Is there any Nix-aware CI besides Hydra and Hercules?
Or maybe plugins for Jenkins or GitLab?
By Nix-awareness I mainly mean making a graph of native tasks from nix-instantiate and distribute them to CI workers, and showing those graphs as a single CI-tasks to avoid pollution of the root namespace. Plus import of Nix build logs into CI system.
Why not Hydra/Hercules: to integrate with things unrelated to Nix (uploading to Maven, etc). It seems easier to add Nix support to Jenkins than to enrich Hydra with all it lacks.
I was thinking about this while designing a build/ci/cd library in elixir.
Iāve also thought about just running a script in a tool like Jenkins or Gocd that would effectively do something like āif .nix file, run nix-buildā and at least with gocd you can tie a pipeline to a build machine that has nix installed.
In one project I worked on we used circleci to do these nix builds and it worked.
Ultimately we ended up creating a *-nixpkgs pattern, and using hydra, because we were building a whole Nixos release.
Another idea is to use hydra, and have other build tool check and trigger on successful build to get and upload artifacts to maven etc hydra has an api that can both trigger jobs and check job status
BuildKite pipelines can be updated dynamically so itās possible to generate a nix build graph on the fly.
How I see it, there would be a pipeline evaluation step that pushes all the sources to the binary cache and generates the build graph. As an optimization, it could only schedule jobs for derivations that donāt have results in the cache.
In the nix build ā graph ā jobs for other CI platform modelā¦
are you re-implementing scheduling? How do you handle a toplevel of hundreds of derivations, some of which rely on another? Am I over/under-thinking this?
I think the scheduling is usually handled by the platform (letās say Jenkins, Gocd, etc)
Basically, if you have a nixos based build node, then nix-build will take care of these issues you mention, you run nix-build as task on the machine against the nix expressions. This doesnāt take care of where you will cache your binaries, etc. But nix-build on a collection of nix expressions will take care of all dependencies, etc.
If this is in response to my post on bitte-ci, I can answer a few points. So scheduling is handling by nomad itself, it does a good job of that on itās own. We also made a special patch to nomad so it understands nix flakes and can build an isolated environment around a flake attribute. In order to pass in multiple required derivations, we recently expanded this patch to accept multiple flakes. Really, all the heavy lifting was done by @manveru. Iām mostly just a consumer
Something is going to convert a nix build with N derivations into M jobs on the underlying platform, no? Hydra knows about itās runners, evals, and divides those derivations somewhat intelligentally across runners.
Is there not a need for a similar component in an imagined layered-CI system?
edit: for example, building my toplevel is 200 derivations. Hydra might fan those out over my x86-64 nodes. Does bitte-ci do this somehow? I guess I sort of imagine that it must make one flake output = one nomad job?
Gitlabās dynamic parent-child pipelines are indeed interesting, but from the docs I see that only two level of parent-child relationships are permitted, seems like bummer to me. Iām not a really expert in gitlabās pipelines (although Iām using them) and while the problem of knowing what to build before can be solved with something like a toposort, handling the parallelization and requirements without a hierarchical structure seemsā¦ hard. I would be very interested though, because gitlab runners then can be arranged in various way, as native services or even kubernetes jobs (and maybe even nomad tasks).
Iāve not come across buildkite at all, is a something you can deploy yourself and self host, or just another platform ātrust usā scenario? which is find depending what your use case is.
Hydra seems to be everything you need to get distributed builds working well, well until trustnix gets going.
buildkite is similar to hercules-ci in that regard. The user self-hosts the agents and machines. The agents connect to the SaaS API, which hosts their proprietary scheduler and web UI.
