| 30 Jul 2022 |
 Winter (she/her) | I'm wondering if we can construct a builders argument with the data from the machines that have buildOnTarget set as well | 07:03:29 |
| Winter (she/her) | To transparently handle that IFD case | 07:03:38 |
| Winter (she/her) | Without manual configuration ahead of time | 07:03:44 |
 Zhaofeng Li | Yeah, it could work pretty well combined with the recent --eval-store suggestion. | 07:06:10 |
| Zhaofeng Li | The next step is to perform the actual evaluation remotely, but we aren't there yet. | 07:06:55 |
| Winter (she/her) | In reply to @zhaofeng:zhaofeng.li
Yeah, it could work pretty well combined with the recent --eval-store suggestion. Yeah, I did see that. Is that suggesting using the target machine as the store for eval with that flag? I'm pretty sure that's what they're suggesting, but the "local --eval-store" part is throwing me off. | 07:14:49 |
| Zhaofeng Li | Yeah, it's a bit confusing but I think that's what they meant. | 07:15:59 |
| Zhaofeng Li | In reply to @zhaofeng:zhaofeng.li
Ah, good catch! We should make it passthrough so it should work for other goals. Ok, just tested, and the colmena apply-local --sudo test goal works as it currently stands. The interactive prompts of sudo don't use stdin/out. | 07:26:53 |
| Winter (she/her) | Oh, huh, they... don't? | 07:42:55 |
| Winter (she/her) | Interesting! | 07:43:09 |
| Winter (she/her) | Although, keep in mind that other privilege escalation commands (doas comes to mind) may not give us that luxury. | 07:43:33 |
| Zhaofeng Li | I would assume it's the same, otherwise it won't play well with pipes and be insecure | 07:44:33 |
| Winter (she/her) | Oh, fair point. | 08:03:05 |
| Winter (she/her) | What even is there to use other than stdin/stdout in a console, though? ~~This is obviously magic.~~ | 08:03:36 |
| Winter (she/her) | I'll look into it later, I'm intrigued. | 08:03:44 |
| Winter (she/her) | Zhaofeng Li: That begs the question: why passthrough the profile switch execution, then? Were you under the assumption that it would be needed for ? | 08:04:30 |
| Zhaofeng Li | In reply to @winterqt:nixos.dev
What even is there to use other than stdin/stdout in a console, though? ~~This is obviously magic.~~ IIRC it uses /dev/console. There is a flag to make sudo use stdin though | 08:06:51 |
| Zhaofeng Li | In reply to @winterqt:nixos.dev
Zhaofeng Li: That begs the question: why passthrough the profile switch execution, then? Were you under the assumption that it would be needed for ? No, it was from way before apply-local was changed to escalate privileges during activation. passthrough() is just a simple way to execute commands with both stdin/stdout piped | 08:08:27 |
| Zhaofeng Li | In reply to @winterqt:nixos.dev
What even is there to use other than stdin/stdout in a console, though? ~~This is obviously magic.~~ * IIRC it uses /dev/console. There is a flag to make sudo use stdin though (edit: it's -S) | 08:10:23 |
| Winter (she/her) | In reply to @zhaofeng:zhaofeng.li
No, it was from way before apply-local was changed to escalate privileges during activation. passthrough() is just a simple way to execute commands with both stdin/stdout piped Why was it needed for the profile switch, out of curiosity? | 08:12:58 |
| Zhaofeng Li | In reply to @winterqt:nixos.dev
Why was it needed for the profile switch, out of curiosity? It was one of the four custom methods that I have to "execute" the command and get back a ColmenaResult. It's just a simple version of Command::status() which needs two layers of checking (the outer Result and the exit code). | 08:22:44 |
|  duponin set a profile picture. | 19:09:28 |
| 4 Aug 2022 |
|  bl1nk changed their profile picture. | 04:31:26 |
| 6 Aug 2022 |
|  Swiss Routing joined the room. | 22:00:09 |
| 7 Aug 2022 |
| Swiss Routing | Is there any way to do a healthcheck with colmena? I see some other deployment tools support this. All I want to do is make sure that if I push a new config that disables SSH access accidentally, this is caught and rolled back. | 15:37:30 |
 dantefromhell | In reply to @swissrouting:matrix.org
Is there any way to do a healthcheck with colmena? I see some other deployment tools support this. All I want to do is make sure that if I push a new config that disables SSH access accidentally, this is caught and rolled back. i'm curious if tests as described here suffice your requirement?
https://nixos.mayflower.consulting/blog/2019/07/11/leveraging-nixos-tests-in-your-project/ | 20:49:02 |
| Swiss Routing | In reply to @dantefromhell:matrix.org
i'm curious if tests as described here suffice your requirement?
https://nixos.mayflower.consulting/blog/2019/07/11/leveraging-nixos-tests-in-your-project/ That seems pretty much what I want, will give it a try. Thanks! | 22:44:16 |
| Winter (she/her) | In reply to @dantefromhell:matrix.org
i'm curious if tests as described here suffice your requirement?
https://nixos.mayflower.consulting/blog/2019/07/11/leveraging-nixos-tests-in-your-project/ How would that help without a mechanism to run the test? (Also, tests are within VMs.) | 23:25:19 |
| Winter (she/her) | In reply to @dantefromhell:matrix.org
i'm curious if tests as described here suffice your requirement?
https://nixos.mayflower.consulting/blog/2019/07/11/leveraging-nixos-tests-in-your-project/ * How would that help without a mechanism to run the test? (Also, tests are within VMs, and can't access the host.) | 23:25:26 |
| Winter (she/her) | * How would that help without a mechanism to run the test? (Also, tests are within VMs, and can't access the host. So tests probably aren't the solution here.) | 23:25:37 |
