2018-08-16 23:51:28 +02:00
|
|
|
before_script:
|
2019-07-07 14:02:04 +02:00
|
|
|
- nix-env -iA nixpkgs.openssh nixpkgs.gnupg nixpkgs.curl nixpkgs.git nixpkgs.pass || true
|
2019-07-07 10:31:19 +02:00
|
|
|
# prepare github deployment for NUR
|
|
|
|
- mkdir -p ~/.ssh
|
|
|
|
- echo "$github_deploy_privkey" > ~/.ssh/github_deploy.key
|
|
|
|
- chmod 600 ~/.ssh/github_deploy.key
|
|
|
|
- ssh-keyscan -H 'github.com' >> ~/.ssh/known_hosts
|
|
|
|
# prepare git fetching of secrets
|
2019-07-07 13:45:53 +02:00
|
|
|
- echo "$gitlab_deploy_privkey" > ~/.ssh/gitlab_deploy.key
|
|
|
|
- chmod 600 ~/.ssh/gitlab_deploy.key
|
2020-03-18 19:54:41 +01:00
|
|
|
- echo "$ssh_git_shackspace_serverkey" >> ~/.ssh/known_hosts
|
2019-07-07 10:31:19 +02:00
|
|
|
# import secret key for secrets
|
2020-08-12 20:45:32 +02:00
|
|
|
- which gpg
|
|
|
|
- which gpg2
|
2019-07-07 10:31:19 +02:00
|
|
|
- echo "$secrets_gpg_key" | gpg --import
|
2019-11-25 12:32:12 +01:00
|
|
|
deployment test:
|
2020-08-12 23:10:48 +02:00
|
|
|
tags:
|
|
|
|
- nix
|
2019-07-07 10:31:19 +02:00
|
|
|
stage: test
|
|
|
|
script:
|
|
|
|
- GIT_SSH_COMMAND="ssh -i ~/.ssh/gitlab_deploy.key" git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain
|
|
|
|
- test $(PASSWORD_STORE_DIR=~/brain pass smoke) == 1337
|
2019-07-07 21:04:11 +02:00
|
|
|
- git submodule update --init
|
2019-07-07 19:33:17 +02:00
|
|
|
- $(nix-build krebs/krops.nix --no-out-link --argstr name wolf --argstr target /tmp -A test)
|
2019-11-25 12:32:12 +01:00
|
|
|
- $(nix-build krebs/krops.nix --no-out-link --argstr name puyak --argstr target /tmp -A test)
|
2017-08-16 13:56:27 +02:00
|
|
|
nix-shell test:
|
2019-07-07 10:31:19 +02:00
|
|
|
stage: test
|
2020-08-12 23:10:48 +02:00
|
|
|
tags:
|
|
|
|
- nix
|
2017-08-16 13:56:27 +02:00
|
|
|
script:
|
|
|
|
- nix-shell --pure --command 'true' -p stdenv && echo success
|
|
|
|
- nix-shell --pure --command 'false' -p stdenv || echo success
|
2019-07-07 10:31:19 +02:00
|
|
|
- git --version
|
|
|
|
- ssh -V
|
|
|
|
- gpg --version
|
|
|
|
- curl --version
|
2019-07-07 19:27:16 +02:00
|
|
|
wolf deployment:
|
2020-08-12 23:10:48 +02:00
|
|
|
tags:
|
|
|
|
- shacklan
|
|
|
|
- nix
|
2019-07-07 19:27:16 +02:00
|
|
|
stage: deploy
|
|
|
|
script:
|
2019-07-08 00:58:38 +02:00
|
|
|
- cp ~/.ssh/gitlab_deploy.key ~/.ssh/id_rsa
|
|
|
|
- git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain
|
2019-07-07 21:04:11 +02:00
|
|
|
- git submodule update --init
|
2019-07-08 00:55:47 +02:00
|
|
|
- ssh-keyscan -H 'wolf.shack' >> ~/.ssh/known_hosts
|
|
|
|
- $(nix-build krebs/krops.nix --no-out-link --argstr name wolf --argstr target wolf.shack -A deploy)
|
2019-07-08 11:53:46 +02:00
|
|
|
only:
|
|
|
|
changes:
|
|
|
|
- .gitlab-ci.yml
|
|
|
|
- krebs/**/*
|
|
|
|
- lib/**/*
|
|
|
|
- .gitmodules
|
2019-11-25 12:32:12 +01:00
|
|
|
puyak deployment:
|
|
|
|
stage: deploy
|
2020-08-12 23:10:48 +02:00
|
|
|
tags:
|
|
|
|
- shacklan
|
|
|
|
- nix
|
2019-11-25 12:32:12 +01:00
|
|
|
script:
|
|
|
|
- cp ~/.ssh/gitlab_deploy.key ~/.ssh/id_rsa
|
|
|
|
- git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain
|
|
|
|
- git submodule update --init
|
|
|
|
- ssh-keyscan -H 'puyak.shack' >> ~/.ssh/known_hosts
|
|
|
|
- $(nix-build krebs/krops.nix --no-out-link --argstr name puyak --argstr target puyak.shack -A deploy)
|
|
|
|
only:
|
|
|
|
changes:
|
|
|
|
- .gitlab-ci.yml
|
|
|
|
- krebs/**/*
|
|
|
|
- lib/**/*
|
|
|
|
- .gitmodules
|
2018-08-16 23:51:28 +02:00
|
|
|
nur-packages makefu:
|
2019-07-07 10:31:19 +02:00
|
|
|
stage: deploy
|
2020-08-12 23:10:48 +02:00
|
|
|
tags:
|
|
|
|
- nix
|
2018-08-16 23:51:28 +02:00
|
|
|
script:
|
|
|
|
- git reset --hard origin/master
|
|
|
|
- git filter-branch -f --prune-empty --subdirectory-filter makefu/5pkgs HEAD
|
|
|
|
- git remote add deploy git@github.com:makefu/nur-packages.git || git remote set-url deploy git@github.com:makefu/nur-packages.git
|
2019-07-07 10:31:19 +02:00
|
|
|
- GIT_SSH_COMMAND="ssh -i ~/.ssh/github_deploy.key" git push --force deploy HEAD:master
|
2019-04-04 09:14:03 +02:00
|
|
|
- curl -XPOST http://nur-update.herokuapp.com/update?repo=makefu
|
2019-07-08 11:53:46 +02:00
|
|
|
only:
|
|
|
|
changes:
|
|
|
|
- makefu/**/*
|
2018-08-17 00:20:50 +02:00
|
|
|
after_script:
|
2019-07-07 10:31:19 +02:00
|
|
|
- rm -rf .ssh/
|