status-react/ci/Jenkinsfile.nix.linux

64 lines
1.7 KiB
Plaintext

pipeline {
agent {
/* the -u is necessary for acces to /nix */
docker {
label 'linux'
image 'statusteam/nix:jenkins'
}
}
environment {
/* we source .bash_profile to be able to use nix-store */
NIX_SSHOPTS="-o StrictHostKeyChecking=no source .bash_profile;"
/* where our /nix/store is hosted */
NIX_CACHE_USER = 'nix-cache'
NIX_CACHE_HOST = 'master-01.do-ams3.ci.misc.statusim.net'
/* we add both keys so default binary cache also works */
NIX_BIN_CACHE = 'https://nix-cache.status.im/'
NIX_BIN_CACHE_KEYS = (
'nix-cache.status.im-1:x/93lOfLU+duPplwMSBR+OlY4+mo+dCN7n0mr4oPwgY= '+
'cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY='
)
}
options {
timestamps()
disableConcurrentBuilds()
/* Prevent Jenkins jobs from running forever */
timeout(time: 20, unit: 'MINUTES')
/* Limit builds retained */
buildDiscarder(logRotator(
numToKeepStr: '20',
daysToKeepStr: '30',
))
}
stages {
stage('Setup') {
steps {
sh 'nix-env -i openssh'
}
}
stage('Build') {
steps {
/* we dogfood our own cache to speed up builds */
sh """
nix-build -A env.all \
--option extra-substituters '${NIX_BIN_CACHE}' \
--trusted-public-keys '${NIX_BIN_CACHE_KEYS}'
"""
}
}
stage('Upload') {
steps {
sshagent(credentials: ['nix-cache-ssh']) {
sh """
find /nix/store/ -mindepth 1 -maxdepth 1 -not -name '.links' -and -not -name '*.lock' | \
xargs nix-copy-closure -v --to ${NIX_CACHE_USER}@${NIX_CACHE_HOST}
"""
}
}
}
}
}