parent
36f19d42c5
commit
ac41cef465
7 changed files with 54 additions and 14 deletions
|
|
@ -5,12 +5,14 @@ jobs:
|
||||||
steps:
|
steps:
|
||||||
- run: echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf
|
- run: echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf
|
||||||
- run: nix-env -i nodejs # bootstrap
|
- run: nix-env -i nodejs # bootstrap
|
||||||
- run: curl -sLo /etc/containers/policy.json https://github.com/containers/skopeo/blob/879dbc3757610a574f9fcc44ea23ef9e8e2b6fe3/default-policy.json
|
|
||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@v4
|
||||||
|
- run: mkdir -p /etc/containers && cp default-policy.json /etc/containers/policy.json
|
||||||
- run: |-
|
- run: |-
|
||||||
nix develop --command bash -c '
|
nix develop --command bash -c '
|
||||||
for line in $(cat tags.txt); do
|
for line in $(cat tags.txt); do
|
||||||
IFS=: read -r pkg tag <<< $line
|
IFS=: read -r pkg tag <<< $line
|
||||||
skopeo copy --dest-creds="${{ secrets.FJ_USER }}:${{ secrets.FJ_PASS }}" docker-image://$(nix build .#$pkg --print-out-paths) docker://git.10110110.xyz/ci/$tag:latest
|
cp $(nix build .#$pkg --print-out-paths) /tmp/img.tar.gz
|
||||||
|
gunzip /tmp/img.tar.gz
|
||||||
|
skopeo copy --dest-creds="${{ secrets.FJ_USER }}:${{ secrets.FJ_PASS }}" docker-archive:///tmp/img.tar docker://git.10110110.xyz/ci/$tag:latest
|
||||||
done
|
done
|
||||||
'
|
'
|
||||||
|
|
|
||||||
14
default-policy.json
Normal file
14
default-policy.json
Normal file
|
|
@ -0,0 +1,14 @@
|
||||||
|
{
|
||||||
|
"default": [
|
||||||
|
{
|
||||||
|
"type": "insecureAcceptAnything"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"transports":
|
||||||
|
{
|
||||||
|
"docker-daemon":
|
||||||
|
{
|
||||||
|
"": [{"type":"insecureAcceptAnything"}]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -27,7 +27,7 @@
|
||||||
packages = forEachSupportedSystem (
|
packages = forEachSupportedSystem (
|
||||||
{ pkgs }:
|
{ pkgs }:
|
||||||
{
|
{
|
||||||
nix-with-node = (import ./pkgs/nix-with-node.nix { inherit pkgs; });
|
nix-with-node = (import ./pkgs/nix-with-node { inherit pkgs; });
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
devShells = forEachSupportedSystem (
|
devShells = forEachSupportedSystem (
|
||||||
|
|
|
||||||
|
|
@ -1,10 +0,0 @@
|
||||||
{ pkgs, ... }:
|
|
||||||
pkgs.dockerTools.buildLayeredImage {
|
|
||||||
name = "nix-with-node";
|
|
||||||
contents = with pkgs; [
|
|
||||||
nix
|
|
||||||
nodejs
|
|
||||||
bash
|
|
||||||
git
|
|
||||||
];
|
|
||||||
}
|
|
||||||
31
pkgs/nix-with-node/default.nix
Normal file
31
pkgs/nix-with-node/default.nix
Normal file
|
|
@ -0,0 +1,31 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
pkgs.dockerTools.buildLayeredImage {
|
||||||
|
name = "nix-with-node";
|
||||||
|
contents = with pkgs; [
|
||||||
|
./root
|
||||||
|
bashInteractive
|
||||||
|
cacert
|
||||||
|
coreutils
|
||||||
|
git
|
||||||
|
gnutar
|
||||||
|
gzip
|
||||||
|
nix
|
||||||
|
nodejs
|
||||||
|
openssh
|
||||||
|
xz
|
||||||
|
];
|
||||||
|
|
||||||
|
config = {
|
||||||
|
Cmd = [ "/bin/bash" ];
|
||||||
|
Env = [
|
||||||
|
"ENV=/etc/profile.d/nix.sh"
|
||||||
|
"NIX_BUILD_SHELL=/bin/bash"
|
||||||
|
"PATH=/usr/bin:/bin"
|
||||||
|
"SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
|
||||||
|
"USER=root"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
extraCommands = ''
|
||||||
|
'';
|
||||||
|
}
|
||||||
3
pkgs/nix-with-node/root/etc/nix/nix.conf
Normal file
3
pkgs/nix-with-node/root/etc/nix/nix.conf
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
accept-flake-config = true
|
||||||
|
experimental-features = nix-command flakes
|
||||||
|
max-jobs = auto
|
||||||
2
tags.txt
2
tags.txt
|
|
@ -1 +1 @@
|
||||||
nix-with-node:nix-ci
|
nix-with-node:nix
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue