From 50bd183984428bdfdfde63f11dcb9d8e38c24349 Mon Sep 17 00:00:00 2001 From: Jakub Date: Tue, 13 Jan 2026 18:42:52 +0100 Subject: [PATCH] chore(ci): use container, add timeout, tmp cleanup (#1369) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jakub SokoĊ‚owski --- ci/linux.Jenkinsfile | 51 +++++++++++++++++++++++++++++ Jenkinsfile => ci/macos.Jenkinsfile | 13 ++++++-- nix/default.nix | 31 ++++++++++++------ 3 files changed, 82 insertions(+), 13 deletions(-) create mode 100644 ci/linux.Jenkinsfile rename Jenkinsfile => ci/macos.Jenkinsfile (63%) diff --git a/ci/linux.Jenkinsfile b/ci/linux.Jenkinsfile new file mode 100644 index 00000000..8080f7b4 --- /dev/null +++ b/ci/linux.Jenkinsfile @@ -0,0 +1,51 @@ +#!/usr/bin/env groovy +library 'status-jenkins-lib@v1.9.37' + +pipeline { + agent { + docker { + label 'linuxcontainer' + image 'harbor.status.im/infra/ci-build-containers:linux-base-1.0.0' + args '--volume=/nix:/nix ' + + '--volume=/etc/nix:/etc/nix ' + } + } + + options { + timestamps() + ansiColor('xterm') + timeout(time: 20, unit: 'MINUTES') + disableConcurrentBuilds() + disableRestartFromStage() + /* manage how many builds we keep */ + buildDiscarder(logRotator( + numToKeepStr: '20', + daysToKeepStr: '30', + )) + } + + stages { + stage('Build') { + steps { + script { + nix.flake("default") + } + } + } + + stage('Check') { + steps { + script { + sh './result/bin/storage --version' + } + } + } + } + + post { + cleanup { + cleanWs() + dir(env.WORKSPACE_TMP) { deleteDir() } + } + } +} diff --git a/Jenkinsfile b/ci/macos.Jenkinsfile similarity index 63% rename from Jenkinsfile rename to ci/macos.Jenkinsfile index c43a9edf..cbc55624 100644 --- a/Jenkinsfile +++ b/ci/macos.Jenkinsfile @@ -1,11 +1,15 @@ #!/usr/bin/env groovy -library 'status-jenkins-lib@v1.9.13' +library 'status-jenkins-lib@v1.9.37' pipeline { - agent { label 'linux && x86_64 && nix-2.24' } + agent { label 'macos && aarch64 && nix' } options { + timestamps() + ansiColor('xterm') + timeout(time: 20, unit: 'MINUTES') disableConcurrentBuilds() + disableRestartFromStage() /* manage how many builds we keep */ buildDiscarder(logRotator( numToKeepStr: '20', @@ -32,6 +36,9 @@ pipeline { } post { - cleanup { cleanWs() } + cleanup { + cleanWs() + dir(env.WORKSPACE_TMP) { deleteDir() } + } } } diff --git a/nix/default.nix b/nix/default.nix index c5a288d9..55fb792d 100644 --- a/nix/default.nix +++ b/nix/default.nix @@ -21,13 +21,16 @@ assert pkgs.lib.assertMsg ((src.submodules or true) == true) "Unable to build without submodules. Append '?submodules=1#' to the URI."; let - inherit (pkgs) stdenv lib writeScriptBin callPackage; + inherit (pkgs) lib writeScriptBin callPackage; revision = lib.substring 0 8 (src.rev or "dirty"); tools = callPackage ./tools.nix {}; -in pkgs.gcc13Stdenv.mkDerivation rec { + # Pin GCC/CLang versions + stdenv = if pkgs.stdenv.isLinux then pkgs.gcc13Stdenv else pkgs.clang16Stdenv; + +in stdenv.mkDerivation rec { pname = "storage"; version = "${tools.findKeyValue "version = \"([0-9]+\.[0-9]+\.[0-9]+)\"" ../codex.nimble}-${revision}"; @@ -46,14 +49,16 @@ in pkgs.gcc13Stdenv.mkDerivation rec { fakeGit = writeScriptBin "git" "echo ${version}"; # Fix for the nim-circom-compat-ffi package that is built with cargo. fakeCargo = writeScriptBin "cargo" "echo ${version}"; - in - with pkgs; [ - cmake - which - lsb-release - circomCompatPkg - fakeGit - fakeCargo + in with pkgs; [ + cmake + which + circomCompatPkg + fakeGit + fakeCargo + ] ++ lib.optionals stdenv.isLinux [ + lsb-release + ] ++ lib.optionals stdenv.isDarwin [ + darwin.cctools ]; # Disable CPU optimizations that make binary not portable. @@ -67,6 +72,12 @@ in pkgs.gcc13Stdenv.mkDerivation rec { "QUICK_AND_DIRTY_NIMBLE=${if quickAndDirty then "1" else "0"}" ]; + # FIXME: Remove once permanent fix is applied to NBS: + patchPhase = '' + substituteInPlace vendor/nimbus-build-system/scripts/build_nim.sh \ + --replace-fail '"''${NIX_BUILD_TOP}" != "/build"' '-z $${NIX_BUILD_TOP}' + ''; + configurePhase = '' patchShebangs . vendor/nimbus-build-system > /dev/null make nimbus-build-system-paths