workflow: rules: - if: '$CI_PIPELINE_SOURCE == "push"' when: always - when: never default: image: name: registry.gitlab.com/fradrive/fradrive/nix-unstable:hcdba12p7ajl9xylgmw4kfn6p9c185xy variables: NIX_PATH: "nixpkgs=http://nixos.org/channels/nixos-21.05/nixexprs.tar.xz" AWS_SHARED_CREDENTIALS_FILE: "/etc/aws/credentials" stages: - frontend:build - backend:build - docker:build node dependencies: stage: frontend:build script: - nix -L build -o result .#uniworxNodeDependencies - nix-store --export $(nix-store -qR result) | xz > node-dependencies.nar.xz before_script: &nix-before - mkdir -p /etc/nix - install -m 0644 .gitlab-ci/nix-bootstrap.conf /etc/nix/nix.conf - .gitlab-ci/write-minio-creds.sh - .gitlab-ci/make-minio-bucket.sh - cp -pr --reflink=auto -L .gitlab-ci/upload-to-cache.sh /etc/nix/upload-to-cache.sh - install -m 0644 .gitlab-ci/nix.conf /etc/nix/nix.conf - git config --global init.defaultBranch master - install -v -m 0700 -d ~/.ssh - install -v -T -m 0644 "${SSH_KNOWN_HOSTS}" ~/.ssh/known_hosts - install -v -T -m 0400 "${SSH_DEPLOY_KEY}" ~/.ssh/deploy && echo "IdentityFile ~/.ssh/deploy" >> ~/.ssh/config; - install -v -T -m 0644 "${FONTAWESOME_NPM_AUTH_FILE}" /etc/fontawesome-token artifacts: paths: - node-dependencies.nar.xz name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}" expire_in: "1 day" retry: 2 interruptible: true well known: stage: frontend:build script: - xzcat node-dependencies.nar.xz | nix-store --import - nix -L build -o result .#uniworxWellKnown - nix-store --export $(nix-store -qR result) | xz > well-known.nar.xz before_script: *nix-before needs: - job: node dependencies artifacts: true artifacts: paths: - well-known.nar.xz name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}" expire_in: "1 day" retry: 2 interruptible: true frontend: stage: frontend:build script: - xzcat node-dependencies.nar.xz | nix-store --import - xzcat well-known.nar.xz | nix-store --import - nix -L build -o result .#uniworxFrontend - nix-store --export $(nix-store -qR result) | xz > frontend.nar.xz before_script: *nix-before needs: - job: node dependencies artifacts: true - job: well known artifacts: true artifacts: paths: - frontend.nar.xz name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}" expire_in: "1 day" retry: 2 interruptible: true backend: stage: backend:build script: - xzcat frontend.nar.xz | nix-store --import - nix -L build -o result .#uniworxBackend - cp -pr --reflink=auto -L result/bin . - nix-store --export $(nix-store -qR result) | xz > backend.nar.xz before_script: *nix-before needs: - job: frontend artifacts: true artifacts: paths: - backend.nar.xz name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}" expire_in: "1 day" retry: 2 interruptible: true demo docker: stage: docker:build script: - xzcat backend.nar.xz | nix-store --import - nix -L build -o result .#uniworxDemoDocker - cp -pr --reflink=auto -L result uniworx-demo.tar.gz before_script: *nix-before needs: - job: backend artifacts: true artifacts: paths: - uniworx-demo.tar.gz name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}" expire_in: "1 day" retry: 2 interruptible: true docker: stage: docker:build script: - xzcat backend.nar.xz | nix-store --import - nix -L build -o result .#uniworxDocker - cp -pr --reflink=auto -L result uniworx.tar.gz before_script: *nix-before needs: - job: backend artifacts: true artifacts: paths: - uniworx.tar.gz name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}" expire_in: "1 day" retry: 2 interruptible: true