diff --git a/ci/docker/entrypoint.sh b/ci/docker/entrypoint.sh new file mode 100644 index 000000000..2484bdee0 --- /dev/null +++ b/ci/docker/entrypoint.sh @@ -0,0 +1,14 @@ +#!/usr/bin/env bash + +# NB: Only our CI agents push to this cache but we don't have PKI (e.g. +# signing) setup for them. +## So we mark the cache as trusted to skip signature verifications. +CACHE="s3://redpanda-nix-cache-k8s-m6id12xlarge?region=us-west-2&trusted=true" + +nix develop --option extra-substituters "$CACHE" --impure --command "$@" +EXIT_CODE="$?" + +echo "--- Pushing to :nix: cache" +nix copy --to "$CACHE" .#devshell + +exit "$EXIT_CODE" diff --git a/ci/docker/nix.Dockerfile b/ci/docker/nix.Dockerfile index 805e0a442..256700fb2 100644 --- a/ci/docker/nix.Dockerfile +++ b/ci/docker/nix.Dockerfile @@ -18,4 +18,6 @@ RUN echo 'experimental-features = nix-command flakes' >> /etc/nix/nix.conf \ # easier to disable this check entirely: && git config --global --add safe.directory '*' -ENTRYPOINT ["nix", "develop", "--impure", "--command"] +COPY ci/docker/entrypoint.sh / + +ENTRYPOINT ["bash", "/entrypoint.sh"] diff --git a/ci/scripts/run-in-nix-docker.sh b/ci/scripts/run-in-nix-docker.sh index 811d8c497..bd8b46307 100755 --- a/ci/scripts/run-in-nix-docker.sh +++ b/ci/scripts/run-in-nix-docker.sh @@ -33,7 +33,7 @@ fi set -e # BUILDKITE environment variables are used by `buildkite-agent` cli to upload artifact -printenv | grep '^BUILDKITE.*=' > env-file-for-buildkite +printenv | { grep '^BUILDKITE.*=' || true; } > env-file-for-buildkite # Build the base image and grab the SHA. IMAGE_SHA=$(docker build --quiet -f ./ci/docker/nix.Dockerfile .) diff --git a/flake.nix b/flake.nix index 59c8b15fc..d10d8a90a 100644 --- a/flake.nix +++ b/flake.nix @@ -36,6 +36,10 @@ { formatter = pkgs.nixpkgs-fmt; + # Make it possible to reference the devshell context from standard + # nix commands. e.g. nix copy .#devshell. + packages.devshell = self'.devShells.default; + devshells.default = { env = [ { name = "GOROOT"; value = "${pkgs.go_1_24}/share/go"; } diff --git a/taskfiles/ci.yml b/taskfiles/ci.yml index e240e60ec..b5477106e 100644 --- a/taskfiles/ci.yml +++ b/taskfiles/ci.yml @@ -9,10 +9,7 @@ tasks: - task: set-aio-max - task: set-inotify-watches - task: set-inotify-instances - - task: configure-git-private-repo - cmd: "mkdir -p {{.SRC_DIR}}/artifacts" - # Fetch the release branches for our git based linters. - - cmd: git fetch origin release/v2.4.x lint: cmds: @@ -24,6 +21,7 @@ tasks: test:unit: cmds: - defer: 'buildkite-agent artifact upload "{{.SRC_DIR}}/artifacts/*"' + - 'echo "--- Running unit tests"' - task: :test:unit vars: GO_TEST_RUNNER: 'gotestsum --junitfile=artifacts/unit-tests.xml --' @@ -33,6 +31,7 @@ tasks: cmds: - defer: 'kind delete clusters --all' - defer: 'buildkite-agent artifact upload "{{.SRC_DIR}}/artifacts/*"' + - 'echo "--- Running integration tests"' - task: :test:integration vars: GO_TEST_RUNNER: 'gotestsum --junitfile=artifacts/integration-tests.xml --' @@ -42,6 +41,7 @@ tasks: cmds: - defer: 'kind delete clusters --all' - defer: 'buildkite-agent artifact upload "{{.SRC_DIR}}/artifacts/*"' + - 'echo "--- Running acceptance tests"' - task: :test:acceptance vars: GO_TEST_RUNNER: 'gotestsum --junitfile=artifacts/acceptance-tests.xml --' @@ -66,16 +66,6 @@ tasks: vars: KUTTL_CONFIG_FILE: kuttl-v2-test.yaml - configure-git-private-repo: - internal: true - env: - GITHUB_TOKEN: - sh: echo "${GITHUB_TOKEN:-$GITHUB_API_TOKEN}" - cmds: - - git config --global url."https://$GITHUB_TOKEN@github.com/".insteadOf "https://github.com/" - preconditions: - - test -n "$GITHUB_API_TOKEN" || test -n "$GITHUB_TOKEN" - run-kuttl-tests: cmds: - defer: