ci: deploy host_001_momo_koeln on every push to
momo/main The branch momo/main is now protected from direct pushes and changes should go through review before getting merged Fix drone lint errors: Pipeline stage 'Notification' declares invalid dependency 'Tests' Pipeline stage 'Publish ISO' declares invalid dependency 'Check'
This commit is contained in:
parent
4b5955a164
commit
716f22e32d
26
.drone.yml
26
.drone.yml
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
kind: pipeline
|
||||
type: exec
|
||||
name: Check
|
||||
name: Check and deploy
|
||||
node:
|
||||
hosttype: baremetal
|
||||
|
||||
|
@ -17,6 +17,22 @@ steps:
|
|||
- nix $$NIX_FLAGS develop --command nix flake show
|
||||
- nix $$NIX_FLAGS build ".#nixosConfigurations.host_001_momo_koeln.config.system.build.toplevel"
|
||||
|
||||
- name: "Deploy"
|
||||
when:
|
||||
event:
|
||||
- push
|
||||
branch:
|
||||
- momo/main
|
||||
environment:
|
||||
NIX_FLAGS: "--print-build-logs --verbose --accept-flake-config"
|
||||
PRIVATE_SSH_KEY:
|
||||
from_secret: ci_private_ssh_key
|
||||
commands:
|
||||
- "mkdir ~/.ssh && chmod 700 ~/.ssh"
|
||||
- echo "$$PRIVATE_SSH_KEY" > ~/.ssh/id_ed25519 && chmod 600 ~/.ssh/id_ed25519
|
||||
- 'echo DEBUG: Using NIX_FLAGS: $NIX_FLAGS'
|
||||
- nix $$NIX_FLAGS develop --command deploy --magic-rollback false --skip-checks --targets '.#host_001_momo_koeln'
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: exec
|
||||
|
@ -76,9 +92,6 @@ steps:
|
|||
from_secret: matrix_password
|
||||
template: "Test run triggered by tag: {{ build.tag }}. Test run exit status: {{ build.status }}. Artifacts uploaded to Manta: https://eu-central.manta.greenbaum.cloud/pub_solar/public/ci/{{ repo.Owner }}/{{ repo.Name }}/{{ build.number }}/foot_wayland_info.png"
|
||||
|
||||
depends_on:
|
||||
- Tests
|
||||
|
||||
trigger:
|
||||
ref:
|
||||
- refs/tags/v*
|
||||
|
@ -132,9 +145,6 @@ steps:
|
|||
unlink_first: true
|
||||
strip_components: 3
|
||||
|
||||
depends_on:
|
||||
- Check
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
- main
|
||||
|
@ -147,6 +157,6 @@ volumes:
|
|||
|
||||
---
|
||||
kind: signature
|
||||
hmac: 4eafc30355db63df1c207a267669400120d18a479bf850923cd646f7cb0fabac
|
||||
hmac: e50c1347f8645fa2591afa05643eb0c293b70ef1628d157d16d3d819b27f6e7c
|
||||
|
||||
...
|
||||
|
|
|
@ -12,17 +12,16 @@ in {
|
|||
|
||||
security.sudo.extraRules = [
|
||||
{
|
||||
users = [ "${psCfg.user.name}" ];
|
||||
users = ["${psCfg.user.name}"];
|
||||
commands = [
|
||||
{
|
||||
command = "ALL";
|
||||
options = [ "NOPASSWD" ];
|
||||
options = ["NOPASSWD"];
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
|
||||
|
||||
pub-solar = {
|
||||
user = {
|
||||
name = "barkeeper";
|
||||
|
@ -35,9 +34,9 @@ in {
|
|||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAqkqMYgncrnczcW/0PY+Z+FmNXXpgw6D9JWTTwiainy hensoko@hensoko-tp-work"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEbaQdxp7Flz6ttELe63rn+Nt9g43qJOLih6VCMP4gPb @hensoko"
|
||||
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFro/k4Mgqyh8yV/7Zwjc0dv60ZM7bROBU9JNd99P/4co6fxPt1pJiU/pEz2Dax/HODxgcO+jFZfvPEuLMCeAl0= YubiKey #10593996 PIV Slot 9a @teutat3s"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGP5MvCwNRtCcP1pSDrn0XZTNlpOqYnjHDm9/OI4hECW @ci-drone-runner"
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue