From 7ab86f5423578cc86b76ed034e2a79e22a3af727 Mon Sep 17 00:00:00 2001 From: William Carroll Date: Sat, 22 Aug 2020 09:09:15 +0100 Subject: [PATCH] Abandon the pre-receive hook I wanted Gitea to call Buildkite's pre-receive pipeline and either accept or reject the incoming code depending on the outcome. The problem is that I can only *create* builds from Gitea's pre-receive hook. Now I'm left with two options: 1. run the lint-secrets step in post-receive 2. run `/nix/store//git-secrets --scan-history $REPO_PATH` in Gitea As far as I can tell, I cannot define Gitea hooks in Nix, which is unfortunate; otherwise, option 2 would appeal more. I'm doing option one for now. --- ci/pipelines/post-receive.nix | 6 ++++++ ci/pipelines/pre-receive.nix | 11 ----------- 2 files changed, 6 insertions(+), 11 deletions(-) delete mode 100644 ci/pipelines/pre-receive.nix diff --git a/ci/pipelines/post-receive.nix b/ci/pipelines/post-receive.nix index 415f10408..3f14dfade 100644 --- a/ci/pipelines/post-receive.nix +++ b/ci/pipelines/post-receive.nix @@ -2,10 +2,16 @@ let pipeline.steps = [ + { + key = "lint-secrets"; + command = "${pkgs.git-secrets}/bin/git-secrets --scan-history"; + label = ":broom: lint secrets"; + } { key = "build-briefcase"; command = "nix-build . -I briefcase=$(pwd) --no-out-link --show-trace"; label = ":nix: build briefcase"; + depends_on = "lint-secrets"; } { key = "build-socrates"; diff --git a/ci/pipelines/pre-receive.nix b/ci/pipelines/pre-receive.nix deleted file mode 100644 index 9a30f271e..000000000 --- a/ci/pipelines/pre-receive.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ pkgs, ... }: - -let - pipeline.steps = [ - { - key = "lint"; - command = "${pkgs.git-secrets}/bin/git-secrets --scan-history"; - label = ":broom: lint"; - } - ]; -in pkgs.writeText "pipeline.yaml" (builtins.toJSON pipeline)