feat: caching support

flake.nix

@@ -24,16 +24,15 @@
         system,
         inputs',
         ...
-      }: {
+      }: rec {
         formatter = pkgs.alejandra;
-        devenv.shells = {
-          default = {
-            packages = [pkgs.dive pkgs.skopeo];
+        devenv.shells.default = {
+          containers = pkgs.lib.mkForce {};
+          packages = with pkgs; [dive skopeo];
 
-            pre-commit = {
-              hooks = {
-                alejandra.enable = true;
-              };
+          pre-commit = {
+            hooks = {
+              alejandra.enable = true;
             };
           };
         };
@@ -68,23 +67,75 @@
           };
         };
 
-        packages = {
-          image = pkgs.dockerTools.buildImage {
-            name = "nix-gitlab-ci";
-            fromImage = pkgs.dockerTools.pullImage {
-              imageName = "nixpkgs/nix-flakes";
-              imageDigest = "sha256:d88e521662cb6bf9cef006b79ed6ed1069e297171f3c2585f2b898b30f7c045c";
-              sha256 = "1pcbgxz9c98mfqrzyi14h568dw8vxj1kbgirnwl6vs8wfaamjaaf";
-              finalImageName = "nixpkgs/nix-flakes";
-              finalImageTag = "latest";
+        packages = let
+          setupScript = extra_setup:
+            pkgs.writeShellScriptBin "setup_nix_ci" ''
+              echo -e "\\e[0Ksection_start:`date +%s`:nix_setup[collapsed=true]\\r\\e[0KSetting up Nix CI"
+              nix path-info --all > /tmp/nix-store-before
+              ${extra_setup}
+              export NIX_CONF="
+                extra-trusted-public-keys = $NIX_PUBLIC_KEYS \n
+                extra-trusted-substituters = $NIX_SUBSTITUTERS \n
+                extra-substituters = $NIX_SUBSTITUTERS \n
+                $NIX_EXTRA_CONF
+              "
+              echo -e "\\e[0Ksection_end:`date +%s`:nix_setup\\r\\e[0K"
+
+              echo -e "\\e[0Ksection_start:`date +%s`:nix_deps[collapsed=true]\\r\\e[0KFetching deps for job"
+              nix build .#gitlab-ci-job-deps:$1
+              source $(readlink -f result)
+              echo -e "\\e[0Ksection_end:`date +%s`:nix_deps\\r\\e[0K"
+            '';
+          finalizeScript = push_command:
+            pkgs.writeShellScriptBin "finalize_nix_ci" ''
+              echo -e "\\e[0Ksection_start:`date +%s`:cache_push[collapsed=true]\\r\\e[0KPushing new store paths to cache"
+              nix path-info --all > /tmp/nix-store-after
+              ${pkgs.diffutils}/bin/diff --new-line-format="%L" \
+                --old-line-format="" --unchanged-line-format="" \
+                /tmp/nix-store-before /tmp/nix-store-after | ${push_command}
+              echo -e "\\e[0Ksection_end:`date +%s`:cache_push\\r\\e[0K"
+            '';
+          mkImage = extraPackages:
+            pkgs.dockerTools.buildImage {
+              name = "nix-gitlab-ci";
+              fromImage = pkgs.dockerTools.pullImage {
+                imageName = "nixpkgs/nix-flakes";
+                imageDigest = "sha256:d88e521662cb6bf9cef006b79ed6ed1069e297171f3c2585f2b898b30f7c045c";
+                sha256 = "1pcbgxz9c98mfqrzyi14h568dw8vxj1kbgirnwl6vs8wfaamjaaf";
+                finalImageName = "nixpkgs/nix-flakes";
+                finalImageTag = "latest";
+              };
+              copyToRoot = pkgs.buildEnv {
+                name = "image-root";
+                paths = [pkgs.gitMinimal] ++ extraPackages;
+                pathsToLink = ["/bin"];
+              };
             };
-            copyToRoot = pkgs.buildEnv {
-              name = "image-root";
-              paths = [pkgs.gitMinimal pkgs.cachix inputs'.attic.packages.attic-client];
-              pathsToLink = ["/bin"];
-            };
-          };
+        in {
+          image = mkImage [
+            (setupScript ''
+              echo "No caching configured, to enable caching use the respective container image tag"
+            '')
+            (finalizeScript ''${pkgs.busybox}/bin/wc -l | { read count; echo "No caching configured, not uploading $count new store entries..."; }'')
+          ];
+          image-cachix = mkImage [
+            (setupScript ''
+              echo "Configuring caching with cachix..."
+              ${pkgs.cachix}/bin/cachix use $CACHIX_CACHE || true
+            '')
+            (finalizeScript "${pkgs.cachix}/bin/cachix push $CACHIX_CACHE || true")
+          ];
+          image-attic = mkImage [
+            (setupScript ''
+              echo "Configuring caching with attic..."
+              ${inputs'.attic.packages.attic-client}/bin/attic login --set-default ci "$ATTIC_SERVER" "$ATTIC_TOKEN" || true
+              ${inputs'.attic.packages.attic-client}/bin/attic use "$ATTIC_CACHE" || true
+            '')
+            (finalizeScript "${inputs'.attic.packages.attic-client}/bin/attic push ci:$ATTIC_CACHE || true")
+          ];
         };
+
+        checks = packages;
       };
     };
 
@@ -99,7 +150,7 @@
       inputs.pre-commit-hooks.follows = "pre-commit-hooks";
     };
     pre-commit-hooks.url = "github:cachix/pre-commit-hooks.nix";
-    attic.url = "github:zhaofengli/attic";
+    attic.url = "gitlab:TECHNOFAB/attic";
   };
 
   nixConfig = {