ci: Extract Nix artifacts.

Signed-off-by: Jason Volk <jason@zemos.net>

.github/workflows/package.yml

@@ -181,10 +181,10 @@ jobs:
             "mime": "application/x-rpm"
           },
           "nix": {
-            "dst": "tuwunel.drv.tar.zst",
+            "dst": "tuwunel.nix.tar.zst",
-            "src": "/opt/tuwunel/tuwunel.drv",
+            "src": "/opt/tuwunel.nix.tar",
             "mime": "application/zstd",
-            "zstd": 6
+            "zstd": 11
           }
         }
 

docker/Dockerfile.nix

@@ -1,9 +1,6 @@
 # syntax = docker/dockerfile:1.11-labs
 
 FROM input AS nix-base
-ARG sys_name
-ARG sys_version
-ARG sys_target
 
 WORKDIR /
 COPY --link --from=input . .
@@ -20,9 +17,6 @@ EOF
 
 
 FROM nix-base AS build-nix
-ARG sys_name
-ARG sys_version
-ARG sys_target
 
 WORKDIR /usr/src/tuwunel
 COPY --link --from=source /usr/src/tuwunel .
@@ -44,15 +38,13 @@ RUN \
 EOF
 
 
-FROM build-nix AS smoke-nix
+FROM input AS smoke-nix
-ARG sys_name
-ARG sys_version
-ARG sys_target
 
 WORKDIR /
-COPY --link --from=build-nix . .
+COPY --link --from=nix-base . .
 
-WORKDIR /opt/tuwunel
+WORKDIR /usr/src/tuwunel
+COPY --link --from=source /usr/src/tuwunel .
 ENV TUWUNEL_DATABASE_PATH="/tmp/tuwunel/smoketest.db"
 ENV TUWUNEL_LOG="info"
 RUN \
@@ -61,29 +53,38 @@ RUN \
 --mount=type=cache,dst=/root/.local/state/nix,sharing=shared \
 <<EOF
     set -eux
+    alias nix="nix --extra-experimental-features nix-command --extra-experimental-features flakes"
 
-    bin/tuwunel \
+    nix run \
-        -Otest='["smoke", "fresh"]' \
+        --verbose \
-        -Oserver_name=\"localhost\" \
+        --cores 0 \
+        --max-jobs $(nproc) \
+        --log-format raw \
+        .#all-features \
+            -- \
+            -Otest='["smoke", "fresh"]' \
+            -Oserver_name=\"localhost\" \
 EOF
 
 
-FROM build-nix AS nix-pkg
+FROM input AS nix-pkg
-ARG sys_name
-ARG sys_version
-ARG sys_target
 
 WORKDIR /
-COPY --link --from=build-nix . .
+COPY --link --from=nix-base . .
 
 WORKDIR /usr/src/tuwunel
+COPY --link --from=source /usr/src/tuwunel .
 RUN \
 --mount=type=cache,dst=/nix,sharing=shared \
 --mount=type=cache,dst=/root/.cache/nix,sharing=shared \
 --mount=type=cache,dst=/root/.local/state/nix,sharing=shared \
 <<EOF
-	set -eux
+    set -eux
-    #TODO: extract derivation?
+    alias nix="nix --extra-experimental-features nix-command --extra-experimental-features flakes"
-    mkdir -p /opt/tuwunel
+
-    touch /opt/tuwunel/tuwunel.drv
+    ID=$(nix-store --realise $(nix path-info --derivation))
+
+    mkdir -p tuwunel
+    nix-store --export $ID > tuwunel/tuwunel.drv
+    tar -cvf /opt/tuwunel.nix.tar tuwunel
 EOF

docker/bake.hcl

@@ -527,16 +527,16 @@ group "smoke" {
 }
 
 target "smoke-nix" {
-    name = elem("smoke-nix", [sys_name, sys_version, sys_target])
+    name = elem("smoke-nix", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
     tags = [
-        elem_tag("smoke-nix", [sys_name, sys_version, sys_target], "latest"),
+        elem_tag("smoke-nix", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
     ]
     output = ["type=cacheonly,compression=zstd,mode=min,compression-level=${cache_compress_level}"]
     dockerfile = "${docker_dir}/Dockerfile.nix"
     target = "smoke-nix"
-    matrix = sys
+    matrix = cargo_rust_feat_sys
     inherits = [
-        elem("build-nix", [sys_name, sys_version, sys_target]),
+        elem("build-nix", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
     ]
 }
 
@@ -961,20 +961,20 @@ target "nix" {
     target = "nix-pkg"
     matrix = cargo_rust_feat_sys
     inherits = [
-        elem("build-nix", [sys_name, sys_version, sys_target]),
+        elem("build-nix", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
     ]
 }
 
 target "build-nix" {
-    name = elem("build-nix", [sys_name, sys_version, sys_target])
+    name = elem("build-nix", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
     tags = [
-        elem_tag("build-nix", [sys_name, sys_version, sys_target], "latest"),
+        elem_tag("build-nix", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
     ]
     output = ["type=cacheonly,compression=zstd,mode=min,compression-level=${cache_compress_level}"]
     cache_to = ["type=local,compression=zstd,mode=max,compression-level=${cache_compress_level}"]
     dockerfile = "${docker_dir}/Dockerfile.nix"
     target = "build-nix"
-    matrix = sys
+    matrix = cargo_rust_feat_sys
     inherits = [
         elem("builder", [sys_name, sys_version, sys_target]),
         elem("source", [sys_name, sys_version, sys_target]),