milas/woodpecker-plugin-nix-attic
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

build: build and publish from CI pipeline (#1)

Browse source 
Reviewed-on: https://git.vdx.hu/voidcontext/woodpecker-plugin-nix-attic/pulls/1
Co-authored-by: Gabor Pihaj <gabor.pihaj@gmail.com>
Co-committed-by: Gabor Pihaj <gabor.pihaj@gmail.com>
This commit is contained in:
Gabor Pihaj 2023-09-30 14:11:00 +00:00 committed by Gabor Pihaj
parent 9bb9871977
commit 2ae1bb82d4
No known key found for this signature in database
GPG key ID: 7BCF5D144C6C06E3
2 changed files with 104 additions and 55 deletions
Download patch file Download diff file Expand all files Collapse all files

45
.woodpecker/ci.yaml Normal file
View file

@ -0,0 +1,45 @@
steps:
build:
image: nixos/nix:2.15.1
commands:
- set -o pipefail
- echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf
- echo "trusted-substituters = https://cache.nix.vdx.hu/private" >> /etc/nix/nix.conf
- echo "extra-trusted-public-keys = private:b6wO7rXF+4WtPCocEKlbdU/bTqEdJAqRrzOu0O3cK68=" >> /etc/nix/nix.conf
- echo "extra-substituters = https://cache.nix.vdx.hu/private" >> /etc/nix/nix.conf
- echo "netrc-file = /tmp/nix-netrc" >> /etc/nix/nix.conf
- echo "machine cache.nix.vdx.hu" > /tmp/nix-netrc
- echo "password $ATTIC_TOKEN" >> /tmp/nix-netrc
- nix build .#woodpecker-plugin-nix-attic-latest
- nix-env -iA nixpkgs.docker-client
# "persist" the generated image in the workspace
- cp $(realpath result) docker-image-latest
- docker load -i docker-image-latest
secrets:
- attic_token
- forgejo_registry_token
volumes:
- /var/run/docker.sock:/var/run/docker.sock
publish-latest:
image: nixos/nix
when:
- event: push
branch: main
commands:
- set -o pipefail
- echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf
- echo "trusted-substituters = https://cache.nix.vdx.hu/private" >> /etc/nix/nix.conf
- echo "extra-trusted-public-keys = private:b6wO7rXF+4WtPCocEKlbdU/bTqEdJAqRrzOu0O3cK68=" >> /etc/nix/nix.conf
- echo "extra-substituters = https://cache.nix.vdx.hu/private" >> /etc/nix/nix.conf
- echo "netrc-file = /tmp/nix-netrc" >> /etc/nix/nix.conf
- echo "machine cache.nix.vdx.hu" > /tmp/nix-netrc
- echo "password $ATTIC_TOKEN" >> /tmp/nix-netrc
- nix-env -iA nixpkgs.docker-client
- docker load -i docker-image-latest
- docker login -u vdx -p "$FORGEJO_REGISTRY_TOKEN" git.vdx.hu
- docker push git.vdx.hu/voidcontext/woodpecker-plugin-nix-attic
secrets:
- attic_token
- forgejo_registry_token
volumes:
- /var/run/docker.sock:/var/run/docker.sock

54
flake.nix
View file

@ -4,10 +4,11 @@
inputs.nixpkgs.url = "nixpkgs/771b86d407c567b57d791197ec464b46a5480b0b"; inputs.nixpkgs.url = "nixpkgs/771b86d407c567b57d791197ec464b46a5480b0b";
inputs.attic.url = "github:zhaofengli/attic"; inputs.attic.url = "github:zhaofengli/attic";
outputs = { self, nixpkgs, attic }: { outputs = {
self,
packages.x86_64-linux.woodpecker-plugin-nix-attic = nixpkgs,
let attic,
}: let
pkgs = import nixpkgs { pkgs = import nixpkgs {
system = "x86_64-linux"; system = "x86_64-linux";
overlays = [attic.overlays.default]; overlays = [attic.overlays.default];
@ -15,39 +16,39 @@
entrypoint = pkgs.writeShellApplication { entrypoint = pkgs.writeShellApplication {
name = "woodpecker-nix-attic-entrypoint"; name = "woodpecker-nix-attic-entrypoint";
text = '' text = ''
cat << EOF >> /etc/nix/nix.conf cat << EOF >> /etc/nix/nix.conf
experimental-features = nix-command flakes experimental-features = nix-command flakes
trusted-substituters = $PLUGIN_BINARY_CACHE trusted-substituters = $PLUGIN_BINARY_CACHE
extra-trusted-public-keys = $PLUGIN_BINARY_CACHE_PUBLIC_KEY extra-trusted-public-keys = $PLUGIN_BINARY_CACHE_PUBLIC_KEY
extra-substituters = $PLUGIN_BINARY_CACHE extra-substituters = $PLUGIN_BINARY_CACHE
netrc-file = /tmp/netrc netrc-file = /tmp/netrc
EOF EOF
if [[ $PLUGIN_BINARY_CACHE =~ ^https?:\/\/([^\/]+) ]]; then if [[ $PLUGIN_BINARY_CACHE =~ ^https?:\/\/([^\/]+) ]]; then
machine=''${BASH_REMATCH[1]} machine=''${BASH_REMATCH[1]}
cat << EOF >> /tmp/netrc cat << EOF >> /tmp/netrc
machine $machine machine $machine
password $PLUGIN_BINARY_CACHE_TOKEN password $PLUGIN_BINARY_CACHE_TOKEN
EOF EOF
fi fi
export PATH=/bin:/$PATH export PATH=/bin:/$PATH
''${PLUGIN_COMMAND} ''${PLUGIN_COMMAND}
''; '';
}; };
nixImage = pkgs.dockerTools.pullImage { nixImage = pkgs.dockerTools.pullImage {
imageName = "nixos/nix"; imageName = "nixos/nix";
imageDigest = "sha256:ea010add01de314c23def4f333c2881ac5dda92031aaf5260a4d9491af401179"; imageDigest = "sha256:cee9f1cda2d794c53ca0db0794ee54cfea32748dddb718beba9bf654416e437a";
sha256 = "1qkkqn00h90dhql2jx2bgf08qfd0fkwycy9kg0w7gcpij2p4lq9r"; sha256 = "1angy2h02q3smpcyja3h3rzqx6nip50w56pn3yc56qcr9q896ffb";
finalImageName = "nixos/nix"; finalImageName = "nixos/nix";
finalImageTag = "2.18.0"; finalImageTag = "2.15.1";
}; };
in mkImage = tag:
pkgs.dockerTools.buildImage { pkgs.dockerTools.buildImage {
name = "git.vdx.hu/voidcontext/woodpecker-plugin-nix-attic"; name = "git.vdx.hu/voidcontext/woodpecker-plugin-nix-attic";
tag = "latest"; tag = tag;
fromImage = nixImage; fromImage = nixImage;
# runAsRoot = '' # runAsRoot = ''
# #!${pkgs.stdenv.shell} # #!${pkgs.stdenv.shell}
@ -55,12 +56,15 @@ export PATH=/bin:/$PATH
# ''; # '';
copyToRoot = pkgs.buildEnv { copyToRoot = pkgs.buildEnv {
name = "woodpecker-plugin-nix-attic-image-root"; name = "woodpecker-plugin-nix-attic-image-root";
paths = [ pkgs.gnumake pkgs.attic-client entrypoint ]; paths = [pkgs.gnumake pkgs.attic-client entrypoint];
pathsToLink = [ "/bin" ]; pathsToLink = ["/bin"];
}; };
config.Cmd = ["/bin/woodpecker-nix-attic-entrypoint"]; config.Cmd = ["/bin/woodpecker-nix-attic-entrypoint"];
diskSize = 2048; diskSize = 2048;
}; };
in {
packages.x86_64-linux.woodpecker-plugin-nix-attic-latest = mkImage "latest";
packages.x86_64-linux.woodpecker-plugin-nix-attic-release = mkImage "0.1.0";
}; };
} }