Follow

If anyone wants to try this out, add `shell: true` to your build manifests. Once your tasks complete, you can log into the build VM over SSH. Simplest build manifest which does this is:

image: alpine/edge
shell: true

But you could also do things like adding a bunch of useful packages, cloning your dotfiles, etc, through the usual means.

This is alpha-tier, so some caveats apply: the normal build timeout still applies and you won't get a warning when you're going to be booted. If you log in while your tasks are still running YMMV. Some other nice things are absent.

@sir hmm, this is interesting, sometimes i've wanted to poke around a CI environment. would it be possible to only enable the shell on *failure*?

@kaniini it would be neat if on build failure everything was cleaned up normally (build marked as failed, failure notifications delivered, etc), except the build VM stuck around for another 10 minutes in case you wanted to log in and check it out. Upon login the deadline is extended from 10 minutes to the normal build time limit

@sir @kaniini in general tools don't automatically make the decision to clean on failure because:
1) They might still have produced artifacts you want to inspect or use.
2) They don't necessarily know what does it mean to clean because you might have scripted all sorts of weird side effects into your build.

I'm sure you're probably capable of attaching som sort of "on failure" script and do the cleanup there.

@sir i have never understood how you can afford to provide users with vm time at your price point?

@sir wow cool! I am a happily paying user btw, you have a great site!

@sir cool, but doesn't increase your load a lot?

@sir
Is there a way to scp or to programmatically run commands without resorting to hacks?

@fgaz like to prep the environment before you log in?

@sir well, that, and running cryptomi... AHEM, I mean automatically copying build results to my natted machine, and additional inputs from it

@fgaz you can prep the build by running commands upfront, but there's no end-of-the-session hook

@fgaz doing stuff upfront is just putting tasks into your build manifest like usual

@sir that only works if the prep inputs are not behind a nat

@sir What about using the username to specify the job? like ssh build-1234@worker.builds.sr.ht?

@fgaz oh, you want to rsync to it. Use rsync --rsh="ssh builds@... connect 12345" ...

@sir Not really, the specific command is nix-copy-closure, which doesn’t have a --rsh equivalent.

I tried

NIX_SSHOPTS='connect 81235' nix-copy-closure -v --to builds@azusa.runners.sr.ht $(nix-build --no-out-link -E '(import <nixpkgs> {}).hello')

but it errors out

@sir I could generate a file from the store paths I need (nix-store --export $(nix-store -qR paths)) and then copy that with rsync and import it, but that would be highly inefficient. nix-copy-closure only copies the differencies and does not require to temporarily store the whole closure (a store path plus the set of all its dependencies) in a separate file before importing it

@sir What about subdomains then? builds@1234.jobs.azusa.runners.sr.ht
Sign in to participate in the conversation
Mastodon

cmpwn.com is a private Mastodon instance for friends of SirCmpwn.