about summary refs log tree commit diff
path: root/ops
diff options
context:
space:
mode:
authorGriffin Smith <grfn@gws.fyi>2021-05-23T16·34+0200
committergrfn <grfn@gws.fyi>2021-09-10T16·13+0000
commit9c038cbff09b600d6b3be32c6c9b1a4cd6779ec2 (patch)
tree7f08954bd11a54e3b476fd7d901d6cd7743ae4e0 /ops
parent79b39bb66e39bc1e00e4ceca75f32412e5f4f0de (diff)
feat(ops/deploy-whitby): Add the start of a script to deploy whitby r/2838
Add the beginnings of an auto-deploy script for whitby, intended to
be (eventually) suitable for running automatically in a systemd timer.
The current iteration of the script doesn't actually do any deploying,
but instead takes as an argument a revision, creates a new git worktree
in /tmp with that revision checked out, runs a nix-diff of whitby's
system derivation in the running system and at that closure, puts an
html-rendered version of that diff in the public directory used by
deploy.tvl.fyi, and finally sends a message to IRC via irccat with a
link to that HTML page.

Refs: b/110
Change-Id: Id40525567f8845590c909568befd8d00c07a481c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3145
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: kn <klemens@posteo.de>
Diffstat (limited to 'ops')
-rw-r--r--ops/deploy-whitby/default.nix30
-rwxr-xr-xops/deploy-whitby/deploy-whitby.sh45
2 files changed, 75 insertions, 0 deletions
diff --git a/ops/deploy-whitby/default.nix b/ops/deploy-whitby/default.nix
new file mode 100644
index 000000000000..640f8ecfd23a
--- /dev/null
+++ b/ops/deploy-whitby/default.nix
@@ -0,0 +1,30 @@
+{ pkgs, ... }:
+
+pkgs.stdenv.mkDerivation {
+  name = "deploy-whitby";
+
+  phases = [ "installPhase" "installCheckPhase" ];
+
+  nativeBuildInputs = with pkgs; [
+    makeWrapper
+  ];
+
+  installPhase = ''
+    mkdir -p $out/bin
+    makeWrapper ${./deploy-whitby.sh} $out/bin/deploy-whitby.sh \
+      --prefix PATH : ${with pkgs; lib.makeBinPath [
+        nix-diff
+        ansi2html
+        git
+      ]}
+  '';
+
+  installCheckInputs = with pkgs; [
+    shellcheck
+  ];
+
+  doInstallCheck = true;
+  installCheckPhase = ''
+    shellcheck $out/bin/deploy-whitby.sh
+  '';
+}
diff --git a/ops/deploy-whitby/deploy-whitby.sh b/ops/deploy-whitby/deploy-whitby.sh
new file mode 100755
index 000000000000..808f65cda2cf
--- /dev/null
+++ b/ops/deploy-whitby/deploy-whitby.sh
@@ -0,0 +1,45 @@
+#!/usr/bin/env bash
+set -Ceuo pipefail
+
+HTML_ROOT="${HTML_ROOT:-/var/html/deploys.tvl.fyi}"
+URL_BASE="${URL_BASE:-https://deploys.tvl.fyi/diff}"
+IRCCAT_PORT="${IRCCAT_PORT:-4722}"
+
+drv_hash() {
+    basename "$1" | sed 's/-.*//'
+}
+
+new_rev="$1"
+
+if [ -z "$new_rev" ]; then
+    >&2 echo "Usage: $0 <new_rev>"
+    exit 1
+fi
+
+if [ -d "/tmp/deploy.worktree" ]; then
+    >&2 echo "/tmp/deploy.worktree exists - exiting in case another deploy is currently running"
+    exit 1
+fi
+
+worktree_dir=/tmp/worktree_dir
+
+cleanup() {
+    rm -rf "$worktree_dir"
+}
+trap cleanup EXIT
+
+git clone https://cl.tvl.fyi/depot "$worktree_dir" --reference /depot
+git -C "$worktree_dir" checkout "$new_rev"
+
+current=$(nix show-derivation /run/current-system | jq -r 'keys | .[0]')
+new=$(nix-instantiate -A ops.nixos.whitbySystem "$worktree_dir")
+
+diff_filename="$(drv_hash "$current")..$(drv_hash "$new")"
+nix-diff "$current" "$new" --color always \
+    | ansi2html \
+    >| "$HTML_ROOT/diff/$diff_filename"
+
+echo "#tvl whitby is being deployed! system diff: $URL_BASE/$diff_filename" \
+    | nc -w 5 -N localhost "$IRCCAT_PORT"
+
+# TODO(grfn): Actually do the deploy