diff options
Diffstat (limited to 'ops/pipelines/depot.nix')
-rw-r--r-- | ops/pipelines/depot.nix | 111 |
1 files changed, 33 insertions, 78 deletions
diff --git a/ops/pipelines/depot.nix b/ops/pipelines/depot.nix index ec7fb81327..5eff622671 100644 --- a/ops/pipelines/depot.nix +++ b/ops/pipelines/depot.nix @@ -1,85 +1,40 @@ # This file configures the primary build pipeline used for the # top-level list of depot targets. -# -# It outputs a "YAML" (actually JSON) file which is evaluated and -# submitted to Buildkite at the start of each build. This means we can -# dynamically configure the pipeline execution here. -{ depot, lib, pkgs, ... }: +{ depot, pkgs, externalArgs, ... }: let - inherit (builtins) concatStringsSep foldl' map toJSON; - inherit (lib) singleton; - inherit (pkgs) writeText; - - # Create an expression that builds the target at the specified - # location. - mkBuildExpr = target: - let - descend = expr: attr: "builtins.getAttr \"${attr}\" (${expr})"; - targetExpr = foldl' descend "import ./. {}" target.__readTree; - subtargetExpr = descend targetExpr target.__subtarget; - in if target ? __subtarget then subtargetExpr else targetExpr; - - # Create a pipeline label from the targets tree location. - mkLabel = target: - let label = concatStringsSep "/" target.__readTree; - in if target ? __subtarget - then "${label}:${target.__subtarget}" - else label; - - # Create a pipeline step from a single target. - # - # If the build fails, Buildkite metadata is updated to mark the - # pipeline as failed. Buildkite has a concept of a failed pipeline - # regardless, but this data is not accessible. - mkStep = target: { - command = '' - nix-build -E '${mkBuildExpr target}' || (buildkite-agent meta-data set "failure" "1"; exit 1) - ''; - label = ":nix: ${mkLabel target}"; - }; - - # Protobuf check step which validates that changes to .proto files - # between revisions don't cause backwards-incompatible or otherwise - # flawed changes. - protoCheck = { - command = "${depot.nix.bufCheck}/bin/ci-buf-check"; - label = ":water_buffalo:"; - }; - - # This defines the build pipeline, using the pipeline format - # documented on https://buildkite.com/docs/pipelines/defining-steps - # - # Pipeline steps need to stay in order. - pipeline.steps = - # Zero the failure status - [ + pipeline = depot.nix.buildkite.mkPipeline { + headBranch = "refs/heads/canon"; + drvTargets = depot.ci.targets; + + parentTargetMap = + if (externalArgs ? parentTargetMap) + then builtins.fromJSON (builtins.readFile externalArgs.parentTargetMap) + else { }; + + postBuildSteps = [ + # After successful builds, create a gcroot for builds on canon. + # + # This anchors *most* of the depot, in practice it's unimportant + # if there is a build race and we get +-1 of the targets. + # + # Unfortunately this requires a third evaluation of the graph, but + # since it happens after :duck: it should not affect the timing of + # status reporting back to Gerrit. { - command = "buildkite-agent meta-data set 'failure' '0'"; - label = ":buildkite:"; + label = ":anchor:"; + branches = "refs/heads/canon"; + command = '' + nix-build -A ci.gcroot --out-link /nix/var/nix/gcroots/depot/canon + ''; } - { wait = null; } - ] - - # Create build steps for each CI target - ++ (map mkStep depot.ci.targets) - - ++ [ - # Simultaneously run protobuf checks - protoCheck - - # Wait for all previous checks to complete - ({ - wait = null; - continue_on_failure = true; - }) - - # Wait for all steps to complete, then exit with success or - # failure depending on whether any failure status was written. - # This step must be :duck:! (yes, really!) - ({ - command = "exit $(buildkite-agent meta-data get 'failure')"; - label = ":duck:"; - }) ]; -in (writeText "depot.yaml" (toJSON pipeline)) + }; + + drvmap = depot.nix.buildkite.mkDrvmap depot.ci.targets; +in +pkgs.runCommand "depot-pipeline" { } '' + mkdir $out + cp -r ${pipeline}/* $out + cp ${drvmap} $out/drvmap.json +'' |