Hydra: Difference between revisions

From NixOS Wiki
imported>Crawford
Add workaround for git-fetch timeout
imported from old wiki
(17 intermediate revisions by 9 users not shown)
Line 1: Line 1:
<blockquote>Hydra is a tool for continuous integration testing and software release that uses a purely functional language to describe build jobs and their dependencies. Continuous integration is a simple technique to improve the quality of the software development process. An automated system continuously or periodically checks out the source code of a project, builds it, runs tests, and produces reports for the developers. Thus, various errors that might accidentally be committed into the code base are automatically caught. </blockquote>
<languages />
<cite>From the [https://nixos.org/hydra/manual/#idm140737316005856 Hydra manual]</cite>
<translate>
<!--T:1-->
Hydra is a tool for continuous integration testing and software release that uses a purely functional language to describe build jobs and their dependencies. Continuous integration is a simple technique to improve the quality of the software development process. An automated system continuously or periodically checks out the source code of a project, builds it, runs tests, and produces reports for the developers. Thus, various errors that might accidentally be committed into the code base are automatically caught.


The [https://nixos.org/hydra/manual/ Hydra manual] provides an overview of the functionality and features of hydra, as well as an up-to-date installation guide.  
<!--T:2-->
The official Hydra servers provide pre-built binary packages to speed up the update time for Nixpgs: Users do not have to compile them on their own computers.


== Installation ==
<!--T:3-->
Since 2017, hydra is available as a NixOS module and therefore a full deployment can be enabled as easy as
The [https://nixos.org/hydra/manual/ Hydra manual] provides an overview of the functionality and features of Hydra, as well as an up-to-date installation guide.
 
== Installation == <!--T:4-->
 
<!--T:34-->
A full deployment can be enabled as easy as:
 
</translate>
<syntaxHighlight lang=nix>
<syntaxHighlight lang=nix>
   services.hydra = {
   services.hydra = {
     enable = true;
     enable = true;
     hydraURL = "http://localhost:3000"; # externally visible URL
     hydraURL = "http://localhost:3000"; # externally visible URL
     notificationSender = "hydra@localhost"; # e-mail of hydra service
     notificationSender = "hydra@localhost"; # e-mail of Hydra service
     # a standalone hydra will require you to unset the buildMachinesFiles list to avoid using a nonexistant /etc/nix/machines
     # a standalone Hydra will require you to unset the buildMachinesFiles list to avoid using a nonexistant /etc/nix/machines
     buildMachinesFiles = [];
     buildMachinesFiles = [];
     # you will probably also want, otherwise *everything* will be built from scratch
     # you will probably also want, otherwise *everything* will be built from scratch
Line 17: Line 27:
   };
   };
</syntaxHighlight>
</syntaxHighlight>
The module will automatically enable postgresql if you do not change the <code>services.hydra.dbi</code> option. Database layout will be created automatically by the hydra service, however keep in mind that some state will be stored in the database and a complete stateless configuration is currently not possible - do your backups.
<translate>
* See nixos-option or the [https://search.nixos.org/options/?query=services.hydra Nixos Options page] for all options
 
<!--T:36-->
The module will automatically enable postgresql if you do not change the <code>services.hydra.dbi</code> option. Database layout will be created automatically by the Hydra service, however keep in mind that some state will be stored in the database and a complete stateless configuration is currently not possible - do your backups.
 
<!--T:37-->
* See nixos-option or the [https://search.nixos.org/options?query=services.hydra Nixos Options page] for all options
 
=== Web Configuration === <!--T:5-->
 
<!--T:38-->
Hydra will provide the web interface [http://localhost:3000/ at localhost] port 3000. However you need to create a new admin user (as UNIX user <code>hydra</code>) before being able to perform any changes:


=== Web Configuration ===
</translate>
Hydra will provide the web interface [http://localhost:3000/ at localhost] port 3000. However you need to create a new admin user (as unix user <code>hydra</code>) before being able to perform any changes:
<syntaxHighlight lang=bash>
<syntaxHighlight lang=bash>
# su - hydra
# su - hydra
Line 27: Line 46:
     --email-address 'alice@example.org' --password-prompt --role admin
     --email-address 'alice@example.org' --password-prompt --role admin
</syntaxHighlight>
</syntaxHighlight>
<translate>
=== Virtual machine === <!--T:6-->
<!--T:39-->
If not configured explicitly to do otherwise, Hydra will specify localhost as the default build machine. By default, system features enabling builds to be performed in virtual machines like "kvm" or "nixos-test" are not enabled. Such jobs will be queued indefinitely. Those options can be activated as follows:


=== Virtual machine ===
</translate>
If not configured explicitely to do otherwise, Hydra will specify localhost as the default build machine. By default, system features enabling builds to be performed in virtual machines like "kvm" or "nixos-test" are not enabled. Such jobs will be queued indefinitely. Those options can be activated as follows:
<syntaxHighlight lang=nix>
<syntaxHighlight lang=nix>
{
{
   nix.buildMachines = [
   nix.buildMachines = [
     { hostName = "localhost";
     { hostName = "localhost";
      protocol = null;
       system = "x86_64-linux";
       system = "x86_64-linux";
       supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark"];
       supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark"];
Line 41: Line 66:
}
}
</syntaxHighlight>
</syntaxHighlight>
<translate>
<!--T:7-->
This option leads to the file /etc/nix/machines being created. If the hydra service config is still set to buildMachinesFiles = [], then it will be ignored, so remove this option again or add <code>/etc/nix/machines</code> to it.
== Flake jobset == <!--T:8-->
<!--T:9-->
Configure jobset to the following:
<!--T:10-->
* Type: Flake
<!--T:40-->
* Flake URI: an URI to a repo containing a Flake like git+https://git.myserver.net/user/repo.git
<!--T:11-->
The Flake output should have the attribute <code>hydraJobs</code> containing an attribute set that may be nested and reference derivations.


This option leads to the file /etc/nix/machines being created. If the hydra service config is still set to buildMachinesFiles = [], then it will be ignored, so remove this option again or add /etc/nix/machines to it.
<!--T:12-->
A sample Flake output that makes Hydra build all packages could look like this:


== Build a single Package from nixpkgs ==
</translate>
<syntaxHighlight lang=nix>
{
  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
  };
  outputs = { self, nixpkgs, ... }: {
    packages.x86_64-linux = {
      ...
    };
 
    hydraJobs = {
      inherit (self)
        packages;
    };
  };
}
</syntaxHighlight>
<translate>
 
=== Restricted Mode === <!--T:15-->
 
<!--T:16-->
Hydra evaluates flakes in [https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-restrict-eval restricted mode]. This prevents access to files outside of the nix store, including those fetched as flake inputs. Update your <code>nix.settings.allowed-uris</code> to include URI prefixes from which you expect flake inputs to be fetched:
 
</translate>
<syntaxHighlight lang=nix>
nix.settings.allowed-uris = [
  "github:"
  "git+https://github.com/"
  "git+ssh://github.com/"
];
</syntaxHighlight>
<translate>
 
== Build a single Package from nixpkgs == <!--T:18-->
 
<!--T:41-->
Right now it is not possible to build a single package from nixpkgs with just that input. You will need to provide a supplementary repository which defines what to build. For examples you can check the [https://github.com/makefu/hydra-example hydra-example by makefu] and in the [https://nixos.org/hydra/manual/#idm140737315920320 Hydra Manual].
Right now it is not possible to build a single package from nixpkgs with just that input. You will need to provide a supplementary repository which defines what to build. For examples you can check the [https://github.com/makefu/hydra-example hydra-example by makefu] and in the [https://nixos.org/hydra/manual/#idm140737315920320 Hydra Manual].


=== Imperative Building ===
=== Imperative Building === <!--T:19-->
 
<!--T:42-->
These steps are required to build the <code>hello</code> package.
These steps are required to build the <code>hello</code> package.
# log into hydra after creating a user with <code>hydra-create-user</code>
 
<!--T:43-->
# log into Hydra after creating a user with <code>hydra-create-user</code>
 
<!--T:44-->
# create new project
# create new project
<!--T:45-->
* identifier: example-hello
* identifier: example-hello
<!--T:46-->
* display name: example-hello
* display name: example-hello
<!--T:47-->
# Actions -> Create jobset
# Actions -> Create jobset
<!--T:48-->
* identifier: hello
* identifier: hello
<!--T:49-->
* Nix expression: <code>release.nix</code> in <code>hydra-example</code> -> will evaluate the file release.nix in the given input
* Nix expression: <code>release.nix</code> in <code>hydra-example</code> -> will evaluate the file release.nix in the given input
<!--T:50-->
* check interval: 60
* check interval: 60
<!--T:51-->
* scheduling shares: 1
* scheduling shares: 1
<!--T:52-->
* Inputs:
* Inputs:
<!--T:53-->
{| class="wikitable"
{| class="wikitable"
|-
|-
Line 68: Line 173:
|}
|}


<!--T:20-->
After creation, the jobset should be in the '''evaluation phase''' where inputs will be fetched. This phase may take some time as the complete <code>nixpkgs</code> repository needs to be downloaded before continuing. The result of the evaluation should be a single job which will get built.
After creation, the jobset should be in the '''evaluation phase''' where inputs will be fetched. This phase may take some time as the complete <code>nixpkgs</code> repository needs to be downloaded before continuing. The result of the evaluation should be a single job which will get built.


=== Declarative Building ===
=== Declarative Building === <!--T:21-->
Since 2016, hydra supports declarative creation of jobsets. Check out the [https://github.com/shlevy/declarative-hydra-example example repository and description by Shea Levy].
 
<!--T:54-->
Since 2016, Hydra supports declarative creation of jobsets. Check out the [https://github.com/shlevy/declarative-hydra-example example repository and description by Shea Levy].


== Hydra Internals ==
== Hydra Internals == <!--T:22-->
=== Definitions ===
 
=== Definitions === <!--T:55-->
 
<!--T:56-->
This subsection provides an overview of the Hydra-specific definitions and how to configure them.
This subsection provides an overview of the Hydra-specific definitions and how to configure them.


==== Project ====  
==== Project ==== <!--T:23-->
A cluster of Jobs which are all coming from a single input (like a git checkout), the first thing you will need to create. Every Job should be able to be built independently from another. Most of the time the project maps to a single repository like <code>nixpkgs</code>. It is comparable to the project definition in Jenkins
 
<!--T:57-->
A cluster of Jobs which are all coming from a single input (like a git checkout), the first thing you will need to create. Every Job should be able to be built independently from another. Most of the time the project maps to a single repository like <code>nixpkgs</code>. It is comparable to the project definition in Jenkins.
 
==== Jobsets ==== <!--T:24-->
 
<!--T:58-->
A Jobset is a list of jobs which will be run. Often a jobset fits to a certain branch (master, staging, stable). A Jobset is defined by its inputs and will trigger if these inputs change. For example when a new commit onto a branch is added. Jobsets may depend on each other.
 
==== Job ==== <!--T:25-->


==== Job Set ====
<!--T:59-->
A list of jobs which will be run. Often a Jobset fits to a certain branch (master, staging, stable). A jobset is defined by its inputs and will trigger if these inputs change, e.g. like a new commit onto a branch is added. Job sets may depend on each other
A closure which will be built as part of a job set (like a single package, iso image or tarball).


==== Job ====
==== Release Set ==== <!--T:26-->
A closure which will be built as part of a jobset (like a single package, iso image or tarball)


==== Release Set ====
<!--T:60-->
Defines all the jobs which are described in your release. By convention a file called<code>release.nix</code> is being used. See the [https://nixos.org/hydra/manual/#idm140737315920320 Hydra manual for Build Recipes] for a thorough description of the structure.
Defines all the jobs which are described in your release. By convention a file called<code>release.nix</code> is being used. See the [https://nixos.org/hydra/manual/#idm140737315920320 Hydra manual for Build Recipes] for a thorough description of the structure.


==== Evaluation ====
==== Evaluation ==== <!--T:27-->
The process of interpreting nix code into a list of <code>.drv files</code>. These files are the build recipes for all related outputs. You can introspect these files by running <code>nix show-derivation nixpkgs.hello</code>
 
<!--T:61-->
The process of interpreting nix code into a list of <code>.drv files</code>. These files are the build recipes for all related outputs. You can introspect these files by running <code>nix show-derivation nixpkgs.hello</code>.
 
==== Build ==== <!--T:28-->
 
<!--T:62-->
Instantiation of a Job which is being triggered by being part of the release set.


==== Build ====
== Known Issues == <!--T:29-->
Instantiation of a Job which is being triggered by being part of the release set


== Known Issues ==
<!--T:63-->
* hydra-queue-runner sometimes gets stuck even with builds are in the queue, and the builds are not scheduled. The issue is being tracked [https://github.com/NixOS/hydra/issues/366 here]. In the meantime, a workaround is to add a cron job that regularly restarts the hydra-queue-runner systemd service. Possible fix: [https://github.com/NixOS/hydra/commit/73ca325d1c0f7914640a63764c9a6d448fde5bd0]
* hydra-queue-runner sometimes gets stuck even with builds are in the queue, and the builds are not scheduled. The issue is being tracked [https://github.com/NixOS/hydra/issues/366 here]. In the meantime, a workaround is to add a cron job that regularly restarts the hydra-queue-runner systemd service. Possible fix: [https://github.com/NixOS/hydra/commit/73ca325d1c0f7914640a63764c9a6d448fde5bd0]
<!--T:64-->
* If you see <code>error: unexpected end-of-file</code> it can mean multiple things, some of them are:
* If you see <code>error: unexpected end-of-file</code> it can mean multiple things, some of them are:
<!--T:65-->
# You have a miss-match between nix versions on the Hydra server and the builder
# You have a miss-match between nix versions on the Hydra server and the builder
<!--T:66-->
# It can also mean that <code>hydra-queue-runner</code> needs privileges on the build server. Reference: [https://github.com/NixOS/nix/issues/2789]
# It can also mean that <code>hydra-queue-runner</code> needs privileges on the build server. Reference: [https://github.com/NixOS/nix/issues/2789]
<!--T:67-->
* The default timeout for git operations is 600 seconds [https://github.com/NixOS/hydra/issues/1181], which might cause fetches of large repositories like [https://github.com/NixOS/nixpkgs nixos/nixpkgs] to fail: <code>error fetching latest change from git repo at `https://github.com/nixos/nixpkgs': timeout</code>. The timeout can be increased with the following configuration.nix snippet:
* The default timeout for git operations is 600 seconds [https://github.com/NixOS/hydra/issues/1181], which might cause fetches of large repositories like [https://github.com/NixOS/nixpkgs nixos/nixpkgs] to fail: <code>error fetching latest change from git repo at `https://github.com/nixos/nixpkgs': timeout</code>. The timeout can be increased with the following configuration.nix snippet:


</translate>
<syntaxHighlight lang=nix>
<syntaxHighlight lang=nix>
{
{
Line 111: Line 245:
}
}
</syntaxHighlight>
</syntaxHighlight>
<translate>
== Hydra for NixOS releases == <!--T:31-->


== Hydra for NixOS releases ==
<!--T:68-->
Hydra is used for managing official Nix project releases. The project Hydra server: https://hydra.nixos.org/
Hydra is used for managing official Nix project releases. The project Hydra server: https://hydra.nixos.org/


<!--T:32-->
Some Hydra trackers for Nix projects:
Some Hydra trackers for Nix projects:
<!--T:69-->
* [https://hydra.nixos.org/project/nixpkgs Nixpkgs]
* [https://hydra.nixos.org/project/nixpkgs Nixpkgs]
<!--T:70-->
* [https://hydra.nixos.org/project/nixos NixOS]
* [https://hydra.nixos.org/project/nixos NixOS]


== Resources ==
== Resources == <!--T:33-->
 
<!--T:71-->
* [https://www.youtube.com/watch?v=RXV0Y5Bn-QQ Video: Setting up a Hydra Build Farm by Peter Simons (2016)]
* [https://www.youtube.com/watch?v=RXV0Y5Bn-QQ Video: Setting up a Hydra Build Farm by Peter Simons (2016)]
<!--T:72-->
* [https://gist.github.com/joepie91/c26f01a787af87a96f967219234a8723 Hydra Caveats by Joepie91]
* [https://gist.github.com/joepie91/c26f01a787af87a96f967219234a8723 Hydra Caveats by Joepie91]
</translate>


[[Category:Pedias]]
[[Category:Pedias]]
Line 128: Line 276:
[[Category:Incomplete]]
[[Category:Incomplete]]
[[Category:Software]]
[[Category:Software]]
[[Category:Server]]

Revision as of 07:27, 4 September 2024

Hydra is a tool for continuous integration testing and software release that uses a purely functional language to describe build jobs and their dependencies. Continuous integration is a simple technique to improve the quality of the software development process. An automated system continuously or periodically checks out the source code of a project, builds it, runs tests, and produces reports for the developers. Thus, various errors that might accidentally be committed into the code base are automatically caught.

The official Hydra servers provide pre-built binary packages to speed up the update time for Nixpgs: Users do not have to compile them on their own computers.

The Hydra manual provides an overview of the functionality and features of Hydra, as well as an up-to-date installation guide.

Installation

A full deployment can be enabled as easy as:

  services.hydra = {
    enable = true;
    hydraURL = "http://localhost:3000"; # externally visible URL
    notificationSender = "hydra@localhost"; # e-mail of Hydra service
    # a standalone Hydra will require you to unset the buildMachinesFiles list to avoid using a nonexistant /etc/nix/machines
    buildMachinesFiles = [];
    # you will probably also want, otherwise *everything* will be built from scratch
    useSubstitutes = true;
  };

The module will automatically enable postgresql if you do not change the services.hydra.dbi option. Database layout will be created automatically by the Hydra service, however keep in mind that some state will be stored in the database and a complete stateless configuration is currently not possible - do your backups.

Web Configuration

Hydra will provide the web interface at localhost port 3000. However you need to create a new admin user (as UNIX user hydra) before being able to perform any changes:

# su - hydra
$ hydra-create-user alice --full-name 'Alice Q. User' \
    --email-address 'alice@example.org' --password-prompt --role admin

Virtual machine

If not configured explicitly to do otherwise, Hydra will specify localhost as the default build machine. By default, system features enabling builds to be performed in virtual machines like "kvm" or "nixos-test" are not enabled. Such jobs will be queued indefinitely. Those options can be activated as follows:

{
  nix.buildMachines = [
    { hostName = "localhost";
      protocol = null;
      system = "x86_64-linux";
      supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark"];
      maxJobs = 8;
    }
  ];
}

This option leads to the file /etc/nix/machines being created. If the hydra service config is still set to buildMachinesFiles = [], then it will be ignored, so remove this option again or add /etc/nix/machines to it.

Flake jobset

Configure jobset to the following:

  • Type: Flake

The Flake output should have the attribute hydraJobs containing an attribute set that may be nested and reference derivations.

A sample Flake output that makes Hydra build all packages could look like this:

{
  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
  };
  outputs = { self, nixpkgs, ... }: {
    packages.x86_64-linux = {
      ...
    };

    hydraJobs = {
      inherit (self)
        packages;
    };
  };
}

Restricted Mode

Hydra evaluates flakes in restricted mode. This prevents access to files outside of the nix store, including those fetched as flake inputs. Update your nix.settings.allowed-uris to include URI prefixes from which you expect flake inputs to be fetched:

nix.settings.allowed-uris = [
  "github:"
  "git+https://github.com/"
  "git+ssh://github.com/"
];

Build a single Package from nixpkgs

Right now it is not possible to build a single package from nixpkgs with just that input. You will need to provide a supplementary repository which defines what to build. For examples you can check the hydra-example by makefu and in the Hydra Manual.

Imperative Building

These steps are required to build the hello package.

  1. log into Hydra after creating a user with hydra-create-user
  1. create new project
  • identifier: example-hello
  • display name: example-hello
  1. Actions -> Create jobset
  • identifier: hello
  • Nix expression: release.nix in hydra-example -> will evaluate the file release.nix in the given input
  • check interval: 60
  • scheduling shares: 1
  • Inputs:
Input Name Type Value Note
nixpkgs git checkout https://github.com/nixos/nixpkgs nixos-21.11 will check out branch nixos-21.11, will be made available to the nix expression via <nixpkgs>.
hydra-example git checkout https://github.com/makefu/hydra-example hydra-example is used by the jobset as input, release.nix is in the root directory

After creation, the jobset should be in the evaluation phase where inputs will be fetched. This phase may take some time as the complete nixpkgs repository needs to be downloaded before continuing. The result of the evaluation should be a single job which will get built.

Declarative Building

Since 2016, Hydra supports declarative creation of jobsets. Check out the example repository and description by Shea Levy.

Hydra Internals

Definitions

This subsection provides an overview of the Hydra-specific definitions and how to configure them.

Project

A cluster of Jobs which are all coming from a single input (like a git checkout), the first thing you will need to create. Every Job should be able to be built independently from another. Most of the time the project maps to a single repository like nixpkgs. It is comparable to the project definition in Jenkins.

Jobsets

A Jobset is a list of jobs which will be run. Often a jobset fits to a certain branch (master, staging, stable). A Jobset is defined by its inputs and will trigger if these inputs change. For example when a new commit onto a branch is added. Jobsets may depend on each other.

Job

A closure which will be built as part of a job set (like a single package, iso image or tarball).

Release Set

Defines all the jobs which are described in your release. By convention a file calledrelease.nix is being used. See the Hydra manual for Build Recipes for a thorough description of the structure.

Evaluation

The process of interpreting nix code into a list of .drv files. These files are the build recipes for all related outputs. You can introspect these files by running nix show-derivation nixpkgs.hello.

Build

Instantiation of a Job which is being triggered by being part of the release set.

Known Issues

  • hydra-queue-runner sometimes gets stuck even with builds are in the queue, and the builds are not scheduled. The issue is being tracked here. In the meantime, a workaround is to add a cron job that regularly restarts the hydra-queue-runner systemd service. Possible fix: [1]
  • If you see error: unexpected end-of-file it can mean multiple things, some of them are:
  1. You have a miss-match between nix versions on the Hydra server and the builder
  1. It can also mean that hydra-queue-runner needs privileges on the build server. Reference: [2]
  • The default timeout for git operations is 600 seconds [3], which might cause fetches of large repositories like nixos/nixpkgs to fail: error fetching latest change from git repo at `https://github.com/nixos/nixpkgs': timeout. The timeout can be increased with the following configuration.nix snippet:
{
  services.hydra.extraConfig = ''
    <git-input>
      timeout = 3600
    </git-input>
  '';
}

Hydra for NixOS releases

Hydra is used for managing official Nix project releases. The project Hydra server: https://hydra.nixos.org/

Some Hydra trackers for Nix projects:

Resources