Skip to content

Commit

Permalink
Merge pull request #1196 from flyingcircusio/PL-os-2411update-2024121…
Browse files Browse the repository at this point in the history
…0-update-nixpkgs-2024-12-10

[24.11] update nixpkgs 2024 12 10
  • Loading branch information
osnyx authored Dec 11, 2024
2 parents 2224cbe + 61db1d6 commit 0dcdf86
Show file tree
Hide file tree
Showing 8 changed files with 172 additions and 79 deletions.
46 changes: 46 additions & 0 deletions .github/workflows/update-nixpkgs-cleanup.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
name: update-nixpkgs-cleanup

on:
pull_request:
types:
- closed

jobs:
update-nixpkgs-on-merge:
if: github.event.pull_request.merged == true && startsWith(github.head_ref, 'nixpkgs-auto-update/')
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
repository: flyingcircusio/fc-nixos-release-tools
path: 'release-tools'
- uses: cachix/install-nix-action@v21
with:
# Nix 2.24 breaks flake update
install_url: https://releases.nixos.org/nix/nix-2.18.9/install
- uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: ${{ vars.NIXPKGS_UPDATE_APP_ID }}
private-key: ${{ secrets.NIXPKGS_UPDATE_APP_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- run: |
echo "::add-mask::${{steps.app-token.outputs.token}}"
- name: Get GitHub App User ID
id: get-user-id
run: echo "user-id=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT"
env:
GH_TOKEN: ${{ steps.app-token.outputs.token }}
- run: |
git config --global user.name '${{ steps.app-token.outputs.app-slug }}[bot]'
git config --global user.email '${{ steps.get-user-id.outputs.user-id }}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com>'
- name: build release tooling
run: |
nix build ./release-tools#
- run: |
./result/bin/update-nixpkgs cleanup \
--merged-pr-id ${{ github.event.number }} \
--nixpkgs-dir nixpkgs \
--nixpkgs-origin-url https://x-access-token:${{steps.app-token.outputs.token}}@github.com/flyingcircusio/nixpkgs.git
env:
GH_TOKEN: ${{ steps.app-token.outputs.token }}
19 changes: 19 additions & 0 deletions changelog.d/20241204_152719_PL-133100-update-nixpkgs_scriv.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
<!--
A new changelog entry.
Delete placeholder items that do not apply. Empty sections will be removed
automatically during release.
Leave the XX.XX as is: this is a placeholder and will be automatically filled
correctly during the release and helps when backporting over multiple platform
branches.
-->

### Impact


### NixOS XX.XX platform

- Internal: Introduce automatic nixpkgs update workflow (PL-133100)
20 changes: 10 additions & 10 deletions flake.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

17 changes: 15 additions & 2 deletions flake.nix
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,19 @@
};
};

apps.buildVersionsJson = {
type = "app";
program = "${pkgs.writeShellScript "update-versions-json" ''
jq < $(nix build .#versionsJson --print-out-paths) > release/versions.json
''}";
};
apps.buildPackageVersionsJson = {
type = "app";
program = "${pkgs.writeShellScript "update-package-versions-json" ''
jq < $(nix build .#packageVersions --print-out-paths) > release/package-versions.json
''}";
};

packages = {
# These are packages that work on all systems.
# Also see release/flake-part-linux-only-packages.nix
Expand Down Expand Up @@ -153,11 +166,11 @@
# only build this script on Linux. It just produces an error
# message on Non-Linux because packageVersions is missing.
build_package_versions_json.exec = ''
jq < $(nix build .#packageVersions --print-out-paths) > release/package-versions.json
nix run .#buildPackageVersionsJson
'';

build_versions_json.exec = ''
jq < $(nix build .#versionsJson --print-out-paths) > release/versions.json
nix run .#buildVersionsJson
'';

build_channels_dir.exec = ''
Expand Down
11 changes: 10 additions & 1 deletion nixos/roles/webproxy.nix
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,16 @@ in
};
varnish_http = {
notification = "varnish port 8008 HTTP response";
command = "check_http -H localhost -p 8008 -c 10 -w 3 -t 20 -e HTTP";
command = "${pkgs.writeShellScript "check-varnish-http" ''
ADDRS=$(${cfg.package}/bin/varnishadm debug.listen_address | awk '/([0-9.]+\.)+/ { print $2":"$3; }')
for ADDR in $ADDRS; do
host=$(echo $ADDR | cut -d ":" -f 1)
port=$(echo $ADDR | cut -d ":" -f 2)
echo "checking host '$host' on port '$port'"
${pkgs.monitoring-plugins}/bin/check_http -H $host -p $port -c 10 -w 3 -t 20 -e HTTP
done
''}";
};
};

Expand Down
6 changes: 6 additions & 0 deletions nixos/services/varnish/default.nix
Original file line number Diff line number Diff line change
Expand Up @@ -120,6 +120,12 @@ in {
http_address = mkOption {
type = types.str;
default = "*:8008";
description = ''
The http address for the varnish service to listen on.
Unix sockets can technically be used for varnish, but are not currently supported on the FCIO platform due to monitoring constraints.
Multiple addressess can be specified in a comma-separated fashion in the form of `address[:port][,address[:port][...]`.
See `varnishd(1)` for details.
'';
};
virtualHosts = mkOption {
type = types.attrsOf (types.submodule ({ name, config, ... }: {
Expand Down
Loading

0 comments on commit 0dcdf86

Please sign in to comment.