2021-03-28 15:27:46 +00:00
|
|
|
# SPDX-FileCopyrightText: 2020 Luke Granger-Brown <depot@lukegb.com>
|
|
|
|
#
|
|
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
|
|
|
|
|
|
{ depot, lib, pkgs, ... }:
|
|
|
|
let
|
2021-09-05 09:24:03 +00:00
|
|
|
cfg = let
|
|
|
|
macOS = system: {
|
|
|
|
stage = "build";
|
|
|
|
image = "nixos/nix:latest";
|
|
|
|
script = [
|
|
|
|
"nix run -f ./ third_party.nixpkgs.bash -c ./hack/populate_secrets.sh"
|
|
|
|
"nix build -v -f ./ci-root.nix --argstr system ${system} --substituters \"https://cache.nixos.org/ s3://lukegb-nix-cache?endpoint=storage.googleapis.com&trusted=1\""
|
|
|
|
"nix copy -v --to 's3://lukegb-nix-cache?endpoint=storage.googleapis.com' ./result"
|
|
|
|
];
|
|
|
|
allow_failure = true;
|
|
|
|
tags = [ "macos" ];
|
|
|
|
};
|
|
|
|
in {
|
2022-05-17 00:38:27 +00:00
|
|
|
stages = [ "build" "deploy-mach" "deploy-other" ];
|
2021-03-28 15:27:46 +00:00
|
|
|
|
|
|
|
nixCache = {
|
|
|
|
stage = "build";
|
|
|
|
image = "nixos/nix:latest";
|
|
|
|
script = [
|
|
|
|
"nix run -f ./ third_party.nixpkgs.bash -c ./hack/populate_secrets.sh"
|
|
|
|
"nix build -v -f ./ci-root.nix --substituters \"https://cache.nixos.org/ s3://lukegb-nix-cache?endpoint=storage.googleapis.com&trusted=1\""
|
2022-10-09 17:11:48 +00:00
|
|
|
"sleep 10" # give sqlite some time to sync :(
|
|
|
|
"cp /nix/var/nix/db/db.sqlite* ./"
|
2022-10-09 16:35:43 +00:00
|
|
|
"GOOGLE_APPLICATION_CREDENTIALS=$HOME/sa.json nix run -f ./ go.nix.bcacheup -c bcacheup --cache_url gs://lukegb-nix-cache --nix_store_db ./db.sqlite ./result"
|
2021-03-28 15:27:46 +00:00
|
|
|
"cat ./result/other-systemPathJSON > systems.json"
|
|
|
|
];
|
|
|
|
artifacts = {
|
|
|
|
paths = [ "systems.json" ];
|
|
|
|
expire_in = "30 days";
|
|
|
|
};
|
|
|
|
tags = [ "cacher" ];
|
|
|
|
};
|
2021-04-09 20:03:51 +00:00
|
|
|
|
2021-09-05 09:24:03 +00:00
|
|
|
nixCacheMacOSIntel = macOS "x86_64-darwin";
|
|
|
|
nixCacheMacOSARM = macOS "aarch64-darwin";
|
2022-04-05 21:04:32 +00:00
|
|
|
|
|
|
|
lukegbcom = {
|
2022-05-17 00:38:27 +00:00
|
|
|
stage = "deploy-other";
|
2022-04-05 21:04:32 +00:00
|
|
|
needs = [{ job = "nixCache"; artifacts = false; }];
|
|
|
|
tags = [ "cacher" ];
|
|
|
|
only.refs = [ "branch/default" ];
|
|
|
|
|
2022-04-05 21:09:21 +00:00
|
|
|
script = ''
|
|
|
|
export NIX_PATH=nixpkgs=$(readlink -f third_party/nixpkgs)
|
|
|
|
cd web/lukegbcom
|
|
|
|
./deploy.sh
|
|
|
|
'';
|
2022-04-05 21:04:32 +00:00
|
|
|
};
|
2022-04-05 21:13:21 +00:00
|
|
|
} // (lib.mapAttrs deployStage deployMachs);
|
2021-03-28 15:27:46 +00:00
|
|
|
|
|
|
|
deployMachs = lib.filterAttrs (name: cfg: cfg.config.my.deploy.enable) depot.ops.nixos.systemConfigs;
|
2021-05-22 22:58:25 +00:00
|
|
|
deployStage = machName: mach: ({
|
2022-05-17 00:38:27 +00:00
|
|
|
stage = "deploy-mach";
|
2021-03-28 15:27:46 +00:00
|
|
|
needs = [{ job = "nixCache"; artifacts = true; }];
|
|
|
|
tags = [ "deployer" ];
|
|
|
|
|
|
|
|
resource_group = machName;
|
|
|
|
script = ''./hack/deploy.sh "${machName}" "${mach.config.my.deploy.args}"'';
|
|
|
|
environment = {
|
|
|
|
name = machName;
|
|
|
|
};
|
2021-05-22 22:58:25 +00:00
|
|
|
allow_failure = true;
|
2022-03-20 10:26:56 +00:00
|
|
|
|
|
|
|
only.refs = [ "branch/default" ];
|
2021-05-22 22:58:25 +00:00
|
|
|
} // lib.optionalAttrs (!mach.config.my.deploy.enable) {
|
|
|
|
when = "manual";
|
|
|
|
});
|
2021-03-28 15:27:46 +00:00
|
|
|
|
|
|
|
format = pkgs.formats.yaml { };
|
|
|
|
configFile = format.generate ".gitlab-ci.yml" cfg;
|
|
|
|
in
|
|
|
|
configFile
|