build: build and publish from CI pipeline (#1)

Reviewed-on: https://git.vdx.hu/voidcontext/woodpecker-plugin-nix-attic/pulls/1 Co-authored-by: Gabor Pihaj <gabor.pihaj@gmail.com> Co-committed-by: Gabor Pihaj <gabor.pihaj@gmail.com>
2023-09-30 14:11:00 +00:00 · 2023-09-30 14:11:00 +00:00 · 2ae1bb82d4
commit 2ae1bb82d4
parent 9bb9871977
2 changed files with 104 additions and 55 deletions
--- a/.woodpecker/ci.yaml
+++ b/.woodpecker/ci.yaml
@ -0,0 +1,45 @@
 steps:
  build:
    image: nixos/nix:2.15.1
    commands:
      - set -o pipefail
      - echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf
      - echo "trusted-substituters = https://cache.nix.vdx.hu/private" >> /etc/nix/nix.conf
      - echo "extra-trusted-public-keys = private:b6wO7rXF+4WtPCocEKlbdU/bTqEdJAqRrzOu0O3cK68=" >> /etc/nix/nix.conf
      - echo "extra-substituters = https://cache.nix.vdx.hu/private" >> /etc/nix/nix.conf
      - echo "netrc-file = /tmp/nix-netrc" >> /etc/nix/nix.conf
      - echo "machine cache.nix.vdx.hu" > /tmp/nix-netrc
      - echo "password $ATTIC_TOKEN" >> /tmp/nix-netrc
      - nix build .#woodpecker-plugin-nix-attic-latest
      - nix-env -iA nixpkgs.docker-client
      # "persist" the generated image in the workspace
      - cp $(realpath result) docker-image-latest
      - docker load -i docker-image-latest
    secrets: 
      - attic_token
      - forgejo_registry_token
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
  publish-latest:
    image: nixos/nix
    when:
      - event: push
        branch: main
    commands:
      - set -o pipefail
      - echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf
      - echo "trusted-substituters = https://cache.nix.vdx.hu/private" >> /etc/nix/nix.conf
      - echo "extra-trusted-public-keys = private:b6wO7rXF+4WtPCocEKlbdU/bTqEdJAqRrzOu0O3cK68=" >> /etc/nix/nix.conf
      - echo "extra-substituters = https://cache.nix.vdx.hu/private" >> /etc/nix/nix.conf
      - echo "netrc-file = /tmp/nix-netrc" >> /etc/nix/nix.conf
      - echo "machine cache.nix.vdx.hu" > /tmp/nix-netrc
      - echo "password $ATTIC_TOKEN" >> /tmp/nix-netrc
      - nix-env -iA nixpkgs.docker-client
      - docker load -i docker-image-latest
      - docker login -u vdx -p "$FORGEJO_REGISTRY_TOKEN" git.vdx.hu
      - docker push git.vdx.hu/voidcontext/woodpecker-plugin-nix-attic
    secrets: 
      - attic_token
      - forgejo_registry_token
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
--- a/flake.nix
+++ b/flake.nix
@ -4,10 +4,11 @@
  inputs.nixpkgs.url = "nixpkgs/771b86d407c567b57d791197ec464b46a5480b0b";
  inputs.attic.url = "github:zhaofengli/attic";
-  outputs = { self, nixpkgs, attic }: {
+  outputs = {
-
+    self,
-    packages.x86_64-linux.woodpecker-plugin-nix-attic =
+    nixpkgs,
-      let 
+    attic,
  }: let
    pkgs = import nixpkgs {
      system = "x86_64-linux";
      overlays = [attic.overlays.default];
@ -39,15 +40,15 @@ export PATH=/bin:/$PATH
    };
    nixImage = pkgs.dockerTools.pullImage {
      imageName = "nixos/nix";
-          imageDigest = "sha256:ea010add01de314c23def4f333c2881ac5dda92031aaf5260a4d9491af401179";
+      imageDigest = "sha256:cee9f1cda2d794c53ca0db0794ee54cfea32748dddb718beba9bf654416e437a";
-          sha256 = "1qkkqn00h90dhql2jx2bgf08qfd0fkwycy9kg0w7gcpij2p4lq9r";
+      sha256 = "1angy2h02q3smpcyja3h3rzqx6nip50w56pn3yc56qcr9q896ffb";
      finalImageName = "nixos/nix";
-          finalImageTag = "2.18.0";
+      finalImageTag = "2.15.1";
    };
-      in
+    mkImage = tag:
      pkgs.dockerTools.buildImage {
        name = "git.vdx.hu/voidcontext/woodpecker-plugin-nix-attic";
-          tag = "latest";
+        tag = tag;
        fromImage = nixImage;
        # runAsRoot = ''
        # #!${pkgs.stdenv.shell}
@ -62,5 +63,8 @@ export PATH=/bin:/$PATH
        config.Cmd = ["/bin/woodpecker-nix-attic-entrypoint"];
        diskSize = 2048;
      };
  in {
    packages.x86_64-linux.woodpecker-plugin-nix-attic-latest = mkImage "latest";
    packages.x86_64-linux.woodpecker-plugin-nix-attic-release = mkImage "0.1.0";
  };
 }