Switch to devenv

albinvass · Apr 29, 2024 · 50dd0c5 · 50dd0c5
1 parent 0be0491
commit 50dd0c5
Show file tree

Hide file tree

Showing 9 changed files with 432 additions and 214 deletions.
diff --git a/.envrc b/.envrc
@@ -1 +1,3 @@
-use flake
+source_url "https://raw.githubusercontent.com/cachix/devenv/95f329d49a8a5289d31e0982652f7058a189bfca/direnvrc" "sha256-d+8cBpDfDBj41inrADaJt+bDWhOktwslgoP5YiGJ1v0="
+
+use devenv
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -4,45 +4,71 @@ on:
  branches:
  - master
 jobs:
- deploy:
+ lint:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v4
+ - uses: cachix/install-nix-action@v26
+ - uses: cachix/cachix-action@v14
+ with:
+ name: devenv
+ - name: Install devenv.sh
+ run: nix profile install nixpkgs#devenv
+
+ - name: Check out repository code
+ uses: actions/checkout@v4
+
+ - name: Lint nix
+ run: devenv shell statix check
+
+ pulumi:
+ needs: [ lint ]
  concurrency: deploy
  runs-on: ubuntu-latest
  steps:
- - uses: nixbuild/nix-quick-install-action@v25
- with:
- nix_conf: |
- substituters = https://cache.nixos.org/
- trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
- keep-outputs = true
-
- - name: Restore and cache Nix store
- uses: nix-community/[email protected]
- with:
- key: nix-cache
- gc-linux: true
- gc-max-store-size-linux: 10000000000
- purge: true
- purge-accessed: true
- purge-accessed-max-age: 3600
-
- - name: Cache Pulumi venv
- uses: actions/cache@v3
- with:
- path: pulumi/venv
- key: pulumi-venv
-
- - name: Check out repository code
- uses: actions/checkout@v4
-
- - name: Lint nix
- run: nix develop --command -- statix check
-
- - name: Provision Infrastructure
- run: nix develop --command -- deploy-pulumi --yes --non-interactive
- env:
- SOPS_AGE_KEY: ${{ secrets.SOPS_AGE_KEY }}
-
- - name: Provision Servers
- run: nix develop --command -- deploy-colmena apply --build-on-target --on @enabled
- env:
- SOPS_AGE_KEY: ${{ secrets.SOPS_AGE_KEY }}
+ - uses: actions/checkout@v4
+ - uses: cachix/install-nix-action@v26
+ - uses: cachix/cachix-action@v14
+ with:
+ name: devenv
+ - name: Install devenv.sh
+ run: nix profile install nixpkgs#devenv
+
+ - name: Cache Pulumi venv
+ uses: actions/cache@v3
+ with:
+ path: pulumi/venv
+ key: pulumi-venv
+
+ - name: Check out repository code
+ uses: actions/checkout@v4
+
+ - name: Provision infrastructure with pulumi
+ run: devenv shell deploy-pulumi --yes --non-interactive
+ env:
+ SOPS_AGE_KEY: ${{ secrets.SOPS_AGE_KEY }}
+
+ colmena:
+ needs: [ pulumi ]
+ strategy:
+ matrix:
+ host:
+ - nixpi
+ - nixos-1
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v4
+ - uses: cachix/install-nix-action@v26
+ - uses: cachix/cachix-action@v14
+ with:
+ name: devenv
+ - name: Install devenv.sh
+ run: nix profile install nixpkgs#devenv
+
+ - name: Check out repository code
+ uses: actions/checkout@v4
+
+ - name: Deploy ${{ matrix.host }}
+ run: devenv shell deploy-colmena apply --build-on-target --on ${{ matrix.host }}
+ env:
+ SOPS_AGE_KEY: ${{ secrets.SOPS_AGE_KEY }}
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,12 @@
 output
 result
 .direnv
+# Devenv
+.devenv*
+devenv.local.nix
+
+# direnv
+.direnv
+
+# pre-commit
+.pre-commit-config.yaml
diff --git a/devenv.lock b/devenv.lock
@@ -0,0 +1,259 @@
+{
+ "nodes": {
+ "colmena": {
+ "inputs": {
+ "flake-compat": "flake-compat",
+ "flake-utils": "flake-utils",
+ "nixpkgs": "nixpkgs",
+ "stable": "stable"
+ },
+ "locked": {
+ "lastModified": 1711386353,
+ "owner": "zhaofengli",
+ "repo": "colmena",
+ "rev": "cd65ef7a25cdc75052fbd04b120aeb066c3881db",
+ "treeHash": "c08be9a8a7788c44b417efa1033d61c3cb6d4f22",
+ "type": "github"
+ },
+ "original": {
+ "owner": "zhaofengli",
+ "repo": "colmena",
+ "type": "github"
+ }
+ },
+ "devenv": {
+ "locked": {
+ "dir": "src/modules",
+ "lastModified": 1714390914,
+ "owner": "cachix",
+ "repo": "devenv",
+ "rev": "34e6461fd76b5f51ad5f8214f5cf22c4cd7a196e",
+ "treeHash": "5c5dc481030d6e30f8aa506e6d0c0d0809490d65",
+ "type": "github"
+ },
+ "original": {
+ "dir": "src/modules",
+ "owner": "cachix",
+ "repo": "devenv",
+ "type": "github"
+ }
+ },
+ "flake-compat": {
+ "flake": false,
+ "locked": {
+ "lastModified": 1696426674,
+ "owner": "edolstra",
+ "repo": "flake-compat",
+ "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
+ "treeHash": "2addb7b71a20a25ea74feeaf5c2f6a6b30898ecb",
+ "type": "github"
+ },
+ "original": {
+ "owner": "edolstra",
+ "repo": "flake-compat",
+ "type": "github"
+ }
+ },
+ "flake-compat_2": {
+ "flake": false,
+ "locked": {
+ "lastModified": 1696426674,
+ "owner": "edolstra",
+ "repo": "flake-compat",
+ "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
+ "treeHash": "2addb7b71a20a25ea74feeaf5c2f6a6b30898ecb",
+ "type": "github"
+ },
+ "original": {
+ "owner": "edolstra",
+ "repo": "flake-compat",
+ "type": "github"
+ }
+ },
+ "flake-utils": {
+ "inputs": {
+ "systems": "systems"
+ },
+ "locked": {
+ "lastModified": 1710146030,
+ "owner": "numtide",
+ "repo": "flake-utils",
+ "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
+ "treeHash": "bd263f021e345cb4a39d80c126ab650bebc3c10c",
+ "type": "github"
+ },
+ "original": {
+ "owner": "numtide",
+ "repo": "flake-utils",
+ "type": "github"
+ }
+ },
+ "flake-utils_2": {
+ "inputs": {
+ "systems": "systems_2"
+ },
+ "locked": {
+ "lastModified": 1710146030,
+ "owner": "numtide",
+ "repo": "flake-utils",
+ "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
+ "treeHash": "bd263f021e345cb4a39d80c126ab650bebc3c10c",
+ "type": "github"
+ },
+ "original": {
+ "owner": "numtide",
+ "repo": "flake-utils",
+ "type": "github"
+ }
+ },
+ "gitignore": {
+ "inputs": {
+ "nixpkgs": [
+ "pre-commit-hooks",
+ "nixpkgs"
+ ]
+ },
+ "locked": {
+ "lastModified": 1709087332,
+ "owner": "hercules-ci",
+ "repo": "gitignore.nix",
+ "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
+ "treeHash": "ca14199cabdfe1a06a7b1654c76ed49100a689f9",
+ "type": "github"
+ },
+ "original": {
+ "owner": "hercules-ci",
+ "repo": "gitignore.nix",
+ "type": "github"
+ }
+ },
+ "nixpkgs": {
+ "locked": {
+ "lastModified": 1714253743,
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "rev": "58a1abdbae3217ca6b702f03d3b35125d88a2994",
+ "treeHash": "657a1fba439d921c46426dd4a3ba0251e997bfee",
+ "type": "github"
+ },
+ "original": {
+ "owner": "NixOS",
+ "ref": "nixos-unstable",
+ "repo": "nixpkgs",
+ "type": "github"
+ }
+ },
+ "nixpkgs-stable": {
+ "locked": {
+ "lastModified": 1714272655,
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "rev": "12430e43bd9b81a6b4e79e64f87c624ade701eaf",
+ "treeHash": "e76ecc257d4f76a36a0ec6e4f779fc35aecadf7b",
+ "type": "github"
+ },
+ "original": {
+ "owner": "NixOS",
+ "ref": "nixos-23.11",
+ "repo": "nixpkgs",
+ "type": "github"
+ }
+ },
+ "nixpkgs_2": {
+ "locked": {
+ "lastModified": 1713361204,
+ "owner": "cachix",
+ "repo": "devenv-nixpkgs",
+ "rev": "285676e87ad9f0ca23d8714a6ab61e7e027020c6",
+ "treeHash": "50354b35a3e0277d4a83a0a88fa0b0866b5f392f",
+ "type": "github"
+ },
+ "original": {
+ "owner": "cachix",
+ "ref": "rolling",
+ "repo": "devenv-nixpkgs",
+ "type": "github"
+ }
+ },
+ "pre-commit-hooks": {
+ "inputs": {
+ "flake-compat": "flake-compat_2",
+ "flake-utils": "flake-utils_2",
+ "gitignore": "gitignore",
+ "nixpkgs": [
+ "nixpkgs"
+ ],
+ "nixpkgs-stable": "nixpkgs-stable"
+ },
+ "locked": {
+ "lastModified": 1713954846,
+ "owner": "cachix",
+ "repo": "pre-commit-hooks.nix",
+ "rev": "6fb82e44254d6a0ece014ec423cb62d92435336f",
+ "treeHash": "a456512c8da29752b79131f1e5b45053e2394078",
+ "type": "github"
+ },
+ "original": {
+ "owner": "cachix",
+ "repo": "pre-commit-hooks.nix",
+ "type": "github"
+ }
+ },
+ "root": {
+ "inputs": {
+ "colmena": "colmena",
+ "devenv": "devenv",
+ "nixpkgs": "nixpkgs_2",
+ "pre-commit-hooks": "pre-commit-hooks"
+ }
+ },
+ "stable": {
+ "locked": {
+ "lastModified": 1704290814,
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "rev": "70bdadeb94ffc8806c0570eb5c2695ad29f0e421",
+ "treeHash": "a0ee02eceb71106d608605419182d174044030d9",
+ "type": "github"
+ },
+ "original": {
+ "owner": "NixOS",
+ "ref": "nixos-23.05",
+ "repo": "nixpkgs",
+ "type": "github"
+ }
+ },
+ "systems": {
+ "locked": {
+ "lastModified": 1681028828,
+ "owner": "nix-systems",
+ "repo": "default",
+ "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+ "treeHash": "cce81f2a0f0743b2eb61bc2eb6c7adbe2f2c6beb",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nix-systems",
+ "repo": "default",
+ "type": "github"
+ }
+ },
+ "systems_2": {
+ "locked": {
+ "lastModified": 1681028828,
+ "owner": "nix-systems",
+ "repo": "default",
+ "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+ "treeHash": "cce81f2a0f0743b2eb61bc2eb6c7adbe2f2c6beb",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nix-systems",
+ "repo": "default",
+ "type": "github"
+ }
+ }
+ },
+ "root": "root",
+ "version": 7
+}