blob: 9d1e7dafb800fb3f386212bba9bc77a3bb376d02 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
image: nixpkgs/nix-flakes
stages:
- check
- build
- deploy
check:
stage: check
script:
- nix flake check . --print-build-logs
build:
stage: build
needs:
- check
before_script:
- . <(nix print-dev-env .#ci)
- mkdir -p "/etc/containers/"
- echo '{"default":[{"type":"insecureAcceptAnything"}]}' > /etc/containers/policy.json
- just docker-image-fly
script:
- export DOCKER_TAG="$(date --utc +%Y%m%d%H%M%S)-${CI_COMMIT_SHA}"
- just nix-build builder
- just docker-image-fly
- just docker-inspect result --tmpdir=$TMPDIR
- just print-docker-tag
- |
if fly auth whoami > /dev/null 2>&1
then
fly auth docker
just push-to-registry result --tmpdir=$TMPDIR
just print-docker-tag >> build.env
fi
artifacts:
reports:
dotenv: build.env
deploy:
stage: deploy
needs:
- build
script:
- fly auth docker
- fly deploy --image $FLY_REGISTRY_IMAGE_TAG
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
|