Oleks
b797aefb28
Replace the bespoke ci/publish.py attic-push logic with parity-lib's
mkAtticClosurePublish builder (attic-closure archetype, cluster#104,
emmett#44). Adds the parity input (locked at d265a79) and wires the
per-arch package closures through builders.mkAtticClosurePublish, with
the endpoint (nix-cache-upload.oleks.space) and passEntry
(infra/attic/ci_token) overridden so the attic push is byte-for-byte the
pre-parity behaviour.
.woodpecker/{amd64,arm64}.yaml thinned to PUBLISH=1 nix run .#publish /
.#publish-aarch64-linux so CI and a local run share one audited impl.
Dead ci/publish.py + ci/build.py removed.
pipeline-doctor: 9 passed / 0 failed / 0 warned.
43 lines
1.3 KiB
YAML
43 lines
1.3 KiB
YAML
# Build flake-hub packages for aarch64-linux and push to attic.
|
|
# Separate workflow per arch — see amd64.yaml for rationale.
|
|
|
|
when:
|
|
- event: push
|
|
branch: main
|
|
|
|
clone:
|
|
- name: clone
|
|
image: woodpeckerci/plugin-git
|
|
environment:
|
|
CI_NETRC_MACHINE: git.oleks.space
|
|
CI_NETRC_USERNAME: oleks
|
|
CI_NETRC_PASSWORD:
|
|
from_secret: gitea_clone_token
|
|
PLUGIN_TAGS: "false"
|
|
PLUGIN_DEPTH: "1"
|
|
|
|
steps:
|
|
- name: build-arm64
|
|
image: git.oleks.space/oleks/nix-ci:latest
|
|
environment:
|
|
ATTIC_TOKEN:
|
|
from_secret: attic_token
|
|
GITEA_CLONE_TOKEN:
|
|
from_secret: gitea_clone_token
|
|
backend_options:
|
|
kubernetes:
|
|
nodeSelector:
|
|
kubernetes.io/arch: arm64
|
|
labels:
|
|
commit-tag: "${CI_COMMIT_TAG}"
|
|
commit-branch: "${CI_COMMIT_BRANCH}"
|
|
pipeline-number: "${CI_PIPELINE_NUMBER}"
|
|
commands:
|
|
- echo "▸ arch=$(uname -m)"
|
|
- sh ci/setup.sh
|
|
# NODE-BOUND LEG (emmett#44, cluster#192): aarch64-linux can't be built on
|
|
# emmett (linux/amd64) and these native packages have no cross path, so this
|
|
# leg must run on an aarch64 node (the arch nodeSelector above). Same
|
|
# parity-lib attic-closure front door as amd64, only the arch app differs.
|
|
- PUBLISH=1 nix run .#publish-aarch64-linux
|