47 lines
1.6 KiB
YAML
47 lines
1.6 KiB
YAML
---
|
|
kind: pipeline
|
|
type: exec
|
|
name: Check and deploy
|
|
node:
|
|
hosttype: baremetal
|
|
|
|
steps:
|
|
- name: "Check"
|
|
when:
|
|
event:
|
|
- pull_request
|
|
environment:
|
|
NIX_FLAGS: "--print-build-logs --verbose --accept-flake-config"
|
|
commands:
|
|
- 'echo DEBUG: Using NIX_FLAGS: $NIX_FLAGS'
|
|
- nix $$NIX_FLAGS develop --command nix flake show
|
|
- nix $$NIX_FLAGS develop --command treefmt --fail-on-change
|
|
- nix $$NIX_FLAGS develop --command editorconfig-checker
|
|
- nix $$NIX_FLAGS build ".#nixosConfigurations.pioneer-momo-koeln.config.system.build.toplevel"
|
|
|
|
- name: "Deploy"
|
|
when:
|
|
event:
|
|
- push
|
|
branch:
|
|
- main
|
|
environment:
|
|
NIX_FLAGS: "--print-build-logs --verbose --accept-flake-config"
|
|
PRIVATE_SSH_KEY:
|
|
from_secret: ci_private_ssh_key
|
|
SSH_HOST_KEY: "80.244.242.4 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFAMFmC8BNq08QLKQLyT139qzh7jIF5yOY32fCHiCMg5"
|
|
commands:
|
|
- mkdir $$HOME/.ssh && chmod 700 $$HOME/.ssh
|
|
- echo "$$PRIVATE_SSH_KEY" > $$HOME/.ssh/id_ed25519 && chmod 600 $$HOME/.ssh/id_ed25519
|
|
- echo "$$SSH_HOST_KEY" > $$HOME/.ssh/known_hosts
|
|
# SSH uses HOME from /etc/passwd, not from the environment, so override it
|
|
- export SSHOPTS="-o UserKnownHostsFile=$$HOME/.ssh/known_hosts -i $$HOME/.ssh/id_ed25519"
|
|
- "echo DEBUG: Using NIX_FLAGS: $$NIX_FLAGS"
|
|
- nix $$NIX_FLAGS develop --command deploy --magic-rollback false --skip-checks --targets '.#pioneer-momo-koeln' --ssh-opts="$$SSHOPTS"
|
|
|
|
---
|
|
kind: signature
|
|
hmac: 0a9bea82f36e5a63794b831c72182305a72901d0985f0a070f876ae7c48421be
|
|
|
|
...
|