From d6c59731dd979bf4b5e20d85ab518e98b8d8c8ed Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 7 Jul 2019 10:31:19 +0200 Subject: gitlab-ci: use docker builder --- .gitlab-ci.yml | 31 +++++++++++++++++++++++-------- 1 file changed, 23 insertions(+), 8 deletions(-) (limited to '.gitlab-ci.yml') diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 6d2f1506..f6f59f0e 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,20 +1,35 @@ before_script: - - mkdir -p ~/.ssh - - echo "$deploy_privkey" > deploy.key - - export GIT_SSH_COMMAND="ssh -i $PWD/deploy.key" - - chmod 600 deploy.key - - ssh-keyscan -H 'github.com' >> ~/.ssh/known_hosts + - nix-env -iA nixpkgs.openssh nixpkgs.gnupg nixpkgs.curl nixpkgs.git || true + # prepare github deployment for NUR + - mkdir -p ~/.ssh + - echo "$github_deploy_privkey" > ~/.ssh/github_deploy.key + - chmod 600 ~/.ssh/github_deploy.key + - ssh-keyscan -H 'github.com' >> ~/.ssh/known_hosts + # prepare git fetching of secrets + - ssh-keyscan -H 'git.shackspace.de' >> ~/.ssh/known_hosts + # import secret key for secrets + - echo "$secrets_gpg_key" | gpg --import +wolf deployment test: + stage: test + script: + - GIT_SSH_COMMAND="ssh -i ~/.ssh/gitlab_deploy.key" git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain + - test $(PASSWORD_STORE_DIR=~/brain pass smoke) == 1337 nix-shell test: + stage: test script: - - env - nix-shell --pure --command 'true' -p stdenv && echo success - nix-shell --pure --command 'false' -p stdenv || echo success + - git --version + - ssh -V + - gpg --version + - curl --version nur-packages makefu: + stage: deploy script: - git reset --hard origin/master - git filter-branch -f --prune-empty --subdirectory-filter makefu/5pkgs HEAD - git remote add deploy git@github.com:makefu/nur-packages.git || git remote set-url deploy git@github.com:makefu/nur-packages.git - - git push --force deploy HEAD:master + - GIT_SSH_COMMAND="ssh -i ~/.ssh/github_deploy.key" git push --force deploy HEAD:master - curl -XPOST http://nur-update.herokuapp.com/update?repo=makefu after_script: - - rm -f deploy.key + - rm -rf .ssh/ -- cgit v1.2.3 From 0caf7f5b4f93518f874603fc433a9a681fb8b46d Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 7 Jul 2019 13:45:53 +0200 Subject: gitlab-ci: add gitlab_deploy key --- .gitlab-ci.yml | 2 ++ 1 file changed, 2 insertions(+) (limited to '.gitlab-ci.yml') diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index f6f59f0e..acbfd3be 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -6,6 +6,8 @@ before_script: - chmod 600 ~/.ssh/github_deploy.key - ssh-keyscan -H 'github.com' >> ~/.ssh/known_hosts # prepare git fetching of secrets + - echo "$gitlab_deploy_privkey" > ~/.ssh/gitlab_deploy.key + - chmod 600 ~/.ssh/gitlab_deploy.key - ssh-keyscan -H 'git.shackspace.de' >> ~/.ssh/known_hosts # import secret key for secrets - echo "$secrets_gpg_key" | gpg --import -- cgit v1.2.3 From 29c8f7eeba7ab1ae5923bde74f6261d04cd16c6f Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 7 Jul 2019 13:49:18 +0200 Subject: gitlab-ci: key-scan the correct host --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to '.gitlab-ci.yml') diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index acbfd3be..308304c7 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -8,7 +8,7 @@ before_script: # prepare git fetching of secrets - echo "$gitlab_deploy_privkey" > ~/.ssh/gitlab_deploy.key - chmod 600 ~/.ssh/gitlab_deploy.key - - ssh-keyscan -H 'git.shackspace.de' >> ~/.ssh/known_hosts + - ssh-keyscan -H 'ssh.git.shackspace.de' >> ~/.ssh/known_hosts # import secret key for secrets - echo "$secrets_gpg_key" | gpg --import wolf deployment test: -- cgit v1.2.3 From 200d46e0e9e2bf420e046212a9b9f2f144e6ac4b Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 7 Jul 2019 14:02:04 +0200 Subject: gitlab-ci: add pass as dependency --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to '.gitlab-ci.yml') diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 308304c7..f099c53d 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,5 +1,5 @@ before_script: - - nix-env -iA nixpkgs.openssh nixpkgs.gnupg nixpkgs.curl nixpkgs.git || true + - nix-env -iA nixpkgs.openssh nixpkgs.gnupg nixpkgs.curl nixpkgs.git nixpkgs.pass || true # prepare github deployment for NUR - mkdir -p ~/.ssh - echo "$github_deploy_privkey" > ~/.ssh/github_deploy.key -- cgit v1.2.3 From 73b327e58832a92fa42d575a73a7e44085a7e5f9 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 7 Jul 2019 19:27:16 +0200 Subject: gitlab-ci: test and deploy wolf --- .gitlab-ci.yml | 6 ++++++ 1 file changed, 6 insertions(+) (limited to '.gitlab-ci.yml') diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index f099c53d..dc7c5bb7 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -16,6 +16,7 @@ wolf deployment test: script: - GIT_SSH_COMMAND="ssh -i ~/.ssh/gitlab_deploy.key" git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain - test $(PASSWORD_STORE_DIR=~/brain pass smoke) == 1337 + - $(nix-build ~/stockholm/krebs/krops.nix --no-out-link --argstr name wolf --argstr target /tmp -A test) nix-shell test: stage: test script: @@ -25,6 +26,11 @@ nix-shell test: - ssh -V - gpg --version - curl --version +wolf deployment: + stage: deploy + script: + - GIT_SSH_COMMAND="ssh -i ~/.ssh/gitlab_deploy.key" git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain + - $(nix-build krebs/krops.nix --no-out-link --argstr name wolf -A deploy) nur-packages makefu: stage: deploy script: -- cgit v1.2.3 From a4aafafd717a9437766486490a5ce6d4cdd86c16 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 7 Jul 2019 19:33:17 +0200 Subject: gitlab-ci: use correct directory for test --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to '.gitlab-ci.yml') diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index dc7c5bb7..b1f62789 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -16,7 +16,7 @@ wolf deployment test: script: - GIT_SSH_COMMAND="ssh -i ~/.ssh/gitlab_deploy.key" git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain - test $(PASSWORD_STORE_DIR=~/brain pass smoke) == 1337 - - $(nix-build ~/stockholm/krebs/krops.nix --no-out-link --argstr name wolf --argstr target /tmp -A test) + - $(nix-build krebs/krops.nix --no-out-link --argstr name wolf --argstr target /tmp -A test) nix-shell test: stage: test script: -- cgit v1.2.3 From 497eecef31c9e41848c4bb5a0c80ca7308607846 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 7 Jul 2019 21:04:11 +0200 Subject: gitlab-ci: add git submodule checkout --- .gitlab-ci.yml | 2 ++ 1 file changed, 2 insertions(+) (limited to '.gitlab-ci.yml') diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b1f62789..6afbfe08 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -16,6 +16,7 @@ wolf deployment test: script: - GIT_SSH_COMMAND="ssh -i ~/.ssh/gitlab_deploy.key" git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain - test $(PASSWORD_STORE_DIR=~/brain pass smoke) == 1337 + - git submodule update --init - $(nix-build krebs/krops.nix --no-out-link --argstr name wolf --argstr target /tmp -A test) nix-shell test: stage: test @@ -30,6 +31,7 @@ wolf deployment: stage: deploy script: - GIT_SSH_COMMAND="ssh -i ~/.ssh/gitlab_deploy.key" git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain + - git submodule update --init - $(nix-build krebs/krops.nix --no-out-link --argstr name wolf -A deploy) nur-packages makefu: stage: deploy -- cgit v1.2.3 From f4ec0418f2ed9a513a9056af8f7458d760760a44 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 8 Jul 2019 00:55:47 +0200 Subject: gitlab-ci: use wolf.shack as target --- .gitlab-ci.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to '.gitlab-ci.yml') diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 6afbfe08..f893331b 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -32,7 +32,9 @@ wolf deployment: script: - GIT_SSH_COMMAND="ssh -i ~/.ssh/gitlab_deploy.key" git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain - git submodule update --init - - $(nix-build krebs/krops.nix --no-out-link --argstr name wolf -A deploy) + - ssh-keyscan -H 'wolf.shack' >> ~/.ssh/known_hosts + # TODO, hostname wolf cannot be resolved + - $(nix-build krebs/krops.nix --no-out-link --argstr name wolf --argstr target wolf.shack -A deploy) nur-packages makefu: stage: deploy script: -- cgit v1.2.3 From 7ca133e90b565e0cd97fe447b3bd4872d11a22a8 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 8 Jul 2019 00:58:38 +0200 Subject: shack/gitlab-runner: do not restart service on change --- .gitlab-ci.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to '.gitlab-ci.yml') diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index f893331b..b5e92d08 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -30,9 +30,12 @@ nix-shell test: wolf deployment: stage: deploy script: - - GIT_SSH_COMMAND="ssh -i ~/.ssh/gitlab_deploy.key" git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain + - cp ~/.ssh/gitlab_deploy.key ~/.ssh/id_rsa + - git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain - git submodule update --init - ssh-keyscan -H 'wolf.shack' >> ~/.ssh/known_hosts + - ssh-keyscan -H 'wolf' >> ~/.ssh/known_hosts + - ssh wolf uname -a # TODO, hostname wolf cannot be resolved - $(nix-build krebs/krops.nix --no-out-link --argstr name wolf --argstr target wolf.shack -A deploy) nur-packages makefu: -- cgit v1.2.3 From 172f53379283914542b794e7c917197e8ce017b3 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 8 Jul 2019 01:18:52 +0200 Subject: gitlab-ci: remove test code --- .gitlab-ci.yml | 2 -- 1 file changed, 2 deletions(-) (limited to '.gitlab-ci.yml') diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b5e92d08..bd0b32ed 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -34,8 +34,6 @@ wolf deployment: - git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain - git submodule update --init - ssh-keyscan -H 'wolf.shack' >> ~/.ssh/known_hosts - - ssh-keyscan -H 'wolf' >> ~/.ssh/known_hosts - - ssh wolf uname -a # TODO, hostname wolf cannot be resolved - $(nix-build krebs/krops.nix --no-out-link --argstr name wolf --argstr target wolf.shack -A deploy) nur-packages makefu: -- cgit v1.2.3 From 1c3286eca34c67d5411bcedb666cb2aa62c9ae9e Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 8 Jul 2019 11:53:46 +0200 Subject: gitlab-ci: only run deploy on changes in krebs --- .gitlab-ci.yml | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to '.gitlab-ci.yml') diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index bd0b32ed..fb273c93 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -36,6 +36,12 @@ wolf deployment: - ssh-keyscan -H 'wolf.shack' >> ~/.ssh/known_hosts # TODO, hostname wolf cannot be resolved - $(nix-build krebs/krops.nix --no-out-link --argstr name wolf --argstr target wolf.shack -A deploy) + only: + changes: + - .gitlab-ci.yml + - krebs/**/* + - lib/**/* + - .gitmodules nur-packages makefu: stage: deploy script: @@ -44,5 +50,8 @@ nur-packages makefu: - git remote add deploy git@github.com:makefu/nur-packages.git || git remote set-url deploy git@github.com:makefu/nur-packages.git - GIT_SSH_COMMAND="ssh -i ~/.ssh/github_deploy.key" git push --force deploy HEAD:master - curl -XPOST http://nur-update.herokuapp.com/update?repo=makefu + only: + changes: + - makefu/**/* after_script: - rm -rf .ssh/ -- cgit v1.2.3