technofab/kubenix
1
0
Fork 0
mirror of https://github.com/TECHNOFAB11/kubenix.git synced 2025-12-12 16:10:05 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

enhance nix-shell and add CI

Browse source
This commit is contained in:
GTrunSec 2021-05-13 01:18:12 -07:00 committed by David Arnold
parent ffaa63af55
commit c3fa598922
7 changed files with 99 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.envrc Normal file
View file

@ -0,0 +1,2 @@
watch_file devshell.toml flake.nix
use flake || use nix

19
.github/workflows/nix-flake.yml vendored Normal file
View file

@ -0,0 +1,19 @@
name: CI
on:
pull_request:
push:
jobs:
tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2.3.4
- uses: cachix/install-nix-action@v13
with:
install_url: https://github.com/numtide/nix-flakes-installer/releases/download/nix-2.4pre20210429_d15a196/install
- run: echo "experimental-features = nix-command flakes" | sudo tee -a /etc/nix/nix.conf
- name: Run Nix Flake Check
run: nix flake check
- name: Check Nix parsing
run: nix-shell --command "evalnix"

3
.travis.yml
View file

@ -1,3 +0,0 @@
language: nix
script:
- nix eval -f ./ci.nix --arg release.e2e false test-check

33
flake.lock generated
View file

@ -1,5 +1,36 @@
{
"nodes": {
"devshell-flake": {
"locked": {
"lastModified": 1620641550,
"narHash": "sha256-o359KdI/LNiPL6EbirONff2MOvZHtZr9MgYx3R9oVFk=",
"owner": "numtide",
"repo": "devshell",
"rev": "a47493423092f6c4c0a7eb605a7cd515a77db4a8",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "devshell",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1606424373,
"narHash": "sha256-oq8d4//CJOrVj+EcOaSXvMebvuTkmBJuT5tzlfewUnQ=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "99f1c2157fba4bfe6211a321fd0ee43199025dbf",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"locked": {
"lastModified": 1605370193,
@ -32,6 +63,8 @@
},
"root": {
"inputs": {
"devshell-flake": "devshell-flake",
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs"
}

21
flake.nix
View file

@ -4,10 +4,12 @@
inputs = {
flake-utils.url = "github:numtide/flake-utils";
nixpkgs.url = "github:NixOS/nixpkgs";
devshell-flake.url = "github:numtide/devshell";
flake-compat = { url = "github:edolstra/flake-compat"; flake = false; };
};
outputs = { self, nixpkgs, flake-utils }:
{ nixosModules = import ./modules; }
outputs = { self, nixpkgs, flake-utils, devshell-flake, flake-compat }:
{ modules = import ./modules; }
//
(flake-utils.lib.eachDefaultSystem
(system:
@ -16,12 +18,20 @@
inherit system;
overlays = [
self.overlay
devshell-flake.overlay
];
config = { };
config = {
allowUnsupportedSystem = true;
};
};
in
rec {
devShell = import ./shell.nix { inherit system pkgs; };
devShell = with pkgs; devshell.mkShell
{
imports = [
(devshell.importTOML ./devshell.toml)
];
};
packages = flake-utils.lib.flattenTree {
inherit (pkgs)
@ -41,7 +51,8 @@
nixosPath = "${nixpkgs}/nixos";
};
# up to date versions of their nixpkgs equivalents
kubernetes = prev.callPackage ./pkgs/applications/networking/cluster/kubernetes { };
kubernetes = prev.callPackage ./pkgs/applications/networking/cluster/kubernetes
{ };
kubectl = prev.callPackage ./pkgs/applications/networking/cluster/kubectl { };
};
};

32
modules/testing/runtime/nixos-k8s.nix
View file

@ -1,7 +1,6 @@
# nixos-k8s implements nixos kubernetes testing runtime
{
nixosPath
{ nixosPath
, config
, pkgs
, lib
@ -16,12 +15,12 @@ let
kubeconfig = "/etc/${config.services.kubernetes.pki.etcClusterAdminKubeconfig}";
# how we differ from the standard configuration of mkKubernetesBaseTest
extraConfiguration = { config, pkgs, lib, nodes, ...}: {
extraConfiguration = { config, pkgs, lib, nodes, ... }: {
virtualisation.memorySize = mkDefault 2048;
networking = {
nameservers = ["10.0.0.254"];
nameservers = [ "10.0.0.254" ];
firewall = {
trustedInterfaces = ["docker0" "cni0"];
trustedInterfaces = [ "docker0" "cni0" ];
};
};
services.kubernetes = {
@ -45,16 +44,17 @@ let
}];
};
}];
};
systemd.extraConfig = "DefaultLimitNOFILE=1048576";
systemd.services.copy-certs = {
description = "Share k8s certificates with host";
script = "cp -rf /var/lib/kubernetes/secrets /tmp/xchg/";
after = [ "kubernetes.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
systemd.extraConfig = "DefaultLimitNOFILE=1048576";
systemd.services.copy-certs = {
description = "Share k8s certificates with host";
script = "cp -rf /var/lib/kubernetes/secrets /tmp/xchg/";
after = [ "kubernetes.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
};
};
};
@ -70,7 +70,7 @@ let
inherit (config) name;
test = script;
};
in
{

30
shell.nix
View file

@ -1,17 +1,13 @@
{
system ? builtins.currentSystem,
pkgs,
}:
let
devshellGitRev = "709fe4d04a9101c9d224ad83f73416dce71baf21";
devshellSrc = fetchTarball {
url = "https://github.com/numtide/devshell/archive/${devshellGitRev}.tar.gz";
sha256 = "1px9cqfshfqs1b7ypyxch3s3ymr4xgycy1krrcg7b97rmmszvsqr";
};
devshell = import devshellSrc { inherit system pkgs; };
in
devshell.fromTOML ./devshell.toml
(import
(
let
lock = builtins.fromJSON (builtins.readFile ./flake.lock);
in
fetchTarball {
url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
sha256 = lock.nodes.flake-compat.locked.narHash;
}
)
{
src = ./.;
}).shellNix