Commit Graph

17 Commits

Author SHA1 Message Date
Erik Arvstedt
24fd1e9bdc
improve examples/shell.nix
The user's local node configuration directory usually contains a copy of
examples/shell.nix.

1. Move the shell implementation from shell.nix to nix-bitcoin/helper/makeShell.nix
   Because the shell is no longer defined locally in the user's config
   directory, we can now ship new shell features via nix-bitcoin updates.

2. Simplify examples/nix-bitcoin-release.nix
   nix-bitcoin-release.nix, as generated via `fetch-release`, now
   contains a simple fetchTarball statement which can be directly imported.
   This allows us to get rid of the extra `nix-bitcoin-unpacked` derivation
   which adds a dependency on the user's local nixpkgs.

   To keep `fetch-release` as simple as possible for easy auditing, we just
   fetch and verify a `nar-hash.txt` file that is now uploaded
   via `push-release.sh`.

A migration guide for updating the user's local `shell.nix` is
automatically printed when the user starts a new shell after updating
nix-bitcoin.
This is achieved by throwing an error in `generate-secrets`, which is called
on shell startup.

This commit is required to deploy the new extensible `generate-secrets`
mechanism introduced in the next commit.
2021-09-12 11:29:54 +02:00
Erik Arvstedt
8a757e0486
push-release.sh: improve --dry-run mode
- Don't require OAUTH_TOKEN
- Skip interactive query
2021-09-11 15:07:24 +02:00
Erik Arvstedt
955b44404c
delete helper/fetch-channel
This script was obsoleted by switching to flakes.
2021-09-11 15:07:23 +02:00
Erik Arvstedt
87df809a88
add helper/update-flake.sh
This greatly simplifies updating nixpkgs.
See the comment at the top of update-flake.sh for a description.
2021-08-26 12:45:10 +02:00
Erik Arvstedt
84b3217c3d
fetch-release: minor improvements
This script is potentially fetched from an untrusted source and should
be in good shape to be easily auditable.

- Create just one TMPDIR
- Improve comments
- Use `cut` to extract sha256
- Use camelCase var names like in other scripts
2021-03-16 12:46:18 +01:00
Jonas Nick
a4dabc7390
Remove nixops examples and documentation 2021-03-15 12:42:47 +00:00
Jonas Nick
8e268c5ced
Fetch from the nixpkgs repo instead of nixpkgs-channels
nixpkgs-channels is deprecated.
2020-12-06 21:42:20 +00:00
Erik Arvstedt
1c0233c0a8
use Cirrus CI
- Make more economic use of the free CI resources by removing redundant build tasks:
  - Build unstable pkgs in a single separate task ("pkgs_unstable").
  - All stable pkgs are implicitly built by the modules tests.
- The build script (ci/build.sh) can now be executed locally for easier
  debugging.
- Use an explicit 'cachix push' command instead of helper/wait-for-network-idle.rb.
  This is simpler and more reliable.
2020-12-06 19:07:54 +01:00
Jonas Nick
0c1fb9fd44
push-release: fix bug where assets are not pushed
In a previous commit we found and replaced $1 with $TAG_NAME, but that wasn't
correct for the post_asset() function.
2020-09-24 16:10:23 +00:00
Jonas Nick
6554e69818
Merge #206: Add --dry-run option to push-release script
dd78d2b2a1 Add --dry-run option to push-release script (Jonas Nick)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK dd78d2b2a1
  nixbitcoin:
    utACK dd78d2b2a1

Tree-SHA512: 75351d8b60899912cbd7a76a5f98b5c19044c15297c268a097d44a0e6bb540aca6a737066290c66cbf82cfae200e8a4b03988d18d2d5e80d3a54284723f80871
2020-09-22 13:33:08 +00:00
Jonas Nick
dd78d2b2a1
Add --dry-run option to push-release script 2020-08-18 08:36:19 +00:00
Jonas Nick
d63bbd07b7
Update jonasnick's gpg key
The subkey used for signing releases recently expired (which is ignored when
verifying with gpg). The primary key would expire soon. Therefore this commit
adds a key with extended expiry date of both primary key and subkey.
2020-07-08 12:03:57 +00:00
Jonas Nick
5ed0284db9
Add fetch-release script
This allows getting the hash of the latest (or some other) release
using github releases and gpg verification.
2020-04-08 07:01:35 +00:00
Jonas Nick
c303cd47e4
Add push-release.sh helper
Prepares, signs and pushes a release to github.
2020-03-30 11:01:31 +02:00
Erik Arvstedt
766fa4f300
travis: cache all build outputs with cachix
This further speeds up builds, in particular the modules test in the
next commit. By checking if the expected final build output has already
been cached, we can even skip the download of cached builds.
2020-01-13 00:25:11 +01:00
Erik Arvstedt
46edb39d2f
Add content hashes for pinned channels 2019-11-11 18:45:17 +01:00
Erik Arvstedt
961e8217a9
Rename contrib/ to helper/ 2019-11-11 18:45:17 +01:00