gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

skip ci steps that require (missing) secrets

Browse source
This commit is contained in:
arcnmx 2021-05-19 08:25:16 -07:00
parent b262605e5a
commit 6a3b8ef8ca
1 changed files with 18 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

30
ci/niv-cron.nix
View file

@ -40,9 +40,11 @@ with lib; {
displayName = "niv update build"; displayName = "niv update build";
environment = [ "OPENSSH_PRIVATE_KEY" "CACHIX_SIGNING_KEY" ]; environment = [ "OPENSSH_PRIVATE_KEY" "CACHIX_SIGNING_KEY" ];
command = '' command = ''
mkdir ~/.ssh if [[ -n $OPENSSH_PRIVATE_KEY ]]; then
echo "$OPENSSH_PRIVATE_KEY" > ~/.ssh/id_rsa mkdir ~/.ssh
chmod 0600 ~/.ssh/id_rsa echo "$OPENSSH_PRIVATE_KEY" > ~/.ssh/id_rsa
chmod 0600 ~/.ssh/id_rsa
fi
for source in ${toString (attrNames channels.nixfiles.sources)}; do for source in ${toString (attrNames channels.nixfiles.sources)}; do
niv update $source || true niv update $source || true
@ -51,15 +53,19 @@ with lib; {
if git status --porcelain | grep -qF nix/sources.json; then if git status --porcelain | grep -qF nix/sources.json; then
if nix build -Lf . hosts.{athame,yule,samhain}.config.system.build.toplevel; then if nix build -Lf . hosts.{athame,yule,samhain}.config.system.build.toplevel; then
nix build -f ../. sourceCache nix build -f ../. sourceCache
cachix push kittywitch $(nix eval '(toString (import ../.).sourceCache)') if [[ -n $CACHIX_SIGNING_KEY ]]; then
nix-build $(echo "-A hosts."{athame,yule,samhain}.config.system.build.toplevel) | cachix push kittywitch cachix push kittywitch $(nix eval '(toString (import ../.).sourceCache)')
git add nix/sources.json nix-build $(echo "-A hosts."{athame,yule,samhain}.config.system.build.toplevel) | cachix push kittywitch
export GIT_{COMMITTER,AUTHOR}_EMAIL=kat@kittywit.ch fi
export GIT_{COMMITTER,AUTHOR}_NAME=kat witch if [[ -n $OPENSSH_PRIVATE_KEY ]]; then
git commit --message="ci-trusted: niv update" git add nix/sources.json
git remote add gitea ssh://gitea@git.kittywit.ch:62954/kat/nixfiles.git export GIT_{COMMITTER,AUTHOR}_EMAIL=kat@kittywit.ch
GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" \ export GIT_{COMMITTER,AUTHOR}_NAME=kat witch
git push gitea master git commit --message="ci-trusted: niv update"
git remote add gitea ssh://gitea@git.kittywit.ch:62954/kat/nixfiles.git
GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" \
git push gitea master
fi
fi fi
else else
echo "no source changes" >&2 echo "no source changes" >&2