Browse Source

Allow sources.json override on deployment basis

master
Jean-Baptiste Giraudeau 2 years ago
parent
commit
5390e027f9
No known key found for this signature in database GPG Key ID: 7CEF8C9CC2D9933B
  1. 60
      default.nix
  2. 2
      globals-defaults.nix
  3. 24
      nix/default.nix
  4. 4
      release.nix
  5. 63
      shell.nix

60
default.nix

@ -1,60 +1,8 @@
{ sourcePaths ? import ./nix/sources.nix
, system ? builtins.currentSystem
{ system ? builtins.currentSystem
, crossSystem ? null
, config ? {}
}@args: with import ./nix args; {
, pkgs ? import ./nix { inherit system crossSystem config; }
}: with pkgs; {
shell = let
genesisFile = iohkNix.cardanoLib.environments.${globals.environmentName}.genesisFile or "please/set/globals.environmentName";
mkDevGenesis = writeShellScriptBin "make-dev-genesis" (builtins.replaceStrings
[ "\${RUNNER}"
"SCRIPTDIR=$(dirname $0)"
"TARGETDIR=\"\${CONFIGDIR}/\${GENHASH:0:5}"
"--n-delegate-addresses \${n_delegates}"
]
[ ""
"SCRIPTDIR=${sourcePaths.cardano-node}/scripts"
("TARGETDIR=\"" + toString ./keys)
""
]
(builtins.readFile (sourcePaths.cardano-node + "/scripts/genesis.sh")));
migrate-keys = writeShellScriptBin "migrate-keys" ''
i=0
for k in keys/*.sk; do
((i++))
signing_key=keys/delegate-keys.00$i.key
echo "migrating $k to $signing_key"
cardano-cli migrate-delegate-key-from --byron-legacy --from $k --real-pbft --to $signing_key
pk=$(cardano-cli signing-key-public --real-pbft --secret $signing_key | fgrep 'public key (base64):' | cut -d: -f2 | xargs echo -n)
delegate_cert=keys/delegation-cert.00$i.json
echo "generating delegation certificate for $pk in $delegate_cert"
${jq}/bin/jq ".heavyDelegation | .[] | select(.delegatePk == \"$pk\")" < ${genesisFile} > $delegate_cert
done
'';
create-shelley-genesis-and-keys =
let nbCoreNodes = builtins.length globals.topology.coreNodes;
maxSupply = 10000000000 * nbCoreNodes;
in writeShellScriptBin "create-shelley-genesis-and-keys" ''
set -euxo pipefail
cd ${toString ./keys}
cardano-cli shelley genesis create-genesis --genesis-dir . --supply ${toString maxSupply} --genesis-delegates ${toString nbCoreNodes}
mkdir -p node-keys
cd node-keys
for i in {1..${toString nbCoreNodes}}; do
cardano-cli shelley node key-gen-VRF --verification-key-file node-vrf$i.vkey --signing-key-file node-vrf$i.skey
cardano-cli shelley node key-gen-KES --verification-key-file node-kes$i.vkey --signing-key-file node-kes$i.skey --kes-duration 30
cardano-cli shelley node issue-op-cert --hot-kes-verification-key-file node-kes$i.vkey --cold-signing-key-file ../delegate-keys/delegate$i.skey --operational-certificate-issue-counter ../delegate-keys/delegate-opcert$i.counter --kes-period 0 --out-file delegate$i.opcert
done
'';
in mkShell {
buildInputs = [ niv nixops nix cardano-cli telnet dnsutils mkDevGenesis nix-diff migrate-keys pandoc create-shelley-genesis-and-keys ] ++
(with cardano-sl-pkgs.nix-tools.exes; [ cardano-sl-auxx cardano-sl-tools ]);
NIX_PATH = "nixpkgs=${path}";
NIXOPS_DEPLOYMENT = "${globals.deploymentName}";
passthru = {
gen-graylog-creds = iohk-ops-lib.scripts.gen-graylog-creds { staticPath = ./static; };
};
};
shell = import ./shell.nix { inherit pkgs; };
}

2
globals-defaults.nix

@ -14,6 +14,8 @@ in {
environmentName = pkgs.globals.deploymentName;
sourcesJsonOverride = ./nix + "/sources.${pkgs.globals.environmentName}.json";
dnsZone = "dev.cardano.org";
domain = "${pkgs.globals.deploymentName}.${pkgs.globals.dnsZone}";

24
nix/default.nix

@ -1,16 +1,26 @@
{ system ? builtins.currentSystem
, crossSystem ? null
, config ? {} }:
, config ? {}
}:
let
sourcePaths = import ./sources.nix { inherit pkgs; };
iohkNix = import sourcePaths.iohk-nix {};
defaultSourcePaths = import ./sources.nix { inherit pkgs; };
# use our own nixpkgs if it exists in our sources,
# otherwise use iohkNix default nixpkgs.
nixpkgs = if (sourcePaths ? nixpkgs)
then sourcePaths.nixpkgs
else iohkNix.nixpkgs;
defaultNixpkgs = if (defaultSourcePaths ? nixpkgs)
then defaultSourcePaths.nixpkgs
else (import defaultSourcePaths.iohk-nix {}).nixpkgs;
sourcesOverride = let sourcesFile = ((import defaultNixpkgs { overlays = globals; }).globals).sourcesJsonOverride; in
if (builtins.pathExists sourcesFile)
then import ./sources.nix { inherit pkgs sourcesFile; }
else {};
sourcePaths = defaultSourcePaths // sourcesOverride;
iohkNix = import sourcePaths.iohk-nix {};
nixpkgs = if (sourcesOverride ? nixpkgs) then sourcesOverride.nixpkgs else defaultNixpkgs;
# overlays from ops-lib (include ops-lib sourcePaths):
ops-lib-overlays = (import sourcePaths.ops-lib {}).overlays;

4
release.nix

@ -11,7 +11,7 @@
{ cardano-ops ? { outPath = ./.; rev = "abcdef"; }
# Function arguments to pass to the project
, projectArgs ? { config = { allowUnfree = false; inHydra = true; }; }
, projectArgs ? { inherit sourcesOverride; config = { allowUnfree = false; inHydra = true; }; }
# The systems that the jobset will be built for.
, supportedSystems ? [ "x86_64-linux" "x86_64-darwin" ]
@ -23,7 +23,7 @@
, scrubJobs ? true
# Import pkgs
, pkgs ? import ./nix {}
, pkgs ? import ./nix { inherit sourcesOverride; }
}:
with import pkgs.iohkNix.release-lib {

63
shell.nix

@ -1 +1,62 @@
(import ./. {}).shell
{ config ? {}
, pkgs ? import ./nix {
inherit config;
}
}:
with pkgs;
let
nivOverrides = writeShellScriptBin "niv-overrides" ''
niv --sources-file ${toString globals.sourcesJsonOverride} $@
'';
genesisFile = iohkNix.cardanoLib.environments.${globals.environmentName}.genesisFile or "please/set/globals.environmentName";
mkDevGenesis = writeShellScriptBin "make-dev-genesis" (builtins.replaceStrings
[ "\${RUNNER}"
"SCRIPTDIR=$(dirname $0)"
"TARGETDIR=\"\${CONFIGDIR}/\${GENHASH:0:5}"
"--n-delegate-addresses \${n_delegates}"
]
[ ""
"SCRIPTDIR=${sourcePaths.cardano-node}/scripts"
("TARGETDIR=\"" + toString ./keys)
""
]
(builtins.readFile (sourcePaths.cardano-node + "/scripts/genesis.sh")));
migrate-keys = writeShellScriptBin "migrate-keys" ''
i=0
for k in keys/*.sk; do
((i++))
signing_key=keys/delegate-keys.00$i.key
echo "migrating $k to $signing_key"
cardano-cli migrate-delegate-key-from --byron-legacy --from $k --real-pbft --to $signing_key
pk=$(cardano-cli signing-key-public --real-pbft --secret $signing_key | fgrep 'public key (base64):' | cut -d: -f2 | xargs echo -n)
delegate_cert=keys/delegation-cert.00$i.json
echo "generating delegation certificate for $pk in $delegate_cert"
${jq}/bin/jq ".heavyDelegation | .[] | select(.delegatePk == \"$pk\")" < ${genesisFile} > $delegate_cert
done
'';
create-shelley-genesis-and-keys =
let nbCoreNodes = builtins.length globals.topology.coreNodes;
maxSupply = 10000000000 * nbCoreNodes;
in writeShellScriptBin "create-shelley-genesis-and-keys" ''
set -euxo pipefail
cd ${toString ./keys}
cardano-cli shelley genesis create-genesis --genesis-dir . --supply ${toString maxSupply} --genesis-delegates ${toString nbCoreNodes}
mkdir -p node-keys
cd node-keys
for i in {1..${toString nbCoreNodes}}; do
cardano-cli shelley node key-gen-VRF --verification-key-file node-vrf$i.vkey --signing-key-file node-vrf$i.skey
cardano-cli shelley node key-gen-KES --verification-key-file node-kes$i.vkey --signing-key-file node-kes$i.skey --kes-duration 30
cardano-cli shelley node issue-op-cert --hot-kes-verification-key-file node-kes$i.vkey --cold-signing-key-file ../delegate-keys/delegate$i.skey --operational-certificate-issue-counter ../delegate-keys/delegate-opcert$i.counter --kes-period 0 --out-file delegate$i.opcert
done
'';
in mkShell {
buildInputs = [ iohkNix.niv nivOverrides nixops nix cardano-cli telnet dnsutils mkDevGenesis nix-diff migrate-keys pandoc create-shelley-genesis-and-keys ] ++
(with cardano-sl-pkgs.nix-tools.exes; [ cardano-sl-auxx cardano-sl-tools ]);
NIX_PATH = "nixpkgs=${path}";
NIXOPS_DEPLOYMENT = "${globals.deploymentName}";
passthru = {
gen-graylog-creds = iohk-ops-lib.scripts.gen-graylog-creds { staticPath = ./static; };
};
}

Loading…
Cancel
Save