From f2790317ba46ff4017338fd9d7d29deb7428367b Mon Sep 17 00:00:00 2001 From: Siddarth Kumar Date: Wed, 30 Jul 2025 23:25:00 +0530 Subject: [PATCH] ci: add nix flake and use in CI Using system tooling can lead to weird behavior of available Node versions, for example this IPv6 resolution error: ``` [3/5] Fetching packages... error Error: connect EHOSTUNREACH 2606:4700::6810:1922:443 at TCPConnectWrap.afterConnect [as oncomplete] (node:net:1495:16) ``` --- Jenkinsfile | 35 ++++++++++++++++++++++------------- flake.lock | 26 ++++++++++++++++++++++++++ flake.nix | 35 +++++++++++++++++++++++++++++++++++ 3 files changed, 83 insertions(+), 13 deletions(-) create mode 100644 flake.lock create mode 100644 flake.nix diff --git a/Jenkinsfile b/Jenkinsfile index 92c409ff8..734dcc47b 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,5 +1,5 @@ #!/usr/bin/env groovy -library 'status-jenkins-lib@v1.8.15' +library 'status-jenkins-lib@v1.9.24' pipeline { agent { label 'linux' } @@ -23,32 +23,41 @@ pipeline { stages { stage('Install') { steps { - sh 'yarn install' + script { + nix.develop('yarn install') + } } } stage('Scrape') { steps { - sh 'yarn scrape' + script { + nix.develop('yarn scrape', keepEnv: ['INCLUDED_DIRS','FETCH_MODE']) + } } } stage('Build') { - steps { script { - sh 'yarn build' - jenkins.genBuildMetaJSON('build/build.json') - } } + steps { + script { + nix.develop('yarn build') + jenkins.genBuildMetaJSON('build/build.json') + } + } } stage('Publish') { steps { sshagent(credentials: ['status-im-auto-ssh']) { - sh """ - ghp-import \ - -b ${deployBranch()} \ - -c ${deployDomain()} \ - -p build - """ + script { + nix.develop(""" + ghp-import \ + -b ${deployBranch()} \ + -c ${deployDomain()} \ + -p build + """, sandbox: false, + keepEnv: ['SSH_AUTH_SOCK']) + } } } } diff --git a/flake.lock b/flake.lock new file mode 100644 index 000000000..4ee116e0b --- /dev/null +++ b/flake.lock @@ -0,0 +1,26 @@ +{ + "nodes": { + "nixpkgs": { + "locked": { + "lastModified": 1753749649, + "narHash": "sha256-+jkEZxs7bfOKfBIk430K+tK9IvXlwzqQQnppC2ZKFj4=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "1f08a4df998e21f4e8be8fb6fbf61d11a1a5076a", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-25.05", + "type": "indirect" + } + }, + "root": { + "inputs": { + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 000000000..bd3e64994 --- /dev/null +++ b/flake.nix @@ -0,0 +1,35 @@ +{ + description = "Nix flake development shell."; + + inputs = { + nixpkgs.url = "nixpkgs/nixos-25.05"; + }; + + outputs = + { self, nixpkgs }: + let + supportedSystems = [ + "x86_64-linux" + "aarch64-linux" + "x86_64-darwin" + "aarch64-darwin" + ]; + forEachSystem = nixpkgs.lib.genAttrs supportedSystems; + pkgsFor = forEachSystem (system: import nixpkgs { inherit system; }); + in + rec { + formatter = forEachSystem (system: pkgsFor.${system}.nixpkgs-fmt); + + devShells = forEachSystem (system: { + default = pkgsFor.${system}.mkShellNoCC { + packages = with pkgsFor.${system}.buildPackages; [ + git # 2.44.1 + openssh # 9.7p1 + yarn # 1.22.22 + nodejs_20 # v20.15.1 + ghp-import # 2.1.0 + ]; + }; + }); + }; +}