From 8a185125754aa89890eb1746c748138a6eb7c2ab Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 16 Aug 2017 13:56:27 +0200 Subject: [PATCH 1/4] gitlab-ci: init --- .gitlab-ci.yml | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 .gitlab-ci.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 000000000..e6ee187cb --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,4 @@ +nix-shell test: + script: + - nix-shell --pure --command 'true' -p stdenv && echo success + - nix-shell --pure --command 'false' -p stdenv || echo success From d608f17c4c87db745878160bbe22d4c8a806ac2a Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 16 Aug 2017 15:09:38 +0200 Subject: [PATCH 2/4] gitlab-runner-shackspace: init --- krebs/1systems/hotdog/config.nix | 1 + krebs/2configs/gitlab-runner-shackspace.nix | 33 +++++++++++++++++++ .../secrets/shackspace-gitlab-ci-token.nix | 1 + 3 files changed, 35 insertions(+) create mode 100644 krebs/2configs/gitlab-runner-shackspace.nix create mode 100644 krebs/6tests/data/secrets/shackspace-gitlab-ci-token.nix diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix index 4807307ff..2ad22f49c 100644 --- a/krebs/1systems/hotdog/config.nix +++ b/krebs/1systems/hotdog/config.nix @@ -10,6 +10,7 @@ + ]; diff --git a/krebs/2configs/gitlab-runner-shackspace.nix b/krebs/2configs/gitlab-runner-shackspace.nix new file mode 100644 index 000000000..7794f1dd2 --- /dev/null +++ b/krebs/2configs/gitlab-runner-shackspace.nix @@ -0,0 +1,33 @@ +{ config, ... }: +let + url = "https://git.shackspace.de/"; + # generate token from CI-token via: + ## gitlab-runner register + ## cat /etc/gitlab-runner/config.toml + token = import ; +in { + systemd.services.gitlab-runner.path = [ + "/run/wrappers" # /run/wrappers/bin/su + "/" # /bin/sh + ]; + virtualisation.docker.enable = true; + services.gitlab-runner = { + enable = true; + # configFile, configOptions and gracefulTimeout not yet in stable + # gracefulTimeout = "120min"; + configText = '' + concurrent = 1 + check_interval = 0 + + [[runners]] + name = "krebs-shell" + url = "${url}" + token = "${token}" + executor = "shell" + shell = "sh" + environment = ["PATH=/bin:/run/wrappers/bin:/etc/per-user/gitlab-runner/bin:/etc/per-user-pkgs/gitlab-runner/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin"] + [runners.cache] + + ''; + }; +} diff --git a/krebs/6tests/data/secrets/shackspace-gitlab-ci-token.nix b/krebs/6tests/data/secrets/shackspace-gitlab-ci-token.nix new file mode 100644 index 000000000..963e6db8b --- /dev/null +++ b/krebs/6tests/data/secrets/shackspace-gitlab-ci-token.nix @@ -0,0 +1 @@ +"lol" From dc6fd2531f30c5850a9b8a44bcce0a5f2ef67ea4 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 16 Aug 2017 15:10:06 +0200 Subject: [PATCH 3/4] gitlab-ci: test env --- .gitlab-ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index e6ee187cb..3f2f28d65 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,4 +1,5 @@ nix-shell test: script: + - env - nix-shell --pure --command 'true' -p stdenv && echo success - nix-shell --pure --command 'false' -p stdenv || echo success From 1623c03f12ce175d934e5b2b0d9577e1eeaf1abe Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 16 Aug 2017 15:20:37 +0200 Subject: [PATCH 4/4] gitlab-runner: use PrivateTmp to avoid clash with buildbot --- krebs/2configs/gitlab-runner-shackspace.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/krebs/2configs/gitlab-runner-shackspace.nix b/krebs/2configs/gitlab-runner-shackspace.nix index 7794f1dd2..d9b4cd589 100644 --- a/krebs/2configs/gitlab-runner-shackspace.nix +++ b/krebs/2configs/gitlab-runner-shackspace.nix @@ -10,6 +10,7 @@ in { "/run/wrappers" # /run/wrappers/bin/su "/" # /bin/sh ]; + systemd.services.gitlab-runner.serviceConfig.PrivateTmp = true; virtualisation.docker.enable = true; services.gitlab-runner = { enable = true;