From 60bc645ae0f0b41f8170d5d1103f49cbd0564f64 Mon Sep 17 00:00:00 2001 From: matt1432 Date: Sat, 20 Jul 2024 22:02:22 -0400 Subject: [PATCH] feat(update): migrate docker update script to typescript --- apps/update/default.nix | 2 ++ apps/update/src/app.ts | 10 +++++++++ apps/update/src/misc.ts | 21 +++++++++++++++++++ modules/arion/default.nix | 34 +----------------------------- modules/arion/updateImage.nix | 39 +++++++++++++++++++++++++++++++++++ 5 files changed, 73 insertions(+), 33 deletions(-) create mode 100644 apps/update/src/misc.ts create mode 100644 modules/arion/updateImage.nix diff --git a/apps/update/default.nix b/apps/update/default.nix index bd716e28..6a707e43 100644 --- a/apps/update/default.nix +++ b/apps/update/default.nix @@ -2,6 +2,7 @@ lib, system, buildNpmPackage, + callPackage, makeWrapper, mozilla-addons-to-nix, nodejs_latest, @@ -21,6 +22,7 @@ in npmDepsHash = "sha256-qpnQSJNl68LrsU8foJYxdBXpoFj7VKQahC9DFmleWTs="; runtimeInputs = [ + (callPackage ../../modules/arion/updateImage.nix {}) mozilla-addons-to-nix.packages.${system}.default ]; nativeBuildInputs = [makeWrapper]; diff --git a/apps/update/src/app.ts b/apps/update/src/app.ts index 952c22a3..179d1f51 100644 --- a/apps/update/src/app.ts +++ b/apps/update/src/app.ts @@ -1,5 +1,6 @@ import { parseArgs } from './lib.ts'; import { updateFirefoxAddons } from '././firefox.ts'; +import { updateDocker } from './misc.ts'; const args = parseArgs(); @@ -7,3 +8,12 @@ const args = parseArgs(); if (args['f'] || args['firefox']) { console.log(updateFirefoxAddons()); } + +if (args['d'] || args['docker']) { + console.log(updateDocker()); +} + +if (args['a'] || args['all']) { + console.log(updateFirefoxAddons()); + console.log(updateDocker()); +} diff --git a/apps/update/src/misc.ts b/apps/update/src/misc.ts new file mode 100644 index 00000000..0771447a --- /dev/null +++ b/apps/update/src/misc.ts @@ -0,0 +1,21 @@ +import { readdirSync } from 'node:fs'; +import { spawnSync } from 'node:child_process'; + + +/* Constants */ +const FLAKE = process.env.FLAKE; + +export const updateDocker = () => { + let updates = ''; + + const FILE = `${FLAKE}/devices/nos/modules/arion`; + + readdirSync(FILE, { withFileTypes: true, recursive: true }).forEach((path) => { + if (path.name === 'compose.nix') { + updates += spawnSync('updateImages', [path.parentPath], { shell: true }) + .stdout.toString(); + } + }); + + return updates; +}; diff --git a/modules/arion/default.nix b/modules/arion/default.nix index 6918ce38..715b072d 100644 --- a/modules/arion/default.nix +++ b/modules/arion/default.nix @@ -97,39 +97,7 @@ in { # Script for updating the images of all images of a compose.nix file environment.systemPackages = with pkgs; [ - (writeShellApplication { - name = "updateImages"; - - runtimeInputs = [ - (writeShellApplication { - name = "pullImage"; - runtimeInputs = [nix-prefetch-docker skopeo]; - text = '' - FILE="$1" - - IMAGE=$(sed -n 's/.*imageName = "\([^"]*\).*/\1/p' "$FILE") - TAG=$(sed -n 's/.*finalImageTag = "\([^"]*\).*/\1/p' "$FILE") - CURRENT_DIGEST=$(sed -n 's/.*imageDigest = "\([^"]*\).*/\1/p' "$FILE") - NEW_DIGEST=$(skopeo inspect "docker://$IMAGE:$TAG" | jq '.Digest' -r) - - output="$IMAGE $TAG" - - if ! grep "Locked" "$FILE"; then - if [[ "$CURRENT_DIGEST" != "$NEW_DIGEST" ]]; then - echo -e "• $output:\n $CURRENT_DIGEST\n → $NEW_DIGEST\n" - PREFETCH=$(nix-prefetch-docker "$IMAGE" "$TAG") - echo -e "pkgs:\npkgs.dockerTools.pullImage $PREFETCH" > "$FILE" - fi - fi - ''; - }) - ]; - - text = '' - DIR=''${1:-"."} - find "$DIR"/images -type f -exec pullImage {} \; - ''; - }) + (callPackage ./updateImage.nix {}) ]; }; } diff --git a/modules/arion/updateImage.nix b/modules/arion/updateImage.nix new file mode 100644 index 00000000..d0ba691c --- /dev/null +++ b/modules/arion/updateImage.nix @@ -0,0 +1,39 @@ +{ + nix-prefetch-docker, + skopeo, + writeShellApplication, + ... +}: +writeShellApplication { + name = "updateImages"; + + runtimeInputs = [ + (writeShellApplication { + name = "pullImage"; + runtimeInputs = [nix-prefetch-docker skopeo]; + text = '' + FILE="$1" + + IMAGE=$(sed -n 's/.*imageName = "\([^"]*\).*/\1/p' "$FILE") + TAG=$(sed -n 's/.*finalImageTag = "\([^"]*\).*/\1/p' "$FILE") + CURRENT_DIGEST=$(sed -n 's/.*imageDigest = "\([^"]*\).*/\1/p' "$FILE") + NEW_DIGEST=$(skopeo inspect "docker://$IMAGE:$TAG" | jq '.Digest' -r) + + output="$IMAGE $TAG" + + if ! grep "Locked" "$FILE"; then + if [[ "$CURRENT_DIGEST" != "$NEW_DIGEST" ]]; then + echo -e "• $output:\n $CURRENT_DIGEST\n → $NEW_DIGEST\n" + PREFETCH=$(nix-prefetch-docker "$IMAGE" "$TAG") + echo -e "pkgs:\npkgs.dockerTools.pullImage $PREFETCH" > "$FILE" + fi + fi + ''; + }) + ]; + + text = '' + DIR=''${1:-"."} + find "$DIR"/images -type f -exec pullImage {} \; + ''; +}