stages:
  - ci
  - artifacts

variables:
  # Makes some things print in color
  TERM: ansi

before_script:
  # Enable nix-command and flakes
  - if command -v nix > /dev/null; then echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf; fi

  # Add our own binary cache
  - if command -v nix > /dev/null && [ -n "$ATTIC_ENDPOINT" ] && [ -n "$ATTIC_CACHE" ]; then echo "extra-substituters = $ATTIC_ENDPOINT/$ATTIC_CACHE" >> /etc/nix/nix.conf; fi
  - if command -v nix > /dev/null && [ -n "$ATTIC_PUBLIC_KEY" ]; then echo "extra-trusted-public-keys = $ATTIC_PUBLIC_KEY" >> /etc/nix/nix.conf; fi

  # Add crane binary cache
  - if command -v nix > /dev/null; then echo "extra-substituters = https://crane.cachix.org" >> /etc/nix/nix.conf; fi
  - if command -v nix > /dev/null; then echo "extra-trusted-public-keys = crane.cachix.org-1:8Scfpmn9w+hGdXH/Q9tTLiYAE/2dnJYRJP7kl80GuRk=" >> /etc/nix/nix.conf; fi

  # Add nix-community binary cache
  - if command -v nix > /dev/null; then echo "extra-substituters = https://nix-community.cachix.org" >> /etc/nix/nix.conf; fi
  - if command -v nix > /dev/null; then echo "extra-trusted-public-keys = nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" >> /etc/nix/nix.conf; fi

  # Install direnv and nix-direnv
  - if command -v nix > /dev/null; then nix-env -iA nixpkgs.direnv nixpkgs.nix-direnv; fi

  # Allow .envrc
  - if command -v nix > /dev/null; then direnv allow; fi

  # Set CARGO_HOME to a cacheable path
  - export CARGO_HOME="$(git rev-parse --show-toplevel)/.gitlab-ci.d/cargo"

ci:
  stage: ci
  image: nixos/nix:2.20.4
  script:
    # Cache the inputs required for the devShell
    - ./bin/nix-build-and-cache .#devShells.x86_64-linux.default.inputDerivation

    - direnv exec . engage
  cache:
    paths:
      - target
      - .gitlab-ci.d

artifacts:
  stage: artifacts
  image: nixos/nix:2.20.4
  script:
    - ./bin/nix-build-and-cache .#static-x86_64-unknown-linux-musl
    - cp result/bin/grapevine x86_64-unknown-linux-musl

    # Since the OCI image package is based on the binary package, this has the
    # deploying with Nix can leverage this fact by adding our binary cache to
    # fun side effect of uploading the normal binary too. Grapevine users who are
    # their systems.
    #
    # Note that although we have an `oci-image-x86_64-unknown-linux-musl`
    # output, we don't build it because it would be largely redundant to this
    # one since it's all containerized anyway.
    - ./bin/nix-build-and-cache .#oci-image
    - cp result oci-image-amd64.tar.gz

    - ./bin/nix-build-and-cache .#static-aarch64-unknown-linux-musl
    - cp result/bin/grapevine aarch64-unknown-linux-musl

    - ./bin/nix-build-and-cache .#oci-image-aarch64-unknown-linux-musl
    - cp result oci-image-arm64v8.tar.gz
  artifacts:
    paths:
      - x86_64-unknown-linux-musl
      - aarch64-unknown-linux-musl
      - x86_64-unknown-linux-musl.deb
      - oci-image-amd64.tar.gz
      - oci-image-arm64v8.tar.gz