diff options
Diffstat (limited to '.gitlab-ci.yml')
| -rw-r--r-- | .gitlab-ci.yml | 34 |
1 files changed, 31 insertions, 3 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index fb273c93..76a304af 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -8,18 +8,25 @@ before_script: # prepare git fetching of secrets - echo "$gitlab_deploy_privkey" > ~/.ssh/gitlab_deploy.key - chmod 600 ~/.ssh/gitlab_deploy.key - - ssh-keyscan -H 'ssh.git.shackspace.de' >> ~/.ssh/known_hosts + - echo "$ssh_git_shackspace_serverkey" >> ~/.ssh/known_hosts # import secret key for secrets + - which gpg + - which gpg2 - echo "$secrets_gpg_key" | gpg --import -wolf deployment test: +deployment test: + tags: + - nix stage: test script: - GIT_SSH_COMMAND="ssh -i ~/.ssh/gitlab_deploy.key" git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain - test $(PASSWORD_STORE_DIR=~/brain pass smoke) == 1337 - git submodule update --init - $(nix-build krebs/krops.nix --no-out-link --argstr name wolf --argstr target /tmp -A test) + - $(nix-build krebs/krops.nix --no-out-link --argstr name puyak --argstr target /tmp -A test) nix-shell test: stage: test + tags: + - nix script: - nix-shell --pure --command 'true' -p stdenv && echo success - nix-shell --pure --command 'false' -p stdenv || echo success @@ -28,13 +35,15 @@ nix-shell test: - gpg --version - curl --version wolf deployment: + tags: + - shacklan + - nix stage: deploy script: - cp ~/.ssh/gitlab_deploy.key ~/.ssh/id_rsa - git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain - git submodule update --init - ssh-keyscan -H 'wolf.shack' >> ~/.ssh/known_hosts - # TODO, hostname wolf cannot be resolved - $(nix-build krebs/krops.nix --no-out-link --argstr name wolf --argstr target wolf.shack -A deploy) only: changes: @@ -42,8 +51,27 @@ wolf deployment: - krebs/**/* - lib/**/* - .gitmodules +puyak deployment: + stage: deploy + tags: + - shacklan + - nix + script: + - cp ~/.ssh/gitlab_deploy.key ~/.ssh/id_rsa + - git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain + - git submodule update --init + - ssh-keyscan -H 'puyak.shack' >> ~/.ssh/known_hosts + - $(nix-build krebs/krops.nix --no-out-link --argstr name puyak --argstr target puyak.shack -A deploy) + only: + changes: + - .gitlab-ci.yml + - krebs/**/* + - lib/**/* + - .gitmodules nur-packages makefu: stage: deploy + tags: + - nix script: - git reset --hard origin/master - git filter-branch -f --prune-empty --subdirectory-filter makefu/5pkgs HEAD |