pipeline {
  agent {
    /* the -u is necessary for acces to /nix */
    docker {
      label 'linux'
      image 'statusteam/nix:jenkins-1.0.0-150d5721'
    }
  }

  environment {
    /* we source .bash_profile to be able to use nix-store */
    NIX_SSHOPTS = "-o StrictHostKeyChecking=no source .bash_profile;"
    /* where our /nix/store is hosted */
    NIX_CACHE_USER = 'nix-cache'
    NIX_CACHE_HOST = 'master-01.do-ams3.ci.misc.statusim.net'
    /* we add both keys so default binary cache also works */
    NIX_CONF_DIR = "${env.WORKSPACE}/scripts/lib/setup/nix"
  }

  options {
    timestamps()
    disableConcurrentBuilds()
    /* Prevent Jenkins jobs from running forever */
    timeout(time: 20, unit: 'MINUTES')
    /* Limit builds retained */
    buildDiscarder(logRotator(
      numToKeepStr: '20',
      daysToKeepStr: '30',
    ))
  }

  stages {
    stage('Setup') {
      steps {
        sh 'nix-env -i openssh'
      }
    }
    stage('Build') {
      steps {
        sh 'nix-shell --run echo'
      }
    }
    stage('Upload') {
      steps {
        sshagent(credentials: ['nix-cache-ssh']) {
          sh """
            find /nix/store/ -mindepth 1 -maxdepth 1 -not -name '.links' -and -not -name '*.lock' | \
              xargs nix-copy-closure -v --to ${NIX_CACHE_USER}@${NIX_CACHE_HOST}
          """
        }
      }
    }
  }
}