milas/woodpecker-plugin-nix-attic
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

build: build and publish from CI pipeline (#1)

Browse source 
Reviewed-on: https://git.vdx.hu/voidcontext/woodpecker-plugin-nix-attic/pulls/1
Co-authored-by: Gabor Pihaj <gabor.pihaj@gmail.com>
Co-committed-by: Gabor Pihaj <gabor.pihaj@gmail.com>
This commit is contained in:
Gabor Pihaj 2023-09-30 14:11:00 +00:00 committed by Gabor Pihaj
parent 9bb9871977
commit 2ae1bb82d4
No known key found for this signature in database
GPG key ID: 7BCF5D144C6C06E3
2 changed files with 104 additions and 55 deletions
Download patch file Download diff file Expand all files Collapse all files

45
.woodpecker/ci.yaml Normal file
View file

@ -0,0 +1,45 @@
steps:
build:
image: nixos/nix:2.15.1
commands:
- set -o pipefail
- echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf
- echo "trusted-substituters = https://cache.nix.vdx.hu/private" >> /etc/nix/nix.conf
- echo "extra-trusted-public-keys = private:b6wO7rXF+4WtPCocEKlbdU/bTqEdJAqRrzOu0O3cK68=" >> /etc/nix/nix.conf
- echo "extra-substituters = https://cache.nix.vdx.hu/private" >> /etc/nix/nix.conf
- echo "netrc-file = /tmp/nix-netrc" >> /etc/nix/nix.conf
- echo "machine cache.nix.vdx.hu" > /tmp/nix-netrc
- echo "password $ATTIC_TOKEN" >> /tmp/nix-netrc
- nix build .#woodpecker-plugin-nix-attic-latest
- nix-env -iA nixpkgs.docker-client
# "persist" the generated image in the workspace
- cp $(realpath result) docker-image-latest
- docker load -i docker-image-latest
secrets:
- attic_token
- forgejo_registry_token
volumes:
- /var/run/docker.sock:/var/run/docker.sock
publish-latest:
image: nixos/nix
when:
- event: push
branch: main
commands:
- set -o pipefail
- echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf
- echo "trusted-substituters = https://cache.nix.vdx.hu/private" >> /etc/nix/nix.conf
- echo "extra-trusted-public-keys = private:b6wO7rXF+4WtPCocEKlbdU/bTqEdJAqRrzOu0O3cK68=" >> /etc/nix/nix.conf
- echo "extra-substituters = https://cache.nix.vdx.hu/private" >> /etc/nix/nix.conf
- echo "netrc-file = /tmp/nix-netrc" >> /etc/nix/nix.conf
- echo "machine cache.nix.vdx.hu" > /tmp/nix-netrc
- echo "password $ATTIC_TOKEN" >> /tmp/nix-netrc
- nix-env -iA nixpkgs.docker-client
- docker load -i docker-image-latest
- docker login -u vdx -p "$FORGEJO_REGISTRY_TOKEN" git.vdx.hu
- docker push git.vdx.hu/voidcontext/woodpecker-plugin-nix-attic
secrets:
- attic_token
- forgejo_registry_token
volumes:
- /var/run/docker.sock:/var/run/docker.sock

114
flake.nix
View file

@ -4,63 +4,67 @@
inputs.nixpkgs.url = "nixpkgs/771b86d407c567b57d791197ec464b46a5480b0b";
inputs.attic.url = "github:zhaofengli/attic";
outputs = { self, nixpkgs, attic }: {
outputs = {
self,
nixpkgs,
attic,
}: let
pkgs = import nixpkgs {
system = "x86_64-linux";
overlays = [attic.overlays.default];
};
entrypoint = pkgs.writeShellApplication {
name = "woodpecker-nix-attic-entrypoint";
text = ''
cat << EOF >> /etc/nix/nix.conf
experimental-features = nix-command flakes
trusted-substituters = $PLUGIN_BINARY_CACHE
extra-trusted-public-keys = $PLUGIN_BINARY_CACHE_PUBLIC_KEY
extra-substituters = $PLUGIN_BINARY_CACHE
netrc-file = /tmp/netrc
EOF
packages.x86_64-linux.woodpecker-plugin-nix-attic =
let
pkgs = import nixpkgs {
system = "x86_64-linux";
overlays = [attic.overlays.default];
if [[ $PLUGIN_BINARY_CACHE =~ ^https?:\/\/([^\/]+) ]]; then
machine=''${BASH_REMATCH[1]}
cat << EOF >> /tmp/netrc
machine $machine
password $PLUGIN_BINARY_CACHE_TOKEN
EOF
fi
export PATH=/bin:/$PATH
''${PLUGIN_COMMAND}
'';
};
nixImage = pkgs.dockerTools.pullImage {
imageName = "nixos/nix";
imageDigest = "sha256:cee9f1cda2d794c53ca0db0794ee54cfea32748dddb718beba9bf654416e437a";
sha256 = "1angy2h02q3smpcyja3h3rzqx6nip50w56pn3yc56qcr9q896ffb";
finalImageName = "nixos/nix";
finalImageTag = "2.15.1";
};
mkImage = tag:
pkgs.dockerTools.buildImage {
name = "git.vdx.hu/voidcontext/woodpecker-plugin-nix-attic";
tag = tag;
fromImage = nixImage;
# runAsRoot = ''
# #!${pkgs.stdenv.shell}
# export PATH=/bin:/usr/bin:/sbin:/usr/sbin:$PATH
# '';
copyToRoot = pkgs.buildEnv {
name = "woodpecker-plugin-nix-attic-image-root";
paths = [pkgs.gnumake pkgs.attic-client entrypoint];
pathsToLink = ["/bin"];
};
entrypoint = pkgs.writeShellApplication {
name = "woodpecker-nix-attic-entrypoint";
text = ''
cat << EOF >> /etc/nix/nix.conf
experimental-features = nix-command flakes
trusted-substituters = $PLUGIN_BINARY_CACHE
extra-trusted-public-keys = $PLUGIN_BINARY_CACHE_PUBLIC_KEY
extra-substituters = $PLUGIN_BINARY_CACHE
netrc-file = /tmp/netrc
EOF
if [[ $PLUGIN_BINARY_CACHE =~ ^https?:\/\/([^\/]+) ]]; then
machine=''${BASH_REMATCH[1]}
cat << EOF >> /tmp/netrc
machine $machine
password $PLUGIN_BINARY_CACHE_TOKEN
EOF
fi
export PATH=/bin:/$PATH
''${PLUGIN_COMMAND}
'';
};
nixImage = pkgs.dockerTools.pullImage {
imageName = "nixos/nix";
imageDigest = "sha256:ea010add01de314c23def4f333c2881ac5dda92031aaf5260a4d9491af401179";
sha256 = "1qkkqn00h90dhql2jx2bgf08qfd0fkwycy9kg0w7gcpij2p4lq9r";
finalImageName = "nixos/nix";
finalImageTag = "2.18.0";
};
in
pkgs.dockerTools.buildImage {
name = "git.vdx.hu/voidcontext/woodpecker-plugin-nix-attic";
tag = "latest";
fromImage = nixImage;
# runAsRoot = ''
# #!${pkgs.stdenv.shell}
# export PATH=/bin:/usr/bin:/sbin:/usr/sbin:$PATH
# '';
copyToRoot = pkgs.buildEnv {
name = "woodpecker-plugin-nix-attic-image-root";
paths = [ pkgs.gnumake pkgs.attic-client entrypoint ];
pathsToLink = [ "/bin" ];
};
config.Cmd = ["/bin/woodpecker-nix-attic-entrypoint"];
diskSize = 2048;
};
config.Cmd = ["/bin/woodpecker-nix-attic-entrypoint"];
diskSize = 2048;
};
in {
packages.x86_64-linux.woodpecker-plugin-nix-attic-latest = mkImage "latest";
packages.x86_64-linux.woodpecker-plugin-nix-attic-release = mkImage "0.1.0";
};
}