woodpecker-plugin-nix-attic/entrypoint.nix

{pkgs, ...}:
pkgs.writeShellApplication {
  name = "woodpecker-nix-attic-entrypoint";
  text = ''
    cat << EOF >> /etc/nix/nix.conf
    experimental-features = nix-command flakes
    trusted-substituters = $PLUGIN_BINARY_CACHE
    extra-trusted-public-keys = $PLUGIN_BINARY_CACHE_PUBLIC_KEY
    extra-substituters = $PLUGIN_BINARY_CACHE
    netrc-file = /tmp/netrc
    EOF

    if [[ $PLUGIN_BINARY_CACHE =~ ^https?:\/\/([^\/]+) ]]; then
    	machine=''${BASH_REMATCH[1]}
    	cat << EOF >> /tmp/netrc
    machine $machine
    password $PLUGIN_BINARY_CACHE_TOKEN
    EOF

    fi

    SCRIPT_DIR=$(mktemp -d)

    cat << EOF > "$SCRIPT_DIR"/run.sh
    #!/usr/bin/env bash
    export PATH=/bin:$PATH

    set -x -e -o pipefail

    $PLUGIN_SCRIPT
    EOF

    sh "$SCRIPT_DIR"/run.sh
  '';
}