\documentclass{beamer} \usepackage{graphicx} \usepackage[outputdir=../aux/tex]{minted} \usepackage[absolute,overlay]{textpos} \usepackage{tikz} \usepackage{svg} \usepackage{hyperref} \usetikzlibrary{calc,tikzmark} %% \setbeameroption{show notes on second screen=right} \setbeameroption{show notes} \addtobeamertemplate{note page}{}{\thispdfpagelabel{notes:\insertframenumber}} \title{buildbot-nix} \author{Richard Brežák} \date{2024} \usetheme[progressbar=frametitle]{moloch} \newcommand\beamercoverdeemph{% \setbeamercovered{again covered={\opaqueness<1->{30}}}% } \begin{document} \frame{\titlepage} \begin{frame} \centering There is no good open-source Nix CI/CD \note[item]{some might say, we have no ...} \note[item]{we want something...} \end{frame} \begin{frame} \beamercoverdeemph{} \centering \begin{itemize} \item<1>{easy to deploy} \item<2>{works out of the box} \item<3>{natively integrates with GitHub and other forges} \item<4>{not a from-scratch project, something that works NOW} \end{itemize} \note[item]{one temptation is to write everything from scratch. Multiple projects tried this and none of them succeeded. We needed something we can make work today, and iterate over.} \end{frame} \begin{frame}{Hydra} \beamercoverdeemph{} \centering \begin{itemize} \item<2>{heavy-weight, keeps track of every store path} \item<3>{\texttt{nixpkgs} scale CI for \texttt{nixpkgs} scale problems} \item<4,5>{doesn't integrate well with GitHub/Gitea\only<5>{, especially PRs}} \end{itemize} \note[item]{take Hydra, (then flip)} \end{frame} \begin{frame} \begin{columns}[c] \begin{column}{0.49\textwidth} \centering I attempted to run Hydra \end{column} \begin{column}{0.02\textwidth} \rule{.1mm}{0.7\textheight} \end{column} \begin{column}{0.49\textwidth} \centering I've succeeded and I'm still running it \end{column} \end{columns} \end{frame} \begin{frame}{GitHub/Gitea Actions} \beamercoverdeemph{} \centering \begin{itemize} \item<2>{not Nix native} \item<3>{cannot use the build sandbox generally} \item<4>{caching is hard to get right or wasteful} \item<5>{build logs become a jumbled mess \textit{OR} may repeat builds} \item<6>{if done naively, you will get an OOM} \end{itemize} \note[item]{take Actions, (then flip)} \end{frame} \begin{frame} \includegraphics[width=1.0\textwidth]{../figures/how-standards-prolifirate.png} \note[item]{so we wrote one} \end{frame} \begin{frame}[fragile] \begin{center} \verb|buildbot-nix| \end{center} \note[item]{called buildbot-nix} \end{frame} \begin{frame} \begin{columns}[c] \begin{column}{0.49\textwidth} \centering I know of buildbot-nix \end{column} \begin{column}{0.02\textwidth} \rule{.1mm}{0.7\textheight} \end{column} \begin{column}{0.49\textwidth} \centering I've never heard of it \end{column} \end{columns} \end{frame} \begin{frame}{buildbot?} \note[item]{what's buildbot?} \begin{columns}[c] \begin{column}{0.5\textwidth} \beamercoverdeemph{} \begin{itemize} \item<1> CI/CD framework \item<2> written in Python \item<3> used by many projects \end{itemize} \vspace{1.0em} \uncover<4->{essentially...} \\ \vspace{1.0em} \uncover<5->{Jenkins but in Python} \end{column} \begin{column}{0.5\textwidth} \pgfdeclareimage[width=5em]{openzfs}{../figures/openzfs-logo.png} \pgfdeclareimage[width=5em]{python}{../figures/python.png} \pgfdeclareimage[width=5em]{gentoo}{../figures/gentoo.png} \pgfdeclareimage[width=5em]{blender}{../figures/blender.png} \pgfdeclareimage[width=5em]{llvm}{../figures/llvm.png} \begin{column}<3->{0.5\textwidth} %% \pgfmathsetseed{2} \begin{tikzpicture} %% \makeatletter %% \pgfmathdeclarefunction{rndx}{0}{ %% \pgfmathrandom{-1em, 1em} \pgfmathresult %% } %% \pgfmathdeclarefunction{rndy}{0}{ %% \pgfmathrandom{-1em, 1em} \pgfmathresult %% } %% \makeatother %% \draw (0, 0) node {\pgftext{\includesvg[width=1em]{../figures/python-logo.svg}}}; \draw (-14em, 7em) node {\pgfuseimage{openzfs}}; \draw (-14em, -7em) node {\pgfuseimage{blender}}; \draw (-14em, 0) node {\pgfuseimage{gentoo}}; \draw (-7em, 3.5em) node {\pgfuseimage{python}}; \draw (-7em, -3.5em) node {\pgfuseimage{llvm}}; %% \draw (0, 0) node {\pgftext{\includegraphics{silver}}}}; \end{tikzpicture} \end{column} \end{column} \end{columns} \end{frame} \begin{frame}{buildbot!} \includegraphics[width=1.0\linewidth]{../figures/python-buildbot.png} \note[item]{used by Python for example} \end{frame} \begin{frame}{buildbot-nix?} \beamercoverdeemph{} \begin{itemize} \item<1> CI/CD for Nix \item<2> plugin for \texttt{buildbot} \item<3> written in Python \item<4> can run on PRs safely -- configuration is server-side \end{itemize} \begin{uncoverenv}<5> \begin{center} \Large Aiming for smaller projects \end{center} \end{uncoverenv} \begin{onlyenv}<6> \pgfdeclareimage[width=12.5em]{nix-community}{../figures/nix-community.png} \pgfdeclareimage[width=12.5em]{nix-ngi-0}{../figures/nix-ngi-0.png} \begin{tikzpicture}[overlay] \fill[white, opacity=0.7] (-0.2\paperwidth,1.0\paperheight) rectangle (1.0\paperwidth, -0.2\paperheight); \draw (0.225\textwidth,0.175\textheight) node {\pgfuseimage{nix-community}}; \draw (0.775\textwidth,0.175\textheight) node {\pgfuseimage{nix-ngi-0}}; \end{tikzpicture} \end{onlyenv} \end{frame} \begin{frame}[fragile] \begin{minted}[linenos=true,bgcolor=bg,breaklines,tabsize=2]{nix} { inputs = { ... }; outputs = { ... }: { checks.${system} = { treefmt = treefmt...check; packageTest = runCommand "package-test" { } "exit 1"; }; formatter.${system} = treefmt...wrapper; }; } \end{minted} \begin{textblock}{2.5}(12.5,14.5) \footnotesize (not true Nix) \end{textblock} \note[item]{what if you had a flake, like that, and wanted to run CI on it? well, run all the checks in CI!} \end{frame} \begin{frame} \includegraphics[width=1.0\textwidth]{../figures/gh-status-ex01.png} \begin{textblock}{2.5}(12.5,14.5) {\footnotesize(find the bug)} \end{textblock} \end{frame} \begin{frame} \includegraphics[width=1.0\textwidth]{../figures/buildbot-view.png} \end{frame} \begin{frame} \centering How do I get this? \end{frame} \begin{frame} \centering Easily! \end{frame} \begin{frame}[fragile] \newcommand<>{\circletikz}[2]{% \begin{onlyenv}#3 \begin{tikzpicture}[overlay,remember picture] \draw[draw = red, line width=0.3mm] let \p1 = ($(pic cs:#1) - (pic cs:#2)$), \p2 = ($1/2*(\x1,\y1)$) in ($(pic cs:#1) - 1/2*(\x1, \y1) + (0, 0.25em)$) ellipse (\x2 and 1em); \end{tikzpicture}% \end{onlyenv}% } \newcommand<>{\underlinetikz}[2]{% \begin{onlyenv}#3 \begin{tikzpicture}[overlay,remember picture] \draw[draw = red, line width=0.3mm] ($(pic cs:#1) - (0, 0.125em)$) -- ($(pic cs:#2) - (0, 0.125em)$); \end{tikzpicture}% \end{onlyenv}% } \begin{minted}[escapeinside=||,beameroverlays,fontsize=\small,linenos=true,bgcolor=bg,breaklines,tabsize=2]{nix} services.buildbot-nix.master = { enable = true; jobReportLimit = |\tikzmark{jobsS}|null|\tikzmark{jobsE}|; domain = |\tikzmark{domainS}|"buildbot.example.org"|\tikzmark{domainE}|; workersFile = |\tikzmark{workersS}|"/secret/workers.json"|\tikzmark{workersE}|; admins = |\tikzmark{adminsS}|["your-nickname"]|\tikzmark{adminsE}|; authBackend = |\tikzmark{githubS}|"github"|\tikzmark{githubE}|; |\tikzmark{githubS}|github|\tikzmark{githubE}| = { |\tikzmark{githubEnableS}|enable = true|\tikzmark{githubEnableE}|; webhookSecretFile = |\tikzmark{webhookS}|"/secret/github_webhook_secret"|\tikzmark{webhookE}|; oauthId = |\tikzmark{oauthIdS}|"..."|\tikzmark{oauthIdE}|; oauthSecretFile = |\tikzmark{oauthSecretS}|"/secret/github_oauth_secret"|\tikzmark{oauthSecretE}|; topic = |\tikzmark{topicS}|"build-with-buildbot"|\tikzmark{topicE}|; authType.app = { secretKeyFile = |\tikzmark{secretKeyS}|"/secret/github_app_private_key.pem"|\tikzmark{secretKeyE}|; id = |\tikzmark{idS}|881425|\tikzmark{idE}|; }; }; }; \end{minted} \underlinetikz<2>{domainS}{domainE} \underlinetikz<3>{githubS}{githubE} \underlinetikz<3>{githubEnableS}{githubEnableE} \underlinetikz<4>{workersS}{workersE} \underlinetikz<4>{webhookS}{webhookE} \underlinetikz<4>{oauthIdS}{oauthIdE} \underlinetikz<4>{oauthSecretS}{oauthSecretE} \underlinetikz<4>{secretKeyS}{secretKeyE} \underlinetikz<4>{idS}{idE} \underlinetikz<5>{topicS}{topicE} \underlinetikz<5>{jobsS}{jobsE} \underlinetikz<5>{adminsS}{adminsE} \end{frame} \begin{frame}[fragile] \begin{center} and you have buildbot running \end{center} \begin{textblock}{10.0}(5.5,14.5) {\footnotesize(after configuring \verb|services.nginx.virtualHosts|)} \end{textblock} \end{frame} \begin{frame} \centering What are the features? \end{frame} \newcommand{\imagewithtitle}[2]{% \begin{minipage}[t][1em]{1.0\linewidth} \centering #1 \end{minipage}\\ \vspace{1.5em} \includegraphics[width=1.0\linewidth, height=0.8\textheight, keepaspectratio]{#2}% } %% \begin{frame}[fragile] %% %% \begin{columns} %% %% \begin{column}{0.5\textwidth} %% \centering %% \imagewithtitle{\Large builds \texttt{.\#checks}}{../figures/buildbot-view.png} %% %% \end{column} %% %% \begin{column}{0.5\textwidth} %% \centering %% \imagewithtitle{\Large status reports}{../figures/gh-status-ex01.png} %% %% \end{column} %% %% \end{columns} %% \end{frame} \begin{frame} \begin{columns} \begin{column}{0.5\textwidth} \centering \imagewithtitle{\Large Gitea/Forgejo}{../figures/forgejo.png} \end{column} \begin{column}{0.5\textwidth} \centering \imagewithtitle{\Large GitHub}{../figures/github.png} \end{column} \end{columns} \end{frame} \begin{frame} \centering \imagewithtitle{\Large Cachix}{../figures/cachix.png} \end{frame} \begin{frame} \centering \imagewithtitle{\Large post build steps}{../figures/post-build-steps.png} \end{frame} \begin{frame}[fragile] \centering \begin{minipage}[t][1em]{1.0\linewidth} \centering {\Large per-repository settings (almost)} \end{minipage}\\ \vspace{1.5em} \begin{minted}[linenos=true,bgcolor=bg,breaklines,tabsize=2]{toml} attribute = "checks" lock_file = "flake.lock" \end{minted} \end{frame} \begin{frame} \centering \imagewithtitle{\Large per-repository effects with secrets (soon)}{../figures/buildbot-effects.png} \end{frame} \begin{frame} \centering \texttt{buildbot-nix} 1.0 is already here, \\ and is powering \texttt{nix-community} and \texttt{nix-ngi-0} \end{frame} \begin{frame} \centering Get your very own today! (or at the hackday) \end{frame} \begin{frame}[t] %% \includegraphics[width=0.35\textwidth]{../figures/redalder-qr.png}\hspace{1.5em}% %% \includegraphics[width=0.35\textwidth]{../figures/numtide-qr.png} \vspace{2.0em} \begin{minipage}{1.0\textwidth} \footnotesize \href{https://redalder.org}{\textbf{redalder.org}} \\ \href{https://numtide.com}{\textbf{numtide.com}} \\ \href{https://git.redalder.org/magic\_rb/nixcon2024}{\textbf{git.redalder.org/magic\_rb/nixcon2024}} \end{minipage} \vspace{1.5em}\\ \begin{center} Questions? \\ \includegraphics[width=0.50\textwidth]{../figures/buildbot-nix-qr.png} \end{center} \note[item]{thank users of buildbot-nix for the images and also for reporting bugs when they happen} %% \includegraphics[width=0.35\textwidth]{../figures/upstream-qr.png}\hspace{1.5em}% \end{frame} %% \begin{frame} %% \centering %% what can it do? %% \end{frame} %% \begin{frame}[fragile] %% \centering %% \verb|buildbot-nix| will evaluate \verb|#checks| for all systems %% \end{frame} %% \begin{frame}[fragile] %% \centering %% it will report evaluation failures %% \end{frame} %% \begin{frame}[fragile] %% \centering %% it will build derivations for supported systems %% \end{frame} \end{document} % there is no good opensource CI % then we built it % why is hydra not great % what is it we built, what does it offer % now there is good opensource CI, check out % call for action