From 3b13edb1558da8657a1d3b555efbaecc2d958c60 Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Sun, 7 May 2023 13:01:12 -0400 Subject: [PATCH] WiP: blunt CircleCI nix-shell build without gnat6/ada with all boards configs without libgfxinit https://github.com/osresearch/heads/pull/1269 Modified with limited understanding absolute local builds to reuse Nix cache of already confirmed reproducible stuff Removed gnat6/ada, added swtpm, texinfo and rsync for which otherwise there was local failings --- .circleci/config.yml | 19 ++++++--------- flake.lock | 58 ++++++++++++++++++++++++++++++++++++++++++++ flake.nix | 43 ++++++++++++++++++++++++++++++++ shell.nix | 39 +++++++++++++++++++++++++++++ 4 files changed, 147 insertions(+), 12 deletions(-) create mode 100644 flake.lock create mode 100644 flake.nix create mode 100644 shell.nix diff --git a/.circleci/config.yml b/.circleci/config.yml index 8869cd63d..b019ae957 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -11,15 +11,10 @@ commands: type: string steps: - run: - name: Install dependencies - command: | - ln -fs /usr/share/zoneinfo/America/New_York /etc/localtime - apt update - apt install -y build-essential zlib1g-dev uuid-dev libdigest-sha-perl libelf-dev bc bzip2 bison flex git gnupg gawk iasl m4 nasm patch python python2 python3 wget gnat cpio ccache pkg-config cmake libusb-1.0-0-dev autoconf texinfo ncurses-dev doxygen graphviz udev libudev1 libudev-dev automake libtool rsync innoextract sudo libssl-dev device-tree-compiler u-boot-tools sharutils e2fsprogs parted curl unzip - - run: - name: Make Board (FULL ORDERED BUILD LOGS HERE UNTIL JOB FAILED) + name: Make Board command: | - rm -rf build/<>/<>/* build/<>/log/* && make V=1 BOARD=<> <> || touch ./tmpDir/failed_build + rm -rf build/<>/<>/* build/<>/log/* && + nix-shell --pure 'make V=1 BOARD=<> <>' || touch ./tmpDir/failed_build no_output_timeout: 3h - run: name: Output hashes @@ -85,7 +80,7 @@ jobs: - heads-coreboot-musl-cross-{{ checksum "./tmpDir/coreboot_musl-cross.sha256sums" }}{{ .Environment.CACHE_VERSION }} #If precedent cache not found. Restore cache for musl-cross-make module digest (rarely modified). #Otherwise, we build cleanly. - - heads-musl-cross-{{ checksum "./tmpDir/musl-cross.sha256sums" }} + - heads-musl-cross-{{ checksum "./tmpDir/musl-cross.sha256sums" }}{{ .Environment.CACHE_VERSION }} - run: name: Download and neuter xx20 ME (keep generated GBE and extracted IFD in tree) command: | @@ -114,7 +109,7 @@ jobs: build_and_persist: docker: - - image: debian:11 + - image: nixos/nix:2.12.0 resource_class: large parameters: arch: @@ -141,7 +136,7 @@ jobs: build: docker: - - image: debian:11 + - image: nixos/nix:2.12.0 resource_class: large parameters: arch: @@ -161,7 +156,7 @@ jobs: save_cache: docker: - - image: debian:11 + - image: nixos/nix:2.12.0 resource_class: large steps: - attach_workspace: diff --git a/flake.lock b/flake.lock new file mode 100644 index 000000000..1a724a7ff --- /dev/null +++ b/flake.lock @@ -0,0 +1,58 @@ +{ + "nodes": { + "flake-utils": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "gnat6nixpkgs": { + "locked": { + "lastModified": 1657800791, + "narHash": "sha256-pTHq8upikwsj9xorQatXkTKTIkQ+kODwc+Sp59k6P/E=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "19cb612405c82c7f4fb3ce4497e24c1efa0b1935", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "rev": "19cb612405c82c7f4fb3ce4497e24c1efa0b1935", + "type": "indirect" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1673226411, + "narHash": "sha256-b6cGb5Ln7Zy80YO66+cbTyGdjZKtkoqB/iIIhDX9gRA=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "aa1d74709f5dac623adb4d48fdfb27cc2c92a4d4", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-unstable", + "type": "indirect" + } + }, + "root": { + "inputs": { + "flake-utils": "flake-utils", + "gnat6nixpkgs": "gnat6nixpkgs", + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 000000000..4812bd1e4 --- /dev/null +++ b/flake.nix @@ -0,0 +1,43 @@ +{ + description = "heads flake, mostly for devshell for now"; + + inputs = { + nixpkgs.url = "nixpkgs/nixos-unstable"; + gnat6nixpkgs.url = "nixpkgs/19cb612405c82c7f4fb3ce4497e24c1efa0b1935"; + flake-utils.url = "github:numtide/flake-utils"; + }; + + outputs = { + self, + flake-utils, + nixpkgs, + }: + flake-utils.lib.eachDefaultSystem (system: let + pkgs = nixpkgs.legacyPackages.${system}; + in { + devShell = + (pkgs.buildFHSUserEnv { + name = "heads-build-env"; + targetPkgs = pkgs: (with pkgs; + [ + bison # Generate flashmap descriptor parser + curl + flex + git + gcc + gnumake + m4 + ncurses # make menuconfig + nss # ca-certs + perl + pkgconfig + qemu # test the image + wget + which + zlib.dev + profile = '' + ''; + }) + .env; + }); +} diff --git a/shell.nix b/shell.nix new file mode 100644 index 000000000..5430c9428 --- /dev/null +++ b/shell.nix @@ -0,0 +1,39 @@ +let + _pkgs = import {}; +in + { + pkgs ? + import (_pkgs.fetchFromGitHub { + owner = "NixOS"; + repo = "nixpkgs"; + #branch@date: nixpkgs-unstable@2023-01-03 + rev = "298add347c2bbce14020fcb54051f517c391196b"; + sha256 = "0q0c6gf21rbfxvb9fvcmybvz9fxskbk324xbvqsh1dz2wzgylrja"; + }) {}, + }: + (pkgs.buildFHSUserEnv { + name = "heads-build-env"; + targetPkgs = pkgs: (with pkgs; [ + bison # Generate flashmap descriptor parser + curl + flex + texinfo + gcc + git + gnumake + m4 + ncurses # make menuconfig + nss # ca-certs + perl + pkgconfig + wget + which + rsync #needed by 5.x linux kernels + qemu #test image + swtpm #test image with qemu and BOARD=qemu-(fb)whiptail-tpm(1/2) targets + zlib.dev + ]); + profile = '' + ''; + }) + .env