Since this project is an ever growing monorepo, having derivations depending on the whole repo leads to bad CI performance, as the cache is busted on every commit.
-> We never want any derivations depend on the whole repo
...except: the test that tests that nothing depends on the whole repo, which is added by this commit.
For now only add this check to packages to allow contributors to build it locally.
We might want to add it to the CI later once all occurrences are fixed.
Regenerating the classes from json schema as part of the clan/cli is a bit redundant since we need to vendor the classes by hand anyways
The user can also not practically override the inventory options
I would disable this for now; until we really need it.
We now solely rely on CI checks failing if the classes are out of sync
Some test were referring to the whole source code via ${self} which amde them rebuild on every single commit.
This is not mitigated by introduceing `self.filter { include = [...]; }` allowin to a content addressed subset of the source code in tests.
- generate a flake.lock file for each template by copying the clan-core flake.lock and modifying it
- call nix build with --store for tests inside the sandbox
Many dependencies of clan-cli are currently dynamically loaded via nix-shell on each execution.
This is nice, as it reduces the initial closure size of clan, but the overhead introduced by nix-shell piles up quickly, as some commands shell out many times during their lifetime. For example, when adding a secret git is called 10+ times.
This reduces the time of a test which adds a secret from around 50 seconds to 15 seconds.
- add run_cmd() as an alternative to nix_shell()
- introduce the concept of static dependencies which do not need to go through nix-shell
- static dependencies are defined at build time and included into the wrapper for clan-cli
- add package: clan-cli-full which statically ships all required dependencies
TODO: deprecate nix_shell() in favor of run_cmd()
Currently, important tools from the default shell are lost as soon as select-shell is used to switch to another shell. select-shell itself, for example is missing, which makes it impossible to switch back to another shell.
