scripts/deploy: add --build flag

useful as e.g. deploy --pre --build, to only *build* all variants/hosts, but don't actually copy
2025-03-16 07:01:15 +00:00
parent ca6c6f7b57
commit 2544bb4d68
1 changed files with 31 additions and 24 deletions
--- a/scripts/deploy
+++ b/scripts/deploy
@@ -8,6 +8,7 @@ usage() {
  echo ""
  echo "usage: deploy [options] [host] [host2 ...]"
  echo "options:"
+  echo "- --build: only build; don't copy or deploy"
  echo "- --copy: only build + copy files, nothing more"
  echo "- --switch  (default)"
  echo "- --test: switch to the new configuration, but do not make it bootable"
@@ -68,7 +69,7 @@ parseArgs() {
    local arg=$1
    shift
    case "$arg" in
-      (--copy|--switch|--test)
+      (--build|--copy|--switch|--test)
        action=${arg/--/}
        ;;
      (--deriv)
@@ -221,30 +222,36 @@ deployOneHost() {

  local netHost=$(resolveHost "$host")

-  if [ -n "$host" ] && [ "$host" != "$SELF" ]; then
-    if [ -e /run/secrets/nix_signing_key ]; then
-      info "signing store paths ..."
-      destructive sudo nix store sign -r -k /run/secrets/nix_signing_key "$myStorePath"
-    else
-      info "not signing store paths: /run/secrets/nix_signing_key does not exist"
-    fi
-    # add more `-v` for more verbosity (up to 5).
-    # builders-use-substitutes false: optimizes so that the remote machine doesn't try to get paths from its substituters.
-    #   we already have all paths here, and the remote substitution is slow to check and SERIOUSLY flaky on moby in particular.
-    ECHO_CMD=1 destructive timeout "$timeout" nix copy -vv --option builders-use-substitutes false --to "ssh-ng://$netHost" "$myStorePath" || return 1
-  fi
+  case "$action" in
+    (copy|switch|test)
+      if [ -n "$host" ] && [ "$host" != "$SELF" ]; then
+        if [ -e /run/secrets/nix_signing_key ]; then
+          info "signing store paths ..."
+          destructive sudo nix store sign -r -k /run/secrets/nix_signing_key "$myStorePath"
+        else
+          info "not signing store paths: /run/secrets/nix_signing_key does not exist"
+        fi
+        # add more `-v` for more verbosity (up to 5).
+        # builders-use-substitutes false: optimizes so that the remote machine doesn't try to get paths from its substituters.
+        #   we already have all paths here, and the remote substitution is slow to check and SERIOUSLY flaky on moby in particular.
+        ECHO_CMD=1 destructive timeout "$timeout" nix copy -vv --option builders-use-substitutes false --to "ssh-ng://$netHost" "$myStorePath" || return 1
+      fi
+      ;;
+  esac

-  if [ -n "$action" ] && [ "$action" != "copy" ]; then
-    info "activating profile... "
-    destructive runOnTarget "$netHost" sudo nix-env -p /nix/var/nix/profiles/system --set "$myStorePath" || return 1
-    destructive runOnTarget "$netHost" sudo "$myStorePath/bin/switch-to-configuration" "$action"
-    local rc=$?
-    if [[ -n "$doReboot" && ("$rc" -eq 0 || -n "$doRebootForce") ]]; then
-      info "rebooting $host"
-      destructive runOnTarget "$netHost" sane-reboot "$host" || return 1
-    fi
-    return $rc
-  fi
+  case "$action" in
+    (switch|test)
+      info "activating profile... "
+      destructive runOnTarget "$netHost" sudo nix-env -p /nix/var/nix/profiles/system --set "$myStorePath" || return 1
+      destructive runOnTarget "$netHost" sudo "$myStorePath/bin/switch-to-configuration" "$action"
+      local rc=$?
+      if [[ -n "$doReboot" && ("$rc" -eq 0 || -n "$doRebootForce") ]]; then
+        info "rebooting $host"
+        destructive runOnTarget "$netHost" sane-reboot "$host" || return 1
+      fi
+      return $rc
+      ;;
+  esac
 }

 failedDeploys=()