--- kind: pipeline type: docker name: update-flake steps: - name: Update flake image: nixos/nix commands: - echo "substituters = https://cache.nixos.org/ https://f000.backblazeb2.com/file/cache-chir-rs/" >> /etc/nix/nix.conf - echo "trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nixcache:8KKuGz95Pk4UJ5W/Ni+pN+v+LDTkMMFV4yrGmAYgkDg= hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" >> /etc/nix/nix.conf - | for job in nixos-8gb-fsn1-1 nutty-noon thinkrac installer nas; do nix show-derivation -r ".#hydraJobs.$job.x86_64-linux" > ../old-$job.json done nix flake update for job in nixos-8gb-fsn1-1 nutty-noon thinkrac installer nas; do nix show-derivation -r ".#hydraJobs.$job.x86_64-linux" > ../new-$job.json python scripts/diff-drvs.py ../old-$job.json ../new-$job.json > ../report-$job.txt cat report-$job.txt >> ../full-report.txt done if [ -s ../full-report.txt ]; then echo "Automatic flake.lock update" > ../pr-message.txt echo "" >> ../pr-message.txt for job in nixos-8gb-fsn1-1 nutty-noon thinkrac installer nas; do echo "## Changes for $job:" >> ../pr-message.txt echo '```' >> ../pr-message.txt cat report-$job.txt >> ../pr-message.txt echo '```' >> ../pr-message.txt done else touch ../pr-message.txt fi - name: Push git image: appleboy/drone-git-push settings: ssh_key: from_secret: SSH_KEY remote: gitea@git.chir.rs:darkkirb/nixos-config.git branch: update-flake force: true commit: true commit_message: Update flake author_name: Gitea Bot author_email: gitea-bot@chir.rs - name: Create pull request image: alpine:latest commands: - apk add jq curl - | echo '{ "assignee": "DarkKirb", "base": "main", "head": "update-flake", "title": "Update flake" }' | jq '.body = $body' --arg body "$(cat ../pr-message.txt)" | curl -XPOST 'https://git.chir.rs/api/v1/repos/DarkKirb/nixos-config/pulls' -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Bearer $AUTHORISATION" -d- environment: AUTHORISATION: from_secret: GITEA_KEY trigger: event: - cron cron: - updater --- kind: pipeline type: docker name: hydra-deploy steps: - name: Notify hydra image: curlimages/curl:latest commands: - curl --get --data-urlencode "jobsets=nixos-config:nixos-config" https://hydra.chir.rs/api/push - name: Wait for hydra job image: alpine:latest commands: - apk add jq curl - | while true; do if [[ $(curl https://git.chir.rs/api/v1/repos/darkkirb/nixos-config/commits/$DRONE_COMMIT/status | jq '[.statuses[] | select(.target_url | contains("https://hydra.chir.rs/"))] | length') != 0 ]]; then exit 0 fi sleep 5 done - name: Wait for hydra jobs to finish image: alpine:latest commands: - apk add jq curl - | while true; do if [[ $(curl https://git.chir.rs/api/v1/repos/darkkirb/nixos-config/commits/$DRONE_COMMIT/status | jq '[.statuses[] | select(.target_url | contains("https://hydra.chir.rs/")) | select(.status == "pending") ] | length') == 0 ]]; then exit 0 fi sleep 5 done - name: Deploy successful hydra jobs image: alpine:latest commands: - apk add jq curl git - mkdir ~/.ssh - echo $SSH_KEY > ~/.ssh/id_ed25519 - | for build in $(curl https://git.chir.rs/api/v1/repos/darkkirb/nixos-config/commits/$DRONE_COMMIT/status | jq -r '.statuses[] | select(.target_url | contains("https://hydra.chir.rs/")) | select(.status == "success" ) | .target_url'); do JOB_JSON=$(curl -H "Accept: application/json" $build) PROJECT=$(echo "$JOB_JSON" | jq '.project') JOBSET=$(echo "$JOB_JSON" | jq '.jobset') JOB=$(echo "$JOB_JSON" | jq '.job') JOB_NAME="$PROJECT/$JOBSET/JOB" git branch $JOB_NAME || true git checkout $JOB_NAME git reset --hard $DRONE_COMMIT git push --force done environment: SSH_KEY: from_secret: SSH_KEY trigger: event: - push