diff --git a/.woodpecker.yml b/.woodpecker.yml new file mode 100644 index 0000000..f79e0c4 --- /dev/null +++ b/.woodpecker.yml @@ -0,0 +1,55 @@ +# Build flake-hub packages for all architectures and push to attic + +clone: + - name: clone + image: woodpeckerci/plugin-git + environment: + CI_NETRC_MACHINE: git.oleks.space + CI_NETRC_USERNAME: oleks + CI_NETRC_PASSWORD: + from_secret: gitea_clone_token + +when: + - event: push + branch: main + +# Build packages for each architecture in parallel +steps: + - name: build-x86_64-linux + image: nixos/nix:latest + environment: + ATTIC_TOKEN: + from_secret: attic_token + backend_options: + kubernetes: + nodeSelector: + kubernetes.io/arch: amd64 + commands: + - sh ci/setup.sh + - sh ci/build.sh x86_64-linux + + - name: build-aarch64-linux + image: nixos/nix:latest + environment: + ATTIC_TOKEN: + from_secret: attic_token + backend_options: + kubernetes: + nodeSelector: + kubernetes.io/arch: arm64 + commands: + - sh ci/setup.sh + - sh ci/build.sh aarch64-linux + + - name: build-s390x-linux + image: nixos/nix:latest + environment: + ATTIC_TOKEN: + from_secret: attic_token + backend_options: + kubernetes: + nodeSelector: + kubernetes.io/arch: s390x + commands: + - sh ci/setup.sh + - sh ci/build.sh s390x-linux diff --git a/ci/build.sh b/ci/build.sh new file mode 100755 index 0000000..807cee0 --- /dev/null +++ b/ci/build.sh @@ -0,0 +1,22 @@ +#!/bin/sh +# Build all flake-hub packages and push to attic +set -e + +ARCH="$1" +ATTIC_CACHE="attic-infra-cache-k3s-1" +ATTIC_SERVER="https://nix-cache-upload.oleks.space" + +echo "=== Building flake-hub packages for ${ARCH} ===" + +# Setup attic +attic=$(nix build --inputs-from . nixpkgs#attic-client --print-out-paths --no-link)/bin/attic +"${attic}" login ci "${ATTIC_SERVER}" "${ATTIC_TOKEN}" + +echo "Building packages..." +nix build ".#packages.${ARCH}.hello-world" --print-build-logs +"${attic}" push "${ATTIC_CACHE}" result + +nix build ".#packages.${ARCH}.xonsh" --print-build-logs +"${attic}" push "${ATTIC_CACHE}" result + +echo "✅ Build completed for ${ARCH}" diff --git a/ci/setup.sh b/ci/setup.sh new file mode 100755 index 0000000..448ea24 --- /dev/null +++ b/ci/setup.sh @@ -0,0 +1,19 @@ +#!/bin/sh +# Bootstrap nix environment for CI (runs inside nixos/nix:latest) +set -e + +# Direct to armer public IP — bypass Cloudflare upload size limits +# Hairpin NAT on armer handles redirect for pods running on armer itself +echo "79.76.48.244 git.oleks.space nix-cache-upload.oleks.space" >>/etc/hosts + +cat >>/etc/nix/nix.conf <<'EOF' +experimental-features = nix-command flakes +trusted-substituters = https://nix-cache-mirror.oleks.space https://nix-cache-custom.oleks.space/attic-infra-cache-k3s-1 +substituters = https://nix-cache-mirror.oleks.space https://nix-cache-custom.oleks.space/attic-infra-cache-k3s-1 +trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc= cuda-maintainers.cachix.org-1:0dq3bujKpuEPMCX6U4WylrUDZ9JyUG0VpVZa7CNfq5E= nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA= attic-infra-cache-k3s-1:qYSNK3DmttQXCFqn1t50qoWGtQNPRFWq9mgQjD05DeU= +EOF + +if [ -n "$GITEA_CLONE_TOKEN" ]; then + echo "machine git.oleks.space login oleks password $GITEA_CLONE_TOKEN" >~/.netrc + chmod 600 ~/.netrc +fi