maurice/snix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
snix/ops/terraform/deploy-nixos/nix-eval.sh
Florian Klink f055c75bc0 feat(ops/terraform/deploy-nixos): add build parameter 
If this is set to true (and only then), also invoke `nix-build` on the
previously-instantiated .drv to cause builds/substitutions on the local
machine.

There's no terraform example for this in here, but this is useful if you
want to perform builds locally, for example to upload nix-built blobs
elsewhere through terraform.

Change-Id: Idcf7b8527aa9c27f6f9ca60ca607c29d82e1cce9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11215
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
2024-03-26 17:17:56 +00:00

47 lines
1.8 KiB
Bash
Executable file
Raw Blame History

#!/usr/bin/env bash
# SPDX-FileCopyrightText: 2023 The TVL Authors
#
# SPDX-License-Identifier: MIT
set -ueo pipefail
# Evaluates a Nix expression.
#
# Receives input parameters as JSON from stdin.
# It expects a dict with the following keys:
#
# - `attrpath`: the attribute.path pointing to the expression to instantiate.
# Required.
# - `entrypoint`: the path to the Nix file to invoke.
# Optional. If omitted, will shell out to git to determine the repo root,
# and Nix will use `default.nix` in there.
# - `argstr`: A map containing string keys and values
# which are passed to Nix as `--argstr $key $value`
# command line args. Optional.
# - `build`: A boolean (or string being "true" or "false") stating whether the
# expression should also be built/substituted on the machine executing this script.
#
# jq's @sh format takes care of escaping.
eval "$(jq -r '@sh "attrpath=\(.attrpath) && entrypoint=\(.entrypoint) && argstr=\((.argstr // {}) | to_entries | map ("--argstr", .key, .value) | join(" ")) build=\(.build)"')"
# Evaluate the expression.
[[ -z "$entrypoint" ]] && entrypoint=$(git rev-parse --show-toplevel)
# shellcheck disable=SC2086,SC2154
drv=$(nix-instantiate -A "${attrpath}" "${entrypoint}" ${argstr})
# If `build` is set to true, invoke nix-build on the .drv.
# We need to swallow all stdout, to not garble the JSON printed later.
# shellcheck disable=SC2154
if [ "${build}" == "true" ]; then
nix-build --no-out-link "${drv}" > /dev/null
fi
# Determine the output path.
outPath=$(nix show-derivation "${drv}" | jq -r ".\"${drv}\".outputs.out.path")
# Return a JSON back to stdout.
# It contains the following keys:
#
# - `drv`: the store path of the Derivation that has been instantiated.
# - `outPath`: the output store path.
jq -n --arg drv "$drv" --arg outPath "$outPath" '{"drv":$drv, "outPath":$outPath}'
Reference in a new issue View git blame Copy permalink