Advance jenkins-nix-ci and use nixosModule directly

Ref: https://github.com/juspay/jenkins-nix-ci/pull/10
2026-02-22 21:05:22 +08:00 · 2023-03-27 13:45:59 -04:00 · 2023-03-27 13:45:59 -04:00 · 099f4db245
commit 099f4db245
parent b98a1485cd
3 changed files with 44 additions and 147 deletions
--- a/flake.lock
+++ b/flake.lock
@ -184,22 +184,6 @@
      }
    },
    "flake-compat_4": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1606424373,
-        "narHash": "sha256-oq8d4//CJOrVj+EcOaSXvMebvuTkmBJuT5tzlfewUnQ=",
-        "owner": "edolstra",
-        "repo": "flake-compat",
-        "rev": "99f1c2157fba4bfe6211a321fd0ee43199025dbf",
-        "type": "github"
-      },
-      "original": {
-        "owner": "edolstra",
-        "repo": "flake-compat",
-        "type": "github"
-      }
-    },
-    "flake-compat_5": {
      "flake": false,
      "locked": {
        "lastModified": 1668681692,
@ -320,36 +304,6 @@
        "type": "github"
      }
    },
-    "flake-root_2": {
-      "locked": {
-        "lastModified": 1671378805,
-        "narHash": "sha256-yqGxyzMN2GuppwG3dTWD1oiKxi+jGYP7D1qUSc5vKhI=",
-        "owner": "srid",
-        "repo": "flake-root",
-        "rev": "dc7ba6166e478804a9da6881aa48c45d300075cf",
-        "type": "github"
-      },
-      "original": {
-        "owner": "srid",
-        "repo": "flake-root",
-        "type": "github"
-      }
-    },
-    "flake-root_3": {
-      "locked": {
-        "lastModified": 1671378805,
-        "narHash": "sha256-yqGxyzMN2GuppwG3dTWD1oiKxi+jGYP7D1qUSc5vKhI=",
-        "owner": "srid",
-        "repo": "flake-root",
-        "rev": "dc7ba6166e478804a9da6881aa48c45d300075cf",
-        "type": "github"
-      },
-      "original": {
-        "owner": "srid",
-        "repo": "flake-root",
-        "type": "github"
-      }
-    },
    "flake-utils": {
      "locked": {
        "lastModified": 1667395993,
@ -395,21 +349,6 @@
        "type": "github"
      }
    },
-    "flake-utils_4": {
-      "locked": {
-        "lastModified": 1623875721,
-        "narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "f7e004a55b120c02ecb6219596820fcd32ca8772",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
    "haskell-flake": {
      "locked": {
        "lastModified": 1668167720,
@ -503,18 +442,17 @@
      "inputs": {
        "deploy-rs": "deploy-rs",
        "flake-parts": "flake-parts_4",
-        "flake-root": "flake-root_3",
        "jenkinsPlugins2nix": "jenkinsPlugins2nix",
        "nixos-flake": "nixos-flake",
        "nixpkgs": "nixpkgs_6",
        "sops-nix": "sops-nix"
      },
      "locked": {
-        "lastModified": 1679934843,
-        "narHash": "sha256-qSaNkqgKgyieNUw7pV6OFZsoZEhYrkZlTeioXeCE13g=",
+        "lastModified": 1679939116,
+        "narHash": "sha256-D+GPyjFrDBgSu3zSfzXmjLIcTwpl+orxVwgRi5wCRoY=",
        "owner": "juspay",
        "repo": "jenkins-nix-ci",
-        "rev": "87e1cdd42bd23642337647af6547bf78b03b17f5",
+        "rev": "dd748d771358878374516a38013787c99f4fc374",
        "type": "github"
      },
      "original": {
@ -543,26 +481,6 @@
        "type": "github"
      }
    },
-    "jenkinsPlugins2nix_2": {
-      "inputs": {
-        "flake-compat": "flake-compat_4",
-        "flake-utils": "flake-utils_4",
-        "nixpkgs": "nixpkgs_8"
-      },
-      "locked": {
-        "lastModified": 1629079129,
-        "narHash": "sha256-OKNtUKjANDK0wEFypSsHuJuolg76OYEVPsNAwUBbLS4=",
-        "owner": "Fuuzetsu",
-        "repo": "jenkinsPlugins2nix",
-        "rev": "fabb57351f23a6d458a638510b926d4c3f452ec2",
-        "type": "github"
-      },
-      "original": {
-        "owner": "Fuuzetsu",
-        "repo": "jenkinsPlugins2nix",
-        "type": "github"
-      }
-    },
    "naersk": {
      "inputs": {
        "nixpkgs": [
@ -629,8 +547,8 @@
    },
    "nix-serve-ng": {
      "inputs": {
-        "flake-compat": "flake-compat_5",
-        "nixpkgs": "nixpkgs_9",
+        "flake-compat": "flake-compat_4",
+        "nixpkgs": "nixpkgs_8",
        "utils": "utils_4"
      },
      "locked": {
@ -694,7 +612,7 @@
    },
    "nixos-shell": {
      "inputs": {
-        "nixpkgs": "nixpkgs_10"
+        "nixpkgs": "nixpkgs_9"
      },
      "locked": {
        "lastModified": 1646257415,
@ -831,7 +749,7 @@
    "nixpkgs-match": {
      "inputs": {
        "flake-parts": "flake-parts_5",
-        "nixpkgs": "nixpkgs_12"
+        "nixpkgs": "nixpkgs_11"
      },
      "locked": {
        "lastModified": 1672924430,
@ -880,21 +798,6 @@
      }
    },
    "nixpkgs_10": {
-      "locked": {
-        "lastModified": 1628465643,
-        "narHash": "sha256-QSNw9bDq9uGUniQQtakRuw4m21Jxugm23SXLVgEV4DM=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "6ef4f522d63f22b40004319778761040d3197390",
-        "type": "github"
-      },
-      "original": {
-        "id": "nixpkgs",
-        "ref": "nixos-unstable",
-        "type": "indirect"
-      }
-    },
-    "nixpkgs_11": {
      "locked": {
        "lastModified": 1678819893,
        "narHash": "sha256-lfA6WGdxPsPkBK5Y19ltr5Sn7v7MlT+jpZ4nUgco0Xs=",
@ -910,7 +813,7 @@
        "type": "github"
      }
    },
-    "nixpkgs_12": {
+    "nixpkgs_11": {
      "locked": {
        "lastModified": 1672756850,
        "narHash": "sha256-Smbq3+fitwA13qsTMeaaurv09/KVbZfW7m7lINwzDGA=",
@ -926,7 +829,7 @@
        "type": "github"
      }
    },
-    "nixpkgs_13": {
+    "nixpkgs_12": {
      "locked": {
        "lastModified": 1679734080,
        "narHash": "sha256-z846xfGLlon6t9lqUzlNtBOmsgQLQIZvR6Lt2dImk1M=",
@ -1039,22 +942,6 @@
      }
    },
    "nixpkgs_8": {
-      "locked": {
-        "lastModified": 1622516815,
-        "narHash": "sha256-ZjBd81a6J3TwtlBr3rHsZspYUwT9OdhDk+a/SgSEf7I=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "7e9b0dff974c89e070da1ad85713ff3c20b0ca97",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "21.05",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "nixpkgs_9": {
      "locked": {
        "lastModified": 1669391192,
        "narHash": "sha256-f/2TqduZWcdq/pPddu1E7plNmcOuzt1IN4Fh3LSUKmM=",
@ -1070,6 +957,21 @@
        "type": "github"
      }
    },
+    "nixpkgs_9": {
+      "locked": {
+        "lastModified": 1628465643,
+        "narHash": "sha256-QSNw9bDq9uGUniQQtakRuw4m21Jxugm23SXLVgEV4DM=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "6ef4f522d63f22b40004319778761040d3197390",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "ref": "nixos-unstable",
+        "type": "indirect"
+      }
+    },
    "pre-commit-hooks-nix": {
      "inputs": {
        "flake-utils": "flake-utils_2",
@ -1099,18 +1001,16 @@
        "emacs-overlay": "emacs-overlay",
        "emanote": "emanote",
        "flake-parts": "flake-parts_2",
-        "flake-root": "flake-root_2",
        "hci": "hci",
        "home-manager": "home-manager",
        "jenkins-nix-ci": "jenkins-nix-ci",
-        "jenkinsPlugins2nix": "jenkinsPlugins2nix_2",
        "nix-darwin": "nix-darwin_2",
        "nix-serve-ng": "nix-serve-ng",
        "nixos-flake": "nixos-flake_2",
        "nixos-hardware": "nixos-hardware",
        "nixos-shell": "nixos-shell",
        "nixos-vscode-server": "nixos-vscode-server",
-        "nixpkgs": "nixpkgs_11",
+        "nixpkgs": "nixpkgs_10",
        "nixpkgs-match": "nixpkgs-match",
        "sops-nix": "sops-nix_2",
        "zk-nvim": "zk-nvim"
@ -1137,7 +1037,7 @@
    },
    "sops-nix_2": {
      "inputs": {
-        "nixpkgs": "nixpkgs_13",
+        "nixpkgs": "nixpkgs_12",
        "nixpkgs-stable": "nixpkgs-stable_2"
      },
      "locked": {
--- a/flake.nix
+++ b/flake.nix
@ -15,8 +15,6 @@
    # nixos-flake.url = "path:/Users/srid/code/nixos-flake";

    jenkins-nix-ci.url = "github:juspay/jenkins-nix-ci";
-    flake-root.url = "github:srid/flake-root";
-    jenkinsPlugins2nix.url = "github:Fuuzetsu/jenkinsPlugins2nix";

    # CI server
    hci.url = "github:hercules-ci/hercules-ci-agent";
@ -46,27 +44,12 @@
      systems = [ "x86_64-linux" "aarch64-darwin" ];
      imports = [
        inputs.nixos-flake.flakeModule
-        inputs.jenkins-nix-ci.flakeModule
-        inputs.flake-root.flakeModule
        ./users
        ./home
        ./nixos
        ./nix-darwin
      ];

-      jenkins-nix-ci = {
-        domain = "jenkins.srid.ca";
-        plugins = [
-          "github-api"
-          "git"
-          "github-branch-source"
-          "workflow-aggregator"
-          "ssh-slaves"
-          "configuration-as-code"
-        ];
-        plugins-file = "nixos/jenkins/plugins.nix";
-      };
-
      flake = {
        # Configurations for Linux (NixOS) systems
        nixosConfigurations = {
@ -108,6 +91,7 @@
            pkgs.nixpkgs-fmt
            pkgs.sops
            pkgs.ssh-to-age
+            (self.nixosConfigurations."pce".config.jenkins-nix-ci.nix-prefetch-jenkins-plugins pkgs)
          ];
        };
        formatter = pkgs.nixpkgs-fmt;
--- a/nixos/jenkins.nix
+++ b/nixos/jenkins.nix
@ -1,4 +1,4 @@
-{ flake, ... }:
+{ flake, config, ... }:

 # TODO:
 # - Build agents (SSH slave)
@ -6,15 +6,28 @@
 #    - macOS slave (later)
 {
  imports = [
-    flake.self.nixosModules.jenkins-master # Provided by https://github.com/juspay/jenkins-nix-ci
+    flake.inputs.jenkins-nix-ci.nixosModules.default # Provided by https://github.com/juspay/jenkins-nix-ci
  ];

+  jenkins-nix-ci = {
+    domain = "jenkins.srid.ca";
+    plugins = [
+      "github-api"
+      "git"
+      "github-branch-source"
+      "workflow-aggregator"
+      "ssh-slaves"
+      "configuration-as-code"
+    ];
+    plugins-file = "nixos/jenkins/plugins.nix";
+  };
+
  services.nginx = {
-    virtualHosts.${flake.config.jenkins-nix-ci.domain} = {
+    virtualHosts.${config.jenkins-nix-ci.domain} = {
      forceSSL = true;
      enableACME = true;
      locations."/".extraConfig = ''
-        proxy_pass http://localhost:${toString flake.config.jenkins-nix-ci.port};
+        proxy_pass http://localhost:${toString config.jenkins-nix-ci.port};
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;