT.md | ||
config.extra-known-users.json | ||
config.known-users.json | ||
config.public.json | ||
default.nix | ||
example.config.json | ||
factoids.toml | ||
LICENSE | ||
README.md | ||
release.nix | ||
service.nix | ||
shell.nix |
grahamcofborg
Guidelines
- make sure you've reviewed the code before you trigger it on a PR that isn't your own
- be gentle, preferably don't run mass rebuilds / massive builds like chromium on it
Automatic Building
Users who are trusted (see: ./config.public.json) or known (see: ./config.known-users.json) will have their PRs automatically trigger builds if their commits follow the well-defined format of Nixpkgs. Example messages and the builds:
Message | Automatic Build |
---|---|
vim: 1.0.0 -> 2.0.0 |
vim |
python36Packages.requests,python27Packages.requests: 1.0.0 -> 2.0.0 |
python36Packages.requests , python27Packages.requests |
python{2,3}Packages.requests: 1.0.0 -> 2.0.0 |
nothing |
If a PR is opened with many commits, it will create a single build job for all of the detected packages. If a PR is opened and many commits are pushed one by one to the open PR, many build jobs will be created.
To disable automatic building of packages on a PR, add [WIP]
to the
PR's title, or the 2.status: work-in-progress
label.
Commands
The comment parser is line-based, so comments can be interleaved with instructions.
- To trigger the bot, the line must start with a case
insensitive version of
@GrahamcOfBorg
. - To use multiple commands, insert a bit of whitespace and then your new command.
Commands:
test (added: 2017-11-24)
@grahamcofborg test list of tests
This will run nix-build ./nixos/release.nix -A tests.list -A tests.of -A tests.tests
in
the nixpkgs checkout. Note: this will only run on x86_64-linux machines.
eval
@grahamcofborg eval
Note: Every PR automatically evaluates when it is opened and when the commits change. There is no reason to run eval on a PR unless the evaluation has failed for weird reasons, or because master was broken before.
build
@grahamcofborg build list of attrs
This will run nix-build ./default.nix -A list -A of -A attrs
in
the nixpkgs checkout.
Multiple Commands:
@grahamcofborg build list of attrs
@grahamcofborg eval
or even:
@grahamcofborg build list of attrs @grahamcofborg eval
This will also work:
looks good to me!
@grahamcofborg build list of attrs
And this is fine:
@grahamcofborg build list of attrs
looks good to me!
This is will build list
, of
, attrs
, looks
, good
, to
, me!
:
@grahamcofborg build list of attrs looks good to me!
How does OfBorg call nix-build?
Builds are run like:
HOME=/homeless-shelter NIX_PATH=nixpkgs=$(pwd) nix-build ./default.nix --no-out-link --keep-going -A hello --option restrict-eval true --option build-timeout 1800 --argstr system thesystem --show-trace
How does OfBorg call nix-instantiate?
NixOS evals are run like:
HOME=/homeless-shelter NIX_PATH=nixpkgs=$(pwd) nix-instantiate ./nixos/release.nix -A manual --option restrict-eval true --option build-timeout 1800 --argstr system thesystem --show-trace
Nixpkgs evals are run like:
HOME=/homeless-shelter NIX_PATH=nixpkgs=$(pwd) nix-instantiate ./pkgs/top-level/release.nix -A manual --option restrict-eval true --option build-timeout 1800 --argstr system thesystem --show-trace
Running meta checks locally
$ curl -o outpaths.nix https://raw.githubusercontent.com/NixOS/ofborg/released/ofborg/src/outpaths.nix
$ GC_INITIAL_HEAP_SIZE=4g nix-env -f ./outpaths.nix -qaP --no-name --out-path --arg checkMeta true > out-paths
Running a builder
nix-shell ./shell.nix
$ cd ofborg
$ cargo build
cargo build
then copy example.config.json to config.json and edit its vars. Set
nix.remote
to an empty string if you're not using the daemon.
Run
./target/debug/builder ./config.json
Note the config.public.json for the public pieces of how I run ofborg, which is merged with config.known-users.json and a third private config file of credentials. These files contain some special keys like
- known users
- authorized users
- log storage
they are only used in the backend processing tasks, and there is no
need for them on builders. However, to update the list in
config.known-users.json, run ./scripts/update-known-users.sh
.
old php stuff...
Only Graham needs to do this, since I run the only remaining PHP components.
<?php
require_once __DIR__ . '/vendor/autoload.php';
use PhpAmqpLib\Connection\AMQPSSLConnection;
use PhpAmqpLib\Message\AMQPMessage;
function rabbitmq_conn($timeout = 3) {
$host = 'events.nix.gsc.io';
$connection = new AMQPSSLConnection(
$host, 5671,
'eventsuser, eventspassword, '/',
array(
'verify_peer' => true,
'verify_peer_name' => true,
'peer_name' => $host,
'verify_depth' => 10,
'ca_file' => '/etc/ssl/certs/ca-certificates.crt',
), array(
'connection_timeout' => $timeout,
)
);
return $connection;
}
function gh_secret() {
return "github webhook secret";
}