diff options
author | Alyssa Ross <hi@alyssa.is> | 2022-05-31 09:59:33 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2022-05-31 09:59:57 +0000 |
commit | 9ff36293d1e428cd7bf03e8d4b03611b6d361c28 (patch) | |
tree | 1ab51a42b868c55b83f6ccdb80371b9888739dd9 /pkgs/development/tools/continuous-integration/github-runner/default.nix | |
parent | 1c4fcd0d4b0541e674ee56ace1053e23e562cc80 (diff) | |
parent | ddc3c396a51918043bb0faa6f676abd9562be62c (diff) | |
download | nixpkgs-archive.tar nixpkgs-archive.tar.gz nixpkgs-archive.tar.bz2 nixpkgs-archive.tar.lz nixpkgs-archive.tar.xz nixpkgs-archive.tar.zst nixpkgs-archive.zip |
Last good Nixpkgs for Weston+nouveau? archive
I came this commit hash to terwiz[m] on IRC, who is trying to figure out what the last version of Spectrum that worked on their NUC with Nvidia graphics is.
Diffstat (limited to 'pkgs/development/tools/continuous-integration/github-runner/default.nix')
-rw-r--r-- | pkgs/development/tools/continuous-integration/github-runner/default.nix | 334 |
1 files changed, 334 insertions, 0 deletions
diff --git a/pkgs/development/tools/continuous-integration/github-runner/default.nix b/pkgs/development/tools/continuous-integration/github-runner/default.nix new file mode 100644 index 00000000000..c8513d004af --- /dev/null +++ b/pkgs/development/tools/continuous-integration/github-runner/default.nix @@ -0,0 +1,334 @@ +{ autoPatchelfHook +, coreutils +, curl +, dotnetCorePackages +, dotnetPackages +, fetchFromGitHub +, fetchurl +, git +, glibc +, icu +, libkrb5 +, lib +, linkFarmFromDrvs +, lttng-ust +, makeWrapper +, nodejs-12_x +, nodejs-16_x +, openssl +, stdenv +, zlib +, writeShellApplication +, nuget-to-nix +}: +let + nugetSource = linkFarmFromDrvs "nuget-packages" ( + import ./deps.nix { + fetchNuGet = { pname, version, sha256 }: fetchurl { + name = "${pname}.${version}.nupkg"; + url = "https://www.nuget.org/api/v2/package/${pname}/${version}"; + inherit sha256; + }; + } + ); + + dotnetSdk = dotnetCorePackages.sdk_6_0; + # Map Nix systems to .NET runtime ids + runtimeIds = { + "x86_64-linux" = "linux-x64"; + "aarch64-linux" = "linux-arm64"; + }; + runtimeId = runtimeIds.${stdenv.system}; + fakeSha1 = "0000000000000000000000000000000000000000"; +in +stdenv.mkDerivation rec { + pname = "github-runner"; + version = "2.289.1"; + + src = fetchFromGitHub { + owner = "actions"; + repo = "runner"; + rev = "v${version}"; + hash = "sha256-5TS/tW1hnDvPZQdR659rw+spLq98niyUms3BrixaKRE="; + }; + + nativeBuildInputs = [ + dotnetSdk + dotnetPackages.Nuget + makeWrapper + autoPatchelfHook + ]; + + buildInputs = [ + curl # libcurl.so.4 + libkrb5 # libgssapi_krb5.so.2 + lttng-ust # liblttng-ust.so.0 + stdenv.cc.cc.lib # libstdc++.so.6 + zlib # libz.so.1 + icu + ]; + + patches = [ + # Don't run Git, no restore on build/test + ./patches/dir-proj.patch + # Replace some paths that originally point to Nix's read-only store + ./patches/host-context-dirs.patch + # Use GetDirectory() to obtain "diag" dir + ./patches/use-get-directory-for-diag.patch + # Don't try to install systemd service + ./patches/dont-install-systemd-service.patch + ]; + + postPatch = '' + # Relax the version requirement + substituteInPlace src/global.json \ + --replace '6.0.100' '${dotnetSdk.version}' + + # Disable specific tests + substituteInPlace src/dir.proj \ + --replace 'dotnet test Test/Test.csproj' \ + "dotnet test Test/Test.csproj --filter '${lib.concatStringsSep "&" (map (x: "FullyQualifiedName!=${x}") disabledTests)}'" + + # We don't use a Git checkout + substituteInPlace src/dir.proj \ + --replace 'git update-index --assume-unchanged ./Runner.Sdk/BuildConstants.cs' \ + 'echo Patched out.' + + # Fix FHS path + substituteInPlace src/Test/L0/Util/IOUtilL0.cs \ + --replace '/bin/ln' '${coreutils}/bin/ln' + ''; + + configurePhase = '' + runHook preConfigure + + # Never use nuget.org + nuget sources Disable -Name "nuget.org" + + # Restore the dependencies + dotnet restore src/ActionsRunner.sln \ + --runtime "${runtimeId}" \ + --source "${nugetSource}" + + runHook postConfigure + ''; + + buildPhase = '' + runHook preBuild + + dotnet msbuild \ + -t:Build \ + -p:PackageRuntime="${runtimeId}" \ + -p:BUILDCONFIG="Release" \ + -p:RunnerVersion="${version}" \ + -p:GitInfoCommitHash="${fakeSha1}" \ + src/dir.proj + + runHook postBuild + ''; + + doCheck = true; + + # Fully qualified name of disabled tests + disabledTests = + [ "GitHub.Runner.Common.Tests.Listener.SelfUpdaterL0.TestSelfUpdateAsync" ] + ++ map (x: "GitHub.Runner.Common.Tests.Listener.SelfUpdaterL0.TestSelfUpdateAsync_${x}") [ + "Cancel_CloneHashTask_WhenNotNeeded" + "CloneHash_RuntimeAndExternals" + "DownloadRetry" + "FallbackToFullPackage" + "NoUpdateOnOldVersion" + "NotUseExternalsRuntimeTrimmedPackageOnHashMismatch" + "UseExternalsRuntimeTrimmedPackage" + "UseExternalsTrimmedPackage" + "ValidateHash" + ] + ++ map (x: "GitHub.Runner.Common.Tests.Worker.ActionManagerL0.PrepareActions_${x}") [ + "CompositeActionWithActionfile_CompositeContainerNested" + "CompositeActionWithActionfile_CompositePrestepNested" + "CompositeActionWithActionfile_MaxLimit" + "CompositeActionWithActionfile_Node" + "DownloadActionFromGraph" + "DownloadActionFromGraph_Legacy" + "NotPullOrBuildImagesMultipleTimes" + "NotPullOrBuildImagesMultipleTimes_Legacy" + "RepositoryActionWithActionYamlFile_DockerHubImage" + "RepositoryActionWithActionYamlFile_DockerHubImage_Legacy" + "RepositoryActionWithActionfileAndDockerfile" + "RepositoryActionWithActionfileAndDockerfile_Legacy" + "RepositoryActionWithActionfile_DockerHubImage" + "RepositoryActionWithActionfile_DockerHubImage_Legacy" + "RepositoryActionWithActionfile_Dockerfile" + "RepositoryActionWithActionfile_Dockerfile_Legacy" + "RepositoryActionWithActionfile_DockerfileRelativePath" + "RepositoryActionWithActionfile_DockerfileRelativePath_Legacy" + "RepositoryActionWithActionfile_Node" + "RepositoryActionWithActionfile_Node_Legacy" + "RepositoryActionWithDockerfile" + "RepositoryActionWithDockerfile_Legacy" + "RepositoryActionWithDockerfileInRelativePath" + "RepositoryActionWithDockerfileInRelativePath_Legacy" + "RepositoryActionWithDockerfilePrepareActions_Repository" + "RepositoryActionWithInvalidWrapperActionfile_Node" + "RepositoryActionWithInvalidWrapperActionfile_Node_Legacy" + "RepositoryActionWithWrapperActionfile_PreSteps" + "RepositoryActionWithWrapperActionfile_PreSteps_Legacy" + ] + ++ map (x: "GitHub.Runner.Common.Tests.DotnetsdkDownloadScriptL0.${x}") [ + "EnsureDotnetsdkBashDownloadScriptUpToDate" + "EnsureDotnetsdkPowershellDownloadScriptUpToDate" + ] + ++ [ "GitHub.Runner.Common.Tests.Listener.RunnerL0.TestRunOnceHandleUpdateMessage" ] + # Tests for trimmed runner packages which aim at reducing the update size. Not relevant for Nix. + ++ map (x: "GitHub.Runner.Common.Tests.PackagesTrimL0.${x}") [ + "RunnerLayoutParts_CheckExternalsHash" + "RunnerLayoutParts_CheckDotnetRuntimeHash" + ] + ++ lib.optionals (stdenv.hostPlatform.system == "aarch64-linux") [ + # "JavaScript Actions in Alpine containers are only supported on x64 Linux runners. Detected Linux Arm64" + "GitHub.Runner.Common.Tests.Worker.StepHostL0.DetermineNodeRuntimeVersionInAlpineContainerAsync" + ]; + + checkInputs = [ git ]; + + checkPhase = '' + runHook preCheck + + mkdir -p _layout/externals + ln -s ${nodejs-12_x} _layout/externals/node12 + ln -s ${nodejs-16_x} _layout/externals/node16 + + printf 'Disabled tests:\n%s\n' '${lib.concatMapStringsSep "\n" (x: " - ${x}") disabledTests}' + + # BUILDCONFIG needs to be "Debug" + dotnet msbuild \ + -t:test \ + -p:PackageRuntime="${runtimeId}" \ + -p:BUILDCONFIG="Debug" \ + -p:RunnerVersion="${version}" \ + -p:GitInfoCommitHash="${fakeSha1}" \ + src/dir.proj + + runHook postCheck + ''; + + installPhase = '' + runHook preInstall + + # Copy the built binaries to lib/ instead of bin/ as they + # have to be wrapped in the fixup phase to work + mkdir -p $out/lib + cp -r _layout/bin/. $out/lib/ + + # Delete debugging files + find "$out/lib" -type f -name '*.pdb' -delete + + # Install the helper scripts to bin/ to resemble the upstream package + mkdir -p $out/bin + install -m755 src/Misc/layoutbin/runsvc.sh $out/bin/ + install -m755 src/Misc/layoutbin/RunnerService.js $out/lib/ + install -m755 src/Misc/layoutroot/run.sh $out/lib/ + install -m755 src/Misc/layoutroot/config.sh $out/lib/ + install -m755 src/Misc/layoutroot/env.sh $out/lib/ + + # Rewrite reference in helper scripts from bin/ to lib/ + substituteInPlace $out/lib/run.sh --replace '"$DIR"/bin' "$out/lib" + substituteInPlace $out/lib/config.sh --replace './bin' "$out/lib" + + # Make paths absolute + substituteInPlace $out/bin/runsvc.sh \ + --replace './externals' "$out/externals" \ + --replace './bin' "$out/lib" + + # The upstream package includes Node {12,16} and expects it at the path + # externals/node{12,16}. As opposed to the official releases, we don't + # link the Alpine Node flavors. + mkdir -p $out/externals + ln -s ${nodejs-12_x} $out/externals/node12 + ln -s ${nodejs-16_x} $out/externals/node16 + + # Install Nodejs scripts called from workflows + install -D src/Misc/layoutbin/hashFiles/index.js $out/lib/hashFiles/index.js + mkdir -p $out/lib/checkScripts + install src/Misc/layoutbin/checkScripts/* $out/lib/checkScripts/ + + runHook postInstall + ''; + + # Stripping breaks the binaries + dontStrip = true; + + preFixup = '' + patchelf --replace-needed liblttng-ust.so.0 liblttng-ust.so $out/lib/libcoreclrtraceptprovider.so + ''; + + postFixup = '' + fix_rpath() { + patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" $out/lib/$1 + } + + wrap() { + makeWrapper $out/lib/$1 $out/bin/$1 \ + --prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath (buildInputs ++ [ openssl ])} \ + ''${@:2} + } + + fix_rpath Runner.Listener + fix_rpath Runner.PluginHost + fix_rpath Runner.Worker + + wrap Runner.Listener + wrap Runner.PluginHost + wrap Runner.Worker + wrap run.sh + wrap env.sh + + wrap config.sh --prefix PATH : ${lib.makeBinPath [ glibc.bin ]} + ''; + + # Script to create deps.nix file for dotnet dependencies. Run it with + # $(nix-build -A github-runner.passthru.createDepsFile)/bin/create-deps-file + # + # Default output path is /tmp/${pname}-deps.nix, but can be overriden with cli argument. + # + # Inspired by passthru.fetch-deps in pkgs/build-support/build-dotnet-module/default.nix + passthru.createDepsFile = writeShellApplication { + name = "create-deps-file"; + runtimeInputs = [ dotnetSdk nuget-to-nix ]; + text = '' + # Disable telemetry data + export DOTNET_CLI_TELEMETRY_OPTOUT=1 + + rundir=$(pwd) + + printf "\n* Setup workdir\n" + workdir="$(mktemp -d /tmp/${pname}.XXX)" + cp -rT "${src}" "$workdir" + chmod -R +w "$workdir" + trap 'rm -rf "$workdir"' EXIT + + pushd "$workdir" + + mkdir nuget_pkgs + + ${lib.concatMapStrings (rid: '' + printf "\n* Restore ${pname} (${rid}) dotnet project\n" + dotnet restore src/ActionsRunner.sln --packages nuget_pkgs --no-cache --force --runtime "${rid}" + '') (lib.attrValues runtimeIds)} + + cd "$rundir" + deps_file=''${1-"/tmp/${pname}-deps.nix"} + printf "\n* Make %s file\n" "$(basename "$deps_file")" + nuget-to-nix "$workdir/nuget_pkgs" > "$deps_file" + printf "\n* Dependency file writen to %s" "$deps_file" + ''; + }; + + meta = with lib; { + description = "Self-hosted runner for GitHub Actions"; + homepage = "https://github.com/actions/runner"; + license = licenses.mit; + maintainers = with maintainers; [ veehaitch newam kfollesdal ]; + platforms = attrNames runtimeIds; + }; +} |