{ description = "Woodpecker plugin to run nix commands and cache builds using attic"; inputs.nixpkgs.url = "nixpkgs/771b86d407c567b57d791197ec464b46a5480b0b"; inputs.attic.url = "github:zhaofengli/attic"; outputs = { self, nixpkgs, attic, }: let pkgs = import nixpkgs { system = "x86_64-linux"; overlays = [attic.overlays.default]; }; entrypoint = pkgs.writeShellApplication { name = "woodpecker-nix-attic-entrypoint"; text = '' cat << EOF >> /etc/nix/nix.conf experimental-features = nix-command flakes trusted-substituters = $PLUGIN_BINARY_CACHE extra-trusted-public-keys = $PLUGIN_BINARY_CACHE_PUBLIC_KEY extra-substituters = $PLUGIN_BINARY_CACHE netrc-file = /tmp/netrc EOF if [[ $PLUGIN_BINARY_CACHE =~ ^https?:\/\/([^\/]+) ]]; then machine=''${BASH_REMATCH[1]} cat << EOF >> /tmp/netrc machine $machine password $PLUGIN_BINARY_CACHE_TOKEN EOF fi cat << EOF >> run.sh #!/usr/bin/env bash export PATH=/bin:$PATH set -x -e -o pipefail $PLUGIN_SCRIPT EOF sh run.sh ''; }; nixImage = pkgs.dockerTools.pullImage { imageName = "nixos/nix"; imageDigest = "sha256:cee9f1cda2d794c53ca0db0794ee54cfea32748dddb718beba9bf654416e437a"; sha256 = "1angy2h02q3smpcyja3h3rzqx6nip50w56pn3yc56qcr9q896ffb"; finalImageName = "nixos/nix"; finalImageTag = "2.15.1"; }; mkImage = tag: pkgs.dockerTools.buildImage { name = "git.vdx.hu/voidcontext/woodpecker-plugin-nix-attic"; tag = tag; fromImage = nixImage; # runAsRoot = '' # #!${pkgs.stdenv.shell} # export PATH=/bin:/usr/bin:/sbin:/usr/sbin:$PATH # ''; copyToRoot = pkgs.buildEnv { name = "woodpecker-plugin-nix-attic-image-root"; paths = [pkgs.gnumake pkgs.attic-client entrypoint]; pathsToLink = ["/bin"]; }; config.Cmd = ["/bin/woodpecker-nix-attic-entrypoint"]; diskSize = 2048; }; latest = mkImage "latest"; in { packages.x86_64-linux.default = mkImage null; packages.x86_64-linux.woodpecker-plugin-nix-attic-latest = latest; packages.x86_64-linux.woodpecker-plugin-nix-attic-release = mkImage "0.1.0"; }; }