From c5c1b1284a8e7d0bbc4a91d0dc577ad0bc0b25fe Mon Sep 17 00:00:00 2001
From: Aaron Bieber <aaron@bolddaemon.com>
Date: Thu, 2 Feb 2023 15:24:22 -0700
Subject: [PATCH] ci/deploy: add basic locking

---
 common.sh | 27 +++++++++++++++++++++++++++
 deploy    |  1 +
 2 files changed, 28 insertions(+)

diff --git a/common.sh b/common.sh
index a94c05c..059abad 100644
--- a/common.sh
+++ b/common.sh
@@ -1,6 +1,13 @@
 . /etc/profile
 . /run/secrets/po_env
 
+SCRIPT_NAME="${0##*/}"
+SCRIPT_PID=$$
+LOCK_PATH="${LOCK:-/tmp/xin}"
+LOCK_FILE="${LOCK_PATH}/${SCRIPT_NAME}"
+
+mkdir -p "${LOCK_PATH}"
+
 NIX_SSHOPTS="-i /run/secrets/manager_pubkey -oIdentitiesOnly=yes -oControlPath=/tmp/manager-ssh-%r@%h:%p -F/dev/null"
 SSH="ssh ${NIX_SSHOPTS}"
 CurrentVersion="$(git rev-parse HEAD)"
@@ -11,6 +18,24 @@ msg() {
 	echo -e "===> $@"
 }
 
+unlock() {
+	rm -f ${LOCK_FILE};
+}
+
+_lock() {
+	echo "${SCRIPT_PID}" > "${LOCK_FILE}"
+	trap 'unlock' INT EXIT TERM
+}
+
+lock() {
+	if [ -f "${LOCK_FILE}" ]; then
+		msg "${SCRIPT_NAME} already running..."
+		exit 0
+	else
+		_lock
+	fi
+}
+
 listNixOSHosts() {
 	for i in $(nix eval .#nixosConfigurations --apply builtins.attrNames --json | jq -r '.[]'); do
 		if [ -d hosts/${i} ]; then
@@ -73,6 +98,7 @@ start() {
 }
 
 start_ci() {
+	lock
 	agentHasKey "$(cat /run/secrets/ci_ed25519_pub | awk '{print $2}')" ||
 		ssh-add /run/secrets/ci_ed25519_key
 }
@@ -106,3 +132,4 @@ handle_merge_fail() {
 handle_push_fail() {
 	po_error "CI: git push failed!" "Pelase help!"
 }
+
diff --git a/deploy b/deploy
index 0ec0243..a92b8a1 100755
--- a/deploy
+++ b/deploy
@@ -133,6 +133,7 @@ ret=0
 if [ ${#@} = 1 ]; then
 	rebuild $1 true || ret=1
 else
+	lock
 	for host in $(listNixOSHosts); do
 		rebuild $host false || ret=1
 	done