Nix CI tryouts

.gitea/workflows/build-image.yml

@@ -9,32 +9,33 @@ jobs:
       image: catthehacker/ubuntu:act-latest
       env:
         USER: node
-        HOME: /home/node
         NIX_CONFIG: experimental-features = nix-command flakes
       volumes:
         - /home/paul/nix-ci/nix-runner-nix:/nix
         - /home/paul/nix-ci/nix-runner-etc-nix:/etc/nix
         - /home/paul/nix-ci/nix-runner-home-node:/home/node
-      options: --user 1000:1000 --group-add 988
+      options: --user 1000:1000
     steps:
-      - name: Prep nix env
+      - run: |
-        run: |
+          cat /var/run/act/workflow/0.sh
           if [ ! -f ~/.nix-profile/etc/profile.d/nix.sh ]; then
             curl -L https://nixos.org/nix/install | bash -s -- --no-daemon
           fi
-          . ~/.nix-profile/etc/profile.d/nix.sh 
-          env >> "$GITHUB_ENV"
       - name: Checkout repo
         uses: actions/checkout@v4
       - name: Get image meta
-        run: nix build .#image-meta -o image-meta
+        run: |
+          . ~/.nix-profile/etc/profile.d/nix.sh
+          nix build .#image-meta -o image-meta
       - name: Version check
         run: |
           VERSION=$(cat image-meta/version)
           [ "$GITHUB_REF_NAME" = v"$VERSION" ]
-      - run: nix build --log-format raw --print-build-logs .#image -o image.tar.gz
+      - run: |
-      - run: gunzip -c image.tar.gz > image.tar
+          . ~/.nix-profile/etc/profile.d/nix.sh
-      - run: nix run .#crane -- auth login git.pbrinkmeier.de -u paul -p "$PASSWORD"
+          nix build --log-format raw --print-build-logs .#image -o image.tar.gz
+      - run: docker login -u paul -p "$PASSWORD" git.pbrinkmeier.de
         env:
           PASSWORD: "${{ secrets.REGISTRY_PASSWORD }}"
-      - run: nix run .#crane -- push image.tar $(cat image-meta/name)
+      - run: docker load < image.tar.gz
+      - run: docker image push $(cat image-meta/name)

flake.nix

@@ -16,22 +16,15 @@
 
       vrnp-static = pkgs.buildGoModule {
         pname = "vrnp";
-        version = "0.0.10-test";
+        version = "0.0.10";
         vendorHash = null;
 
         # For building the package, we use only the files not ignored by Git as inputs.
         # Also, flake.nix, flake.lock and .gitea are not included to avoid annoying rebuilds when
         # working on them.
         src = pkgs.lib.cleanSourceWith {
-          src = ./.;
+          src = gitignore.lib.gitignoreSource ./.;
-          filter = gitignore.lib.gitignoreFilterWith {
+          filter = path: type: builtins.baseNameOf path != "flake.nix" && builtins.baseNameOf path != "flake.lock" && builtins.match "^\\.gitea.*" path != null;
-            basePath = ./.;
-            extraRules = ''
-              flake.nix
-              flake.lock
-              .gitea
-            '';
-          };
         };
 
         # Avoid linking against libc
@@ -62,12 +55,6 @@
           config.Cmd = [ "${vrnp-static}/bin/vrnp" ];
         };
       };
-      apps = {
-        crane = {
-          type = "app";
-          program = "${pkgs.crane}/bin/crane";
-        };
-      };
     }
   );
 }