build: self host the ci pipeline (use the plugin's image the build itself) (#3)
Reviewed-on: https://git.vdx.hu/voidcontext/woodpecker-plugin-nix-attic/pulls/3 Co-authored-by: Gabor Pihaj <gabor.pihaj@gmail.com> Co-committed-by: Gabor Pihaj <gabor.pihaj@gmail.com>
This commit is contained in:
Gabor Pihaj
Gabor Pihaj
parent
95e2ebdb36
commit
f2449dae50
1 changed files with 25 additions and 33 deletions
|
|
@ -1,45 +1,37 @@
|
||||||
|
variables:
|
||||||
|
- common_settings: &common_settings
|
||||||
|
binary_cache: https://cache.nix.vdx.hu/private
|
||||||
|
binary_cache_public_key: private:b6wO7rXF+4WtPCocEKlbdU/bTqEdJAqRrzOu0O3cK68=
|
||||||
|
binary_cache_token:
|
||||||
|
from_secret: attic_token
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
build:
|
build:
|
||||||
image: nixos/nix:2.15.1
|
image: git.vdx.hu/voidcontext/woodpecker-plugin-nix-attic
|
||||||
commands:
|
settings:
|
||||||
- set -o pipefail
|
<<: *common_settings
|
||||||
- echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf
|
|
||||||
- echo "trusted-substituters = https://cache.nix.vdx.hu/private" >> /etc/nix/nix.conf
|
|
||||||
- echo "extra-trusted-public-keys = private:b6wO7rXF+4WtPCocEKlbdU/bTqEdJAqRrzOu0O3cK68=" >> /etc/nix/nix.conf
|
|
||||||
- echo "extra-substituters = https://cache.nix.vdx.hu/private" >> /etc/nix/nix.conf
|
|
||||||
- echo "netrc-file = /tmp/nix-netrc" >> /etc/nix/nix.conf
|
|
||||||
- echo "machine cache.nix.vdx.hu" > /tmp/nix-netrc
|
|
||||||
- echo "password $ATTIC_TOKEN" >> /tmp/nix-netrc
|
|
||||||
- nix build .#woodpecker-plugin-nix-attic-latest
|
|
||||||
- nix-env -iA nixpkgs.docker-client
|
|
||||||
# "persist" the generated image in the workspace
|
# "persist" the generated image in the workspace
|
||||||
- cp $(realpath result) docker-image-latest
|
script: |
|
||||||
- docker load -i docker-image-latest
|
nix build .#woodpecker-plugin-nix-attic-latest
|
||||||
secrets:
|
nix-env -iA nixpkgs.docker-client
|
||||||
- attic_token
|
cp $(realpath result) docker-image-latest
|
||||||
- forgejo_registry_token
|
docker load -i docker-image-latest
|
||||||
volumes:
|
volumes:
|
||||||
- /var/run/docker.sock:/var/run/docker.sock
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
publish-latest:
|
publish-latest:
|
||||||
image: nixos/nix
|
image: git.vdx.hu/voidcontext/woodpecker-plugin-nix-attic
|
||||||
when:
|
when:
|
||||||
- event: push
|
- event: push
|
||||||
branch: main
|
branch: main
|
||||||
commands:
|
settings:
|
||||||
- set -o pipefail
|
<<: *common_settings
|
||||||
- echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf
|
# "persist" the generated image in the workspace
|
||||||
- echo "trusted-substituters = https://cache.nix.vdx.hu/private" >> /etc/nix/nix.conf
|
script: |
|
||||||
- echo "extra-trusted-public-keys = private:b6wO7rXF+4WtPCocEKlbdU/bTqEdJAqRrzOu0O3cK68=" >> /etc/nix/nix.conf
|
nix-env -iA nixpkgs.docker-client
|
||||||
- echo "extra-substituters = https://cache.nix.vdx.hu/private" >> /etc/nix/nix.conf
|
docker load -i docker-image-latest
|
||||||
- echo "netrc-file = /tmp/nix-netrc" >> /etc/nix/nix.conf
|
docker login -u vdx -p "$FORGEJO_REGISTRY_TOKEN" git.vdx.hu
|
||||||
- echo "machine cache.nix.vdx.hu" > /tmp/nix-netrc
|
docker push git.vdx.hu/voidcontext/woodpecker-plugin-nix-attic
|
||||||
- echo "password $ATTIC_TOKEN" >> /tmp/nix-netrc
|
|
||||||
- nix-env -iA nixpkgs.docker-client
|
|
||||||
- docker load -i docker-image-latest
|
|
||||||
- docker login -u vdx -p "$FORGEJO_REGISTRY_TOKEN" git.vdx.hu
|
|
||||||
- docker push git.vdx.hu/voidcontext/woodpecker-plugin-nix-attic
|
|
||||||
secrets:
|
secrets:
|
||||||
- attic_token
|
|
||||||
- forgejo_registry_token
|
- forgejo_registry_token
|
||||||
volumes:
|
volumes:
|
||||||
- /var/run/docker.sock:/var/run/docker.sock
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue