about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--nix/buildkite/default.nix165
-rw-r--r--ops/pipelines/depot.nix122
2 files changed, 172 insertions, 115 deletions
diff --git a/nix/buildkite/default.nix b/nix/buildkite/default.nix
new file mode 100644
index 000000000000..09fe0a741e41
--- /dev/null
+++ b/nix/buildkite/default.nix
@@ -0,0 +1,165 @@
+# Logic for generating Buildkite pipelines from Nix build targets read
+# by //nix/readTree.
+#
+# It outputs a "YAML" (actually JSON) file which is evaluated and
+# submitted to Buildkite at the start of each build.
+#
+# The structure of the file that is being created is documented here:
+#   https://buildkite.com/docs/pipelines/defining-steps
+{ pkgs, ... }:
+
+let
+  inherit (builtins)
+    attrValues
+    concatMap
+    concatStringsSep
+    filter
+    foldl'
+    length
+    mapAttrs
+    toJSON;
+
+  inherit (pkgs) lib runCommandNoCC writeText;
+in rec {
+  # Creates a Nix expression that yields the target at the specified
+  # location in the repository.
+  #
+  # This makes a distinction between normal targets (which physically
+  # exist in the repository) and subtargets (which are "virtual"
+  # targets exposed by a physical one) to make it clear in the build
+  # output which is which.
+  mkBuildExpr = target:
+    let
+      descend = expr: attr: "builtins.getAttr \"${attr}\" (${expr})";
+      targetExpr = foldl' descend "import ./. {}" target.__readTree;
+      subtargetExpr = descend targetExpr target.__subtarget;
+    in if target ? __subtarget then subtargetExpr else targetExpr;
+
+  # Create a pipeline label from the target's tree location.
+  mkLabel = target:
+    let label = concatStringsSep "/" target.__readTree;
+    in if target ? __subtarget
+      then "${label}:${target.__subtarget}"
+      else label;
+
+  # Skip build steps if their out path has already been built.
+  skip = headBranch: target: let
+    shouldSkip = with builtins;
+      # Only skip in real Buildkite builds
+      (getEnv "BUILDKITE_BUILD_ID" != "") &&
+      # Always build everything for the canon branch.
+      (getEnv "BUILDKITE_BRANCH" != headBranch) &&
+      # Discard string context to avoid realising the store path during
+      # pipeline construction.
+      (pathExists (unsafeDiscardStringContext target.outPath));
+    in if shouldSkip then "Target was already built." else false;
+
+  # Create a pipeline step from a single target.
+  mkStep = headBranch: skipIfBuilt: target: {
+    label = ":nix: ${mkLabel target}";
+    skip = if skipIfBuilt then skip headBranch target else false;
+
+    command = let
+      drvPath = builtins.unsafeDiscardStringContext target.drvPath;
+    in concatStringsSep " " [
+      # First try to realise the drvPath of the target so we don't evaluate twice.
+      # Nix has no concept of depending on a derivation file without depending on
+      # at least one of its `outPath`s, so we need to discard the string context
+      # if we don't want to build everything during pipeline construction.
+      "nix-store --realise '${drvPath}'"
+      # Since we don't gcroot the derivation files, they may be deleted by the
+      # garbage collector. In that case we can reevaluate and build the attribute
+      # using nix-build.
+      "|| (test ! -f '${drvPath}' && nix-build -E '${mkBuildExpr target}' --show-trace)"
+    ];
+
+    # Add a dependency on the initial static pipeline step which
+    # always runs. This allows build steps uploaded in batches to
+    # start running before all batches have been uploaded.
+    depends_on = ":init:";
+  };
+
+  # Helper function to inelegantly divide a list into chunks of at
+  # most n elements.
+  #
+  # This works by assigning each element a chunk ID based on its
+  # index, and then grouping all elements by their chunk ID.
+  chunksOf = n: list: let
+    chunkId = idx: toString (idx / n + 1);
+    assigned = lib.imap1 (idx: value: { inherit value ; chunk = chunkId idx; }) list;
+    unchunk = mapAttrs (_: elements: map (e: e.value) elements);
+  in unchunk (lib.groupBy (e: e.chunk) assigned);
+
+  # Define a build pipeline chunk as a JSON file, using the pipeline
+  # format documented on
+  # https://buildkite.com/docs/pipelines/defining-steps.
+  makePipelineChunk = chunkId: chunk: rec {
+    filename = "chunk-${chunkId}.json";
+    path = writeText filename (toJSON {
+      steps = chunk;
+    });
+  };
+
+  # Split the pipeline into chunks of at most 256 steps at once, which
+  # are uploaded sequentially. This is because of a limitation in the
+  # Buildkite backend which struggles to process more than a specific
+  # number of chunks at once.
+  pipelineChunks = steps:
+    attrValues (mapAttrs makePipelineChunk (chunksOf 256 steps));
+
+  # Create a pipeline structure for the given targets.
+  mkPipeline = {
+    # HEAD branch of the repository on which release steps, GC
+    # anchoring and other "mainline only" steps should run.
+    headBranch,
+
+    # List of derivations as read by readTree (in most cases just the
+    # output of readTree.gather) that should be built in Buildkite.
+    #
+    # These are scheduled as the first build steps and run as fast as
+    # possible, in order, without any concurrency restrictions.
+    drvTargets,
+
+    # Should build steps be skipped (on non-HEAD builds) if the output
+    # path has already been built?
+    skipIfBuilt ? false,
+
+    # A list of plain Buildkite step structures to run alongside the
+    # build for all drvTargets, but before proceeding with any
+    # post-build actions such as status reporting.
+    #
+    # Can be used for things like code formatting checks.
+    additionalSteps ? [],
+
+    # A list of plain Buildkite step structures to run after all
+    # previous steps succeeded.
+    #
+    # Can be used for status reporting steps and the like.
+    postBuildSteps ? []
+  }: let
+    mkStep' = mkStep headBranch skipIfBuilt;
+    steps =
+      # Add build steps for each derivation target.
+      (map mkStep' drvTargets)
+
+      # Add additional steps (if set).
+      ++ additionalSteps
+
+      # Wait for all previous checks to complete
+      ++ [({
+        wait = null;
+        continue_on_failure = true;
+      })]
+
+      # Run post-build steps for status reporting and co.
+      ++ postBuildSteps;
+    chunks = pipelineChunks steps;
+  in runCommandNoCC "buildkite-pipeline" {} ''
+    mkdir $out
+    echo "Generated ${toString (length chunks)} pipeline chunks"
+    ${
+      lib.concatMapStringsSep "\n"
+        (chunk: "cp ${chunk.path} $out/${chunk.filename}") chunks
+    }
+  '';
+}
diff --git a/ops/pipelines/depot.nix b/ops/pipelines/depot.nix
index 5843423d05fa..63b1bc067a91 100644
--- a/ops/pipelines/depot.nix
+++ b/ops/pipelines/depot.nix
@@ -1,80 +1,8 @@
 # This file configures the primary build pipeline used for the
 # top-level list of depot targets.
-#
-# It outputs a "YAML" (actually JSON) file which is evaluated and
-# submitted to Buildkite at the start of each build. This means we can
-# dynamically configure the pipeline execution here.
-{ depot, lib, pkgs, ... }:
+{ depot, ... }:
 
 let
-  inherit (builtins)
-    attrValues
-    concatStringsSep
-    foldl'
-    length
-    map
-    mapAttrs
-    toJSON;
-
-  inherit (pkgs) runCommandNoCC symlinkJoin writeText;
-
-  # Create an expression that builds the target at the specified
-  # location.
-  mkBuildExpr = target:
-    let
-      descend = expr: attr: "builtins.getAttr \"${attr}\" (${expr})";
-      targetExpr = foldl' descend "import ./. {}" target.__readTree;
-      subtargetExpr = descend targetExpr target.__subtarget;
-    in if target ? __subtarget then subtargetExpr else targetExpr;
-
-  # Create a pipeline label from the targets tree location.
-  mkLabel = target:
-    let label = concatStringsSep "/" target.__readTree;
-    in if target ? __subtarget
-      then "${label}:${target.__subtarget}"
-      else label;
-
-  # Create a pipeline step from a single target.
-  mkStep = target: {
-    command = let
-      drvPath = builtins.unsafeDiscardStringContext target.drvPath;
-    in lib.concatStringsSep " " [
-      # First try to realise the drvPath of the target so we don't evaluate twice.
-      # Nix has no concept of depending on a derivation file without depending on
-      # at least one of its `outPath`s, so we need to discard the string context
-      # if we don't want to build everything during pipeline construction.
-      "nix-store --realise '${drvPath}'"
-      # Since we don't gcroot the derivation files, they may be deleted by the
-      # garbage collector. In that case we can reevaluate and build the attribute
-      # using nix-build.
-      "|| (test ! -f '${drvPath}' && nix-build -E '${mkBuildExpr target}' --show-trace)"
-    ];
-    label = ":nix: ${mkLabel target}";
-
-    # Skip build steps if their out path has already been built.
-    skip = let
-      shouldSkip = with builtins;
-        # Only skip in real Buildkite builds
-        (getEnv "BUILDKITE_BUILD_ID" != "") &&
-        # Always build everything for the canon branch.
-        (getEnv "BUILDKITE_BRANCH" != "refs/heads/canon") &&
-        # Discard string context to avoid realising the store path during
-        # pipeline construction.
-        (pathExists (unsafeDiscardStringContext target.outPath));
-      in if shouldSkip then "Target was already built." else false;
-
-    # Add a "fake" dependency on the initial static pipeline step. When
-    # uploading a pipeline dynamically, an implicit dependency on the uploading
-    # step is added to all newly created build steps. Since we are uploading in
-    # batches this stops the jobs in the first batch from running before all
-    # batches have been uploaded.
-    #
-    # By setting an explicit dependency on a step that has always completed at
-    # this point, we override that behaviour and allow the steps to start
-    # running already.
-    depends_on = ":init:";
-  };
-
   # Protobuf check step which validates that changes to .proto files
   # between revisions don't cause backwards-incompatible or otherwise
   # flawed changes.
@@ -82,45 +10,9 @@ let
     command = "${depot.nix.bufCheck}/bin/ci-buf-check";
     label = ":water_buffalo:";
   };
-
-  # All pipeline steps before batching them into smaller chunks.
-  allSteps =
-    # Create build steps for each CI target
-    (map mkStep depot.ci.targets)
-
-    ++ [
-      # Simultaneously run protobuf checks
-      protoCheck
-    ];
-
-  # Helper function to inelegantly divide a list into chunks of at
-  # most n elements.
-  #
-  # This works by assigning each element a chunk ID based on its
-  # index, and then grouping all elements by their chunk ID.
-  chunksOf = n: list: let
-    chunkId = idx: toString (idx / n + 1);
-    assigned = lib.imap1 (idx: value: { inherit value ; chunk = chunkId idx; }) list;
-    unchunk = mapAttrs (_: elements: map (e: e.value) elements);
-  in unchunk (lib.groupBy (e: e.chunk) assigned);
-
-  # Define a build pipeline chunk as a JSON file, using the pipeline
-  # format documented on
-  # https://buildkite.com/docs/pipelines/defining-steps.
-  makePipelineChunk = chunkId: chunk: rec {
-    filename = "chunk-${chunkId}.json";
-    path = writeText filename (toJSON {
-      steps = chunk;
-    });
-  };
-
-  pipelineChunks = attrValues (mapAttrs makePipelineChunk (chunksOf 256 allSteps));
-
-in runCommandNoCC "depot-pipeline" {} ''
-  mkdir $out
-  echo "Generated ${toString (length pipelineChunks)} pipeline chunks"
-  ${
-    lib.concatMapStringsSep "\n"
-      (chunk: "cp ${chunk.path} $out/${chunk.filename}") pipelineChunks
-  }
-''
+in depot.nix.buildkite.mkPipeline {
+  headBranch = "refs/heads/canon";
+  drvTargets = depot.ci.targets;
+  skipIfBuilt = true;
+  additionalSteps = [ protoCheck ];
+}