technofab/nix-gitlab-ci
1
0
Fork 0
mirror of https://gitlab.com/TECHNOFAB/nix-gitlab-ci.git synced 2025-12-12 02:00:13 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor(template): get rid of rules and work around limitations in a new way

Browse source
This commit is contained in:
technofab 2025-03-04 16:12:51 +01:00
parent a5fba6d27d
commit f1b8b5a210
2 changed files with 50 additions and 52 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.gitlab-ci.yml
View file

@ -1,7 +1,7 @@
include:
- component: $CI_SERVER_FQDN/$CI_PROJECT_PATH/nix-gitlab-ci@$CI_COMMIT_SHA
variables:
NIX_CI_VERSION: $CI_COMMIT_SHORT_SHA
inputs:
version: $CI_COMMIT_SHORT_SHA
stages:
- build-images
- build

98
templates/nix-gitlab-ci.yml
View file

@ -10,84 +10,82 @@ spec:
type: array
description: |
Files to use as the cache key for the generated pipeline yaml.
If you use "ci.nix" to define CI, add that here for example
If you use "ci.nix" to define CI, add that here for example.
Note that max 2 items are allowed in cache:key:files, so use something like
["flake.*", "ci.nix"] f. ex. to match flake.lock, flake.nix and ci.nix.
default: ["flake.nix", "flake.lock"]
version:
type: string
description: |
Which version of the Nix CI image to use. Using a tag/version is recommended.
---
stages:
- build
- trigger
variables:
# which version of the image should be used
_NIX_CI_VERSION: ${NIX_CI_VERSION}
_NIX_CI_IMAGE: registry.gitlab.com/technofab/nix-gitlab-ci/nix-ci:${_NIX_CI_VERSION}
# force build the pipeline yaml
_NIX_CI_FORCE_BUILD: ${NIX_CI_FORCE_BUILD}
# disable caching on the child pipeline jobs
_NIX_CI_DISABLE_CACHE: ${NIX_CI_DISABLE_CACHE}
# type of cache strategy to use (none, runner, attic, cachix)
_NIX_CI_CACHE_STRATEGY: $[[ inputs.cache_strategy ]]
# for multiple pipelines
_NIX_CI_PIPELINE_NAME: ${CI_PIPELINE_SOURCE}
# set NIX_CI_DEFAULT_SOURCES to something like "/^web/" or "/^web|push/",
# then this will default to the "default" pipeline for these sources.
# By default we map everything to "default" (man that's quite a bunch of defaults)
_NIX_CI_DEFAULT_SOURCES: "/.*/"
.env_overrides: &env_overrides
rules:
- if: $NIX_CI_IMAGE != null
variables:
_NIX_CI_IMAGE: $NIX_CI_IMAGE
- if: $NIX_CI_CACHE_STRATEGY != null
variables:
_NIX_CI_CACHE_STRATEGY: $NIX_CI_CACHE_STRATEGY
- if: $NIX_CI_DEFAULT_SOURCES != null
variables:
_NIX_CI_DEFAULT_SOURCES: $NIX_CI_DEFAULT_SOURCES
- if: '$CI_PIPELINE_SOURCE =~ $_NIX_CI_DEFAULT_SOURCES'
variables:
_NIX_CI_PIPELINE_NAME: default
- if: $NIX_CI_PIPELINE_NAME != null
variables:
_NIX_CI_PIPELINE_NAME: $NIX_CI_PIPELINE_NAME
- when: on_success
# These can be overriden, see https://docs.gitlab.com/ci/variables/#cicd-variable-precedence
# which image should be used by default.
NIX_CI_IMAGE: registry.gitlab.com/technofab/nix-gitlab-ci/nix-ci:$[[ inputs.version ]]
# default cache stategy
NIX_CI_CACHE_STRATEGY: $[[ inputs.cache_strategy ]]
nix-ci:build:
<<: *env_overrides
stage: build
image: $_NIX_CI_IMAGE
image: $NIX_CI_IMAGE
cache:
- key:
files: $[[ inputs.cache_files ]]
prefix: $_NIX_CI_PIPELINE_NAME
paths:
- generated-gitlab-ci.yml
- .nix-ci-pipelines/
- key: nix
paths:
- .nix-cache/
before_script:
# generated-gitlab-ci.yml exists in the cache
- '[ -f "generated-gitlab-ci.yml" ] && export CACHED=true && echo "A cached pipeline file exists (skip cache with NIX_CI_FORCE_BUILD)" || true'
# allow the user to manually skip the cache (when the key files are not correctly configured etc.)
- '[ -n "$_NIX_CI_FORCE_BUILD" ] && unset CACHED && echo "Caching skipped for this job (through NIX_CI_FORCE_BUILD)" || true'
# only setup when we need to generate the pipeline yaml
- 'if [ -z "$CACHED" ]; then source setup_nix_ci; fi'
- |
# if no explicit pipeline is requested
if [[ -z "${NIX_CI_PIPELINE_NAME:-}" ]]; then
# if regex matches, use pipeline "default", otherwise $CI_PIPELINE_SOURCE
[[ "${CI_PIPELINE_SOURCE}" =~ ${NIX_CI_DEFAULT_SOURCES:-.*} ]] \
&& NIX_CI_PIPELINE_NAME="default" \
|| NIX_CI_PIPELINE_NAME="$CI_PIPELINE_SOURCE";
fi
echo "NIX_CI_GENERATED_PIPELINE_NAME=$NIX_CI_PIPELINE_NAME" >> trigger.env
mkdir -p .nix-ci-pipelines/
# generated-gitlab-ci.yml exists in the cache
[[ -f ".nix-ci-pipelines/${NIX_CI_PIPELINE_NAME}.yml" ]] && export CACHED=true && echo "A cached pipeline file exists (skip cache with NIX_CI_FORCE_BUILD)" || true
# allow the user to manually skip the cache (when the key files are not correctly configured etc.)
[[ -n "$NIX_CI_FORCE_BUILD" ]] && unset CACHED && echo "Caching skipped for this job (through NIX_CI_FORCE_BUILD)" || true
# only setup when we need to generate the pipeline yaml
if [[ -z "$CACHED" ]]; then
source setup_nix_ci;
fi
script:
# build the generated-gitlab-ci.yml if it does not exist in the cache
- 'if [ -z "$CACHED" ]; then nix build .#gitlab-ci:pipeline:${_NIX_CI_PIPELINE_NAME} && install result generated-gitlab-ci.yml; fi'
# build the pipeline if it does not exist in the cache
- >
if [[ -z "$CACHED" ]]; then
nix build .#gitlab-ci:pipeline:${NIX_CI_PIPELINE_NAME} && install result .nix-ci-pipelines/${NIX_CI_PIPELINE_NAME}.yml;
fi
after_script:
# save to binary cache or Gitlab CI cache only if we actually built something
# check if /tmp/nix-store-before exists as $CACHED never exists here and the file only exists if "setup_nix_ci" is called
- 'if [ -f "/tmp/nix-store-before" ]; then finalize_nix_ci; fi'
- |
if [[ -f "/tmp/nix-store-before" ]]; then
finalize_nix_ci;
fi
artifacts:
paths:
- generated-gitlab-ci.yml
- .nix-ci-pipelines/
reports:
dotenv: trigger.env
nix-ci:trigger:
<<: *env_overrides
stage: trigger
needs:
- nix-ci:build
trigger:
include:
- artifact: generated-gitlab-ci.yml
- artifact: .nix-ci-pipelines/${NIX_CI_GENERATED_PIPELINE_NAME}.yml
job: nix-ci:build
strategy: depend
forward: