2021-06-01 02:58:50 +02:00
stages :
2024-01-21 03:58:57 +01:00
- ci
- artifacts
2024-01-31 01:51:41 +01:00
- publish
2021-05-13 09:57:11 +02:00
2021-03-13 20:00:13 +01:00
variables :
2024-01-21 03:58:57 +01:00
# Makes some things print in color
TERM : ansi
2021-08-13 17:20:40 +02:00
2024-03-13 04:46:43 +01:00
# Avoid duplicate pipelines
# See: https://docs.gitlab.com/ee/ci/yaml/workflow.html#switch-between-branch-pipelines-and-merge-request-pipelines
workflow :
rules :
- if : $CI_PIPELINE_SOURCE == "merge_request_event"
- if : $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS
when : never
- if : $CI
2024-01-21 03:58:57 +01:00
before_script :
2024-03-06 03:42:17 +01:00
# Enable nix-command and flakes
- if command -v nix > /dev/null; then echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf; fi
# Add conduwuit binary cache
- if command -v nix > /dev/null; then echo "extra-substituters = https://attic.kennel.juneis.dog/conduwuit" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null; then echo "extra-trusted-public-keys = conduwuit:lYPVh7o1hLu1idH4Xt2QHaRa49WRGSAqzcfFd94aOTw=" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null; then echo "extra-substituters = https://attic.kennel.juneis.dog/conduit" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null; then echo "extra-trusted-public-keys = conduit:Isq8FGyEC6FOXH6nD+BOeAA+bKp6X6UIbupSlGEPuOg=" >> /etc/nix/nix.conf; fi
# Add upstream Conduit binary cache
- if command -v nix > /dev/null; then echo "extra-substituters = https://nix.computer.surgery/conduit" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null; then echo "extra-trusted-public-keys = conduit:ZGAf6P6LhNvnoJJ3Me3PRg7tlLSrPxcQ2RiE5LIppjo=" >> /etc/nix/nix.conf; fi
# Add alternate binary cache
- if command -v nix > /dev/null && [ -n "$ATTIC_ENDPOINT" ]; then echo "extra-substituters = $ATTIC_ENDPOINT" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null && [ -n "$ATTIC_PUBLIC_KEY" ]; then echo "extra-trusted-public-keys = $ATTIC_PUBLIC_KEY" >> /etc/nix/nix.conf; fi
# Add crane binary cache
- if command -v nix > /dev/null; then echo "extra-substituters = https://crane.cachix.org" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null; then echo "extra-trusted-public-keys = crane.cachix.org-1:8Scfpmn9w+hGdXH/Q9tTLiYAE/2dnJYRJP7kl80GuRk=" >> /etc/nix/nix.conf; fi
# Add nix-community binary cache
- if command -v nix > /dev/null; then echo "extra-substituters = https://nix-community.cachix.org" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null; then echo "extra-trusted-public-keys = nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" >> /etc/nix/nix.conf; fi
2024-01-21 03:58:57 +01:00
# Install direnv and nix-direnv
2024-03-06 03:42:17 +01:00
- if command -v nix > /dev/null; then nix-env -iA nixpkgs.direnv nixpkgs.nix-direnv; fi
2022-02-15 11:17:32 +01:00
2024-01-21 03:58:57 +01:00
# Allow .envrc
- if command -v nix > /dev/null; then direnv allow; fi
2022-02-15 11:17:32 +01:00
2024-01-21 03:58:57 +01:00
# Set CARGO_HOME to a cacheable path
- export CARGO_HOME="$(git rev-parse --show-toplevel)/.gitlab-ci.d/cargo"
2023-06-26 22:06:17 +02:00
2024-01-21 03:58:57 +01:00
ci :
stage : ci
2024-03-13 03:22:28 +01:00
image : nixos/nix:2.21.0
2022-10-29 14:32:22 +02:00
script :
2024-03-06 03:42:17 +01:00
# Cache the inputs required for the devShell
- ./bin/nix-build-and-cache .#devShells.x86_64-linux.default.inputDerivation
2024-01-21 03:58:57 +01:00
- direnv exec . engage
cache :
key : nix
paths :
- target
- .gitlab-ci.d
2024-03-08 05:40:42 +01:00
rules :
# CI on upstream runners (only available for maintainers)
- if : $CI_PIPELINE_SOURCE == "merge_request_event" && $IS_UPSTREAM_CI == "true"
2024-03-13 04:46:43 +01:00
# Manual CI on unprotected branches that are not MRs
- if : $CI_PIPELINE_SOURCE != "merge_request_event" && $CI_COMMIT_REF_PROTECTED == "false"
when : manual
2024-03-08 05:40:42 +01:00
# Manual CI on forks
- if : $IS_UPSTREAM_CI != "true"
when : manual
- if : $CI
2024-03-13 04:46:43 +01:00
interruptible : true
2022-02-18 22:29:55 +01:00
2024-03-06 03:42:17 +01:00
artifacts :
2024-01-26 05:39:59 +01:00
stage : artifacts
2024-03-13 03:22:28 +01:00
image : nixos/nix:2.21.0
2024-01-26 05:39:59 +01:00
script :
- ./bin/nix-build-and-cache .#static-x86_64-unknown-linux-musl
2024-03-06 03:42:17 +01:00
- cp result/bin/conduit x86_64-unknown-linux-musl
2024-01-26 05:39:59 +01:00
2024-03-06 03:42:17 +01:00
- mkdir -p target/release
- cp result/bin/conduit target/release
- direnv exec . cargo deb --no-build
- mv target/debian/*.deb x86_64-unknown-linux-musl.deb
2024-01-26 05:39:59 +01:00
# Since the OCI image package is based on the binary package, this has the
# fun side effect of uploading the normal binary too. Conduit users who are
# deploying with Nix can leverage this fact by adding our binary cache to
# their systems.
2024-03-06 03:42:17 +01:00
#
# Note that although we have an `oci-image-x86_64-unknown-linux-musl`
# output, we don't build it because it would be largely redundant to this
# one since it's all containerized anyway.
2024-01-26 05:39:59 +01:00
- ./bin/nix-build-and-cache .#oci-image
2024-01-31 01:51:41 +01:00
- cp result oci-image-amd64.tar.gz
2024-01-26 05:39:59 +01:00
2024-03-06 03:42:17 +01:00
- ./bin/nix-build-and-cache .#static-aarch64-unknown-linux-musl
- cp result/bin/conduit aarch64-unknown-linux-musl
2022-06-23 00:14:53 +02:00
2024-03-06 03:42:17 +01:00
- ./bin/nix-build-and-cache .#oci-image-aarch64-unknown-linux-musl
2024-01-31 01:51:41 +01:00
- cp result oci-image-arm64v8.tar.gz
2024-03-17 23:06:10 +01:00
- ./bin/nix-build-and-cache .#book
# We can't just copy the symlink, we need to dereference it https://gitlab.com/gitlab-org/gitlab/-/issues/19746
- cp -r --dereference result public
2022-06-23 00:14:53 +02:00
artifacts :
2024-01-21 03:58:57 +01:00
paths :
2024-03-06 03:42:17 +01:00
- x86_64-unknown-linux-musl
- aarch64-unknown-linux-musl
- x86_64-unknown-linux-musl.deb
- oci-image-amd64.tar.gz
2024-01-31 01:51:41 +01:00
- oci-image-arm64v8.tar.gz
2024-03-17 23:17:46 +01:00
- public
2024-03-08 05:40:42 +01:00
rules :
# CI required for all MRs
- if : $CI_PIPELINE_SOURCE == "merge_request_event"
# Optional CI on forks
- if : $IS_UPSTREAM_CI != "true"
when : manual
allow_failure : true
- if : $CI
2024-03-13 04:46:43 +01:00
interruptible : true
2021-08-13 17:20:40 +02:00
2024-03-06 03:42:17 +01:00
.push-oci-image :
2024-01-31 01:51:41 +01:00
stage : publish
2024-03-20 05:03:36 +01:00
image : docker:25.0.5
2024-01-31 01:51:41 +01:00
services :
2024-03-20 05:03:36 +01:00
- docker:25.0.5-dind
2024-01-31 01:51:41 +01:00
variables :
IMAGE_SUFFIX_AMD64 : amd64
IMAGE_SUFFIX_ARM64V8 : arm64v8
script :
- docker load -i oci-image-amd64.tar.gz
2024-02-15 00:13:08 +01:00
- IMAGE_ID_AMD64=$(docker images -q conduit:main)
2024-01-31 01:51:41 +01:00
- docker load -i oci-image-arm64v8.tar.gz
2024-02-15 00:13:08 +01:00
- IMAGE_ID_ARM64V8=$(docker images -q conduit:main)
2024-01-31 01:51:41 +01:00
# Tag and push the architecture specific images
- docker tag $IMAGE_ID_AMD64 $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_AMD64
- docker tag $IMAGE_ID_ARM64V8 $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_ARM64V8
- docker push $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_AMD64
- docker push $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_ARM64V8
# Tag the multi-arch image
- docker manifest create $IMAGE_NAME:$CI_COMMIT_SHA --amend $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_AMD64 --amend $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_ARM64V8
- docker manifest push $IMAGE_NAME:$CI_COMMIT_SHA
# Tag and push the git ref
- docker manifest create $IMAGE_NAME:$CI_COMMIT_REF_NAME --amend $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_AMD64 --amend $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_ARM64V8
- docker manifest push $IMAGE_NAME:$CI_COMMIT_REF_NAME
# Tag git tags as 'latest'
- |
if [[ -n "$CI_COMMIT_TAG" ]]; then
docker manifest create $IMAGE_NAME:latest --amend $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_AMD64 --amend $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_ARM64V8
docker manifest push $IMAGE_NAME:latest
fi
dependencies :
2024-03-06 03:42:17 +01:00
- artifacts
2024-01-31 01:51:41 +01:00
only :
2024-02-15 00:13:08 +01:00
- main
2024-01-31 01:51:41 +01:00
- tags
2024-03-06 03:42:17 +01:00
oci-image:push-gitlab :
extends : .push-oci-image
variables :
IMAGE_NAME : $CI_REGISTRY_IMAGE/conduwuit
before_script :
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
2024-03-17 23:06:10 +01:00
pages :
stage : publish
dependencies :
- artifacts
only :
- next
script :
- "true"
artifacts :
paths :
- public