2018-08-16 21:51:28 +00:00
|
|
|
before_script:
|
2019-07-07 12:02:04 +00:00
|
|
|
- nix-env -iA nixpkgs.openssh nixpkgs.gnupg nixpkgs.curl nixpkgs.git nixpkgs.pass || true
|
2019-07-07 08:31:19 +00:00
|
|
|
# prepare github deployment for NUR
|
|
|
|
|
- mkdir -p ~/.ssh
|
|
|
|
|
- echo "$github_deploy_privkey" > ~/.ssh/github_deploy.key
|
|
|
|
|
- chmod 600 ~/.ssh/github_deploy.key
|
|
|
|
|
- ssh-keyscan -H 'github.com' >> ~/.ssh/known_hosts
|
|
|
|
|
# prepare git fetching of secrets
|
2019-07-07 11:45:53 +00:00
|
|
|
- echo "$gitlab_deploy_privkey" > ~/.ssh/gitlab_deploy.key
|
|
|
|
|
- chmod 600 ~/.ssh/gitlab_deploy.key
|
2019-07-07 11:49:18 +00:00
|
|
|
- ssh-keyscan -H 'ssh.git.shackspace.de' >> ~/.ssh/known_hosts
|
2019-07-07 08:31:19 +00:00
|
|
|
# import secret key for secrets
|
|
|
|
|
- echo "$secrets_gpg_key" | gpg --import
|
2019-11-25 11:32:12 +00:00
|
|
|
deployment test:
|
2019-07-07 08:31:19 +00:00
|
|
|
stage: test
|
|
|
|
|
script:
|
|
|
|
|
- GIT_SSH_COMMAND="ssh -i ~/.ssh/gitlab_deploy.key" git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain
|
|
|
|
|
- test $(PASSWORD_STORE_DIR=~/brain pass smoke) == 1337
|
2019-07-07 19:04:11 +00:00
|
|
|
- git submodule update --init
|
2019-07-07 17:33:17 +00:00
|
|
|
- $(nix-build krebs/krops.nix --no-out-link --argstr name wolf --argstr target /tmp -A test)
|
2019-11-25 11:32:12 +00:00
|
|
|
- $(nix-build krebs/krops.nix --no-out-link --argstr name puyak --argstr target /tmp -A test)
|
2017-08-16 11:56:27 +00:00
|
|
|
nix-shell test:
|
2019-07-07 08:31:19 +00:00
|
|
|
stage: test
|
2017-08-16 11:56:27 +00:00
|
|
|
script:
|
|
|
|
|
- nix-shell --pure --command 'true' -p stdenv && echo success
|
|
|
|
|
- nix-shell --pure --command 'false' -p stdenv || echo success
|
2019-07-07 08:31:19 +00:00
|
|
|
- git --version
|
|
|
|
|
- ssh -V
|
|
|
|
|
- gpg --version
|
|
|
|
|
- curl --version
|
2019-07-07 17:27:16 +00:00
|
|
|
wolf deployment:
|
|
|
|
|
stage: deploy
|
|
|
|
|
script:
|
2019-07-07 22:58:38 +00:00
|
|
|
- cp ~/.ssh/gitlab_deploy.key ~/.ssh/id_rsa
|
|
|
|
|
- git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain
|
2019-07-07 19:04:11 +00:00
|
|
|
- git submodule update --init
|
2019-07-07 22:55:47 +00:00
|
|
|
- ssh-keyscan -H 'wolf.shack' >> ~/.ssh/known_hosts
|
|
|
|
|
- $(nix-build krebs/krops.nix --no-out-link --argstr name wolf --argstr target wolf.shack -A deploy)
|
2019-07-08 09:53:46 +00:00
|
|
|
only:
|
|
|
|
|
changes:
|
|
|
|
|
- .gitlab-ci.yml
|
|
|
|
|
- krebs/**/*
|
|
|
|
|
- lib/**/*
|
|
|
|
|
- .gitmodules
|
2019-11-25 11:32:12 +00:00
|
|
|
puyak deployment:
|
|
|
|
|
stage: deploy
|
|
|
|
|
script:
|
|
|
|
|
- cp ~/.ssh/gitlab_deploy.key ~/.ssh/id_rsa
|
|
|
|
|
- git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain
|
|
|
|
|
- git submodule update --init
|
|
|
|
|
- ssh-keyscan -H 'puyak.shack' >> ~/.ssh/known_hosts
|
|
|
|
|
- $(nix-build krebs/krops.nix --no-out-link --argstr name puyak --argstr target puyak.shack -A deploy)
|
|
|
|
|
only:
|
|
|
|
|
changes:
|
|
|
|
|
- .gitlab-ci.yml
|
|
|
|
|
- krebs/**/*
|
|
|
|
|
- lib/**/*
|
|
|
|
|
- .gitmodules
|
2018-08-16 21:51:28 +00:00
|
|
|
nur-packages makefu:
|
2019-07-07 08:31:19 +00:00
|
|
|
stage: deploy
|
2018-08-16 21:51:28 +00:00
|
|
|
script:
|
|
|
|
|
- git reset --hard origin/master
|
|
|
|
|
- git filter-branch -f --prune-empty --subdirectory-filter makefu/5pkgs HEAD
|
|
|
|
|
- git remote add deploy git@github.com:makefu/nur-packages.git || git remote set-url deploy git@github.com:makefu/nur-packages.git
|
2019-07-07 08:31:19 +00:00
|
|
|
- GIT_SSH_COMMAND="ssh -i ~/.ssh/github_deploy.key" git push --force deploy HEAD:master
|
2019-04-04 07:14:03 +00:00
|
|
|
- curl -XPOST http://nur-update.herokuapp.com/update?repo=makefu
|
2019-07-08 09:53:46 +00:00
|
|
|
only:
|
|
|
|
|
changes:
|
|
|
|
|
- makefu/**/*
|
2018-08-16 22:20:50 +00:00
|
|
|
after_script:
|
2019-07-07 08:31:19 +00:00
|
|
|
- rm -rf .ssh/
|
