Skip to content

hercules-ci-agent-0.8.0

Pre-release
Pre-release
Compare
Choose a tag to compare
@roberth roberth released this 07 Mar 15:46
· 1163 commits to master since this release
hercules-ci-agent-0.8.0
a623723

Added

  • Hercules CI Effects, a new feature for running programs that interact with
    the real world, with useful features for continous deployment.

    • Effects only run after the build completes successfully

    • Effects are defined like a derivation, not unlike a Nix shell

    • Independent processes can run concurrently as distinct effects

    • No two commits in the same repo run effects at the same time; no need to
      worry about concurrency in deployment scripts

    • Effects each run in their own sandbox with access to network, Nix store,
      remote state file API and secrets

    • Secrets are configured locally on your agents, so you don't have to trust
      a third party with your cloud credentials

  • Hercules CI Agent is now a flake. The highlights are

    • nixosModules overriding the NixOS-distributed module to the in-repo version
      • agent-profile for agent machines, or
      • agent-service for just the service definition
    • packages
      • hercules-ci-cli the user command line interface
      • hercules-ci-agent for custom installation methods, etc

  • The hci command (flake: defaultApp)

    • hci login to authenticate yourself
    • hci state to work with Effects state files
    • hci effect to run effects locally

  • Commit metadata as a ci.nix argument. Make your ci.nix a function:

    { src ? { ref = null; rev = null; }}:
# rest of your ci.nix

    src.ref will have e.g. refs/heads/master and rev will have the
    git commit SHA.

  • Shell derivations will only be built for their dependencies. Add a
    mkShell-based expression like you would add a derivation.

    This behavior can be requested explicitly for shells and non-shell
    derivations alike by appending // { buildDependenciesOnly = true; } to
    the attribute definition.

  • Attributes can now be marked to require or ignore a build failure in the
    derivation it references directly.
    (see support#34)

  • concurrentTasks now has a default, "auto" for ease of setup and to help
    avoid underutilization.

Fixed

  • The parent directory name will match the repo name support#40

  • Previously, lines from Nix's configured netrc file were ignored. Now they are appended to Hercules CI's netrc lines.

Changed

  • Cachix caches without signingKeys will be pushed to, as part of the recently
    introduced write token feature (Cachix-managed signing keys)
Assets 2
Loading