[buoh/ci] ci: Add Nix based build test
- From: Jan Tojnar <jtojnar src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [buoh/ci] ci: Add Nix based build test
- Date: Wed, 12 Sep 2018 11:54:34 +0000 (UTC)
commit cfa9b1057320ada3b88ea15ca486a4b6b983c612
Author: Jan Tojnar <jtojnar gmail com>
Date: Thu Aug 30 12:59:12 2018 +0200
ci: Add Nix based build test
We compare the hash of default.nix file with a label of the Docker image
stored in the container registry [1]. When they do not match, we will try
to build an image based on nixos/nix [2] containing all the build dependencies,
then upload the built image to the registry. Finally the image will be used
to build the package using Nix, and to run checks.
[1]: https://gitlab.com/help/user/project/container_registry
[2]: https://hub.docker.com/r/nixos/nix/
ci/Dockerfile | 5 +++++
ci/build-image.sh | 23 +++++++++++++++++++++++
ci/gitlab-ci.yaml | 45 +++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 73 insertions(+)
---
diff --git a/ci/Dockerfile b/ci/Dockerfile
new file mode 100644
index 0000000..b9ab6a4
--- /dev/null
+++ b/ci/Dockerfile
@@ -0,0 +1,5 @@
+FROM nixos/nix
+ARG EXPRESSION_HASH=unknown
+LABEL ExpressionHash=$EXPRESSION_HASH
+COPY default.nix /project/
+RUN cd /project && nix-shell --run ':'
diff --git a/ci/build-image.sh b/ci/build-image.sh
new file mode 100755
index 0000000..22ab7a6
--- /dev/null
+++ b/ci/build-image.sh
@@ -0,0 +1,23 @@
+#!/bin/sh
+
+# usage: build-image.sh <job-token> <image-tag>
+
+alias jq="docker run -i stedolan/jq"
+alias skopeo="docker run -i alexeiled/skopeo skopeo"
+
+CI_JOB_TOKEN=$1
+IMAGE_TAG=$2
+
+NIX_EXPRESSION_HASH=$(sha256sum default.nix | cut -f 1 -d ' ')
+IMAGE_EXPRESSION_HASH=$(skopeo inspect "docker://$IMAGE_TAG" | jq -r '.Labels.ExpressionHash')
+
+echo $NIX_EXPRESSION_HASH $IMAGE_EXPRESSION_HASH
+
+if test "$NIX_EXPRESSION_HASH" = "$IMAGE_EXPRESSION_HASH"; then
+ echo 'Image already up to date, skipping build…'
+else
+ echo 'Building Docker image…'
+ docker login -u gitlab-ci-token -p "$CI_JOB_TOKEN" "$CI_REGISTRY"
+ docker build -t "$IMAGE_TAG" . -f ci/Dockerfile --build-arg "EXPRESSION_HASH=$NIX_EXPRESSION_HASH"
+ docker push "$IMAGE_TAG"
+fi
diff --git a/ci/gitlab-ci.yaml b/ci/gitlab-ci.yaml
new file mode 100644
index 0000000..473dbb8
--- /dev/null
+++ b/ci/gitlab-ci.yaml
@@ -0,0 +1,45 @@
+image: docker:stable
+
+services:
+ - docker:dind
+
+variables:
+ DOCKER_HOST: tcp://docker:2375
+ DOCKER_DRIVER: overlay2
+
+# We compare the hash of default.nix file with a label of the Docker image
+# stored in the container registry. When they do not match, we will try
+# to build an image based on nixos/nix containing all the build dependencies,
+# then upload the built image to the registry. Finally the image will be used
+# to build the package using Nix, and to run checks.
+
+build_image:
+ stage: build
+ script: ci/build-image.sh "$CI_JOB_TOKEN" "$CI_REGISTRY_IMAGE:latest"
+ except:
+ - /^ci-.*/
+
+build:
+ stage: test
+ image: $CI_REGISTRY_IMAGE:latest
+ script: nix-build
+ except:
+ - /^ci-.*/
+
+# We use a different image tag for branches starting with “ci-” prefix so that
+# we could develop the CI set-up without interfering with the deployed
+# one. Since the CI tweaks are going to be quite rare, we are sharing a single
+# tag between all of them, in order not to clog the registry.
+
+build_image_dev:
+ stage: build
+ script: ci/build-image.sh "$CI_JOB_TOKEN" "$CI_REGISTRY_IMAGE:development"
+ only:
+ - /^ci-.*/
+
+build_dev:
+ stage: test
+ image: $CI_REGISTRY_IMAGE:development
+ script: nix-build
+ only:
+ - /^ci-.*/
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]