#!/usr/bin/env bash set -euo pipefail BRANCH="update-inputs-$(date +%Y-%m-%d-%H-%M)" HYDRA_URL="https://hydra.kyouma.net" JOBSET_URL="${HYDRA_URL}/jobset/nixfiles/update-inputs" ROOT="$(mktemp -d)" gitin () { git -C "${ROOT}/nixfiles" "$@" } merge_theirs () { gitin merge -s ours "${BRANCH}" -m "Update from ${BRANCH}" gitin branch temp gitin reset --hard "${BRANCH}" gitin reset --soft temp gitin commit --amend --no-edit gitin branch -D temp } test_build () { local last_error local build_jobs local start_time start_time="$(date +%s)" build_jobs="$(curl --fail -s -L -H "Accept: application/json" "${JOBSET_URL}/latest-eval" | jq -r ".builds | .[]")" for build in ${build_jobs}; do local build_status while true; do local build_finished build_finished="$(curl --fail -s -L -H "Accept: application/json" "${HYDRA_URL}/build/${build}" | jq -r ".finished")" [[ ${build_finished} == 1 ]] && break sleep 5 done build_status="$(curl --fail -s -L -H "Accept: application/json" "${HYDRA_URL}/build/${build}" | jq -r ".buildstatus")" [[ $build_status != 0 ]] && echo "Build ${build} failed" && exit 1 echo "Build ${build} was successful" done last_error="$(curl --fail -s -L -H "Accept: application/json" "${JOBSET_URL}" | jq -r ".errortime")" [[ $last_error -gt $start_time ]] && echo "Evaluation error encountered at $(date +%Y-%m-%d-%H:%M:%S --date="@${last_error}")" && exit 1 } wait_for_hydra () { local git_rev local hydra_rev local counter counter=0 git_rev="$(git -C "${1}/nixfiles" rev-parse update-inputs)" while true; do hydra_rev="$(curl -s -L -H "Accept: application/json" "${2}/latest-eval" | jq -r .flake | sed -E "s/.+&rev=(.*)/\1/g")" if [[ "${git_rev}" == "${hydra_rev}" ]]; then echo "Hydra got new commit" break fi sleep 30 done if [[ $counter -ge 30 ]]; then echo "Hydra no workey" exit 1 fi } ssh-agent -a "${ROOT}/ssh-agent" SSH_AUTH_SOCK="${ROOT}/ssh-agent" export SSH_AUTH_SOCK ssh-add "/run/secrets/services/update-nixfiles/privateKey" git clone forgejo@woof.rip:emily/nixfiles.git "${ROOT}/nixfiles" gitin fetch --all gitin checkout origin/main gitin checkout -b "${BRANCH}" pushd "${ROOT}/nixfiles" nix flake update --commit-lock-file popd if gitin diff --quiet origin/update-inputs "${BRANCH}"; then echo "No update needed" gitin checkout update-inputs gitin branch -D "${BRANCH}" exit 0 fi gitin push --set-upstream origin "${BRANCH}" gitin checkout update-inputs merge_theirs gitin push origin update-inputs echo "Waiting for hydra to get new commit" export -f wait_for_hydra timeout 4h bash -c "wait_for_hydra ${ROOT} ${JOBSET_URL}" echo "Testing if all build jobs completed successfully" test_build echo "All build jobs were successful" echo "Merging ${BRANCH} into main" gitin checkout main gitin merge --ff-only "${BRANCH}" gitin push origin main echo "Update successful"