2021-06-01 00:58:50 +00:00
stages :
2024-01-21 02:58:57 +00:00
- ci
- artifacts
2024-01-31 00:51:41 +00:00
- publish
2021-05-13 07:57:11 +00:00
2021-03-13 19:00:13 +00:00
variables :
2024-01-21 02:58:57 +00:00
# Makes some things print in color
TERM : ansi
2021-08-13 15:20:40 +00:00
2024-03-13 03:46:43 +00:00
# Avoid duplicate pipelines
# See: https://docs.gitlab.com/ee/ci/yaml/workflow.html#switch-between-branch-pipelines-and-merge-request-pipelines
workflow :
rules :
- if : $CI_PIPELINE_SOURCE == "merge_request_event"
- if : $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS
when : never
- if : $CI
2024-01-21 02:58:57 +00:00
before_script :
2024-03-06 02:42:17 +00:00
# Enable nix-command and flakes
- if command -v nix > /dev/null; then echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf; fi
# Add conduwuit binary cache
- if command -v nix > /dev/null; then echo "extra-substituters = https://attic.kennel.juneis.dog/conduwuit" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null; then echo "extra-trusted-public-keys = conduwuit:lYPVh7o1hLu1idH4Xt2QHaRa49WRGSAqzcfFd94aOTw=" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null; then echo "extra-substituters = https://attic.kennel.juneis.dog/conduit" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null; then echo "extra-trusted-public-keys = conduit:Isq8FGyEC6FOXH6nD+BOeAA+bKp6X6UIbupSlGEPuOg=" >> /etc/nix/nix.conf; fi
# Add upstream Conduit binary cache
- if command -v nix > /dev/null; then echo "extra-substituters = https://nix.computer.surgery/conduit" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null; then echo "extra-trusted-public-keys = conduit:ZGAf6P6LhNvnoJJ3Me3PRg7tlLSrPxcQ2RiE5LIppjo=" >> /etc/nix/nix.conf; fi
2024-04-15 03:01:08 +00:00
2024-03-06 02:42:17 +00:00
# Add alternate binary cache
- if command -v nix > /dev/null && [ -n "$ATTIC_ENDPOINT" ]; then echo "extra-substituters = $ATTIC_ENDPOINT" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null && [ -n "$ATTIC_PUBLIC_KEY" ]; then echo "extra-trusted-public-keys = $ATTIC_PUBLIC_KEY" >> /etc/nix/nix.conf; fi
# Add crane binary cache
- if command -v nix > /dev/null; then echo "extra-substituters = https://crane.cachix.org" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null; then echo "extra-trusted-public-keys = crane.cachix.org-1:8Scfpmn9w+hGdXH/Q9tTLiYAE/2dnJYRJP7kl80GuRk=" >> /etc/nix/nix.conf; fi
# Add nix-community binary cache
- if command -v nix > /dev/null; then echo "extra-substituters = https://nix-community.cachix.org" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null; then echo "extra-trusted-public-keys = nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" >> /etc/nix/nix.conf; fi
2024-01-21 02:58:57 +00:00
# Install direnv and nix-direnv
2024-03-06 02:42:17 +00:00
- if command -v nix > /dev/null; then nix-env -iA nixpkgs.direnv nixpkgs.nix-direnv; fi
2022-02-15 10:17:32 +00:00
2024-01-21 02:58:57 +00:00
# Allow .envrc
- if command -v nix > /dev/null; then direnv allow; fi
2022-02-15 10:17:32 +00:00
2024-01-21 02:58:57 +00:00
# Set CARGO_HOME to a cacheable path
- export CARGO_HOME="$(git rev-parse --show-toplevel)/.gitlab-ci.d/cargo"
2023-06-26 20:06:17 +00:00
2024-01-21 02:58:57 +00:00
ci :
stage : ci
2024-04-05 15:55:27 +00:00
image : nixos/nix:2.21.2
2022-10-29 12:32:22 +00:00
script :
2024-03-06 02:42:17 +00:00
# Cache the inputs required for the devShell
- ./bin/nix-build-and-cache .#devShells.x86_64-linux.default.inputDerivation
2024-01-21 02:58:57 +00:00
- direnv exec . engage
cache :
key : nix
paths :
- target
- .gitlab-ci.d
2024-03-08 04:40:42 +00:00
rules :
# CI on upstream runners (only available for maintainers)
- if : $CI_PIPELINE_SOURCE == "merge_request_event" && $IS_UPSTREAM_CI == "true"
2024-03-13 03:46:43 +00:00
# Manual CI on unprotected branches that are not MRs
- if : $CI_PIPELINE_SOURCE != "merge_request_event" && $CI_COMMIT_REF_PROTECTED == "false"
when : manual
2024-03-08 04:40:42 +00:00
# Manual CI on forks
- if : $IS_UPSTREAM_CI != "true"
when : manual
- if : $CI
2024-03-13 03:46:43 +00:00
interruptible : true
2022-02-18 21:29:55 +00:00
2024-03-06 02:42:17 +00:00
artifacts :
2024-01-26 04:39:59 +00:00
stage : artifacts
2024-04-05 15:55:27 +00:00
image : nixos/nix:2.21.2
2024-01-26 04:39:59 +00:00
script :
- ./bin/nix-build-and-cache .#static-x86_64-unknown-linux-musl
2024-03-06 02:42:17 +00:00
- cp result/bin/conduit x86_64-unknown-linux-musl
2024-01-26 04:39:59 +00:00
2024-03-06 02:42:17 +00:00
- mkdir -p target/release
- cp result/bin/conduit target/release
- direnv exec . cargo deb --no-build
- mv target/debian/*.deb x86_64-unknown-linux-musl.deb
2024-01-26 04:39:59 +00:00
# Since the OCI image package is based on the binary package, this has the
# fun side effect of uploading the normal binary too. Conduit users who are
# deploying with Nix can leverage this fact by adding our binary cache to
# their systems.
2024-03-06 02:42:17 +00:00
#
# Note that although we have an `oci-image-x86_64-unknown-linux-musl`
# output, we don't build it because it would be largely redundant to this
# one since it's all containerized anyway.
2024-01-26 04:39:59 +00:00
- ./bin/nix-build-and-cache .#oci-image
2024-01-31 00:51:41 +00:00
- cp result oci-image-amd64.tar.gz
2024-01-26 04:39:59 +00:00
2024-03-06 02:42:17 +00:00
- ./bin/nix-build-and-cache .#static-aarch64-unknown-linux-musl
- cp result/bin/conduit aarch64-unknown-linux-musl
2022-06-22 22:14:53 +00:00
2024-03-06 02:42:17 +00:00
- ./bin/nix-build-and-cache .#oci-image-aarch64-unknown-linux-musl
2024-01-31 00:51:41 +00:00
- cp result oci-image-arm64v8.tar.gz
2024-03-17 22:06:10 +00:00
- ./bin/nix-build-and-cache .#book
# We can't just copy the symlink, we need to dereference it https://gitlab.com/gitlab-org/gitlab/-/issues/19746
- cp -r --dereference result public
2022-06-22 22:14:53 +00:00
artifacts :
2024-01-21 02:58:57 +00:00
paths :
2024-03-06 02:42:17 +00:00
- x86_64-unknown-linux-musl
- aarch64-unknown-linux-musl
- x86_64-unknown-linux-musl.deb
- oci-image-amd64.tar.gz
2024-01-31 00:51:41 +00:00
- oci-image-arm64v8.tar.gz
2024-03-17 22:17:46 +00:00
- public
2024-03-08 04:40:42 +00:00
rules :
# CI required for all MRs
- if : $CI_PIPELINE_SOURCE == "merge_request_event"
# Optional CI on forks
- if : $IS_UPSTREAM_CI != "true"
when : manual
allow_failure : true
- if : $CI
2024-03-13 03:46:43 +00:00
interruptible : true
2021-08-13 15:20:40 +00:00
2024-03-06 02:42:17 +00:00
.push-oci-image :
2024-01-31 00:51:41 +00:00
stage : publish
2024-04-15 03:01:08 +00:00
image : docker:26.0.1
2024-01-31 00:51:41 +00:00
services :
2024-04-15 03:01:08 +00:00
- docker:26.0.1-dind
2024-01-31 00:51:41 +00:00
variables :
IMAGE_SUFFIX_AMD64 : amd64
IMAGE_SUFFIX_ARM64V8 : arm64v8
script :
- docker load -i oci-image-amd64.tar.gz
2024-02-14 23:13:08 +00:00
- IMAGE_ID_AMD64=$(docker images -q conduit:main)
2024-01-31 00:51:41 +00:00
- docker load -i oci-image-arm64v8.tar.gz
2024-02-14 23:13:08 +00:00
- IMAGE_ID_ARM64V8=$(docker images -q conduit:main)
2024-01-31 00:51:41 +00:00
# Tag and push the architecture specific images
- docker tag $IMAGE_ID_AMD64 $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_AMD64
- docker tag $IMAGE_ID_ARM64V8 $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_ARM64V8
- docker push $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_AMD64
- docker push $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_ARM64V8
# Tag the multi-arch image
- docker manifest create $IMAGE_NAME:$CI_COMMIT_SHA --amend $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_AMD64 --amend $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_ARM64V8
- docker manifest push $IMAGE_NAME:$CI_COMMIT_SHA
# Tag and push the git ref
- docker manifest create $IMAGE_NAME:$CI_COMMIT_REF_NAME --amend $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_AMD64 --amend $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_ARM64V8
- docker manifest push $IMAGE_NAME:$CI_COMMIT_REF_NAME
# Tag git tags as 'latest'
- |
if [[ -n "$CI_COMMIT_TAG" ]]; then
docker manifest create $IMAGE_NAME:latest --amend $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_AMD64 --amend $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_ARM64V8
docker manifest push $IMAGE_NAME:latest
fi
dependencies :
2024-03-06 02:42:17 +00:00
- artifacts
2024-01-31 00:51:41 +00:00
only :
2024-02-14 23:13:08 +00:00
- main
2024-01-31 00:51:41 +00:00
- tags
2024-03-06 02:42:17 +00:00
oci-image:push-gitlab :
extends : .push-oci-image
variables :
IMAGE_NAME : $CI_REGISTRY_IMAGE/conduwuit
before_script :
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
2024-03-17 22:06:10 +00:00
pages :
stage : publish
dependencies :
- artifacts
only :
- next
script :
- "true"
artifacts :
paths :
- public