From 97d2920c62a524a19ca741e2ee1d7b0544351e8c Mon Sep 17 00:00:00 2001 From: "Karel L. Kubat" Date: Tue, 12 Sep 2023 18:25:25 +0100 Subject: [PATCH] fix(ci): pull images with nix (#687) --- networks/devnet.nix | 4 +- networks/services/hasura.nix | 96 ++++++++++++++++++++-------------- networks/services/hubble.nix | 1 + networks/services/postgres.nix | 13 ++++- 4 files changed, 72 insertions(+), 42 deletions(-) diff --git a/networks/devnet.nix b/networks/devnet.nix index 4557d12ed4..d646d55360 100644 --- a/networks/devnet.nix +++ b/networks/devnet.nix @@ -47,10 +47,10 @@ }; postgres-services = { - postgres = import ./services/postgres.nix { }; + postgres = import ./services/postgres.nix { inherit lib pkgs; }; }; - hasura-services = import ./services/hasura.nix { migrations = self'.packages.hubble-migrations; }; + hasura-services = import ./services/hasura.nix { inherit lib pkgs; migrations = self'.packages.hubble-migrations; }; hubble-services = { hubble = import ./services/hubble.nix { inherit lib; image = self'.packages.hubble-image; }; }; devnet = { diff --git a/networks/services/hasura.nix b/networks/services/hasura.nix index 731b963924..2993054c72 100644 --- a/networks/services/hasura.nix +++ b/networks/services/hasura.nix @@ -1,47 +1,67 @@ -{ ... }: +{ pkgs, lib, ... }: +let + hasura = pkgs.dockerTools.pullImage { + imageName = "hasura/graphql-engine"; + imageDigest = "sha256:02577c5e456726cbe1888e377d21c464979ed888636047adf3aae678d9ab70e6"; + sha256 = "0dbc7rwr0nd599y6rdhrmhqbvbbi2s29l0695w877gi9m1hx7wx9"; + finalImageName = "hasura/graphql-engine"; + finalImageTag = "v2.33.1.cli-migrations-v3"; + }; + data-connector-agent = pkgs.dockerTools.pullImage { + imageName = "hasura/graphql-data-connector"; + imageDigest = "sha256:8984a79636abce86e31512af50948b5ed26b97d8f5302f1dd2bcc94622348915"; + sha256 = "0jcq8agfzm281qpkp2d1f2n9jvmag4yldl997ik1yzqdv40ffs4r"; + finalImageName = "hasura/graphql-data-connector"; + finalImageTag = "v2.33.0"; + }; +in { - hasura.service = { - image = "hasura/graphql-engine:v2.33.1.cli-migrations-v3"; - tty = true; - stop_signal = "SIGINT"; - ports = [ - "8080:8080" - ]; - environment = { - HASURA_GRAPHQL_METADATA_DATABASE_URL = "postgres://postgres:postgrespassword@postgres:5432/default"; - PG_DATABASE_URL = "postgres://postgres:postgrespassword@postgres:5432/default"; - HASURA_GRAPHQL_ENABLE_CONSOLE = "true"; - HASURA_GRAPHQL_DEV_MODE = "true"; - HASURA_GRAPHQL_ADMIN_SECRET = "secret"; - HASURA_GRAPHQL_METADATA_DEFAULTS = ''{"backend_configs":{"dataconnector":{"athena":{"uri":"http://data-connector-agent:8081/api/v1/athena"},"mariadb":{"uri":"http://data-connector-agent:8081/api/v1/mariadb"},"mysql8":{"uri":"http://data-connector-agent:8081/api/v1/mysql"},"oracle":{"uri":"http://data-connector-agent:8081/api/v1/oracle"},"snowflake":{"uri":"http://data-connector-agent:8081/api/v1/snowflake"}}}}''; - }; - volumes = [ - "${../../hubble/hasura/metadata}:/hasura-metadata" - "${../../hubble/hasura/migrations}:/hasura-migrations" - ]; + hasura = { + build.image = lib.mkForce hasura; + service = { + tty = true; + stop_signal = "SIGINT"; + ports = [ + "8080:8080" + ]; + environment = { + HASURA_GRAPHQL_METADATA_DATABASE_URL = "postgres://postgres:postgrespassword@postgres:5432/default"; + PG_DATABASE_URL = "postgres://postgres:postgrespassword@postgres:5432/default"; + HASURA_GRAPHQL_ENABLE_CONSOLE = "true"; + HASURA_GRAPHQL_DEV_MODE = "true"; + HASURA_GRAPHQL_ADMIN_SECRET = "secret"; + HASURA_GRAPHQL_METADATA_DEFAULTS = ''{"backend_configs":{"dataconnector":{"athena":{"uri":"http://data-connector-agent:8081/api/v1/athena"},"mariadb":{"uri":"http://data-connector-agent:8081/api/v1/mariadb"},"mysql8":{"uri":"http://data-connector-agent:8081/api/v1/mysql"},"oracle":{"uri":"http://data-connector-agent:8081/api/v1/oracle"},"snowflake":{"uri":"http://data-connector-agent:8081/api/v1/snowflake"}}}}''; + }; + volumes = [ + "${../../hubble/hasura/metadata}:/hasura-metadata" + "${../../hubble/hasura/migrations}:/hasura-migrations" + ]; - depends_on = { - data-connector-agent = { - condition = "service_healthy"; + depends_on = { + data-connector-agent = { + condition = "service_healthy"; + }; }; }; }; - data-connector-agent.service = { - image = "hasura/graphql-data-connector:v2.33.0"; - restart = "always"; - ports = [ - "8081:8081" - ]; - healthcheck = { - interval = "5s"; - retries = 8; - timeout = "10s"; - test = [ - "CMD-SHELL" - '' - curl -f http://localhost:8081/api/v1/athena/health - '' + data-connector-agent = { + build.image = lib.mkForce data-connector-agent; + service = { + restart = "always"; + ports = [ + "8081:8081" ]; + healthcheck = { + interval = "5s"; + retries = 8; + timeout = "10s"; + test = [ + "CMD-SHELL" + '' + curl -f http://localhost:8081/api/v1/athena/health + '' + ]; + }; }; }; } diff --git a/networks/services/hubble.nix b/networks/services/hubble.nix index 141765816b..abb7a63fc5 100644 --- a/networks/services/hubble.nix +++ b/networks/services/hubble.nix @@ -9,6 +9,7 @@ HUBBLE_URL = "http://localhost:8080/v1/graphql"; HUBBLE_INDEXERS = ''{"type": "Tm", "url": "http://localhost:26657"}''; HUBBLE_SECRET = "secret"; + RUST_LOG = "WARN"; }; depends_on = { hasura = { diff --git a/networks/services/postgres.nix b/networks/services/postgres.nix index 71bb7b38dd..159108e504 100644 --- a/networks/services/postgres.nix +++ b/networks/services/postgres.nix @@ -1,7 +1,16 @@ -{ ... }: +{ lib, pkgs, ... }: +let + postgres = pkgs.dockerTools.pullImage { + imageName = "postgres"; + imageDigest = "sha256:a5e89e5f2679863bedef929c4a7ec5d1a2cb3c045f13b47680d86f8701144ed7"; + sha256 = "0703g8p91bi3ybw35zj51zh2105r6wjjikyvliq9phwxsqrcfrxz"; + finalImageName = "postgres"; + finalImageTag = "latest"; + }; +in { + build.image = lib.mkForce postgres; service = { - image = "postgres:latest"; tty = true; stop_signal = "SIGINT"; ports = [