mirror of
https://gitlab.com/famedly/conduit.git
synced 2024-12-26 12:33:47 +03:00
4e09c9e58a
This will reduce the amount of full builds that need to be done by runs that don't have write access to the nix binary cache.
145 lines
5.2 KiB
YAML
145 lines
5.2 KiB
YAML
stages:
|
|
- ci
|
|
- artifacts
|
|
- publish
|
|
|
|
variables:
|
|
# Makes some things print in color
|
|
TERM: ansi
|
|
|
|
before_script:
|
|
# Enable nix-command and flakes
|
|
- if command -v nix > /dev/null; then echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf; fi
|
|
|
|
# Add our own binary cache
|
|
- if command -v nix > /dev/null; then echo "extra-substituters = https://nix.computer.surgery/conduit" >> /etc/nix/nix.conf; fi
|
|
- if command -v nix > /dev/null; then echo "extra-trusted-public-keys = conduit:ZGAf6P6LhNvnoJJ3Me3PRg7tlLSrPxcQ2RiE5LIppjo=" >> /etc/nix/nix.conf; fi
|
|
|
|
# Add crane binary cache
|
|
- if command -v nix > /dev/null; then echo "extra-substituters = https://crane.cachix.org" >> /etc/nix/nix.conf; fi
|
|
- if command -v nix > /dev/null; then echo "extra-trusted-public-keys = crane.cachix.org-1:8Scfpmn9w+hGdXH/Q9tTLiYAE/2dnJYRJP7kl80GuRk=" >> /etc/nix/nix.conf; fi
|
|
|
|
# Add nix-community binary cache
|
|
- if command -v nix > /dev/null; then echo "extra-substituters = https://nix-community.cachix.org" >> /etc/nix/nix.conf; fi
|
|
- if command -v nix > /dev/null; then echo "extra-trusted-public-keys = nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" >> /etc/nix/nix.conf; fi
|
|
|
|
# Install direnv and nix-direnv
|
|
- if command -v nix > /dev/null; then nix-env -iA nixpkgs.direnv nixpkgs.nix-direnv; fi
|
|
|
|
# Allow .envrc
|
|
- if command -v nix > /dev/null; then direnv allow; fi
|
|
|
|
# Set CARGO_HOME to a cacheable path
|
|
- export CARGO_HOME="$(git rev-parse --show-toplevel)/.gitlab-ci.d/cargo"
|
|
|
|
ci:
|
|
stage: ci
|
|
image: nixos/nix:2.20.4
|
|
script:
|
|
- direnv exec . engage
|
|
cache:
|
|
key: nix
|
|
paths:
|
|
- target
|
|
- .gitlab-ci.d
|
|
|
|
nix:artifacts:
|
|
stage: artifacts
|
|
image: nixos/nix:2.20.4
|
|
script:
|
|
- ./bin/nix-build-and-cache .#static-x86_64-unknown-linux-musl
|
|
- cp result/bin/conduit x86_64-unknown-linux-musl
|
|
|
|
# Since the OCI image package is based on the binary package, this has the
|
|
# fun side effect of uploading the normal binary too. Conduit users who are
|
|
# deploying with Nix can leverage this fact by adding our binary cache to
|
|
# their systems.
|
|
#
|
|
# Note that although we have an `oci-image-x86_64-unknown-linux-musl`
|
|
# output, we don't build it because it would be largely redundant to this
|
|
# one since it's all containerized anyway.
|
|
- ./bin/nix-build-and-cache .#oci-image
|
|
- cp result oci-image-amd64.tar.gz
|
|
|
|
- ./bin/nix-build-and-cache .#static-aarch64-unknown-linux-musl
|
|
- cp result/bin/conduit aarch64-unknown-linux-musl
|
|
|
|
- ./bin/nix-build-and-cache .#oci-image-aarch64-unknown-linux-musl
|
|
- cp result oci-image-arm64v8.tar.gz
|
|
artifacts:
|
|
paths:
|
|
- x86_64-unknown-linux-musl
|
|
- aarch64-unknown-linux-musl
|
|
- oci-image-amd64.tar.gz
|
|
- oci-image-arm64v8.tar.gz
|
|
|
|
debian:x86_64-unknown-linux-gnu:
|
|
stage: artifacts
|
|
# See also `rust-toolchain.toml`
|
|
image: rust:1.75.0
|
|
script:
|
|
- apt-get update && apt-get install -y --no-install-recommends libclang-dev
|
|
- cargo install cargo-deb
|
|
- cargo deb
|
|
|
|
# Make the output less difficult to find
|
|
- mv target/debian/*.deb conduit.deb
|
|
artifacts:
|
|
paths:
|
|
- conduit.deb
|
|
cache:
|
|
key: debian
|
|
paths:
|
|
- target
|
|
- .gitlab-ci.d
|
|
|
|
.push-oci-image:
|
|
stage: publish
|
|
image: docker:25.0.0
|
|
services:
|
|
- docker:25.0.0-dind
|
|
variables:
|
|
IMAGE_SUFFIX_AMD64: amd64
|
|
IMAGE_SUFFIX_ARM64V8: arm64v8
|
|
script:
|
|
- docker load -i oci-image-amd64.tar.gz
|
|
- IMAGE_ID_AMD64=$(docker images -q conduit:next)
|
|
- docker load -i oci-image-arm64v8.tar.gz
|
|
- IMAGE_ID_ARM64V8=$(docker images -q conduit:next)
|
|
# Tag and push the architecture specific images
|
|
- docker tag $IMAGE_ID_AMD64 $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_AMD64
|
|
- docker tag $IMAGE_ID_ARM64V8 $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_ARM64V8
|
|
- docker push $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_AMD64
|
|
- docker push $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_ARM64V8
|
|
# Tag the multi-arch image
|
|
- docker manifest create $IMAGE_NAME:$CI_COMMIT_SHA --amend $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_AMD64 --amend $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_ARM64V8
|
|
- docker manifest push $IMAGE_NAME:$CI_COMMIT_SHA
|
|
# Tag and push the git ref
|
|
- docker manifest create $IMAGE_NAME:$CI_COMMIT_REF_NAME --amend $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_AMD64 --amend $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_ARM64V8
|
|
- docker manifest push $IMAGE_NAME:$CI_COMMIT_REF_NAME
|
|
# Tag git tags as 'latest'
|
|
- |
|
|
if [[ -n "$CI_COMMIT_TAG" ]]; then
|
|
docker manifest create $IMAGE_NAME:latest --amend $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_AMD64 --amend $IMAGE_NAME:$CI_COMMIT_SHA-$IMAGE_SUFFIX_ARM64V8
|
|
docker manifest push $IMAGE_NAME:latest
|
|
fi
|
|
dependencies:
|
|
- nix:artifacts
|
|
only:
|
|
- next
|
|
- master
|
|
- tags
|
|
|
|
oci-image:push-gitlab:
|
|
extends: .push-oci-image
|
|
variables:
|
|
IMAGE_NAME: $CI_REGISTRY_IMAGE/matrix-conduit
|
|
before_script:
|
|
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
|
|
|
|
oci-image:push-dockerhub:
|
|
extends: .push-oci-image
|
|
variables:
|
|
IMAGE_NAME: matrixconduit/matrix-conduit
|
|
before_script:
|
|
- docker login -u $DOCKER_HUB_USER -p $DOCKER_HUB_PASSWORD
|