This commit is contained in:
Paul Brinkmeier
parent
7cf2f53793
commit
f952ef0407
@ -7,26 +7,35 @@ jobs:
|
|||||||
build-image:
|
build-image:
|
||||||
container:
|
container:
|
||||||
image: catthehacker/ubuntu:act-latest
|
image: catthehacker/ubuntu:act-latest
|
||||||
|
env:
|
||||||
|
USER: node
|
||||||
|
HOME: /home/node
|
||||||
|
NIX_CONFIG: experimental-features = nix-command flakes
|
||||||
|
volumes:
|
||||||
|
- /home/paul/nix-ci/nix-runner-nix:/nix
|
||||||
|
- /home/paul/nix-ci/nix-runner-etc-nix:/etc/nix
|
||||||
|
- /home/paul/nix-ci/nix-runner-home-node:/home/node
|
||||||
|
options: --user 1000:1000 --group-add 988
|
||||||
steps:
|
steps:
|
||||||
|
- run: |
|
||||||
|
env
|
||||||
|
if [ ! -f ~/.nix-profile/etc/profile.d/nix.sh ]; then
|
||||||
|
curl -L https://nixos.org/nix/install | bash -s -- --no-daemon
|
||||||
|
fi
|
||||||
|
- name: Prep nix env
|
||||||
|
run: |
|
||||||
|
. ~/.nix-profile/etc/profile.d/nix.sh
|
||||||
|
env >> "$GITHUB_ENV"
|
||||||
- name: Checkout repo
|
- name: Checkout repo
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
# Required for installing nix
|
|
||||||
- name: Install sudo
|
|
||||||
run: apt-get update && apt-get install -y sudo
|
|
||||||
- name: Install Nix
|
|
||||||
uses: cachix/install-nix-action@v31
|
|
||||||
with:
|
|
||||||
enable_kvm: false
|
|
||||||
- name: Get image meta
|
- name: Get image meta
|
||||||
run: nix build .#image-meta -o image-meta
|
run: nix build .#image-meta -o image-meta
|
||||||
- name: Version check
|
- name: Version check
|
||||||
run: |
|
run: |
|
||||||
VERSION=$(cat image-meta/version)
|
VERSION=$(cat image-meta/version)
|
||||||
[ "$GITHUB_REF_NAME" = v"$VERSION" ]
|
[ "$GITHUB_REF_NAME" = v"$VERSION" ]
|
||||||
- name: Build image
|
- run: nix build --log-format raw --print-build-logs .#image -o image.tar.gz
|
||||||
run: nix build .#image -o image.tar.gz
|
- run: nix run .#crane -- auth login -u paul -p "$PASSWORD" git.pbrinkmeier.de
|
||||||
- run: docker login -u paul -p "$PASSWORD" git.pbrinkmeier.de
|
- run: file image.tar.gz
|
||||||
env:
|
- run: file $(readlink -f image.tar.gz)
|
||||||
PASSWORD: "${{ secrets.REGISTRY_PASSWORD }}"
|
- run: nix run .#crane -- push $(readlink -f image.tar.gz) $(cat image-meta/name)
|
||||||
- run: docker load < image.tar.gz
|
|
||||||
- run: docker image push $(cat image-meta/name)
|
|
||||||
|
|||||||
10
flake.nix
10
flake.nix
@ -20,11 +20,11 @@
|
|||||||
vendorHash = null;
|
vendorHash = null;
|
||||||
|
|
||||||
# For building the package, we use only the files not ignored by Git as inputs.
|
# For building the package, we use only the files not ignored by Git as inputs.
|
||||||
# Also, flake.nix and flake.lock are not included to avoid annoying rebuilds when
|
# Also, flake.nix, flake.lock and .gitea are not included to avoid annoying rebuilds when
|
||||||
# working on them.
|
# working on them.
|
||||||
src = pkgs.lib.cleanSourceWith {
|
src = pkgs.lib.cleanSourceWith {
|
||||||
src = gitignore.lib.gitignoreSource ./.;
|
src = gitignore.lib.gitignoreSource ./.;
|
||||||
filter = path: type: builtins.baseNameOf path != "flake.nix" && builtins.baseNameOf path != "flake.lock";
|
filter = path: type: builtins.baseNameOf path != "flake.nix" && builtins.baseNameOf path != "flake.lock" && builtins.match "^\\.gitea.*" path != null;
|
||||||
};
|
};
|
||||||
|
|
||||||
# Avoid linking against libc
|
# Avoid linking against libc
|
||||||
@ -55,6 +55,12 @@
|
|||||||
config.Cmd = [ "${vrnp-static}/bin/vrnp" ];
|
config.Cmd = [ "${vrnp-static}/bin/vrnp" ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
apps = {
|
||||||
|
crane = {
|
||||||
|
type = "app";
|
||||||
|
program = "${pkgs.crane}/bin/crane";
|
||||||
|
};
|
||||||
|
};
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user