os/.drone.yml

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

167 lines
5.1 KiB
YAML
Raw Normal View History

2022-04-30 14:38:19 +00:00
---
kind: pipeline
2022-10-14 23:58:36 +00:00
type: exec
name: Check and deploy
2022-10-14 23:58:36 +00:00
node:
hosttype: baremetal
2022-04-30 14:38:19 +00:00
steps:
- name: "Check"
when:
event:
- pull_request
environment:
2023-01-29 01:46:53 +00:00
NIX_FLAGS: "--print-build-logs --verbose --accept-flake-config"
2022-04-30 14:38:19 +00:00
commands:
- 'echo DEBUG: Using NIX_FLAGS: $NIX_FLAGS'
2022-08-14 19:40:29 +00:00
- nix $$NIX_FLAGS develop --command nix flake show
- nix $$NIX_FLAGS build ".#nixosConfigurations.host_001_momo_koeln.config.system.build.toplevel"
- name: "Deploy"
when:
event:
- push
branch:
- momo/main
environment:
NIX_FLAGS: "--print-build-logs --verbose --accept-flake-config"
PRIVATE_SSH_KEY:
from_secret: ci_private_ssh_key
SSH_HOST_KEY: "80.244.242.4 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE7XTCHfX6ta8EtkdOcZLnpdhMmXDfTebVMs4NC8JEPj"
# SSH uses HOME from /etc/passwd, not from the environment, so override it
NIX_SSHOPTS: "-o UserKnownHostsFile=$$HOME/.ssh/known_hosts -i $$HOME/.ssh/id_ed25519"
commands:
- mkdir $$HOME/.ssh && chmod 700 $$HOME/.ssh
- echo "$$PRIVATE_SSH_KEY" > $$HOME/.ssh/id_ed25519 && chmod 600 $$HOME/.ssh/id_ed25519
- echo "$$SSH_HOST_KEY" > $$HOME/.ssh/known_hosts
- "echo DEBUG: Using NIX_FLAGS: $$NIX_FLAGS"
- nix $$NIX_FLAGS develop --command deploy --magic-rollback false --skip-checks --targets '.#host_001_momo_koeln'
---
kind: pipeline
type: exec
name: Tests
2022-10-14 23:58:36 +00:00
node:
hosttype: baremetal
steps:
- name: "Tests"
environment:
2023-01-29 01:46:53 +00:00
NIX_FLAGS: "--print-build-logs --verbose --accept-flake-config"
commands:
- 'echo DEBUG: Using NIX_FLAGS: $NIX_FLAGS'
- nix $$NIX_FLAGS build ".#checks.x86_64-linux.customTestFor-PubSolarOS-firstTest"
- nix-store --read-log result
- nix $$NIX_FLAGS flake check
- nix $$NIX_FLAGS develop --command echo OK
2022-08-14 19:40:29 +00:00
- name: "Upload artifacts"
environment:
TRITON_DONT_SOURCE_PROFILE: 1
PRIVATE_SSH_KEY:
from_secret: private_ssh_key
MANTA_USER: pub_solar
MANTA_URL: https://eu-central.manta.greenbaum.cloud
MANTA_KEY_ID: "5d:5f:3d:22:8d:37:1f:e6:d6:ab:06:18:d9:a2:04:67"
2022-08-14 19:40:29 +00:00
commands:
- export TARGET_DIR="ci/$${DRONE_REPO}/$${DRONE_BUILD_NUMBER}"
2022-08-14 19:40:29 +00:00
- echo env var TARGET_DIR is set to $$TARGET_DIR
- "mkdir ~/.ssh && chmod 700 ~/.ssh"
- echo "$$PRIVATE_SSH_KEY" > ~/.ssh/id_ed25519 && chmod 600 ~/.ssh/id_ed25519
- nix flake new --template "git+https://git.greenbaum.cloud/dev/tritonshell?ref=main" ./tritonshell
- git add tritonshell
- cd tritonshell
- nix develop --command mput -p -f ../result/foot_wayland_info.png ~~/public/$${TARGET_DIR}/foot_wayland_info.png
- nix develop --command mput -p -f ../result/test-wayland.out ~~/public/$${TARGET_DIR}/test-wayland.out
2022-08-14 19:40:29 +00:00
trigger:
ref:
- refs/tags/v*
- refs/tags/t*
---
kind: pipeline
type: docker
name: Notification
steps:
- name: "Notify matrix"
image: plugins/matrix
settings:
homeserver: https://matrix.pub.solar
roomid: dfQBqwkhIzrFjMSsxy:pub.solar
username:
from_secret: matrix_username
password:
from_secret: matrix_password
template: "Test run triggered by tag: {{ build.tag }}. Test run exit status: {{ build.status }}. Artifacts uploaded to Manta: https://eu-central.manta.greenbaum.cloud/pub_solar/public/ci/{{ repo.Owner }}/{{ repo.Name }}/{{ build.number }}/foot_wayland_info.png"
trigger:
ref:
- refs/tags/v*
- refs/tags/t*
2021-10-24 20:55:28 +00:00
---
kind: pipeline
type: docker
name: Publish ISO
steps:
- name: "Build ISO"
image: docker.nix-community.org/nixpkgs/nix-flakes:latest
environment:
2023-01-29 01:46:53 +00:00
NIX_FLAGS: "--print-build-logs --verbose --accept-flake-config"
2021-10-24 20:55:28 +00:00
volumes:
- name: file-exchange
2021-10-24 21:13:13 +00:00
path: /var/nix/iso-cache
2021-10-24 20:55:28 +00:00
commands:
- |
nix $$NIX_FLAGS build \
'.#nixosConfigurations.bootstrap.config.system.build.isoImage'
- cp $(readlink -f result)/iso/PubSolarOS*.iso /var/nix/iso-cache/
- nix shell nixpkgs#findutils
- cd /var/nix/iso-cache/
- export ISO_NAME=$(find . -name '*.iso' -printf "%f\n")
- sha256sum $ISO_NAME > $ISO_NAME.sha256
- ln -s $ISO_NAME PubSolarOS-latest.iso
- cp $ISO_NAME.sha256 PubSolarOS-latest.iso.sha256
- nix run nixpkgs#gnused -- --in-place "s/$ISO_NAME/PubSolarOS-latest.iso/" PubSolarOS-latest.iso.sha256
2021-10-24 20:55:28 +00:00
- name: "Publish ISO"
# https://github.com/appleboy/drone-scp/pull/141 got merged, yay
image: appleboy/drone-scp:1.6.5-linux-amd64
2021-10-24 20:55:28 +00:00
volumes:
- name: file-exchange
2021-10-24 21:13:13 +00:00
path: /var/nix/iso-cache
2021-10-24 20:55:28 +00:00
settings:
host:
from_secret: iso_web_ssh_host
2021-10-24 20:55:28 +00:00
user:
from_secret: iso_web_ssh_user
2021-10-24 20:55:28 +00:00
port:
from_secret: iso_web_ssh_port
2021-10-24 20:55:28 +00:00
key:
from_secret: iso_web_ssh_key
target: /srv/www/os/download
2021-10-24 20:55:28 +00:00
source:
2021-10-25 19:51:13 +00:00
- /var/nix/iso-cache/*.iso
- /var/nix/iso-cache/*.iso.sha256
2022-10-20 11:56:57 +00:00
unlink_first: true
2021-10-26 08:14:42 +00:00
strip_components: 3
2021-10-24 20:55:28 +00:00
trigger:
branch:
- main
event:
- push
2021-10-24 20:55:28 +00:00
volumes:
- name: file-exchange
temp: {}
2021-10-24 20:55:28 +00:00
---
kind: signature
hmac: c7083fb6372539aee0c22490f08252ec310de8e92f6d5b7d58872ffc649de660
...