feat(ops/pipelines): Add gcroots for depot builds on canon
Adds a conditional build step that only runs on the canon branch, and only if 🦆 (the status reporting step) succeeds, which creates a new Nix GC root for all depot targets named `depot-canon`. In practice this might be a bit racey, as canon builds are not guaranteed to succeed in order (though it is likely). This shouldn't matter much in practice: We only want to prevent rebuilds of the whole world. This fixes b/102 Change-Id: Id3d0bf4158bffcb1ed6929888a29d31609b6ece1 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2904 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi>
This commit is contained in:
		
							parent
							
								
									6c3585f764
								
							
						
					
					
						commit
						d7b89df748
					
				
					 2 changed files with 28 additions and 2 deletions
				
			
		|  | @ -105,6 +105,12 @@ in fix(self: { | |||
|     # remove nixpkgs from the set, for obvious reasons. | ||||
|     third_party = self.third_party // { nixpkgs = null; }; | ||||
|   }); | ||||
| 
 | ||||
|   # Derivation that gcroots all depot targets. | ||||
|   ci.gcroot = self.third_party.nixpkgs.symlinkJoin { | ||||
|     name = "depot-gcroot"; | ||||
|     paths = self.ci.targets; | ||||
|   }; | ||||
| } | ||||
| 
 | ||||
| # Add local packages as structured by readTree | ||||
|  |  | |||
|  | @ -8,8 +8,7 @@ | |||
| 
 | ||||
| let | ||||
|   inherit (builtins) concatStringsSep foldl' map toJSON; | ||||
|   inherit (lib) singleton; | ||||
|   inherit (pkgs) writeText; | ||||
|   inherit (pkgs) symlinkJoin writeText; | ||||
| 
 | ||||
|   # Create an expression that builds the target at the specified | ||||
|   # location. | ||||
|  | @ -80,6 +79,27 @@ let | |||
|       ({ | ||||
|         command = "exit $(buildkite-agent meta-data get 'failure')"; | ||||
|         label = ":duck:"; | ||||
|         key = ":duck:"; | ||||
|       }) | ||||
| 
 | ||||
|       # After duck, on success, create a gcroot if the build branch is | ||||
|       # canon. | ||||
|       # | ||||
|       # We care that this anchors *most* of the depot, in practice | ||||
|       # it's unimportant if there is a build race and we get +-1 of | ||||
|       # the targets. | ||||
|       # | ||||
|       # Unfortunately this requires a third evaluation of the graph, | ||||
|       # but since it happens after :duck: it should not affect the | ||||
|       # timing of status reporting back to Gerrit. | ||||
|       ({ | ||||
|         command = "nix-instantiate -A ci.gcroot --add-root /nix/var/nix/gcroots/depot/canon"; | ||||
|         label = ":anchor:"; | ||||
|         "if" = ''build.branch == "canon"''; | ||||
|         depends_on = [{ | ||||
|           step = ":duck:"; | ||||
|           allow_failure = false; | ||||
|         }]; | ||||
|       }) | ||||
|     ]; | ||||
| in (writeText "depot.yaml" (toJSON pipeline)) | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue