nixcon2024/tex/main.tex

\documentclass{beamer}

\usepackage{graphicx}
\usepackage[outputdir=../aux/tex]{minted}
\usepackage[showboxes,absolute,overlay]{textpos}
\usepackage{tikz}
\usepackage{svg}
\usetikzlibrary{calc,tikzmark}

%% \setbeameroption{show notes on second screen=right}
\setbeameroption{show notes}
\addtobeamertemplate{note page}{}{\thispdfpagelabel{notes:\insertframenumber}}

\title{buildbot-nix}
\author{Richard Brežák}
\date{2024}

\usetheme[progressbar=frametitle]{moloch}

\newcommand\beamercoverdeemph{%
  \setbeamercovered{again covered={\opaqueness<1->{30}}}%
}

\begin{document}
\frame{\titlepage}

\begin{frame}
	\centering
	There is no good open-source Nix CI/CD
	\note[item]{some might say, we have no ...}
	\note[item]{we want something...}
\end{frame}

\begin{frame}
	\beamercoverdeemph{}
	\centering
	\begin{itemize}
		\item<1>{easy to deploy}
		\item<2>{works out of the box}
		\item<3>{natively integrates with GitHub and other forges}
		\item<4>{not a from-scratch project, something that works NOW}
	\end{itemize}
	\note[item]<4>{one temptation is to write everything from scratch. Multiple projects tried this and none of them succeeded. We needed something we can make work today, and iterate over.}
\end{frame}

\begin{frame}{Hydra}
	\beamercoverdeemph{}
	\centering
	\begin{itemize}
		\item<2>{heavy-weight, keeps track of every store path}
		\item<3>{\texttt{nixpkgs} scale CI for \texttt{nixpkgs} scale problems}
		\item<4,5>{doesn't integrate well with GitHub/Gitea\only<6>{, especially PRs}}
	\end{itemize}
	\note[item]{take Hydra, (then flip)}
\end{frame}

\begin{frame}
	\begin{columns}[c]
		\begin{column}{0.49\textwidth}
			\centering
			I attempted to run Hydra
		\end{column}
		\begin{column}{0.02\textwidth}
			\rule{.1mm}{0.7\textheight}
		\end{column}
		\begin{column}{0.49\textwidth}
			\centering
			I've succeeded and I'm still running it
		\end{column}
	\end{columns}
\end{frame}

\begin{frame}{GitHub/Gitea Actions}
	\beamercoverdeemph{}
	\centering
	\begin{itemize}
		\item<2>{not Nix native}
		\item<3>{cannot use the build sandbox generally}
		\item<4>{caching is hard to get right or wasteful}
		\item<5>{build logs become a jumbled mess \textit{OR} may repeat builds}
		\item<6>{if done naively, you will get an OOM}
	\end{itemize}
	\note[item]{take Actions, (then flip)}
\end{frame}

\begin{frame}
	\includegraphics[width=1.0\textwidth]{../figures/how-standards-prolifirate.png}
	\note[item]{so we wrote one}
\end{frame}

\begin{frame}[fragile]
	\begin{center}
		\verb|buildbot-nix|
	\end{center}
	\note[item]{called buildbot-nix}
\end{frame}


\begin{frame}
	\begin{columns}[c]
		\begin{column}{0.49\textwidth}
			\centering
			I know of buildbot-nix
		\end{column}
		\begin{column}{0.02\textwidth}
			\rule{.1mm}{0.7\textheight}
		\end{column}
		\begin{column}{0.49\textwidth}
			\centering
			I've never heard of it
		\end{column}
	\end{columns}
\end{frame}

\begin{frame}{buildbot?}
	\note[item]{what's buildbot?}
	\begin{columns}[c]
		\begin{column}{0.5\textwidth}
			\beamercoverdeemph{}
			\begin{itemize}
				\item<1> CI/CD framework
				\item<2> written in Python
				\item<3> used by many projects
			\end{itemize}
			\vspace{1.0em}
			\uncover<4->{essentially...} \\
			\vspace{1.0em}
			\uncover<5->{Jenkins but in Python}
		\end{column}
		\begin{column}{0.5\textwidth}
			\pgfdeclareimage[width=5em]{openzfs}{../figures/openzfs-logo.png}
			\pgfdeclareimage[width=5em]{python}{../figures/python.png}
			\pgfdeclareimage[width=5em]{gentoo}{../figures/gentoo.png}
			\pgfdeclareimage[width=5em]{blender}{../figures/blender.png}
			\pgfdeclareimage[width=5em]{llvm}{../figures/llvm.png}
			\begin{column}<3->{0.5\textwidth}
				%% \pgfmathsetseed{2}
				\begin{tikzpicture}
					%% \makeatletter
					%% \pgfmathdeclarefunction{rndx}{0}{
					%% 	\pgfmathrandom{-1em, 1em} \pgfmathresult
					%% }
					%% \pgfmathdeclarefunction{rndy}{0}{
					%% 	\pgfmathrandom{-1em, 1em} \pgfmathresult
					%% }
					%% \makeatother
					%% \draw (0, 0) node {\pgftext{\includesvg[width=1em]{../figures/python-logo.svg}}};
					\draw (-14em, 7em) node {\pgfuseimage{openzfs}};
					\draw (-14em, -7em) node {\pgfuseimage{blender}};
					\draw (-14em, 0) node {\pgfuseimage{gentoo}};
					\draw (-7em, 3.5em) node {\pgfuseimage{python}};
					\draw (-7em, -3.5em) node {\pgfuseimage{llvm}};
					%% \draw (0, 0) node {\pgftext{\includegraphics{silver}}}};
				\end{tikzpicture}
			\end{column}
		\end{column}
	\end{columns}
\end{frame}
\begin{frame}{buildbot!}
	\includegraphics[width=1.0\linewidth]{../figures/python-buildbot.png}
	\note[item]{used by Python for example}
\end{frame}

\begin{frame}{buildbot-nix?}
	\beamercoverdeemph{}
	\begin{itemize}
		\item<1> CI/CD for Nix
		\item<2> plugin for \texttt{buildbot}
		\item<3> written in Python
		\item<4> can run on PRs safely -- configuration is server-side
	\end{itemize}
	\begin{uncoverenv}<5>
		\begin{center}
			\Large Aiming for smaller projects
		\end{center}
	\end{uncoverenv}
	\begin{onlyenv}<6>
		\pgfdeclareimage[width=12.5em]{nix-community}{../figures/nix-community.png}
		\pgfdeclareimage[width=12.5em]{nix-ngi-0}{../figures/nix-ngi-0.png}
		\begin{tikzpicture}[overlay]
			\fill[white, opacity=0.7] (-0.2\paperwidth,1.0\paperheight) rectangle (1.0\paperwidth, -0.2\paperheight);
			\draw (0.225\textwidth,0.175\textheight) node {\pgfuseimage{nix-community}};
			\draw (0.775\textwidth,0.175\textheight) node {\pgfuseimage{nix-ngi-0}};
		\end{tikzpicture}
	\end{onlyenv}
\end{frame}

\begin{frame}[fragile]
	\begin{minted}[linenos=true,bgcolor=bg,breaklines,tabsize=2]{nix}
{
  inputs = { ... };
  outputs = { ... }:
    {
      checks.${system} = {
        treefmt = treefmt...check;
        packageTest = runCommand "package-test" { } "exit 1";
        };
      formatter.${system} = treefmt...wrapper;
    };
}
	\end{minted}
	{\tiny (not true Nix)}
	\note[item]{what if you had a flake, like that, and wanted to run CI on it? well, run all the checks in CI!}
\end{frame}

\begin{frame}
	\includegraphics[width=1.0\textwidth]{../figures/gh-status-ex01.png}

	\begin{textblock}{2.5}(12.5,14.5)
		{\footnotesize(find the bug)}
	\end{textblock}
\end{frame}

\begin{frame}
	\includegraphics[width=1.0\textwidth]{../figures/buildbot-view.png}
\end{frame}

\begin{frame}
	\centering
	How do I get this?
\end{frame}

\begin{frame}
	\centering
	Easily!
\end{frame}

\begin{frame}[fragile]
	\newcommand<>{\circletikz}[2]{%
		\begin{onlyenv}#3
			\begin{tikzpicture}[overlay,remember picture]
				\draw[draw = red, line width=0.3mm] let
				\p1 = ($(pic cs:#1) - (pic cs:#2)$),
				\p2 = ($1/2*(\x1,\y1)$)
				in ($(pic cs:#1) - 1/2*(\x1, \y1) + (0, 0.25em)$) ellipse (\x2 and 1em);
			\end{tikzpicture}%
		\end{onlyenv}%
	}
	\newcommand<>{\underlinetikz}[2]{%
		\begin{onlyenv}#3
			\begin{tikzpicture}[overlay,remember picture]
				\draw[draw = red, line width=0.3mm]
				($(pic cs:#1) - (0, 0.125em)$) -- ($(pic cs:#2) - (0, 0.125em)$);
			\end{tikzpicture}%
		\end{onlyenv}%
	}
	\begin{minted}[escapeinside=||,beameroverlays,fontsize=\small,linenos=true,bgcolor=bg,breaklines,tabsize=2]{nix}
services.buildbot-nix.master = {
  enable = true;
  jobReportLimit = |\tikzmark{jobsS}|null|\tikzmark{jobsE}|;
  domain = |\tikzmark{domainS}|"buildbot.example.org"|\tikzmark{domainE}|;
  workersFile = |\tikzmark{workersS}|"/secret/workers.json"|\tikzmark{workersE}|;
  admins = |\tikzmark{adminsS}|["your-nickname"]|\tikzmark{adminsE}|;
  authBackend = |\tikzmark{githubS}|"github"|\tikzmark{githubE}|;
  |\tikzmark{githubS}|github|\tikzmark{githubE}| = {
    |\tikzmark{githubEnableS}|enable = true|\tikzmark{githubEnableE}|;
    webhookSecretFile = |\tikzmark{webhookS}|"/secret/github_webhook_secret"|\tikzmark{webhookE}|;
    oauthId = |\tikzmark{oauthIdS}|"..."|\tikzmark{oauthIdE}|;
    oauthSecretFile = |\tikzmark{oauthSecretS}|"/secret/github_oauth_secret"|\tikzmark{oauthSecretE}|;
    topic = |\tikzmark{topicS}|"build-with-buildbot"|\tikzmark{topicE}|;
    authType.app = {
      secretKeyFile = |\tikzmark{secretKeyS}|"/secret/github_app_private_key.pem"|\tikzmark{secretKeyE}|;
      id = |\tikzmark{idS}|881425|\tikzmark{idE}|;
    };
  };
};
        \end{minted}
	\underlinetikz<2>{domainS}{domainE}

	\underlinetikz<3>{githubS}{githubE}
	\underlinetikz<3>{githubEnableS}{githubEnableE}

	\underlinetikz<4>{workersS}{workersE}
	\underlinetikz<4>{webhookS}{webhookE}
	\underlinetikz<4>{oauthIdS}{oauthIdE}
	\underlinetikz<4>{oauthSecretS}{oauthSecretE}
	\underlinetikz<4>{secretKeyS}{secretKeyE}
	\underlinetikz<4>{idS}{idE}

	\underlinetikz<5>{topicS}{topicE}
	\underlinetikz<5>{jobsS}{jobsE}
\end{frame}

\begin{frame}[fragile]
	\begin{center}
		and you have buildbot running
	\end{center}
	\begin{textblock}{10.0}(5.5,14.5)
		{\footnotesize(after configuring \verb|services.nginx.virtualHosts|)}
	\end{textblock}
\end{frame}

\begin{frame}
	\centering
	What are the features?
\end{frame}

\newcommand{\imagewithtitle}[2]{%
	\begin{minipage}[t][1em]{1.0\linewidth}
		\centering #1
	\end{minipage}\\
	\vspace{1.5em}
	\includegraphics[width=1.0\linewidth, height=0.8\textheight, keepaspectratio]{#2}%
}

%% \begin{frame}[fragile]
%% 	%% \begin{columns}
%% 	%% \begin{column}{0.5\textwidth}
%% 	\centering
%% 	\imagewithtitle{\Large builds \texttt{.\#checks}}{../figures/buildbot-view.png}
%% 	%% \end{column}
%% 	%% \begin{column}{0.5\textwidth}
%% 	\centering
%% 	\imagewithtitle{\Large status reports}{../figures/gh-status-ex01.png}
%% 	%% \end{column}
%% 	%% \end{columns}
%% \end{frame}

\begin{frame}
	\begin{columns}
		\begin{column}{0.5\textwidth}
			\centering
			\imagewithtitle{\Large Gitea/Forgejo}{../figures/forgejo.png}
		\end{column}
		\begin{column}{0.5\textwidth}
			\centering
			\imagewithtitle{\Large GitHub}{../figures/github.png}
		\end{column}
	\end{columns}
\end{frame}

\begin{frame}
	\centering
	\imagewithtitle{\Large Cachix}{example-image-a}
\end{frame}

\begin{frame}
	\centering
	\imagewithtitle{\Large post build steps}{example-image-a}
\end{frame}

\begin{frame}
	\centering
	\imagewithtitle{\Large per-repository settings}{example-image-a}
\end{frame}

\begin{frame}
	\centering
	\imagewithtitle{\Large per-repository effects with secrets (soon)}{example-image-a}
\end{frame}

\begin{frame}
	\centering
	\texttt{buildbot-nix} 1.0 is already here, \\
	and is powering \texttt{nix-community} and \texttt{nix-ngi-0}
\end{frame}

\begin{frame}
	\centering
	Get your very own today! (or at the hackday)
\end{frame}

\begin{frame}
	\centering
	\includegraphics[width=0.35\textwidth]{../figures/redalder-qr.png}\hspace{1.5em}%
	\includegraphics[width=0.35\textwidth]{../figures/numtide-qr.png}

	Questions?

	\includegraphics[width=0.35\textwidth]{../figures/upstream-qr.png}\hspace{1.5em}%
	\includegraphics[width=0.35\textwidth]{../figures/buildbot-nix-qr.png}
\end{frame}

%% \begin{frame}
%% 	\centering
%% 	what can it do?
%% \end{frame}

%% \begin{frame}[fragile]
%% 	\centering
%% 	\verb|buildbot-nix| will evaluate \verb|#checks| for all systems
%% \end{frame}
%% \begin{frame}[fragile]
%% 	\centering
%% 	it will report evaluation failures
%% \end{frame}
%% \begin{frame}[fragile]
%% 	\centering
%% 	it will build derivations for supported systems
%% \end{frame}

\end{document}

% there is no good opensource CI
% then we built it
% why is hydra not great
% what is it we built, what does it offer
% now there is good opensource CI, check out
% call for action