# msgid "" msgstr "" msgid "title: DIY bare bones CI server with Bash and Nix" msgstr "" msgid "date: 2020-11-12 3" msgstr "" msgid "layout: post" msgstr "" msgid "lang: en" msgstr "" msgid "ref: diy-bare-bones-ci-server-with-bash-and-nix" msgstr "" msgid "" "With a server with Nix installed (no need for NixOS), you can leverage its " "build isolation for running CI jobs by adding a [post-receive](https://git-" "scm.com/book/en/v2/Customizing-Git-Git-Hooks) Git hook to the server." msgstr "" msgid "" "In most of my project I like to keep a `test` attribute which runs the test " "with `nix-build -A test`. This way, a post-receive hook could look like:" msgstr "" msgid "" "#!/usr/bin/env bash\n" "set -Eeuo pipefail\n" "set -x\n" "\n" "LOGS_PREFIX=\"/data/static/ci-logs/libedn\"\n" "mkdir -p \"$LOGS_DIR\"\n" "LOGFILE=\"${LOGS_DIR}/$(date -Is)-$(git rev-parse master).log\"\n" "exec &> >(tee -a \"${LOGFILE}\")\n" "\n" "unset GIT_DIR\n" "CLONE=\"$(mktemp -d)\"\n" "git clone . \"$CLONE\"\n" "pushd \"$CLONE\"\n" "\n" "finish() {\n" " printf \"\\n\\n>>> exit status was %s\\n\" \"$?\"\n" "}\n" "trap finish EXIT\n" "\n" "nix-build -A test\n" msgstr "" msgid "" "We initially (lines #5 to #8) create a log file, named after *when* the run " "is running and for *which* commit it is running for. The `exec` and `tee` " "combo allows the output of the script to go both to `stdout` *and* the log " "file. This makes the logs output show up when you do a `git push`." msgstr "" msgid "" "Lines #10 to #13 create a fresh clone of the repository and line #20 runs " "the test command." msgstr "" msgid "" "After using a similar post-receive hook for a while, I now even generate a " "simple HTML file to make the [logs available](https://ci.euandreh.xyz/) " "through the browser." msgstr "" msgid "Upsides" msgstr "" msgid "No vendor lock-in, as all you need is a server with Nix installed." msgstr "" msgid "" "And if you pin the Nixpkgs version you're using, this very simple setup " "yields extremely sandboxed runs on a very hermetic environment." msgstr "" msgid "Downsides" msgstr "" msgid "" "Besides the many missing shiny features of this very simplistic CI, `nix-" "build` can be very resource intensive. Specifically, it consumes too much " "memory. So if it has to download too many things, or the build closure gets " "too big, the server might very well run out of memory." msgstr ""