cf3941741b
If packages (by name attribute and architecture) are present in the first eval and absent in the second eval, mark it as having cleanup. If packages (by name attribute and architecture) are absent in the first eval and present in the second eval, mark it as having a new package. Note, though, that the generic "has cleanup" tag is too generic to automatically remove it if ofborg thinks it isn't true. Closes #63 |
||
|---|---|---|
| doc | ||
| ircbot | ||
| log-api | ||
| nix | ||
| ofborg | ||
| php | ||
| scripts | ||
| .gitignore | ||
| CODE_OF_CONDUCT.md | ||
| config.extra-known-users.json | ||
| config.known-users.json | ||
| config.public.json | ||
| default.nix | ||
| example.config.json | ||
| factoids.toml | ||
| LICENSE | ||
| README.md | ||
| release.nix | ||
| service.nix | ||
| shell.nix | ||
grahamcofborg
Guidelines
- make sure you've reviewed the code before you trigger it on a PR that isn't your own
- be gentle, preferably don't run mass rebuilds / massive builds like chromium on it
Automatic Building
Users who are trusted (see: ./config.public.json) or known (see: ./config.known-users.json) will have their PRs automatically trigger builds if their commits follow the well-defined format of Nixpkgs. Example messages and the builds:
| Message | Automatic Build |
|---|---|
vim: 1.0.0 -> 2.0.0 |
vim |
python36Packages.requests,python27Packages.requests: 1.0.0 -> 2.0.0 |
python36Packages.requests, python27Packages.requests |
python{2,3}Packages.requests: 1.0.0 -> 2.0.0 |
nothing |
If a PR is opened with many commits, it will create a single build job for all of the detected packages. If a PR is opened and many commits are pushed one by one to the open PR, many build jobs will be created.
To disable automatic building of packages on a PR, add [WIP] to the
PR's title, or the 2.status: work-in-progress label.
Commands
The comment parser is line-based, so comments can be interleaved with instructions.
- To trigger the bot, the line must start with a case
insensitive version of
@GrahamcOfBorg. - To use multiple commands, insert a bit of whitespace and then your new command.
Commands:
test (added: 2017-11-24)
@grahamcofborg test list of tests
This will run nix-build ./nixos/release.nix -A tests.list -A tests.of -A tests.attrs in
the nixpkgs checkout. Note: this will only run on x86_64-linux machines.
eval
@grahamcofborg eval
Note: Every PR automatically evaluates when it is opened and when the commits change. There is no reason to run eval on a PR unless the evaluation has failed for weird reasons, or because master was broken before.
build
@grahamcofborg build list of attrs
This will run nix-build ./default.nix -A list -A of -A attrs in
the nixpkgs checkout.
Multiple Commands:
@grahamcofborg build list of attrs
@grahamcofborg eval
or even:
@grahamcofborg build list of attrs @grahamcofborg eval
This will also work:
looks good to me!
@grahamcofborg build list of attrs
And this is fine:
@grahamcofborg build list of attrs
looks good to me!
This is will build list, of, attrs, looks, good, to, me!:
@grahamcofborg build list of attrs looks good to me!
How does OfBorg call nix-build?
Builds are run like:
HOME=/homeless-shelter NIX_PATH=nixpkgs=$(pwd) nix-build ./default.nix --no-out-link --keep-going -A hello --option restrict-eval true --option build-timeout 1800 --argstr system thesystem --show-trace
How does OfBorg call nix-instantiate?
NixOS evals are run like:
HOME=/homeless-shelter NIX_PATH=nixpkgs=$(pwd) nix-instantiate ./nixos/release.nix -A manual --option restrict-eval true --option build-timeout 1800 --argstr system thesystem --show-trace
Nixpkgs evals are run like:
HOME=/homeless-shelter NIX_PATH=nixpkgs=$(pwd) nix-instantiate ./pkgs/top-level/release.nix -A manual --option restrict-eval true --option build-timeout 1800 --argstr system thesystem --show-trace
Running a builder
nix-shell ./shell.nix
$ cd ofborg
$ cargo build
cargo build
then copy example.config.json to config.json and edit its vars. Set
nix.remote to an empty string if you're not using the daemon.
Run
./target/debug/builder ./config.json
Note the config.public.json for the public pieces of how I run ofborg, which is merged with config.known-users.json and a third private config file of credentials. These files contain some special keys like
- known users
- authorized users
- log storage
they are only used in the backend processing tasks, and there is no
need for them on builders. However, to update the list in
config.known-users.json, run ./scripts/update-known-users.sh.
old php stuff...
Only Graham needs to do this, since I run the only remaining PHP components.
<?php
require_once __DIR__ . '/vendor/autoload.php';
use PhpAmqpLib\Connection\AMQPSSLConnection;
use PhpAmqpLib\Message\AMQPMessage;
function rabbitmq_conn($timeout = 3) {
$host = 'events.nix.gsc.io';
$connection = new AMQPSSLConnection(
$host, 5671,
'eventsuser, eventspassword, '/',
array(
'verify_peer' => true,
'verify_peer_name' => true,
'peer_name' => $host,
'verify_depth' => 10,
'ca_file' => '/etc/ssl/certs/ca-certificates.crt',
), array(
'connection_timeout' => $timeout,
)
);
return $connection;
}
function gh_client() {
$client = new \Github\Client();
$client->authenticate('githubusername',
'githubpassword',
Github\Client::AUTH_HTTP_PASSWORD);
return $client;
}