Commit graph

141 commits

Author SHA1 Message Date
Robert Hensing
067ce26177 Use dockerTools.streamLayeredImage if available
Technically this opens a new attack vector, but if you don't trust
the code you're deploying, you should already have taken precautions
because of nix-shell, direnv etc. This just adds arion to that list.
2020-10-02 11:52:35 +02:00
Robert Hensing
88c361c81c Rename getDockerImages 2020-10-02 11:52:35 +02:00
Robert Hensing
7c20fa9a11 Support use of prebuilt docker-compose.yaml 2020-10-01 18:47:29 +02:00
Robert Hensing
b2e2aad1d5 Fix warning 2020-09-05 23:02:11 +02:00
Robert Hensing
3b86679399 Resolve NonEmpty import warning 2020-03-20 22:28:46 +01:00
Robert Hensing
eeed0577be haskell: Resolve lines ambiguity 2020-03-20 22:28:37 +01:00
Robert Hensing
1778d76117 arion-base: buildLayeredImage -> buildImage to avoid build error
buildLayeredImage doesn't work when the number of nix store layers is 0.
This may be fixed by pull https://github.com/NixOS/nixpkgs/pull/80921/files
but meanwhile, plain buildImage will do the job.
2020-02-24 00:46:26 +01:00
Robert Hensing
0a8f8e7fb8 Fix doc formatting 2019-10-29 12:52:00 +01:00
Robert Hensing
24503bcbe5 Fix warnings 2019-10-29 11:04:25 +01:00
Robert Hensing
dda66e104e Fix test 2019-10-26 15:37:24 +02:00
Robert Hensing
60f3f34527 Rename module-composition -> modules 2019-10-25 00:32:59 +02:00
Domen Kožar
5140cf0a09
Use antora for documentation 2019-10-25 00:11:35 +02:00
Robert Hensing
7749eb2ef9 Add cabal check to ci, build strictly (once) 2019-10-04 19:09:29 +02:00
Robert Hensing
c8f7f5a6d3 Rename, refactor, hide build.imagesToLoad
imagesToLoad is not the right api for non-service images.
2019-10-03 21:55:58 +02:00
Robert Hensing
c3a5f8c13f Assertions, warnings, renames 2019-10-03 21:30:14 +02:00
Robert Hensing
5f56a0846a Make service.{host, composition} readOnly 2019-10-03 17:54:48 +02:00
Robert Hensing
d0815c4393 Add lib and pkgs to repl
Side effect: expose them in eval-composition.
2019-10-03 17:54:07 +02:00
Robert Hensing
83a9d4668f Use proper submodule for services 2019-10-03 17:53:13 +02:00
Robert Hensing
c88d2bb9cf docker load arion-base-image 2019-09-29 23:53:55 +02:00
Robert Hensing
02d319acf6 Expose composition to services 2019-09-29 23:53:55 +02:00
Robert Hensing
a90190fc9e Fix stderr streaming
Just good old-fashioned handles.
2019-09-29 22:44:33 +02:00
Robert Hensing
adc2e34deb Remove the bash implementation 2019-09-28 15:27:19 +02:00
Robert Hensing
0474544d0b Implement defaultExec 2019-09-28 14:25:41 +02:00
Robert Hensing
02c0f80b02 Implement uid parameter 2019-09-28 00:53:11 +02:00
Robert Hensing
1fe10c076d Implement image loading, use it instead of arion-base 2019-09-27 23:59:08 +02:00
Robert Hensing
fcf270c80c Make arion repl work 2019-09-27 21:45:06 +02:00
Robert Hensing
b9488b7f49 Make some commands work 2019-09-27 21:01:57 +02:00
Robert Hensing
c0e995043a Fix unit tests to reflect updated master 2019-09-27 12:44:24 +02:00
Robert Hensing
44df36673c Rename 2019-09-27 12:39:07 +02:00
Robert Hensing
81887ba633 cat: Write to stdout not stderr 2019-09-27 12:36:23 +02:00
Robert Hensing
9d7eb01c73 Merge remote-tracking branch 'origin/master' into arion-hs 2019-09-27 12:28:57 +02:00
Moises Nessim
0f0f976eab Change deprecated types.string to types.str 2019-09-19 12:00:50 -05:00
Serhii Khoma
0f85d7b03c feat: docker-compose fields -> networks -> add 2019-09-18 19:34:26 +03:00
Serhii Khoma
2d079e4f41 feat: docker-compose fields -> container_name -> add 2019-09-18 12:46:11 +03:00
Robert Hensing
695785f5e7
Merge pull request #40 from hercules-ci/domenkozar-patch-1
nixos: set correct $PATH
2019-07-31 14:35:07 +02:00
Robert Hensing
6d6361e7e8 Add --show-trace, eval unit test 2019-07-29 13:49:26 +02:00
moinessim
662042a2bf
Make hostStoreAsReadOnly true by default.
Co-Authored-By: Robert Hensing <roberth@users.noreply.github.com>
2019-07-23 10:09:15 -05:00
Moises Nessim
c5fb4177b8 Add hostStoreAsReadOnly option to service host-store.
Make /nix/store and /run/system read-only when hostStoreAsReadOnly == true.
2019-07-11 15:42:36 -05:00
Robert Hensing
6882a92e56 Make arion cat work 2019-06-23 21:27:13 +02:00
Stefan Matting
60cb5cb5c3 refactor command line parsing 2019-06-15 21:13:09 +02:00
Stefan Matting
9b047987ae Add basic command line parsing 2019-06-15 15:54:48 +02:00
Robert Hensing
ba6fa62c4a Add docker compose example for parsing unit test 2019-06-14 18:10:37 +02:00
Robert Hensing
9443fe8410 Add Haskell package 2019-06-14 16:10:37 +02:00
Robert Hensing
47081ccd41 Unset PYTHONPATH
Accepting directories from the environment into the search path
tends to break things. Docker Compose does not have a plugin
system as far as I can tell, so I don't expect this to break a
feature, but rather to make the program more robustly self-
contained.
2019-05-08 23:45:21 +02:00
Domen Kožar
a95066a844
Merge pull request #46 from hercules-ci/host-store-daemon
set NIX_REMOTE when using the daemon
2019-05-07 17:14:19 +07:00
Domen Kožar
207de9cef0
set NIX_REMOTE when using the daemon 2019-05-07 17:11:28 +07:00
Domen Kožar
6c7170c365
compose service: add 'sysctls' option 2019-05-07 16:06:13 +07:00
Domen Kožar
e800372155
docker-compose: support 'user' entry 2019-05-07 14:14:49 +07:00
Domen Kožar
3964ac2f1e
nixos: set correct $PATH
Not tested.
2019-05-02 06:29:14 +00:00
Robert Hensing
fbf57b4489
Merge pull request #31 from hercules-ci/fix-image-nixBuild-default
Fix image nix build default
2019-03-29 09:04:53 +01:00
Domen Kožar
b279f3a666
Merge pull request #32 from hercules-ci/fix-eval-service-self-ref
Fix eval-service.nix module _file, key
2019-03-29 09:33:34 +07:00
Robert Hensing
c1e2e726c6 Fix arion exec
The service name was still hardcoded.
2019-03-28 13:09:12 +01:00
Robert Hensing
aa52a4e198 Fix eval-service.nix module _file, key 2019-03-28 11:00:18 +01:00
Robert Hensing
f789d163cc Add error context to image building functions 2019-03-27 22:04:31 +01:00
Robert Hensing
cca1f68a4f By default only build an image if service.image is set 2019-03-27 22:04:08 +01:00
Robert Hensing
000b938893
Merge pull request #28 from hercules-ci/exec-shell
Exec shell
2019-03-22 06:43:28 +01:00
Robert Hensing
a171b3d080 Support boot.tmpOnTmpfs without privileges 2019-03-21 15:34:51 +01:00
Robert Hensing
2232038631 Execute a shell on arion exec <service>; 2019-03-21 15:15:28 +01:00
Robert Hensing
7cf74389ad Add build.extendedInfo to service
To let services write to the x-arion section.
2019-03-21 15:15:28 +01:00
Robert Hensing
4ce69bbfba build.image: Add nix store db, maxLayers = 100 2019-03-11 15:04:34 +01:00
Robert Hensing
c6374e0931 nixos-init.nix: Remove /tmp -o noexec 2019-03-11 15:04:34 +01:00
Robert Hensing
ac49df440f Add service.devices option 2019-03-11 15:04:34 +01:00
Robert Hensing
2f11979597 Add service.capabilities option 2019-03-11 15:04:34 +01:00
Robert Hensing
ac012a1ad1 formatting 2019-03-11 15:04:34 +01:00
Robert Hensing
fb62d75d0b container-systemd.nix: Disable Nix daemon by default 2019-03-11 15:04:34 +01:00
Robert Hensing
9922cb6b82 Add image building and loading 2019-03-11 15:03:27 +01:00
Robert Hensing
ed2d58c8bd Add read-only option docker-compose.evaluatedServices 2019-03-11 14:55:55 +01:00
Robert Hensing
00f7b3e711 Make the service name available to the service config 2019-03-11 14:44:18 +01:00
Robert Hensing
97d58f7bd3 Rename nixos.useInit -> nixos.useSystemd 2019-03-06 12:49:39 +01:00
Robert Hensing
a5e08b23a3 Add service.useHostNixDaemon 2019-03-05 19:42:32 +01:00
Robert Hensing
35a309097a Add support for NixOS inside containers 2019-03-05 19:41:54 +01:00
Serhii Khoma
0637a1ace9 Add and fix some service fields
I had to do a manual rebase.
The hard work was done by srghma. Thanks!
2019-03-04 00:33:53 +01:00
Robert Hensing
cf562d6234 Move build.service option to top 2019-03-04 00:13:57 +01:00
Robert Hensing
dc762a79bf Use the right string type 2019-03-04 00:13:01 +01:00
Robert Hensing
ccaac02a87 Add doc/manual, tweak README 2019-03-03 23:42:40 +01:00
Robert Hensing
c03ca68795 Move uid and customNixRootPath into config.host module
Also make the type of host.uid consistently int.
2019-02-13 18:36:10 +07:00
Robert Hensing
359c8b601d Move modules into modules/{composition,service} 2019-02-13 17:33:19 +07:00
Serhii Khoma
59f97876e3 feat: custom nix store 2019-02-13 11:04:17 +02:00
Serhii Khoma
57d5370e76 feat: docker-config -> add missing fields -> links, external_links, extra_hosts 2019-02-03 22:36:26 +02:00
Serhii Khoma
20651e8739 feat: docker-config -> add missing fields -> priviliged and hostname 2019-02-03 22:36:26 +02:00
Robert Hensing
2324223360
Merge pull request #17 from hercules-ci/fix-other-linux-bin-sh
Replace /bin/sh, /usr/bin/env mounts by symlinks
2019-01-28 16:09:50 +01:00
Robert Hensing
89f5622f2e Replace /bin/sh, /usr/bin/env mounts by symlinks
This makes the arion-base image compatible with hosts other than
NixOS.
2019-01-26 23:50:05 +01:00
Robert Hensing
c490768e29 Always ignore PATH docker-compose
Arion used to prefer an external docker-compose, but that exposes
users to potential incompatibilities.

For example, the docker-compose on Ubuntu 18.04 (LTS) doesn't seem
to handle Dockerfiles in the Nix store properly.
2019-01-26 23:41:42 +01:00
Robert Hensing
23ee554f2f Use the word 'composition' where applicable.
Also adds some documentation to celebrate that we can now - with ease - verbally
distinguish between composition-level modules and service-level modules.
2019-01-20 17:29:15 +01:00
Robert Hensing
8dfb1c01ce
Merge pull request #13 from hercules-ci/fix-import-from-derivation
Make import from derivation work again
2019-01-20 17:13:41 +01:00
Robert Hensing
313a65c914 Make import from derivation work again
Broken by f503e556ea
Fixes #12

Cause of the problem:
nix-instantiate uses the store in read-only mode by default, unlike
nix-build.
Import from derivation requires a read-write store, causing the
command to fail with a (bad) error message. This only happened when
the derivation wasn't already built. This did not occur often
because commands like arion up use nix-build and therefore typically
mask the problem on subsequent invocations.

To reproduce the problem, garbage collect, then arion ps.
2019-01-20 15:18:29 +01:00
Sergei Khoma
380ae56e4f feat: docker-config -> add missing fields 2019-01-13 16:24:56 +02:00
Robert Hensing
f503e556ea Do not build for commands that do not need images 2018-12-23 13:00:04 +01:00
Robert Hensing
0f6a1bd41f Doc improvements 2018-12-18 14:53:37 +01:00
zimbatm
980faa4ea0
fixes shellcheck issues
mainly escaping
2018-12-18 10:47:42 +01:00
Robert Hensing
dc294b034e Code taken from Hercules CI repo
- renamed to Arion
 - minor changes
 - readme WIP
2018-12-17 19:08:38 +01:00