hercules-ci-agent-0.8.1: 0.8.1 - 2021-04-21

0.8.1 - 2021-04-21

Added

• Attach user-defined labels to the agent, for retrieval via the API.

Fixed

• Fix an issue where long-runnin nix methods weren't interrupted
• Fix error mkdir /run/runc: permission denied

hercules-ci-agent-0.8.0

Added

• Hercules CI Effects, a new feature for running programs that interact with
  the real world, with useful features for continous deployment.

  • Effects only run after the build completes successfully

  • Effects are defined like a derivation, not unlike a Nix shell

  • Independent processes can run concurrently as distinct effects

  • No two commits in the same repo run effects at the same time; no need to
    worry about concurrency in deployment scripts

  • Effects each run in their own sandbox with access to network, Nix store,
    remote state file API and secrets

  • Secrets are configured locally on your agents, so you don't have to trust
    a third party with your cloud credentials

• Hercules CI Agent is now a flake. The highlights are

  • nixosModules overriding the NixOS-distributed module to the in-repo version
    • agent-profile for agent machines, or
    • agent-service for just the service definition
  • packages
    • hercules-ci-cli the user command line interface
    • hercules-ci-agent for custom installation methods, etc

• The hci command (flake: defaultApp)

  • hci login to authenticate yourself
  • hci state to work with Effects state files
  • hci effect to run effects locally

• Commit metadata as a ci.nix argument. Make your ci.nix a function:

  { src ? { ref = null; rev = null; }}:
  # rest of your ci.nix

  src.ref will have e.g. refs/heads/master and rev will have the
  git commit SHA.

• Shell derivations will only be built for their dependencies. Add a
  mkShell-based expression like you would add a derivation.

  This behavior can be requested explicitly for shells and non-shell
  derivations alike by appending // { buildDependenciesOnly = true; } to
  the attribute definition.

• Attributes can now be marked to require or ignore a build failure in the
  derivation it references directly.
  (see support#34)

• concurrentTasks now has a default, "auto" for ease of setup and to help
  avoid underutilization.

Fixed

• The parent directory name will match the repo name support#40

• Previously, lines from Nix's configured netrc file were ignored. Now they are appended to Hercules CI's netrc lines.

Changed

• Cachix caches without signingKeys will be pushed to, as part of the recently
  introduced write token feature (Cachix-managed signing keys)

hercules-ci-agent-0.7.5

Fixed

• GHC 8.10.2 compatibility for NixOS unstable / NixOS 21.03

• Build with cachix 0.5.1. Write token support is not included due to a break configuration semantics. It will be available in >= 0.8.

Changed

• The in-repo expressions have upgraded their dependency to NixOS 20.09

• Agent will now use HERCULES_CI_API_BASE_URL over HERCULES_API_BASE_URL if set.

• Temporarily switch to cabal tooling due to breakage. master continues to be stack-based.

hercules-ci-agent-0.7.4

Fixed

• Paths that are missing from the binary cache will be rebuilt. This affected
  agent 0.7 - 0.7.3 users with trusted user optimizations turned on, which is
  the default when using the NixOS or nix-darwin modules.

• Prevent states where no progress can be made. One caused by a potential buildup
  of batched messages that may not fit within the timeout interval; the other
  a receive operation without a timeout during the initial socket handshake.

• The log socket will remain open instead of reconnecting unnecessarily.

• Add a safety measure to prevent unintended increases in workload in case
  Nix sees an opportunity for concurrency that was not intended by Hercules CI.

Changed

• The NixOS module in the hercules-ci-agent repo now disables the upcoming
  module that is packaged upstream with NixOS.

  The upstream module will configure fewer things for you, to be in line with
  normal NixOS expectations. Notably, it does not configure automatic garbage
  collection and it does not preconfigure NixOps keys deployment.

  The configuration interface will remain unchanged for 0.7 but 0.8 will
  match the upstream interface.

hercules-ci-agent-0.7.3

Added

• Evaluation log

• Configurable log level via config file or extraOptions

Changed

• Default log level is InfoS rather than DebugS

hercules-ci-agent-0.7.2

(NB this release was tagged and published before becoming a GitHub-flavored "Release")

Changed

• cachix: 0.3.7 -> 0.3.8. Improves reliability through better retries and improves error reporting

hercules-ci-agent-0.7.1

(NB this release was tagged and published before becoming a GitHub-flavored "Release")

Added

• Push to any nix store, including S3, using the NixCache kind in binary-caches.json

Changed

• Switch to Nixpkgs 20.03

• Environment variables are now passed on to evaluation and build by default. This allows configuration to be passed to Nix without intervention from hercules-ci-agent.

• trusted-user is not a requirement and is configured automatically when using the NixOS module or nix-darwin module.

Fixed

• Agent will now reset its connection with hercules-ci.com when pings are not acknowledged in time.

• Prevent running out of file descriptors by increasing the soft limit if possible.

hercules-ci-agent-0.7.0

(NB this release was tagged and published before becoming a GitHub-flavored "Release")

Added

• Jobs can be cancelled

• Streaming build logs are streamed in realtime

• The build log now has timestamps and color

• Distributed builds performance has improved by fetching fewer derivations

Fixed

• Extra nix options were not passed to the build process

hercules-ci-agent-0.6.6

(NB this release was tagged and published before becoming a GitHub-flavored "Release")

Fixed

• NixOS, nix-darwin modules: check the nix-daemon source and add option to patch an in-memory cache expiry issue
  causing errors in build clusters (of more than 1 machine). The module asks for confirmation.

• Manual action: if you are not using the provided module and you run the agent on
  more than one machine, and you use nix-daemon, to fix above issue, you need to:

  • either upgrade your system's Nix to a recent master or version 2.4.0 when released,
  • or apply this patch to your system's Nix installation: NixOS/nix#3405

• Cachix: 0.3.5 -> 0.3.7 to prevent uploading bad NARs in rare cases.

hercules-ci-agent-0.6.5

This includes 0.6.4, which was not announced.

Fixed

• Work around a systemd behavior where it didn't restart the unit
• Fix a bug blocking evaluation when a store path is removed from cache or cache configuration is changed.

Added

• --test-configuration flag to validate the configuration without actually running the agent.
• Cached builds to speed up aarch64-linux agent deployments.