.gitlab-ci.yml.tmpl
image: nixos/nix:2.2.1
variables:
DOCKER_HOST: tcp://docker:2375/
TARGET_HOST: smartvillage.app
services:
- docker:dind
stages:
- build
- tag
- deploy
build:
stage: build
before_script:
- nix-env -iA nixpkgs.docker
- docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
script:
- docker pull $CI_REGISTRY_IMAGE:latest || true
- docker build --cache-from $CI_REGISTRY_IMAGE:latest --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA --tag $CI_REGISTRY_IMAGE:latest .
- docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
- docker push $CI_REGISTRY_IMAGE:latest
only:
- some-explicit-branch
tag:
stage: tag
before_script:
- nix-env -iA nixpkgs.docker
- docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
script:
- docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
- docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_REGISTRY_IMAGE:production
- docker push $CI_REGISTRY_IMAGE:production
only:
- some-explicit-branch
deploy:
stage: deploy
before_script:
- nix-env -iA nixpkgs.openssh
- eval $(ssh-agent -s)
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
- echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts
- chmod 644 ~/.ssh/known_hosts
script:
- ssh gitlab@$TARGET_HOST sudo salt-call --local --retcode-passthrough state.apply bad-belzig.cms
only:
- some-explicit-branch