Use nixos-unstable channel's prebuilt qemu_full with canokey support …

…builtin, downloaded from nix cache

- flake.lock: bumps lcoekd package list to latest packages list through 'nix flake update'
- flake.nix : comment out customizations of derivatives, removing canokey-qemu lib since qemu_full depends on qemu which depends on canokey-qemu by default now
- flake.nux: add 'less' so that 'git log' is usable
- circleci/config.yml: use docker v0.1.9
- README.md : update docker image maintainer notes to ease upstreaming of docker images and for others to play around, requiring dockerhub account

For testing iterations of this, I used:
docker_version="v0.1.9" && docker_hub_repo="tlaurion/heads-dev-env" && sed "s@\(image: \)\(.*\):\(v[0-9]*\.[0-9]*\.[0-9]*\)@\1\2:$docker_version@" -i .circleci/config.yml && nix --print-build-logs --verbose develop --ignore-environment --command true && nix build .#dockerImage && docker load < result && docker tag linuxboot/heads:dev-env "$docker_hub_repo:$docker_version" && docker push "$docker_hub_repo:$docker_version"
Then added final commit, and pushed.

Signed-off-by: Thierry Laurion <[email protected]>

.circleci/config.yml

@@ -45,7 +45,7 @@ commands:
 jobs:
   prep_env:
     docker:
-      - image: tlaurion/heads-dev-env:v0.1.8
+      - image: tlaurion/heads-dev-env:v0.1.9
     resource_class: large
     working_directory: ~/heads
     steps:
@@ -111,7 +111,7 @@ jobs:
 
   build_and_persist:
     docker:
-      - image: tlaurion/heads-dev-env:v0.1.8
+      - image: tlaurion/heads-dev-env:v0.1.9
     resource_class: large
     working_directory: ~/heads
     parameters:
@@ -139,7 +139,7 @@ jobs:
 
   build:
     docker:
-      - image: tlaurion/heads-dev-env:v0.1.8
+      - image: tlaurion/heads-dev-env:v0.1.9
     resource_class: large
     working_directory: ~/heads
     parameters:
@@ -160,7 +160,7 @@ jobs:
 
   save_cache:
     docker:
-      - image: tlaurion/heads-dev-env:v0.1.8
+      - image: tlaurion/heads-dev-env:v0.1.9
     resource_class: large
     working_directory: ~/heads
     steps:

README.md

@@ -94,15 +94,37 @@ docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd
 
 Maintenance notes on docker image
 ===
-Redo the steps above in case the flake.nix or nix.lock changes. Then publish on docker hub:
+Redo the steps above in case the flake.nix or nix.lock changes. Commit changes. Then publish on docker hub:
 
 ```
-docker tag linuxboot/heads:dev-env tlaurion/heads-dev-env:vx.y.z
-docker push tlaurion/heads-dev-env:vx.y.z
-#test against CircleCI in PR. Merge.
-#make last version the latest
-docker tag tlaurion/heads-dev-env:vx.y.z tlaurion/heads-dev-env:latest
-docker push tlaurion/heads-dev-env:latest
+#put relevant things in variables:
+docker_version="vx.y.z" && docker_hub_repo="tlaurion/heads-dev-env"
+#update pinned packages to latest available ones if needed, modify flake.nix derivatives if needed:
+nix flakes update
+#modify CircleCI image to use newly pushed docker image
+sed "s@\(image: \)\(.*\):\(v[0-9]*\.[0-9]*\.[0-9]*\)@\1\2:$docker_version@" -i .circleci/config.yml
+# commit changes
+git commit --signoff -m "Bump nix develop based docker image to $docker_hub_repo:$docker_version"
+#use commited flake.nix and flake.lock in nix develop
+nix --print-build-logs --verbose develop --ignore-environment --command true
+#build new docker image from nix develop environement
+nix build .#dockerImage && docker load < result
+#tag produced docker image with new version
+docker tag linuxboot/heads:dev-env "$docker_hub_repo:$docker_version"
+#push newly created docker image to docker hub
+docker push "$docker_hub_repo:$docker_version"
+#test with CircleCI in PR. Merge.
+git push ...
+#make last tested docker image version the latest
+docker tag "$docker_hub_repo:$docker_version" "$docker_hub_repo:latest"
+docker push "$docker_hub_repo:latest"
+```
+
+This can be put in reproducible oneliners to ease maintainership.
+
+Test image in dirty mode:
+```
+docker_version="vx.y.z" && docker_hub_repo="tlaurion/heads-dev-env" && sed "s@\(image: \)\(.*\):\(v[0-9]*\.[0-9]*\.[0-9]*\)@\1\2:$docker_version@" -i .circleci/config.yml && nix --print-build-logs --verbose develop --ignore-environment --command true && nix build .#dockerImage && docker load < result && docker tag linuxboot/heads:dev-env "$docker_hub_repo:$docker_version" && docker push "$docker_hub_repo:$docker_version"
 ```
 
 Notes:

flake.nix

@@ -70,12 +70,12 @@
         zlib.dev
       ] ++ [
 	# Below are overrides to make canokey-qemu library available to qemu built derivative through a qemu override, which qemu is used for other derivatives
-        canokey-qemu # Canokey lib for qemu build-time compilation.
-        (qemu.override {
-          canokeySupport = true; # This override enables Canokey support in QEMU, resulting in -device canokey being available.
-        })
+        #canokey-qemu # Canokey lib for qemu build-time compilation.
+        #(qemu.override {
+        #  canokeySupport = true; # This override enables Canokey support in QEMU, resulting in -device canokey being available.
+        #})
         # Packages for qemu support with Canokey integration from previous override
-        qemu_full #Heavier but contains qemu-img, kvm and everything else needed to do development cycles under docker
+        qemu_full #Heavier but contains qemu-img, kvm and everything else needed to do development/testing cycles under docker
         #qemu # To test make BOARD=qemu-coreboot-* boards and then call make BOARD=qemu-coreboot-* with inject_gpg statement, and then run statement.
         #qemu_kvm # kvm additional support for qemu without all the qemu-img and everything else under qemu_full
       ] ++ [
@@ -86,6 +86,7 @@
         diffoscopeMinimal # Not sure exactly what is packed here, let's try.
         gnupg #to inject public key inside of qemu create rom through inject_gpg target of targets/qemu.mk TODO: remove when pflash supported by flashrom
         #diffoscope #should we include it? Massive:11 GB uncompressed. Wow?!?!
+        less # so 'git log' is usable
       ] ++ [
         # Tools for handling binary blobs in their compressed state. (blobs/xx30/vbios_[tw]530.sh)
         bundler