2023-01-29 06:35:57 -07:00
|
|
|
. /etc/profile
|
2023-01-29 06:11:36 -07:00
|
|
|
. /run/secrets/po_env
|
2023-01-29 06:35:57 -07:00
|
|
|
|
2023-02-02 15:24:22 -07:00
|
|
|
SCRIPT_NAME="${0##*/}"
|
|
|
|
SCRIPT_PID=$$
|
|
|
|
LOCK_PATH="${LOCK:-/tmp/xin}"
|
|
|
|
LOCK_FILE="${LOCK_PATH}/${SCRIPT_NAME}"
|
|
|
|
|
|
|
|
mkdir -p "${LOCK_PATH}"
|
|
|
|
|
2022-08-31 14:12:09 -06:00
|
|
|
NIX_SSHOPTS="-i /run/secrets/manager_pubkey -oIdentitiesOnly=yes -oControlPath=/tmp/manager-ssh-%r@%h:%p -F/dev/null"
|
2022-08-25 12:21:35 -06:00
|
|
|
SSH="ssh ${NIX_SSHOPTS}"
|
|
|
|
CurrentVersion="$(git rev-parse HEAD)"
|
|
|
|
AgentKeys="$(ssh-add -L | awk '{print $2}')"
|
|
|
|
RunHost="$(uname -n)"
|
|
|
|
|
|
|
|
msg() {
|
2022-08-28 09:17:55 -06:00
|
|
|
echo -e "===> $@"
|
2022-08-25 12:21:35 -06:00
|
|
|
}
|
|
|
|
|
2023-02-02 15:24:22 -07:00
|
|
|
unlock() {
|
2023-02-03 11:18:53 -07:00
|
|
|
rm -f ${LOCK_FILE}
|
2023-02-02 15:24:22 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
_lock() {
|
2023-02-03 11:18:53 -07:00
|
|
|
echo "${SCRIPT_PID}" >"${LOCK_FILE}"
|
2023-02-02 15:24:22 -07:00
|
|
|
trap 'unlock' INT EXIT TERM
|
|
|
|
}
|
|
|
|
|
|
|
|
lock() {
|
|
|
|
if [ -f "${LOCK_FILE}" ]; then
|
|
|
|
msg "${SCRIPT_NAME} already running..."
|
|
|
|
exit 0
|
|
|
|
else
|
|
|
|
_lock
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
2022-10-05 07:33:13 -06:00
|
|
|
listNixOSHosts() {
|
|
|
|
for i in $(nix eval .#nixosConfigurations --apply builtins.attrNames --json | jq -r '.[]'); do
|
|
|
|
if [ -d hosts/${i} ]; then
|
|
|
|
echo $i
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
}
|
|
|
|
|
2022-08-25 12:21:35 -06:00
|
|
|
resolveAlias() {
|
|
|
|
host="${1}"
|
|
|
|
if [ -f hosts/${host}/alias ]; then
|
|
|
|
cat "hosts/${host}/alias"
|
|
|
|
return
|
|
|
|
fi
|
|
|
|
echo "$host"
|
|
|
|
}
|
|
|
|
|
|
|
|
agentHasKey() {
|
|
|
|
checkKey="$(echo $1 | awk '{print $NF}')"
|
|
|
|
for i in $AgentKeys; do
|
|
|
|
if [[ "$i" == $checkKey ]]; then
|
|
|
|
return 0
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
return 1
|
|
|
|
}
|
|
|
|
|
|
|
|
isRunHost() {
|
|
|
|
if [ "$1" = "$RunHost" ]; then
|
|
|
|
return 0
|
|
|
|
fi
|
|
|
|
return 1
|
|
|
|
}
|
|
|
|
|
|
|
|
tsAlive() {
|
2023-03-29 08:06:59 -06:00
|
|
|
ping -4 -c 1 -w 2 $1 >/dev/null 2>&1 && return 0
|
2022-08-25 12:21:35 -06:00
|
|
|
tailscale ping --timeout 2s --c 1 --until-direct=false $1 >/dev/null 2>&1 && return 0
|
|
|
|
return 1
|
|
|
|
}
|
|
|
|
|
|
|
|
error() {
|
|
|
|
msg "Something went wrong!"
|
|
|
|
exit 1
|
|
|
|
}
|
|
|
|
|
2023-01-29 06:11:36 -07:00
|
|
|
ci_error() {
|
|
|
|
git reset --hard HEAD
|
|
|
|
git clean -fd
|
|
|
|
git checkout main
|
|
|
|
}
|
|
|
|
|
2023-05-09 18:31:04 -06:00
|
|
|
_po() {
|
|
|
|
po -title "$1" -body "$2"
|
|
|
|
}
|
|
|
|
|
2023-01-29 06:11:36 -07:00
|
|
|
po_error() {
|
|
|
|
po -title "$1" -body "$2"
|
2023-01-29 08:13:59 -07:00
|
|
|
ci_error
|
2023-01-29 06:11:36 -07:00
|
|
|
}
|
|
|
|
|
2022-08-25 12:21:35 -06:00
|
|
|
start() {
|
2022-10-10 06:49:27 -06:00
|
|
|
agentHasKey "$(cat /run/secrets/manager_pubkey | awk '{print $2}')" ||
|
2023-12-13 07:28:39 -07:00
|
|
|
ssh-add -t 500 /run/secrets/manager_key
|
2022-08-25 12:21:35 -06:00
|
|
|
}
|
|
|
|
|
2023-01-31 14:26:29 -07:00
|
|
|
start_ci() {
|
2023-02-02 15:24:22 -07:00
|
|
|
lock
|
2023-01-31 14:26:29 -07:00
|
|
|
agentHasKey "$(cat /run/secrets/ci_ed25519_pub | awk '{print $2}')" ||
|
|
|
|
ssh-add /run/secrets/ci_ed25519_key
|
2023-06-16 09:28:51 -06:00
|
|
|
agentHasKey "$(cat /run/secrets/ci_signing_ed25519_pub | awk '{print $2}')" ||
|
|
|
|
ssh-add /run/secrets/ci_signing_ed25519_key
|
2023-01-31 14:26:29 -07:00
|
|
|
}
|
|
|
|
|
2022-08-25 12:21:35 -06:00
|
|
|
finish() {
|
|
|
|
ssh-add -d /run/secrets/manager_key
|
2023-06-16 09:28:51 -06:00
|
|
|
exit 0
|
|
|
|
}
|
|
|
|
|
|
|
|
finish_ci() {
|
2023-02-02 14:49:47 -07:00
|
|
|
ssh-add -d /run/secrets/ci_ed25519_key
|
2023-06-16 09:28:51 -06:00
|
|
|
ssh-add -d /run/secrets/ci_signing_ed25519_key
|
2023-06-16 10:24:22 -06:00
|
|
|
pkill ssh-agent # TODO: https://github.com/systemd/systemd/pull/28035
|
2022-08-25 12:21:35 -06:00
|
|
|
exit 0
|
|
|
|
}
|
2023-01-29 06:11:36 -07:00
|
|
|
|
2023-05-08 07:41:46 -06:00
|
|
|
get_journal() {
|
|
|
|
journalctl -u "$1" -n 50 --no-pager
|
|
|
|
}
|
|
|
|
|
2023-01-31 16:28:08 -07:00
|
|
|
handle_pull_fail() {
|
2023-05-08 07:41:46 -06:00
|
|
|
po_error "CI: git pull failed!" "$(get_journal xin-ci-update)"
|
2023-01-31 16:28:08 -07:00
|
|
|
}
|
|
|
|
|
2023-01-29 06:11:36 -07:00
|
|
|
handle_co_fail() {
|
2023-05-09 19:02:59 -06:00
|
|
|
_po "CI: git checkout ($1) failed!" "Please help!"
|
2023-01-29 06:11:36 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
handle_update_fail() {
|
2023-05-09 18:31:04 -06:00
|
|
|
_po "CI: input '$1' update failed!" "$(get_journal xin-ci-update)"
|
2023-01-29 06:11:36 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
handle_check_fail() {
|
2024-05-20 06:56:47 -06:00
|
|
|
po_error "CI: checks failed!" "$(get_journal xin-ci)"
|
2023-01-29 06:11:36 -07:00
|
|
|
}
|
2023-01-31 16:28:08 -07:00
|
|
|
|
2023-03-27 06:09:11 -06:00
|
|
|
handle_update_check_fail() {
|
2024-05-20 08:21:34 -06:00
|
|
|
_po "CI: checks for $1 failed!" "$(get_journal xin-ci-update)"
|
2023-03-27 06:09:11 -06:00
|
|
|
}
|
|
|
|
|
2023-01-31 16:28:08 -07:00
|
|
|
handle_merge_fail() {
|
2023-05-09 19:02:59 -06:00
|
|
|
_po "CI: git merge ('$1' into '$2') failed!" "$(get_journal xin-ci-update)"
|
2023-01-31 16:28:08 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
handle_push_fail() {
|
2023-05-08 07:41:46 -06:00
|
|
|
po_error "CI: git push failed!" "$(get_journal xin-ci-update)"
|
2023-01-31 16:28:08 -07:00
|
|
|
}
|