From da3c3a630137007de0da819665b97e76b7d02687 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Johannes=20L=C3=B6tzsch?= <git@johannesloetzsch.de>
Date: Wed, 6 Jan 2021 00:10:29 +0100
Subject: [PATCH] added: .circleci/config.yml

---
 .circleci/config.yml | 40 ++++++++++++++++++++++++++++++++++++++++
 Dockerfile           |  4 ----
 Makefile             |  6 +++++-
 README.md            | 18 ++++++++++++++++--
 flake-docker.nix     |  6 +++++-
 5 files changed, 66 insertions(+), 8 deletions(-)
 create mode 100644 .circleci/config.yml

diff --git a/.circleci/config.yml b/.circleci/config.yml
new file mode 100644
index 0000000..e6ed031
--- /dev/null
+++ b/.circleci/config.yml
@@ -0,0 +1,40 @@
+version: 2.1
+jobs:
+  build:
+    docker:
+      - image: johannesloetzsch/nix-flake:latest
+    steps:
+      - run:
+          name: Disable Sandbox
+          command: mkdir -p ~/.config/nix/; echo 'sandbox = false' > ~/.config/nix/nix.conf;
+      - checkout
+      - restore_cache:
+          keys:
+            - nix-{{ checksum "flake.lock" }}-{{ checksum "flake.nix" }}
+            - nix
+      - run: nix build .#example-clj-lein
+      - save_cache:
+          key: nix-{{ checksum "flake.lock" }}-{{ checksum "flake.nix" }}
+          paths:
+            - /nix/
+  test:
+    docker:
+      - image: johannesloetzsch/nix-flake:latest
+    steps:
+      - run:
+          name: Disable Sandbox
+          command: mkdir -p ~/.config/nix/; echo 'sandbox = false' > ~/.config/nix/nix.conf;
+      - checkout
+      - restore_cache:
+          keys:
+            - nix-{{ checksum "flake.lock" }}-{{ checksum "flake.nix" }}
+            - nix
+      - run: nix run .#example-clj-lein
+workflows:
+  version: 2
+  build+test:
+    jobs:
+      - build
+      - test:
+          requires:
+            - build
diff --git a/Dockerfile b/Dockerfile
index 35beaa4..ec09406 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,8 +1,4 @@
 FROM johannesloetzsch/nix-flake
-## Building local repositorys with flake requires git
-RUN nix-channel --add https://nixos.org/channels/nixpkgs-unstable && \
-    nix-channel --update && \
-    nix-env -i git
 
 RUN mkdir /source/
 COPY . /source/
diff --git a/Makefile b/Makefile
index f82c0e6..4ceb179 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,6 @@
 ## Run or bootstrap a docker-container containing nix with flake-support
 
-bootstrap-test-push: bootstrap run run-derived-buildserver push
+bootstrap-test-push: bootstrap run run-derived-buildserver ci push
 
 run:
 	## Just as an example we use nix-flakes to run a hello-world-app
@@ -17,6 +17,10 @@ bootstrap:
 	nix build .#flake-docker
 	docker load < result
 
+ci:
+	## Note: `circle-ci local` doesn't support workflows but only single jobs (defaults to build)
+	nix run nixpkgs#circleci-cli local execute
+
 push:
 	docker login
 	docker push johannesloetzsch/nix-flake:latest
diff --git a/README.md b/README.md
index a0ac7f6..0d9b40f 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,11 @@
 This repository contains examples how to package clojure(script) applications with nix.
 
-## buildserver
+## Buildserver
+
+[
+![docker image size](https://img.shields.io/docker/image-size/johannesloetzsch/nix-flake.svg)
+![docker pulls](https://img.shields.io/docker/pulls/johannesloetzsch/nix-flake.svg)
+](https://hub.docker.com/repository/docker/johannesloetzsch/nix-flake)
 
 In case your build-system doesn't have nix installed, you can use the docker-container defined in `flake-docker.nix` [from hub.docker.com](https://hub.docker.com/repository/docker/johannesloetzsch/nix-flake).
 
@@ -18,7 +23,7 @@ docker build -t buildserver-example .
 docker run -ti -v nix:/nix/ buildserver-example
 ```
 
-## caching
+## Caching
 
 Using nix allows simple and efficient caching. To keep downloaded and built derivations between restarts of the docker-buildserver, define `/nix` to be a volume. 
 For efficient usage of remote flakes, keep `~/.cache/nix/flake-registry.json`. Further speedup is achieved, by memorization of nix-expressions in `~/.cache/nix/eval-cache*`.
@@ -26,3 +31,12 @@ For efficient usage of remote flakes, keep `~/.cache/nix/flake-registry.json`. F
 ```shell
 docker run -ti -v nix:/nix/ -v root:/root/ johannesloetzsch/nix-flake:latest nix run nixpkgs#hello
 ```
+
+## Circleci
+
+[![circleci](https://circleci.com/gh/johannesloetzsch/nix-docker-cljc.svg?style=shield)](https://app.circleci.com/pipelines/github/johannesloetzsch/nix-docker-cljc)
+
+The repository contains a `.circleci/config.yml`, showing an example of how to configure a ci build based on nix.
+Caching is done based on `flake.lock` and `flake.nix`. In case one of the files changed, it will fallback to the latest available cache.
+
+Note: Circleci requires that nix builds run without sandboxing, otherwise it fails with „_cannot set host name: Operation not permitted_“.
diff --git a/flake-docker.nix b/flake-docker.nix
index 50f3494..5b6ea16 100644
--- a/flake-docker.nix
+++ b/flake-docker.nix
@@ -1,6 +1,10 @@
 { pkgs }:
 let
-  contents = with pkgs; [ nixFlakes coreutils shadow cacert bashInteractive ];
+  contents = with pkgs; [ ## Minimal dependencies (~50MB)
+                          nixFlakes coreutils shadow cacert bashInteractive
+                          ## Requirements for circleci (~110MB)
+                          git gnutar gzip
+                        ];
   binPath = pkgs.stdenv.lib.makeBinPath contents;
 in
 pkgs.dockerTools.buildImage {