From a0f9688a31dd9f4b6f9d252ba06f8d1acef914af Mon Sep 17 00:00:00 2001 From: Antoine Eiche Date: Sat, 10 Jul 2021 16:05:25 +0200 Subject: [PATCH] Switch CI to Nix flakes We also move tests to Flakes. This would allow users to submit PRs with a fork of nixpkgs when they want to test nixpkgs PRs against SNM. --- .hydra/declarative-jobsets.nix | 48 +++++++++---------------------- docs/howto-develop.rst | 18 +++++++++--- flake.lock | 33 +++++++++++++++++++++ flake.nix | 52 ++++++++++++++++++++++++++++++---- tests/clamav.nix | 9 +----- tests/default.nix | 48 ------------------------------- tests/external.nix | 2 +- tests/internal.nix | 2 +- tests/multiple.nix | 2 +- 9 files changed, 111 insertions(+), 103 deletions(-) delete mode 100644 tests/default.nix diff --git a/.hydra/declarative-jobsets.nix b/.hydra/declarative-jobsets.nix index 7d36ea6..2159de7 100644 --- a/.hydra/declarative-jobsets.nix +++ b/.hydra/declarative-jobsets.nix @@ -8,56 +8,26 @@ let { enabled = 1; hidden = false; description = "PR ${num}: ${info.title}"; - nixexprinput = "snm"; - nixexprpath = ".hydra/default.nix"; checkinterval = 30; schedulingshares = 20; enableemail = false; emailoverride = ""; keepnr = 1; - type = 0; - inputs = { - # This is only used to allow Niv to use pkgs.fetchzip which is - # required because of Hydra restricted evaluation mode. - nixpkgs = { - value = "https://github.com/NixOS/nixpkgs b6eefa48d8e10491e43c0c6155ac12b463f6fed3"; - type = "git"; - emailresponsible = false; - }; - snm = { - type = "git"; - value = "${info.target_repo_url} merge-requests/${info.iid}/head"; - emailresponsible = false; - }; - }; + type = 1; + flake = "gitlab:simple-nixos-mailserver/nixos-mailserver/merge-requests/${info.iid}/head"; } ) prs; mkJobset = branch: { description = "Build ${branch} branch of Simple NixOS MailServer"; checkinterval = "60"; enabled = "1"; - nixexprinput = "snm"; - nixexprpath = ".hydra/default.nix"; schedulingshares = 100; enableemail = false; emailoverride = ""; keepnr = 3; hidden = false; - type = 0; - inputs = { - # This is only used to allow Niv to use pkgs.fetchzip which is - # required because of Hydra restricted evaluation mode. - nixpkgs = { - value = "https://github.com/NixOS/nixpkgs b6eefa48d8e10491e43c0c6155ac12b463f6fed3"; - type = "git"; - emailresponsible = false; - }; - snm = { - value = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver ${branch}"; - type = "git"; - emailresponsible = false; - }; - }; + type = 1; + flake = "gitlab:simple-nixos-mailserver/nixos-mailserver/${branch}"; }; desc = prJobsets // { @@ -66,10 +36,20 @@ let "nixos-21.05" = mkJobset "nixos-21.05"; }; + log = { + pulls = prs; + jobsets = desc; + }; + in { jobsets = pkgs.runCommand "spec-jobsets.json" {} '' cat >$out <tmp <`. + +You can then run the testsuite via :: - $ nix-build tests -A external.nixpkgs_20_03 - $ nix-build tests -A internal.nixpkgs_unstable - ... + $ nix flake check -L + +Since Nix doesn't garantee your machine have enough resources to run +all test VMs in parallel, some tests can fail. You would then haev to +run tests manually. For instance: + +:: + + $ nix build .#hydraJobs.x86_64-linux.external-unstable -L + Contributing to the documentation --------------------------------- diff --git a/flake.lock b/flake.lock index a9abdbc..3d49d2e 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,21 @@ { "nodes": { + "blobs": { + "flake": false, + "locked": { + "lastModified": 1604995301, + "narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=", + "owner": "simple-nixos-mailserver", + "repo": "blobs", + "rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265", + "type": "gitlab" + }, + "original": { + "owner": "simple-nixos-mailserver", + "repo": "blobs", + "type": "gitlab" + } + }, "nixpkgs": { "locked": { "lastModified": 1607522989, @@ -15,9 +31,26 @@ "type": "indirect" } }, + "nixpkgs-21_05": { + "locked": { + "lastModified": 1625692408, + "narHash": "sha256-e9L3TLLDVIJpMnHtiNHJE62oOh6emRtSZ244bgYJUZs=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "c06613c25df3fe1dd26243847a3c105cf6770627", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-21.05", + "type": "indirect" + } + }, "root": { "inputs": { + "blobs": "blobs", "nixpkgs": "nixpkgs", + "nixpkgs-21_05": "nixpkgs-21_05", "utils": "utils" } }, diff --git a/flake.nix b/flake.nix index 3d8cfbe..f58b6fa 100644 --- a/flake.nix +++ b/flake.nix @@ -4,15 +4,55 @@ inputs = { utils.url = "github:numtide/flake-utils"; nixpkgs.url = "flake:nixpkgs/nixos-unstable"; + nixpkgs-21_05.url = "flake:nixpkgs/nixos-21.05"; + blobs = { + url = "gitlab:simple-nixos-mailserver/blobs"; + flake = false; + }; }; - outputs = { self, utils, nixpkgs }: { + outputs = { self, utils, blobs, nixpkgs, nixpkgs-21_05 }: let + system = "x86_64-linux"; + pkgs = nixpkgs.legacyPackages.${system}; + # We want to test nixos-mailserver on several nixos releases + releases = [ + { + name = "unstable"; + pkgs = nixpkgs.legacyPackages.${system}; + } + { + name = "21_05"; + pkgs = nixpkgs-21_05.legacyPackages.${system}; + } + ]; + testNames = [ + "internal" + "external" + "clamav" + "multiple" + ]; + genTest = testName: release: { + "name"= "${testName}-${release.name}"; + "value"= import (./tests/. + "/${testName}.nix") { + pkgs = release.pkgs; + inherit blobs; + }; + }; + # Generate an attribute set such as + # { + # external-unstable = ; + # external-21_05 = ; + # ... + # } + allTests = pkgs.lib.listToAttrs ( + pkgs.lib.flatten (map (t: map (r: genTest t r) releases) testNames)); + + in { nixosModules.mailserver = import ./.; nixosModule = self.nixosModules.mailserver; - } // utils.lib.eachDefaultSystem (system: let - pkgs = nixpkgs.legacyPackages.${system}; - in { - devShell = pkgs.mkShell { + hydraJobs.${system} = allTests; + checks.${system} = allTests; + devShell.${system} = pkgs.mkShell { buildInputs = with pkgs; [ (python3.withPackages (p: with p; [ sphinx @@ -22,5 +62,5 @@ clamav ]; }; - }); + }; } diff --git a/tests/clamav.nix b/tests/clamav.nix index f818991..4f59d64 100644 --- a/tests/clamav.nix +++ b/tests/clamav.nix @@ -14,19 +14,12 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see -{ pkgs ? import {}}: +{ pkgs ? import {}, blobs}: pkgs.nixosTest { name = "clamav"; nodes = { server = { config, pkgs, lib, ... }: - let - sources = import ../nix/sources.nix; - blobs = pkgs.fetchzip { - url = sources.blobs.url; - sha256 = sources.blobs.sha256; - }; - in { imports = [ ../default.nix diff --git a/tests/default.nix b/tests/default.nix deleted file mode 100644 index 68f2053..0000000 --- a/tests/default.nix +++ /dev/null @@ -1,48 +0,0 @@ -# Generate an attribute sets containing all tests for all releaeses -# It looks like: -# - external.nixpkgs_20.03 -# - external.nixpkgs_unstable -# - internal.nixpkgs_20.03 -# - internal.nixpkgs_unstable - -with builtins; - -let - sources = import ../nix/sources.nix; - - releases = listToAttrs (map genRelease releaseNames); - - genRelease = name: { - name = name; - value = import sources."${name}" {}; - }; - - genTest = testName: release: - let - pkgs = releases."${release}"; - test = pkgs.callPackage (./. + "/${testName}.nix") { }; - in { - "name"= builtins.replaceStrings ["." "-"] ["_" "_"] release; - "value"= test; - }; - - releaseNames = [ - "nixpkgs-unstable" - "nixpkgs-20.09" - "nixpkgs-21.05" - ]; - - testNames = [ - "internal" - "external" - "clamav" - "multiple" - ]; - - # Generate an attribute set containing one test per releases - genTests = testName: { - name = testName; - value = listToAttrs (map (genTest testName) (builtins.attrNames releases)); - }; - -in listToAttrs (map genTests testNames) diff --git a/tests/external.nix b/tests/external.nix index 55d9eb5..7c87664 100644 --- a/tests/external.nix +++ b/tests/external.nix @@ -14,7 +14,7 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see -{ pkgs ? import {}}: +{ pkgs ? import {}, ...}: pkgs.nixosTest { name = "external"; diff --git a/tests/internal.nix b/tests/internal.nix index c64339a..e8c4227 100644 --- a/tests/internal.nix +++ b/tests/internal.nix @@ -14,7 +14,7 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see -{ pkgs ? import {}}: +{ pkgs ? import {}, ...}: let sendMail = pkgs.writeTextFile { diff --git a/tests/multiple.nix b/tests/multiple.nix index 3377906..99e1aaf 100644 --- a/tests/multiple.nix +++ b/tests/multiple.nix @@ -1,6 +1,6 @@ # This tests is used to test features requiring several mail domains. -{ pkgs ? import {}}: +{ pkgs ? import {}, ...}: let hashPassword = password: pkgs.runCommand