Merge pull request #56 from input-output-hk/rvl/buildkite-update-scripts

rvl · web-flow · commit 1251129aa428 · 2019-03-20T12:44:31.000+10:00
Add Buildkite pipeline for updating hackage.nix and stackage.nix
diff --git a/.buildkite/updates.yml b/.buildkite/updates.yml
@@ -0,0 +1,16 @@
+steps:
+  - label: 'Update hackage.nix'
+    command:
+      - nix-build -I nixpkgs=channel:nixos-18.09 -A maintainer-scripts.update-hackage -o update-hackage.sh
+      - echo "+++ Updating hackage.nix"
+      - ./update-hackage.sh
+    agents:
+      system: x86_64-linux
+
+  - label: 'Update stackage.nix'
+    command:
+      - nix-build -I nixpkgs=channel:nixos-18.09 -A maintainer-scripts.update-stackage -o update-stackage.sh
+      - echo "+++ Updating stackage.nix"
+      - ./update-stackage.sh
+    agents:
+      system: x86_64-linux
diff --git a/nix-tools/nix-tools-src.json b/nix-tools/nix-tools-src.json
@@ -1,7 +1,7 @@
 {
   "url": "https://github.com/input-output-hk/nix-tools",
-  "rev": "232e4fde7f942ef234b649144016d5da0f7e2745",
-  "date": "2019-02-11T12:59:38+08:00",
-  "sha256": "1nrm9vcq443isk09z1fmlp8zxnw9p3cx95zbda29s5mky17ky2c0",
+  "rev": "38bf6fd0adef4d22fe06def521f5d793c081f6ed",
+  "date": "2019-03-20T12:40:31+10:00",
+  "sha256": "0y8xap5cvc9rssjjvlgv6lyi8ixpxnq675r3gkz2ix7hrsgk8989",
   "fetchSubmodules": false
 }
diff --git a/scripts/update-external.nix b/scripts/update-external.nix
@@ -1,26 +1,46 @@
-{ stdenv, writeScript, glibc, coreutils, git, nix-tools, cabal-install, nix-prefetch-git }:
+{ stdenv, writeScript, glibc, coreutils, git, openssh
+, nix-tools, cabal-install, nix-prefetch-git }:
 
 { name, script }:
 
 with stdenv.lib;
 
-writeScript "update-${name}-nix.sh" ''
-  #!${stdenv.shell}
+let
+  repoHTTPS = "https://github.com/input-output-hk/${name}.nix.git";
+  repoSSH = "git@github.com:input-output-hk/${name}.nix.git";
+  sshKey = "/run/keys/buildkite-${name}-ssh-private";
+in
+  writeScript "update-${name}-nix.sh" ''
+    #!${stdenv.shell}
 
-  set -euo pipefail
+    set -euo pipefail
 
-  export PATH="${makeBinPath [ coreutils glibc git nix-tools cabal-install nix-prefetch-git ]}"
+    export PATH="${makeBinPath [ coreutils glibc git openssh nix-tools cabal-install nix-prefetch-git ]}"
 
-  ${script}
+    ${script}
 
-  git add .
-  git commit --allow-empty -m "Automatic update for $(date)"
+    echo "Committing changes..."
+    export GIT_COMMITTER_NAME="IOHK"
+    export GIT_COMMITTER_EMAIL="devops+nix-tools@iohk.io"
+    export GIT_AUTHOR_NAME="$GIT_COMMITTER_NAME"
+    export GIT_AUTHOR_EMAIL="$GIT_COMMITTER_EMAIL"
+    git add .
+    git commit --allow-empty --message "Automatic update for $(date)"
 
-  rev=$(git rev-parse HEAD)
+    rev=$(git rev-parse HEAD)
 
-  git push
+    if [ -e ${sshKey} ]
+    then
+      echo "Authenticating using SSH with ${sshKey}"
+      export GIT_SSH_COMMAND="ssh -i ${sshKey} -F /dev/null"
+    else
+      echo "There is no SSH key at ${sshKey}"
+      echo "Git push may not work."
+    fi
 
-  cd ..
+    git push ${repoSSH}
 
-  nix-prefetch-git https://github.com/input-output-hk/${name}.nix.git --rev "$rev" | tee ${name}-src.json
-''
+    cd ..
+
+    nix-prefetch-git ${repoHTTPS} --rev "$rev" | tee ${name}-src.json
+  ''
diff --git a/scripts/update-hackage.nix b/scripts/update-hackage.nix
@@ -1,11 +1,8 @@
-{ stdenv, writeScript, coreutils, glibc, git, nix-tools, cabal-install, nix-prefetch-git }@args:
+{ stdenv, writeScript, coreutils, glibc, git, openssh, nix-tools, cabal-install, nix-prefetch-git }@args:
 
 import ./update-external.nix args {
   name = "hackage";
   script = ''
-    # Make sure the hackage index is recent.
-    cabal new-update
-
     # Clone or update the Hackage Nix expressions repo.
     if [ -d hackage.nix ]; then
       cd hackage.nix
@@ -15,6 +12,10 @@ import ./update-external.nix args {
       git clone git@github.com:input-output-hk/hackage.nix.git
     fi
 
+    # Make sure the hackage index is recent.
+    echo "Updating local hackage index..."
+    cabal update
+
     echo "Running hackage-to-nix..."
 
     hackage-to-nix hackage.nix
diff --git a/scripts/update-stackage.nix b/scripts/update-stackage.nix
@@ -1,4 +1,4 @@
-{ stdenv, writeScript, coreutils, glibc, git, nix-tools, cabal-install, nix-prefetch-git }@args:
+{ stdenv, writeScript, coreutils, glibc, git, openssh, nix-tools, cabal-install, nix-prefetch-git }@args:
 
 import ./update-external.nix args {
   name = "stackage";

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"url": "https://github.com/input-output-hk/nix-tools",`
`3`		`- "rev": "232e4fde7f942ef234b649144016d5da0f7e2745",`
`4`		`- "date": "2019-02-11T12:59:38+08:00",`
`5`		`- "sha256": "1nrm9vcq443isk09z1fmlp8zxnw9p3cx95zbda29s5mky17ky2c0",`
	`3`	`+ "rev": "38bf6fd0adef4d22fe06def521f5d793c081f6ed",`
	`4`	`+ "date": "2019-03-20T12:40:31+10:00",`
	`5`	`+ "sha256": "0y8xap5cvc9rssjjvlgv6lyi8ixpxnq675r3gkz2ix7hrsgk8989",`
`6`	`6`	`"fetchSubmodules": false`
`7`	`7`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-{ stdenv, writeScript, coreutils, glibc, git, nix-tools, cabal-install, nix-prefetch-git }@args:`
	`1`	`+{ stdenv, writeScript, coreutils, glibc, git, openssh, nix-tools, cabal-install, nix-prefetch-git }@args:`
`2`	`2`
`3`	`3`	`import ./update-external.nix args {`
`4`	`4`	`name = "stackage";`