nix/gitlab-ci: update for lix

This commit is contained in:
Luke Granger-Brown 2024-06-09 23:00:44 +00:00
parent 50e8314d6d
commit 56c12630f3

View file

@ -9,7 +9,7 @@ let
stage = "build"; stage = "build";
image = "nixos/nix:latest"; image = "nixos/nix:latest";
script = [ script = [
"nix run -f ./ third_party.nixpkgs.bash -c ./hack/populate_secrets.sh" "nix run -f ./ third_party.nixpkgs.bash -- ./hack/populate_secrets.sh"
"nix build -v -f ./ci-root.nix --system ${system} --argstr system ${system} --substituters \"https://cache.nixos.org/ s3://lukegb-nix-cache?endpoint=storage.googleapis.com&trusted=1\"" "nix build -v -f ./ci-root.nix --system ${system} --argstr system ${system} --substituters \"https://cache.nixos.org/ s3://lukegb-nix-cache?endpoint=storage.googleapis.com&trusted=1\""
"nix copy -v --to 's3://lukegb-nix-cache?endpoint=storage.googleapis.com' ./result" "nix copy -v --to 's3://lukegb-nix-cache?endpoint=storage.googleapis.com' ./result"
]; ];
@ -21,11 +21,11 @@ let
stage = "build"; stage = "build";
image = "nixos/nix:latest"; image = "nixos/nix:latest";
script = [ script = [
"nix run -f ./ third_party.nixpkgs.bash -c ./hack/populate_secrets.sh" "nix run -f ./ third_party.nixpkgs.bash -- ./hack/populate_secrets.sh"
"nix-instantiate ./ci-root-linux.nix --option substituters \"https://cache.nixos.org/ s3://lukegb-nix-cache?endpoint=storage.googleapis.com&trusted=1\" > drv-name" "nix-instantiate ./ci-root-linux.nix --option substituters \"https://cache.nixos.org/ s3://lukegb-nix-cache?endpoint=storage.googleapis.com&trusted=1\" > drv-name"
"cat drv-name" "cat drv-name"
"ln -s $(cat drv-name) ./result" "ln -s $(cat drv-name) ./result"
"nix run -f ./ go.nix.bcacheup -c bcacheup --cache_url vaultgs://lukegb-nix-cache --vault_addr unix:///run/tokend/sock --vault_token_source gcp/roleset/binary-cache-deployer/token ./result" "nix run -f ./ go.nix.bcacheup -- --cache_url vaultgs://lukegb-nix-cache --vault_addr unix:///run/tokend/sock --vault_token_source gcp/roleset/binary-cache-deployer/token ./result"
]; ];
artifacts = { artifacts = {
paths = [ "drv-name" ]; paths = [ "drv-name" ];
@ -40,7 +40,7 @@ let
script = [ script = [
"for n in 1 2 3 4 5; do echo attempt $n; nix-store --realise $(cat drv-name) --option substituters \"https://cache.nixos.org/ s3://lukegb-nix-cache?endpoint=storage.googleapis.com&trusted=1\" --indirect --add-root ./result && break; done" "for n in 1 2 3 4 5; do echo attempt $n; nix-store --realise $(cat drv-name) --option substituters \"https://cache.nixos.org/ s3://lukegb-nix-cache?endpoint=storage.googleapis.com&trusted=1\" --indirect --add-root ./result && break; done"
"readlink -f ./result" "readlink -f ./result"
"nix run -f ./ go.nix.bcacheup -c bcacheup --cache_url vaultgs://lukegb-nix-cache --vault_addr unix:///run/tokend/sock --vault_token_source gcp/roleset/binary-cache-deployer/token ./result" "nix run -f ./ go.nix.bcacheup -- --cache_url vaultgs://lukegb-nix-cache --vault_addr unix:///run/tokend/sock --vault_token_source gcp/roleset/binary-cache-deployer/token ./result"
"cat ./result/combined-systems > systems.json" "cat ./result/combined-systems > systems.json"
]; ];
timeout = "6h"; timeout = "6h";