From f73e393a75fcad939a240ff3b72cbc75813e90e3 Mon Sep 17 00:00:00 2001 From: notgne2 Date: Mon, 28 Sep 2020 14:37:43 -0700 Subject: Add missing files --- src/utils/push.rs | 108 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 108 insertions(+) create mode 100644 src/utils/push.rs (limited to 'src/utils/push.rs') diff --git a/src/utils/push.rs b/src/utils/push.rs new file mode 100644 index 0000000..54ae013 --- /dev/null +++ b/src/utils/push.rs @@ -0,0 +1,108 @@ +use super::data; + +use std::process::Stdio; +use tokio::process::Command; + +pub async fn push_profile( + profile: &data::Profile, + profile_name: &str, + node: &data::Node, + node_name: &str, + supports_flakes: bool, + check_sigs: bool, + repo: &str, + merged_settings: &data::GenericSettings, + deploy_data: &super::DeployData<'_>, +) -> Result<(), Box> { + info!( + "Pushing profile `{}` for node `{}`", + profile_name, node_name + ); + + debug!( + "Building profile `{} for node `{}`", + profile_name, node_name + ); + + if supports_flakes { + Command::new("nix") + .arg("build") + .arg("--no-link") + .arg(format!( + "{}#deploy.nodes.{}.profiles.{}.path", + repo, node_name, profile_name + )) + .stdout(Stdio::null()) + .stderr(Stdio::null()) + .spawn()? + .await?; + } else { + Command::new("nix-build") + .arg(&repo) + .arg("-A") + .arg(format!( + "deploy.nodes.{}.profiles.{}.path", + node_name, profile_name + )) + .stdout(Stdio::null()) + .stderr(Stdio::null()) + .spawn()? + .await?; + } + + if let Ok(local_key) = std::env::var("LOCAL_KEY") { + info!( + "Signing key present! Signing profile `{}` for node `{}`", + profile_name, node_name + ); + + Command::new("nix") + .arg("sign-paths") + .arg("-r") + .arg("-k") + .arg(local_key) + .arg(&profile.profile_settings.path) + .arg(&deploy_data.current_exe) + .stdout(Stdio::null()) + .stderr(Stdio::null()) + .spawn()? + .await?; + } + + debug!("Copying profile `{} for node `{}`", profile_name, node_name); + + let mut copy_command_ = Command::new("nix"); + let mut copy_command = copy_command_.arg("copy"); + + if let Some(true) = merged_settings.fast_connection { + copy_command = copy_command.arg("--substitute-on-destination"); + } + + if !check_sigs { + copy_command = copy_command.arg("--no-check-sigs"); + } + + let ssh_opts_str = merged_settings + .ssh_opts + // This should provide some extra safety, but it also breaks for some reason, oh well + // .iter() + // .map(|x| format!("'{}'", x)) + // .collect::>() + .join(" "); + + copy_command + .arg("--to") + .arg(format!( + "ssh://{}@{}", + deploy_data.ssh_user, node.node_settings.hostname + )) + .arg(&profile.profile_settings.path) + .arg(&deploy_data.current_exe) + .env("NIX_SSHOPTS", ssh_opts_str) + .stdout(Stdio::null()) + .stderr(Stdio::null()) + .spawn()? + .await?; + + Ok(()) +} -- cgit v1.2.3 From 239d0f8999b47e9e76589ee1fa2d9f3459c47335 Mon Sep 17 00:00:00 2001 From: notgne2 Date: Mon, 28 Sep 2020 15:45:53 -0700 Subject: use separate binary for activation, more cleanup --- src/utils/push.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/utils/push.rs') diff --git a/src/utils/push.rs b/src/utils/push.rs index 54ae013..0e1b9ba 100644 --- a/src/utils/push.rs +++ b/src/utils/push.rs @@ -74,7 +74,7 @@ pub async fn push_profile( let mut copy_command_ = Command::new("nix"); let mut copy_command = copy_command_.arg("copy"); - if let Some(true) = merged_settings.fast_connection { + if merged_settings.fast_connection { copy_command = copy_command.arg("--substitute-on-destination"); } -- cgit v1.2.3 From 8d21dd335e5259dadf832a5d1a7c72b9dd1f4400 Mon Sep 17 00:00:00 2001 From: notgne2 Date: Tue, 29 Sep 2020 15:10:06 -0700 Subject: Add license information, reformat Nix files, clean up --- src/utils/push.rs | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'src/utils/push.rs') diff --git a/src/utils/push.rs b/src/utils/push.rs index 0e1b9ba..c87c32b 100644 --- a/src/utils/push.rs +++ b/src/utils/push.rs @@ -1,3 +1,7 @@ +// SPDX-FileCopyrightText: 2020 Serokell +// +// SPDX-License-Identifier: MPL-2.0 + use super::data; use std::process::Stdio; -- cgit v1.2.3 From ea5aab76849ba3ce9ff2b7eba2a391d4ea33fa3a Mon Sep 17 00:00:00 2001 From: notgne2 Date: Thu, 1 Oct 2020 12:43:33 -0700 Subject: Improve nix copy stuff --- src/utils/push.rs | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'src/utils/push.rs') diff --git a/src/utils/push.rs b/src/utils/push.rs index c87c32b..38a576f 100644 --- a/src/utils/push.rs +++ b/src/utils/push.rs @@ -66,7 +66,9 @@ pub async fn push_profile( .arg("-k") .arg(local_key) .arg(&profile.profile_settings.path) - .arg(&deploy_data.current_exe) + .arg(&super::deploy_path_to_activate_path_str( + &deploy_data.current_exe, + )?) .stdout(Stdio::null()) .stderr(Stdio::null()) .spawn()? @@ -101,10 +103,10 @@ pub async fn push_profile( deploy_data.ssh_user, node.node_settings.hostname )) .arg(&profile.profile_settings.path) - .arg(&deploy_data.current_exe) + .arg(&super::deploy_path_to_activate_path_str( + &deploy_data.current_exe, + )?) .env("NIX_SSHOPTS", ssh_opts_str) - .stdout(Stdio::null()) - .stderr(Stdio::null()) .spawn()? .await?; -- cgit v1.2.3 From e14acaf2bdc14bbdc30f3d558b62f64fe33ff5f9 Mon Sep 17 00:00:00 2001 From: notgne2 Date: Thu, 1 Oct 2020 18:21:40 -0700 Subject: Rework system for deploy properties, add CLI override flags --- src/utils/push.rs | 46 +++++++++++++++++++++++----------------------- 1 file changed, 23 insertions(+), 23 deletions(-) (limited to 'src/utils/push.rs') diff --git a/src/utils/push.rs b/src/utils/push.rs index 38a576f..9a6748e 100644 --- a/src/utils/push.rs +++ b/src/utils/push.rs @@ -2,30 +2,24 @@ // // SPDX-License-Identifier: MPL-2.0 -use super::data; - use std::process::Stdio; use tokio::process::Command; pub async fn push_profile( - profile: &data::Profile, - profile_name: &str, - node: &data::Node, - node_name: &str, supports_flakes: bool, check_sigs: bool, repo: &str, - merged_settings: &data::GenericSettings, deploy_data: &super::DeployData<'_>, + deploy_defs: &super::DeployDefs<'_>, ) -> Result<(), Box> { info!( "Pushing profile `{}` for node `{}`", - profile_name, node_name + deploy_data.profile_name, deploy_data.node_name ); debug!( "Building profile `{} for node `{}`", - profile_name, node_name + deploy_data.profile_name, deploy_data.node_name ); if supports_flakes { @@ -34,7 +28,7 @@ pub async fn push_profile( .arg("--no-link") .arg(format!( "{}#deploy.nodes.{}.profiles.{}.path", - repo, node_name, profile_name + repo, deploy_data.node_name, deploy_data.profile_name )) .stdout(Stdio::null()) .stderr(Stdio::null()) @@ -46,7 +40,7 @@ pub async fn push_profile( .arg("-A") .arg(format!( "deploy.nodes.{}.profiles.{}.path", - node_name, profile_name + deploy_data.node_name, deploy_data.profile_name )) .stdout(Stdio::null()) .stderr(Stdio::null()) @@ -57,7 +51,7 @@ pub async fn push_profile( if let Ok(local_key) = std::env::var("LOCAL_KEY") { info!( "Signing key present! Signing profile `{}` for node `{}`", - profile_name, node_name + deploy_data.profile_name, deploy_data.node_name ); Command::new("nix") @@ -65,9 +59,9 @@ pub async fn push_profile( .arg("-r") .arg("-k") .arg(local_key) - .arg(&profile.profile_settings.path) + .arg(&deploy_data.profile.profile_settings.path) .arg(&super::deploy_path_to_activate_path_str( - &deploy_data.current_exe, + &deploy_defs.current_exe, )?) .stdout(Stdio::null()) .stderr(Stdio::null()) @@ -75,12 +69,15 @@ pub async fn push_profile( .await?; } - debug!("Copying profile `{} for node `{}`", profile_name, node_name); + debug!( + "Copying profile `{} for node `{}`", + deploy_data.profile_name, deploy_data.node_name + ); let mut copy_command_ = Command::new("nix"); let mut copy_command = copy_command_.arg("copy"); - if merged_settings.fast_connection { + if deploy_data.merged_settings.fast_connection { copy_command = copy_command.arg("--substitute-on-destination"); } @@ -88,7 +85,8 @@ pub async fn push_profile( copy_command = copy_command.arg("--no-check-sigs"); } - let ssh_opts_str = merged_settings + let ssh_opts_str = deploy_data + .merged_settings .ssh_opts // This should provide some extra safety, but it also breaks for some reason, oh well // .iter() @@ -96,15 +94,17 @@ pub async fn push_profile( // .collect::>() .join(" "); + let hostname = match deploy_data.cmd_overrides.hostname { + Some(ref x) => x, + None => &deploy_data.node.node_settings.hostname, + }; + copy_command .arg("--to") - .arg(format!( - "ssh://{}@{}", - deploy_data.ssh_user, node.node_settings.hostname - )) - .arg(&profile.profile_settings.path) + .arg(format!("ssh://{}@{}", deploy_defs.ssh_user, hostname)) + .arg(&deploy_data.profile.profile_settings.path) .arg(&super::deploy_path_to_activate_path_str( - &deploy_data.current_exe, + &deploy_defs.current_exe, )?) .env("NIX_SSHOPTS", ssh_opts_str) .spawn()? -- cgit v1.2.3 From 05803e0ebaf417d9ba40645b6548a48bf51f9213 Mon Sep 17 00:00:00 2001 From: notgne2 Date: Thu, 1 Oct 2020 20:24:09 -0700 Subject: Handle more command exits correctly --- src/utils/push.rs | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) (limited to 'src/utils/push.rs') diff --git a/src/utils/push.rs b/src/utils/push.rs index 9a6748e..a973572 100644 --- a/src/utils/push.rs +++ b/src/utils/push.rs @@ -22,7 +22,7 @@ pub async fn push_profile( deploy_data.profile_name, deploy_data.node_name ); - if supports_flakes { + let build_exit_status = if supports_flakes { Command::new("nix") .arg("build") .arg("--no-link") @@ -32,8 +32,8 @@ pub async fn push_profile( )) .stdout(Stdio::null()) .stderr(Stdio::null()) - .spawn()? - .await?; + .status() + .await? } else { Command::new("nix-build") .arg(&repo) @@ -44,8 +44,12 @@ pub async fn push_profile( )) .stdout(Stdio::null()) .stderr(Stdio::null()) - .spawn()? - .await?; + .status() + .await? + }; + + if !build_exit_status.success() { + good_panic!("`nix build` failed"); } if let Ok(local_key) = std::env::var("LOCAL_KEY") { @@ -54,7 +58,7 @@ pub async fn push_profile( deploy_data.profile_name, deploy_data.node_name ); - Command::new("nix") + let sign_exit_status = Command::new("nix") .arg("sign-paths") .arg("-r") .arg("-k") @@ -65,8 +69,12 @@ pub async fn push_profile( )?) .stdout(Stdio::null()) .stderr(Stdio::null()) - .spawn()? + .status() .await?; + + if !sign_exit_status.success() { + good_panic!("`nix sign-paths` failed"); + } } debug!( @@ -99,7 +107,7 @@ pub async fn push_profile( None => &deploy_data.node.node_settings.hostname, }; - copy_command + let copy_exit_status = copy_command .arg("--to") .arg(format!("ssh://{}@{}", deploy_defs.ssh_user, hostname)) .arg(&deploy_data.profile.profile_settings.path) @@ -107,8 +115,12 @@ pub async fn push_profile( &deploy_defs.current_exe, )?) .env("NIX_SSHOPTS", ssh_opts_str) - .spawn()? + .status() .await?; + if !copy_exit_status.success() { + good_panic!("`nix copy` failed"); + } + Ok(()) } -- cgit v1.2.3 From 5674670a59168fb05f26e5b4fb41dd2662810e94 Mon Sep 17 00:00:00 2001 From: notgne2 Date: Fri, 2 Oct 2020 12:58:11 -0700 Subject: General improvements, deprecate `activate` profile option in favor of executing $PROFILE/activate (Wrap It Yourself) to ensure successful rollback activations --- src/utils/push.rs | 5 ----- 1 file changed, 5 deletions(-) (limited to 'src/utils/push.rs') diff --git a/src/utils/push.rs b/src/utils/push.rs index a973572..3f48d68 100644 --- a/src/utils/push.rs +++ b/src/utils/push.rs @@ -17,11 +17,6 @@ pub async fn push_profile( deploy_data.profile_name, deploy_data.node_name ); - debug!( - "Building profile `{} for node `{}`", - deploy_data.profile_name, deploy_data.node_name - ); - let build_exit_status = if supports_flakes { Command::new("nix") .arg("build") -- cgit v1.2.3 From ea717911bac5ff29d730d80d4b774fe17ed1e851 Mon Sep 17 00:00:00 2001 From: notgne2 Date: Tue, 13 Oct 2020 19:06:40 -0700 Subject: Clean up some CLI arguments, make magic rollback optional --- src/utils/push.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/utils/push.rs') diff --git a/src/utils/push.rs b/src/utils/push.rs index 3f48d68..f80f9f8 100644 --- a/src/utils/push.rs +++ b/src/utils/push.rs @@ -80,7 +80,7 @@ pub async fn push_profile( let mut copy_command_ = Command::new("nix"); let mut copy_command = copy_command_.arg("copy"); - if deploy_data.merged_settings.fast_connection { + if let Some(true) = deploy_data.merged_settings.fast_connection { copy_command = copy_command.arg("--substitute-on-destination"); } -- cgit v1.2.3 From c55471f1a52fc7cb4c467a3c9718640cdb950a22 Mon Sep 17 00:00:00 2001 From: notgne2 Date: Fri, 23 Oct 2020 22:03:15 -0700 Subject: Fix log messages, prevent non-flake builds writing to result, unmute stderr on nix builds --- src/utils/push.rs | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'src/utils/push.rs') diff --git a/src/utils/push.rs b/src/utils/push.rs index f80f9f8..a82c9d4 100644 --- a/src/utils/push.rs +++ b/src/utils/push.rs @@ -13,7 +13,7 @@ pub async fn push_profile( deploy_defs: &super::DeployDefs<'_>, ) -> Result<(), Box> { info!( - "Pushing profile `{}` for node `{}`", + "Building profile `{}` for node `{}`", deploy_data.profile_name, deploy_data.node_name ); @@ -26,19 +26,18 @@ pub async fn push_profile( repo, deploy_data.node_name, deploy_data.profile_name )) .stdout(Stdio::null()) - .stderr(Stdio::null()) .status() .await? } else { Command::new("nix-build") .arg(&repo) + .arg("--no-out-link") .arg("-A") .arg(format!( "deploy.nodes.{}.profiles.{}.path", deploy_data.node_name, deploy_data.profile_name )) .stdout(Stdio::null()) - .stderr(Stdio::null()) .status() .await? }; @@ -73,7 +72,7 @@ pub async fn push_profile( } debug!( - "Copying profile `{} for node `{}`", + "Copying profile `{}` to node `{}`", deploy_data.profile_name, deploy_data.node_name ); -- cgit v1.2.3 From 72b066b293befec048f6a1b2f8d7a4b103ae4edf Mon Sep 17 00:00:00 2001 From: notgne2 Date: Fri, 23 Oct 2020 22:44:52 -0700 Subject: Add an option to keep build results --- src/utils/push.rs | 43 ++++++++++++++++++++++++++++++------------- 1 file changed, 30 insertions(+), 13 deletions(-) (limited to 'src/utils/push.rs') diff --git a/src/utils/push.rs b/src/utils/push.rs index a82c9d4..5e87d5c 100644 --- a/src/utils/push.rs +++ b/src/utils/push.rs @@ -11,25 +11,27 @@ pub async fn push_profile( repo: &str, deploy_data: &super::DeployData<'_>, deploy_defs: &super::DeployDefs<'_>, + keep_result: bool, + result_path: Option<&str>, ) -> Result<(), Box> { info!( "Building profile `{}` for node `{}`", deploy_data.profile_name, deploy_data.node_name ); - let build_exit_status = if supports_flakes { + let mut build_c = if supports_flakes { Command::new("nix") - .arg("build") - .arg("--no-link") - .arg(format!( - "{}#deploy.nodes.{}.profiles.{}.path", - repo, deploy_data.node_name, deploy_data.profile_name - )) - .stdout(Stdio::null()) - .status() - .await? } else { Command::new("nix-build") + }; + + let mut build_command = if supports_flakes { + build_c.arg("build").arg("--no-link").arg(format!( + "{}#deploy.nodes.{}.profiles.{}.path", + repo, deploy_data.node_name, deploy_data.profile_name + )) + } else { + build_c .arg(&repo) .arg("--no-out-link") .arg("-A") @@ -37,11 +39,26 @@ pub async fn push_profile( "deploy.nodes.{}.profiles.{}.path", deploy_data.node_name, deploy_data.profile_name )) - .stdout(Stdio::null()) - .status() - .await? }; + build_command = match (keep_result, supports_flakes) { + (true, _) => { + let result_path = match result_path { + Some(x) => x, + None => "./.deploy-gc", + }; + + build_command.arg("--out-link").arg(format!( + "{}/{}/{}", + result_path, deploy_data.node_name, deploy_data.profile_name + )) + } + (false, false) => build_command.arg("--no-out-link"), + (false, true) => build_command.arg("--no-link"), + }; + + let build_exit_status = build_command.stdout(Stdio::null()).status().await?; + if !build_exit_status.success() { good_panic!("`nix build` failed"); } -- cgit v1.2.3