# Copyright 2019 PrivateStorage.io, LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
version: 2.1
jobs:
build:
docker:
# Run in a highly Nix-capable environment. This lets us use Stack's nix
# integration and other useful Nix features to specify and run the
# build.
- image: "nixorg/nix:circleci"
environment:
# Specify a revision of NixOS/nixpkgs to run against. This essentially
# pins the majority of the software involved in the build. This
# revision is selected arbitrarily. It's somewhat current as of the
# time of this comment. We can bump it to a newer version when that
# makes sense. Meanwhile, the platform won't shift around beneath us
# unexpectedly.
NIXPKGS_REV: "8bf142e001b6876b021c8ee90c2c7cec385fe8e9"
steps:
- run:
# Get NIX_PATH set for the rest of the job so that the revision of
# nixpkgs we selected will be used everywhere Nix pulls in software.
# There is no way to set an environment variable containing the
# value of another environment variable on CircleCI except to use
# the `BASE_ENV` feature as we do here.
name: "Setup NIX_PATH Environment Variable"
command: |
echo "export NIX_PATH=nixpkgs=https://github.com/NixOS/nixpkgs/archive/$NIXPKGS_REV.tar.gz" >> $BASH_ENV
# Get *our* source code.
- "checkout"
- "run":
# CircleCI won't let us interpolate NIXPKGS_REV into a cache key.
# Only CircleCI's own environment variables or variables set via the
# web interface in a "context" can be interpolated into cache keys.
# However, we can interpolate the checksum of a file... Since we
# don't care about the exact revision, we just care that a new
# revision gives us a new string, we can write the revision to a
# file and then put the checksum of that file into the cache key.
# This way, we don't have to maintain the nixpkgs revision in two
# places and risk having them desynchronize.
name: "Prepare For Cache Key"
command: |
echo "${NIXPKGS_REV}" > nixpkgs.rev
- restore_cache:
# Get all of Nix's state relating to the particular revision of
# nixpkgs we're using. It will always be the same. CircleCI
# artifacts and nixpkgs store objects are probably mostly hosted in
# the same place (S3) so there's not a lot of difference for
# anything that's pre-built. For anything we end up building
# ourselves, though, this saves us all of the build time (less the
# download time).
#
# Read about caching dependencies: https://circleci.com/docs/2.0/caching/
name: "Restore Nix Store Paths"
keys:
# Construct cache keys that allow sharing as long as nixpkgs and
# the Ristretto library are the same.
#
# If the Ristretto library changes, we have to rebuild it so we
# may as well throw away the part of the cache with the old build
# and make a new one with the new build so we don't have to
# rebuild it *again* next time.
#
# If nixpkgs changes then potentially a lot of cached packages for
# the base system will be invalidated so we may as well drop them
# and make a new cache with the new packages.
- paymentserver-nix-store-v1-{{ checksum "nixpkgs.rev" }}-{{ checksum "ristretto.nix" }}
- paymentserver-nix-store-v1-{{ checksum "nixpkgs.rev" }}-
- paymentserver-nix-store-v1-
- restore_cache:
# Restore the cache of Stack's state. This will have all of the
# compiled Haskell libraries we depend on and even the compiled
# output of our own libraries, if the source hasn't changed since
# the cache was written (but usually it will have).
name: "Restore Cached Dependencies"
keys:
- paymentserver-v1-{{ checksum "stack.yaml" }}-{{ checksum "PaymentServer.cabal" }}
- paymentserver-v1-{{ checksum "stack.yaml" }}
- run:
# Build just our dependencies. It's nice to have this as a separate
# step so failures here are more easily identified as being
# unrelated to our code.
#
# See below for explanation of the various flags passed in. If the
# flags here differ from those below in a way that makes ghc think a
# library needs to be rebuilt then we'll build everything twice and
# our cache will be useless! Try not to make that happen.
name: "Build Dependencies"
command: |
BUILD="stack build \
--no-terminal \
--only-dependencies \
--jobs 1 \
--interleaved-output"
nix-shell shell.nix --run "$BUILD"
# Give it a good long while. stripe-core, in particular, can take a
# while to build.
no_output_timeout: "20m"
- save_cache:
# We can save the stack cache right here. It will have everything
# we want in it now that the dependencies have been built. And this
# way we get to save the cache whether or not the test suite goes on
# to succeed.
name: "Cache Dependencies"
key: paymentserver-v1-{{ checksum "stack.yaml" }}-{{ checksum "PaymentServer.cabal" }}
paths:
- "/root/.stack"
- ".stack-work"
- run:
name: "Building"
command: |
# shell.nix gives us the stack we want. Then stack.yaml specifies
# some more of the Nix-based environment to be able to build and
# run the tests.
#
# --no-terminal avoids having fancy progress reports written to
# stdout.
#
# --haddock builds the Haskell API documentation.
# --haddock-internal builds docs even for unexposed modules.
# --no-haddock-deps skips building docs for all our dependencies.
BUILD="stack build \
--no-terminal \
--haddock \
--haddock-internal \
--no-haddock-deps"
nix-shell shell.nix --run "$BUILD"
- save_cache:
name: "Cache Nix Store Paths"
key: paymentserver-nix-store-v1-{{ checksum "nixpkgs.rev" }}-{{ checksum "ristretto.nix" }}
paths:
- "/nix"
- store_artifacts:
# There may be useful build logs here.
path: ".stack-work/logs"
- run:
name: "Prepare Artifacts for Upload"
command: |
# The flags passed to `stack path` need to pretty closely match
# those passed to `stack build` or the path comes out wrong.
# https://github.com/commercialhaskell/stack/issues/4892
GETPATH="stack path \
--haddock \
--haddock-internal \
--no-haddock-deps \
--local-doc-root"
mv $(nix-shell shell.nix --run "$GETPATH")/PaymentServer-* /tmp/PaymentServer-docs
- store_artifacts:
# This contains the html haddock output for the project.
path: "/tmp/PaymentServer-docs"
destination: "docs"
workflows:
version: 2
everything:
jobs:
- "build"