Oleks
2201257e89
Implements the shared parity flake-module library so the ~51 parity repos
consume one source of truth instead of hand-inlined publish shells.
- lib.mk{PyPiWheel,S390xNpm,GenericBinary,Nix2Container,GoBinary,Helm}Publish
builders returning stage-<arch>/publish-<arch>/publish-index/publish/
push-staged apps per the corrected emmett#44 standard (build-parity stages to
./.parity-stage with no registry contact; publish dry-runs by default;
publish-index is build-free + fail-closed; :latest is the last digest copy).
- Shared ci/parity-lib.sh: token resolution ($REGISTRY_TOKEN + pass fallback,
never printed), dev-tag guard, version derivation, dry-run gate, preflight.
- pipeline-doctor package/app asserting the parity contract (cluster #193).
Refs cluster #192, #193, #194, emmett#44.
89 lines
2.8 KiB
Nix
89 lines
2.8 KiB
Nix
{
|
|
description = "parity-lib — shared per-archetype publish-app builders for the ~51 parity repos (cluster #192/#193/#194, emmett#44)";
|
|
|
|
inputs = {
|
|
# Shared fleet pin so the ~51 consumers stay binary-cache aligned.
|
|
fleet.url = "git+https://git.oleks.space/oleks/fleet-pins";
|
|
nixpkgs.follows = "fleet/nixpkgs-ci";
|
|
flake-utils.url = "github:numtide/flake-utils";
|
|
};
|
|
|
|
outputs =
|
|
{
|
|
self,
|
|
nixpkgs,
|
|
flake-utils,
|
|
...
|
|
}:
|
|
{
|
|
# ---------------------------------------------------------------------
|
|
# lib.* — system-INDEPENDENT entry points. A consumer calls
|
|
# parity.lib.mkParityBuilders { pkgs = <its own pkgs>; }
|
|
# and gets the six mk*Publish builders back, OR uses the per-builder
|
|
# convenience wrappers below which take pkgs as the first argument.
|
|
# ---------------------------------------------------------------------
|
|
lib =
|
|
let
|
|
builders = pkgs: import ./lib/builders.nix { inherit pkgs; };
|
|
wrap = name: pkgs: args: (builders pkgs).${name} args;
|
|
in
|
|
{
|
|
mkParityBuilders = builders;
|
|
mkPyPiWheelPublish = wrap "mkPyPiWheelPublish";
|
|
mkS390xNpmPublish = wrap "mkS390xNpmPublish";
|
|
mkGenericBinaryPublish = wrap "mkGenericBinaryPublish";
|
|
mkNix2ContainerPublish = wrap "mkNix2ContainerPublish";
|
|
mkGoBinaryPublish = wrap "mkGoBinaryPublish";
|
|
mkHelmPublish = wrap "mkHelmPublish";
|
|
};
|
|
}
|
|
// flake-utils.lib.eachDefaultSystem (
|
|
system:
|
|
let
|
|
pkgs = import nixpkgs { inherit system; };
|
|
inherit (pkgs) lib;
|
|
|
|
pipelineDoctor = pkgs.writeShellApplication {
|
|
name = "pipeline-doctor";
|
|
runtimeInputs = with pkgs; [
|
|
coreutils
|
|
gnugrep
|
|
gnused
|
|
findutils
|
|
jq
|
|
];
|
|
text = ''exec bash ${./ci/pipeline-doctor.sh} "$@"'';
|
|
};
|
|
|
|
# Smoke check: instantiate every builder with stub args so the apps eval.
|
|
builders = import ./lib/builders.nix { inherit pkgs; };
|
|
smoke = pkgs.runCommand "parity-lib-smoke" { } ''
|
|
: "${
|
|
builtins.toString (
|
|
lib.attrNames (builders.mkPyPiWheelPublish {
|
|
pname = "demo";
|
|
version = "0.0.0";
|
|
wheel = pkgs.hello;
|
|
})
|
|
)
|
|
}"
|
|
touch $out
|
|
'';
|
|
in
|
|
{
|
|
packages = {
|
|
pipeline-doctor = pipelineDoctor;
|
|
default = pipelineDoctor;
|
|
};
|
|
|
|
apps.pipeline-doctor = {
|
|
type = "app";
|
|
program = lib.getExe pipelineDoctor;
|
|
meta.description = "Assert the parity contract for a repo and print local-equivalent commands (cluster #193).";
|
|
};
|
|
|
|
checks.smoke = smoke;
|
|
}
|
|
);
|
|
}
|