From a076f0048a640ed35c27a97479e93cd47388c83f Mon Sep 17 00:00:00 2001 From: technofab Date: Wed, 3 Sep 2025 14:29:56 +0200 Subject: [PATCH] chore(CI): modify cache_files and add ssl ca certs to test job --- .gitlab-ci.yml | 3 +++ nix/repo/ci.nix | 7 ++++++- tests/modules_test.nix | 1 + 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 3dc24e7..bff742c 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -47,6 +47,9 @@ deploy:image: include: - component: $CI_SERVER_FQDN/$CI_PROJECT_PATH/nix-gitlab-ci@$CI_COMMIT_SHORT_SHA inputs: + cache_files: + - flake.* + - nix/repo/ci.nix version: $CI_COMMIT_SHORT_SHA stages: - build-images diff --git a/nix/repo/ci.nix b/nix/repo/ci.nix index 38a650d..5e14188 100644 --- a/nix/repo/ci.nix +++ b/nix/repo/ci.nix @@ -1,10 +1,11 @@ {inputs, ...}: let - inherit (inputs) cilib; + inherit (inputs) pkgs cilib; in cilib.mkCI { config.soonix = { componentUrl = "$CI_SERVER_FQDN/$CI_PROJECT_PATH/nix-gitlab-ci"; componentVersion = "$CI_COMMIT_SHORT_SHA"; + componentInputs.cache_files = ["flake.*" "nix/repo/ci.nix"]; # bootstrapping still needs to be done in the gitlab-ci.yml directly, # the child pipeline can then use the built images to test them extraData = { @@ -63,6 +64,10 @@ in script = [ "nix run .#tests -- --junit=junit.xml" ]; + variables = { + "SSL_CERT_FILE" = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; + "NIX_SSL_CERT_FILE" = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; + }; allow_failure = true; artifacts = { when = "always"; diff --git a/tests/modules_test.nix b/tests/modules_test.nix index 0b467f4..e134293 100644 --- a/tests/modules_test.nix +++ b/tests/modules_test.nix @@ -34,6 +34,7 @@ expected = { stages = [".pre" "test" ".post"]; "test" = { + image = "$NIX_CI_IMAGE"; stage = "test"; before_script = ["source setup_nix_ci \"gitlab-ci:pipeline:test:job-deps:test\""]; script = ["echo hello world"];