37 lines
844 B
Nix
37 lines
844 B
Nix
{pkgs, ...}:
|
|
pkgs.writeShellApplication {
|
|
name = "woodpecker-nix-attic-entrypoint";
|
|
text = ''
|
|
cat << EOF >> /etc/nix/nix.conf
|
|
experimental-features = nix-command flakes
|
|
trusted-substituters = $PLUGIN_BINARY_CACHE
|
|
extra-trusted-public-keys = $PLUGIN_BINARY_CACHE_PUBLIC_KEY
|
|
extra-substituters = $PLUGIN_BINARY_CACHE
|
|
netrc-file = /tmp/netrc
|
|
EOF
|
|
|
|
if [[ $PLUGIN_BINARY_CACHE =~ ^https?:\/\/([^\/]+) ]]; then
|
|
machine=''${BASH_REMATCH[1]}
|
|
cat << EOF >> /tmp/netrc
|
|
machine $machine
|
|
password $PLUGIN_BINARY_CACHE_TOKEN
|
|
EOF
|
|
|
|
fi
|
|
|
|
SCRIPT_DIR=$(mktemp -d)
|
|
|
|
cat << EOF > "$SCRIPT_DIR"/run.sh
|
|
#!/usr/bin/env bash
|
|
export PATH=/bin:$PATH
|
|
|
|
set -x -e -o pipefail
|
|
|
|
attic login default $PLUGIN_BINARY_CACHE_TOKEN
|
|
|
|
$PLUGIN_SCRIPT
|
|
EOF
|
|
|
|
sh "$SCRIPT_DIR"/run.sh
|
|
'';
|
|
}
|