mirror of
https://gitlab.com/TECHNOFAB/nix-gitlab-ci.git
synced 2025-12-12 02:00:13 +01:00
chore(repo): add soonix to generate .gitlab-ci.yml
This commit is contained in:
parent
e074d716c4
commit
6e4347af69
5 changed files with 137 additions and 2 deletions
54
.gitlab-ci.yml
Normal file
54
.gitlab-ci.yml
Normal file
|
|
@ -0,0 +1,54 @@
|
||||||
|
# Generated by soonix, DO NOT EDIT
|
||||||
|
build:image:
|
||||||
|
after_script:
|
||||||
|
- install -D result dist/nix-ci-$ARCH.tar.gz
|
||||||
|
artifacts:
|
||||||
|
paths:
|
||||||
|
- dist
|
||||||
|
image: nixpkgs/nix-flakes:latest
|
||||||
|
parallel:
|
||||||
|
matrix:
|
||||||
|
- ARCH:
|
||||||
|
- x86_64-linux
|
||||||
|
- aarch64-linux
|
||||||
|
script:
|
||||||
|
- nix build .#image --system $ARCH
|
||||||
|
stage: build-images
|
||||||
|
deploy:image:
|
||||||
|
before_script:
|
||||||
|
- 'nix profile install nixpkgs#buildah
|
||||||
|
|
||||||
|
export PATH="$PATH:$HOME/.nix-profile/bin"
|
||||||
|
|
||||||
|
export REGISTRY_AUTH_FILE=${HOME}/auth.json
|
||||||
|
|
||||||
|
echo "$CI_REGISTRY_PASSWORD" | buildah login -u "$CI_REGISTRY_USER" --password-stdin
|
||||||
|
$CI_REGISTRY
|
||||||
|
|
||||||
|
mkdir -p /etc/containers && echo ''{"default":[{"type":"insecureAcceptAnything"}]}''
|
||||||
|
> /etc/containers/policy.json
|
||||||
|
|
||||||
|
mkdir -p /var/tmp
|
||||||
|
|
||||||
|
'
|
||||||
|
image: nixpkgs/nix-flakes:latest
|
||||||
|
needs:
|
||||||
|
- build:image
|
||||||
|
script:
|
||||||
|
- "export NORMALIZED_BRANCH=${CI_COMMIT_BRANCH/\\//-}\nbuildah manifest create localhost/nix-ci\n\
|
||||||
|
buildah manifest add localhost/nix-ci docker-archive:dist/nix-ci-x86_64-linux.tar.gz\n\
|
||||||
|
buildah manifest add localhost/nix-ci docker-archive:dist/nix-ci-aarch64-linux.tar.gz\n\
|
||||||
|
buildah manifest push --all localhost/nix-ci docker://${CI_REGISTRY_IMAGE}/nix-ci:${CI_COMMIT_SHORT_SHA}\n\
|
||||||
|
# branches\nif [ -z \"$CI_COMMIT_TAG\" ]; then\n buildah manifest push --all\
|
||||||
|
\ localhost/nix-ci docker://${CI_REGISTRY_IMAGE}/nix-ci:${NORMALIZED_BRANCH/main/latest}\n\
|
||||||
|
fi\n# tags\nif [ -n \"$CI_COMMIT_TAG\" ]; then\n buildah manifest push --all\
|
||||||
|
\ localhost/nix-ci docker://${CI_REGISTRY_IMAGE}/nix-ci:${CI_COMMIT_TAG}\nfi\n"
|
||||||
|
stage: build-images
|
||||||
|
include:
|
||||||
|
- component: $CI_SERVER_FQDN/$CI_PROJECT_PATH/nix-gitlab-ci@$CI_COMMIT_SHA@$CI_COMMIT_SHORT_SHA
|
||||||
|
inputs:
|
||||||
|
version: $CI_COMMIT_SHORT_SHA
|
||||||
|
stages:
|
||||||
|
- build-images
|
||||||
|
- build
|
||||||
|
- trigger
|
||||||
|
|
@ -2,6 +2,59 @@
|
||||||
inherit (inputs) cilib;
|
inherit (inputs) cilib;
|
||||||
in
|
in
|
||||||
cilib.mkCI {
|
cilib.mkCI {
|
||||||
|
config.soonix = {
|
||||||
|
componentUrl = "$CI_SERVER_FQDN/$CI_PROJECT_PATH/nix-gitlab-ci@$CI_COMMIT_SHA";
|
||||||
|
componentVersion = "$CI_COMMIT_SHORT_SHA";
|
||||||
|
# bootstrapping still needs to be done in the gitlab-ci.yml directly,
|
||||||
|
# the child pipeline can then use the built images to test them
|
||||||
|
extraData = {
|
||||||
|
stages = ["build-images" "build" "trigger"];
|
||||||
|
"build:image" = {
|
||||||
|
stage = "build-images";
|
||||||
|
parallel.matrix = [
|
||||||
|
{ARCH = ["x86_64-linux" "aarch64-linux"];}
|
||||||
|
];
|
||||||
|
image = "nixpkgs/nix-flakes:latest";
|
||||||
|
script = ["nix build .#image --system $ARCH"];
|
||||||
|
after_script = ["install -D result dist/nix-ci-$ARCH.tar.gz"];
|
||||||
|
artifacts.paths = ["dist"];
|
||||||
|
};
|
||||||
|
"deploy:image" = {
|
||||||
|
stage = "build-images";
|
||||||
|
image = "nixpkgs/nix-flakes:latest";
|
||||||
|
needs = ["build:image"];
|
||||||
|
before_script = [
|
||||||
|
# sh
|
||||||
|
''
|
||||||
|
nix profile install nixpkgs#buildah
|
||||||
|
export PATH="$PATH:$HOME/.nix-profile/bin"
|
||||||
|
export REGISTRY_AUTH_FILE=''${HOME}/auth.json
|
||||||
|
echo "$CI_REGISTRY_PASSWORD" | buildah login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
|
||||||
|
mkdir -p /etc/containers && echo '{"default":[{"type":"insecureAcceptAnything"}]}' > /etc/containers/policy.json
|
||||||
|
mkdir -p /var/tmp
|
||||||
|
''
|
||||||
|
];
|
||||||
|
script = [
|
||||||
|
# sh
|
||||||
|
''
|
||||||
|
export NORMALIZED_BRANCH=''${CI_COMMIT_BRANCH/\//-}
|
||||||
|
buildah manifest create localhost/nix-ci
|
||||||
|
buildah manifest add localhost/nix-ci docker-archive:dist/nix-ci-x86_64-linux.tar.gz
|
||||||
|
buildah manifest add localhost/nix-ci docker-archive:dist/nix-ci-aarch64-linux.tar.gz
|
||||||
|
buildah manifest push --all localhost/nix-ci docker://''${CI_REGISTRY_IMAGE}/nix-ci:''${CI_COMMIT_SHORT_SHA}
|
||||||
|
# branches
|
||||||
|
if [ -z "$CI_COMMIT_TAG" ]; then
|
||||||
|
buildah manifest push --all localhost/nix-ci docker://''${CI_REGISTRY_IMAGE}/nix-ci:''${NORMALIZED_BRANCH/main/latest}
|
||||||
|
fi
|
||||||
|
# tags
|
||||||
|
if [ -n "$CI_COMMIT_TAG" ]; then
|
||||||
|
buildah manifest push --all localhost/nix-ci docker://''${CI_REGISTRY_IMAGE}/nix-ci:''${CI_COMMIT_TAG}
|
||||||
|
fi
|
||||||
|
''
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
pipelines."default" = {
|
pipelines."default" = {
|
||||||
stages = ["test" "build" "deploy"];
|
stages = ["test" "build" "deploy"];
|
||||||
jobs = {
|
jobs = {
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,13 @@
|
||||||
{inputs, ...}: let
|
{
|
||||||
inherit (inputs) pkgs devshell treefmt;
|
cell,
|
||||||
|
inputs,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
inherit (inputs) pkgs devshell treefmt soonix;
|
||||||
|
inherit (cell) ci;
|
||||||
in {
|
in {
|
||||||
default = devshell.mkShell {
|
default = devshell.mkShell {
|
||||||
|
imports = [soonix.devshellModule];
|
||||||
packages = [
|
packages = [
|
||||||
pkgs.nil
|
pkgs.nil
|
||||||
(treefmt.mkWrapper pkgs {
|
(treefmt.mkWrapper pkgs {
|
||||||
|
|
@ -23,5 +29,7 @@ in {
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
|
|
||||||
|
soonix.hooks."ci" = ci.soonix;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
18
nix/repo/flake.lock
generated
18
nix/repo/flake.lock
generated
|
|
@ -38,9 +38,27 @@
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"devshell-lib": "devshell-lib",
|
"devshell-lib": "devshell-lib",
|
||||||
"nixtest-lib": "nixtest-lib",
|
"nixtest-lib": "nixtest-lib",
|
||||||
|
"soonix-lib": "soonix-lib",
|
||||||
"treefmt-nix": "treefmt-nix"
|
"treefmt-nix": "treefmt-nix"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"soonix-lib": {
|
||||||
|
"locked": {
|
||||||
|
"dir": "lib",
|
||||||
|
"lastModified": 1756797658,
|
||||||
|
"narHash": "sha256-4rkyP4oaoqG/FFVL7W8U+8hGer4tOBPff/2SeN5tJYQ=",
|
||||||
|
"owner": "TECHNOFAB",
|
||||||
|
"repo": "soonix",
|
||||||
|
"rev": "3baef660cf8b87391d475a0455dd66fae0e60008",
|
||||||
|
"type": "gitlab"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"dir": "lib",
|
||||||
|
"owner": "TECHNOFAB",
|
||||||
|
"repo": "soonix",
|
||||||
|
"type": "gitlab"
|
||||||
|
}
|
||||||
|
},
|
||||||
"treefmt-nix": {
|
"treefmt-nix": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
|
|
|
||||||
|
|
@ -2,6 +2,7 @@
|
||||||
inputs = {
|
inputs = {
|
||||||
devshell-lib.url = "gitlab:rensa-nix/devshell?dir=lib";
|
devshell-lib.url = "gitlab:rensa-nix/devshell?dir=lib";
|
||||||
nixtest-lib.url = "gitlab:TECHNOFAB/nixtest?dir=lib";
|
nixtest-lib.url = "gitlab:TECHNOFAB/nixtest?dir=lib";
|
||||||
|
soonix-lib.url = "gitlab:TECHNOFAB/soonix?dir=lib";
|
||||||
treefmt-nix = {
|
treefmt-nix = {
|
||||||
url = "github:numtide/treefmt-nix";
|
url = "github:numtide/treefmt-nix";
|
||||||
flake = false;
|
flake = false;
|
||||||
|
|
@ -11,6 +12,7 @@
|
||||||
i
|
i
|
||||||
// {
|
// {
|
||||||
devshell = i.devshell-lib.lib {inherit (i.parent) pkgs;};
|
devshell = i.devshell-lib.lib {inherit (i.parent) pkgs;};
|
||||||
|
soonix = i.soonix-lib.lib {inherit (i.parent) pkgs;};
|
||||||
ntlib = i.nixtest-lib.lib {inherit (i.parent) pkgs;};
|
ntlib = i.nixtest-lib.lib {inherit (i.parent) pkgs;};
|
||||||
cilib = import "${i.parent.self}/lib" {inherit (i.parent) pkgs;};
|
cilib = import "${i.parent.self}/lib" {inherit (i.parent) pkgs;};
|
||||||
treefmt = import i.treefmt-nix;
|
treefmt = import i.treefmt-nix;
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue