feat: initial v3 rewrite

templates/nix-gitlab-ci.yml

@@ -0,0 +1,113 @@
+spec:
+  inputs:
+    cache_strategy:
+      type: string
+      description: |
+        auto (default) | none | runner | cachix | attic
+        Sets the default caching strategy. 
+        - "auto": dynamically selects the best strategy for every job based on env variables
+        - "none": disables caching
+        - "runner", "cachix" & "attic": forces every job to use this strategy
+
+        Can be overridden by setting NIX_CI_CACHE_STRATEGY in the pipeline variables.
+      default: "auto"
+    cache_files:
+      type: array
+      description: |
+        Files to use as the cache key for the generated pipeline yaml.
+        If you use "ci.nix" to define CI, add that here for example.
+        Note that max 2 items are allowed in cache:key:files, so use something like
+        ["flake.*", "ci.nix"] f. ex. to match flake.lock, flake.nix and ci.nix.
+      default: ["flake.nix", "flake.lock"]
+    version:
+      type: string
+      description: |
+        Which version of the Nix CI image to use. Using a tag/version is recommended.
+    stage_build:
+      type: string
+      description: The CI stage for building the dynamic pipeline.
+      default: build
+    stage_trigger:
+      type: string
+      description: The CI stage for triggering the dynamic pipeline.
+      default: trigger
+---
+stages:
+  - $[[ inputs.stage_build ]]
+  - $[[ inputs.stage_trigger ]]
+variables:
+  # These can be overriden, see https://docs.gitlab.com/ci/variables/#cicd-variable-precedence
+  # which image should be used by default.
+  NIX_CI_IMAGE: registry.gitlab.com/technofab/nix-gitlab-ci/nix-ci:$[[ inputs.version ]]
+  # default cache stategy
+  NIX_CI_CACHE_STRATEGY: $[[ inputs.cache_strategy ]]
+nix-ci:build:
+  stage: $[[ inputs.stage_build ]]
+  image: $NIX_CI_IMAGE
+  cache:
+    - key:
+        files: $[[ inputs.cache_files ]]
+      paths:
+        - .nix-ci-pipelines/
+    - key: nix
+      paths:
+        - .nix-cache/
+  before_script:
+    - |
+        # if no explicit pipeline is requested
+        if [[ -z "${NIX_CI_PIPELINE_NAME:-}" ]]; then
+          # if regex matches, use pipeline "default", otherwise $CI_PIPELINE_SOURCE
+          [[ "${CI_PIPELINE_SOURCE}" =~ ${NIX_CI_DEFAULT_SOURCES:-.*} ]] \
+            && NIX_CI_PIPELINE_NAME="default" \
+            || NIX_CI_PIPELINE_NAME="$CI_PIPELINE_SOURCE";
+        fi
+        echo "NIX_CI_GENERATED_PIPELINE_NAME=$NIX_CI_PIPELINE_NAME" >> trigger.env
+        # inheritance of pipeline variables is a bit weird, so explicitly override them
+        # (ctx: setting any of these in the project variables would only apply correctly
+        # in this pipeline, not the child pipeline, instead weirdly enough the default 
+        # variables above are used). If any other variables are added at the top, add them
+        # here aswell
+        echo "NIX_CI_IMAGE=$NIX_CI_IMAGE" >> trigger.env
+        echo "NIX_CI_CACHE_STRATEGY=$NIX_CI_CACHE_STRATEGY" >> trigger.env
+
+        mkdir -p .nix-ci-pipelines/
+        # generated-gitlab-ci.yml exists in the cache
+        [[ -f ".nix-ci-pipelines/${NIX_CI_PIPELINE_NAME}.yml" ]] && export CACHED=true && echo "A cached pipeline file exists (skip cache with NIX_CI_FORCE_BUILD)" || true
+        # allow the user to manually skip the cache (when the key files are not correctly configured etc.)
+        [[ -n "$NIX_CI_FORCE_BUILD" ]] && unset CACHED && echo "Caching skipped for this job (through NIX_CI_FORCE_BUILD)" || true
+
+        # only setup when we need to generate the pipeline yaml
+        if [[ -z "$CACHED" ]]; then
+          source setup_nix_ci; 
+        fi
+  script:
+    # build the pipeline if it does not exist in the cache
+    - >
+        if [[ -z "$CACHED" ]]; then 
+          nix build .#gitlab-ci:pipeline:${NIX_CI_PIPELINE_NAME} && install result .nix-ci-pipelines/${NIX_CI_PIPELINE_NAME}.yml; 
+        fi
+  after_script:
+    # save to binary cache or Gitlab CI cache only if we actually built something
+    #  check if /tmp/nix-store-before exists as $CACHED never exists here and the file only exists if "setup_nix_ci" is called
+    - |
+        if [[ -f "/tmp/nix-store-before" ]]; then 
+          finalize_nix_ci; 
+        fi
+  artifacts:
+    paths:
+      - .nix-ci-pipelines/
+    reports:
+      dotenv: trigger.env
+
+nix-ci:trigger:
+  stage: $[[ inputs.stage_trigger ]]
+  needs:
+    - nix-ci:build
+  trigger:
+    include:
+      - artifact: .nix-ci-pipelines/${NIX_CI_GENERATED_PIPELINE_NAME}.yml
+        job: nix-ci:build
+    strategy: depend
+    forward:
+      pipeline_variables: true
+