mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-16 23:03:40 +01:00
Merge pull request #28293 from makefu/module/gitlab-runner/configOptions
module gitlab-runner: introduce configOptions and configFile
This commit is contained in:
Franz Pletz
GitHub
commit
66fe192301
1 changed files with 53 additions and 3 deletions
|
|
@ -4,15 +4,65 @@ with lib;
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.services.gitlab-runner;
|
cfg = config.services.gitlab-runner;
|
||||||
configFile = pkgs.writeText "config.toml" cfg.configText;
|
configFile =
|
||||||
|
if (cfg.configFile == null) then
|
||||||
|
(pkgs.runCommand "config.toml" {
|
||||||
|
buildInputs = [ pkgs.remarshal ];
|
||||||
|
} ''
|
||||||
|
remarshal -if json -of toml \
|
||||||
|
< ${pkgs.writeText "config.json" (builtins.toJSON cfg.configOptions)} \
|
||||||
|
> $out
|
||||||
|
'')
|
||||||
|
else
|
||||||
|
cfg.configFile;
|
||||||
hasDocker = config.virtualisation.docker.enable;
|
hasDocker = config.virtualisation.docker.enable;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
options.services.gitlab-runner = {
|
options.services.gitlab-runner = {
|
||||||
enable = mkEnableOption "Gitlab Runner";
|
enable = mkEnableOption "Gitlab Runner";
|
||||||
|
|
||||||
configText = mkOption {
|
configFile = mkOption {
|
||||||
description = "Verbatim config.toml to use";
|
default = null;
|
||||||
|
description = ''
|
||||||
|
Configuration file for gitlab-runner.
|
||||||
|
Use this option in favor of configOptions to avoid placing CI tokens in the nix store.
|
||||||
|
|
||||||
|
<option>configFile</option> takes precedence over <option>configOptions</option>.
|
||||||
|
|
||||||
|
Warning: Not using <option>configFile</option> will potentially result in secrets
|
||||||
|
leaking into the WORLD-READABLE nix store.
|
||||||
|
'';
|
||||||
|
type = types.nullOr types.path;
|
||||||
|
};
|
||||||
|
|
||||||
|
configOptions = mkOption {
|
||||||
|
description = ''
|
||||||
|
Configuration for gitlab-runner
|
||||||
|
<option>configFile</option> will take precedence over this option.
|
||||||
|
|
||||||
|
Warning: all Configuration, especially CI token, will be stored in a
|
||||||
|
WORLD-READABLE file in the Nix Store.
|
||||||
|
|
||||||
|
If you want to protect your CI token use <option>configFile</option> instead.
|
||||||
|
'';
|
||||||
|
type = types.attrs;
|
||||||
|
example = {
|
||||||
|
concurrent = 2;
|
||||||
|
runners = [{
|
||||||
|
name = "docker-nix-1.11";
|
||||||
|
url = "https://CI/";
|
||||||
|
token = "TOKEN";
|
||||||
|
executor = "docker";
|
||||||
|
builds_dir = "";
|
||||||
|
docker = {
|
||||||
|
host = "";
|
||||||
|
image = "nixos/nix:1.11";
|
||||||
|
privileged = true;
|
||||||
|
disable_cache = true;
|
||||||
|
cache_dir = "";
|
||||||
|
};
|
||||||
|
}];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
gracefulTermination = mkOption {
|
gracefulTermination = mkOption {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue