diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 5572c53..e35ff4c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -2,6 +2,9 @@ name: Build and Push docker image on: workflow_dispatch: workflow_call: + push: + branches: + - main jobs: buildAndPush: @@ -10,15 +13,12 @@ jobs: - uses: actions/checkout@v4 - name: Nix build run: nix build --extra-experimental-features "flakes nix-command" . - - name: Debug - run: echo $PWD - name: Setup skopeo run: curl -o /etc/containers/policy.json --create-dirs https://raw.githubusercontent.com/containers/skopeo/refs/heads/main/default-policy.json - name: Push Image run: | - nix shell --extra-experimental-features "flakes nix-command" nixpkgs#skopeo -c sh -c \ - 'skopeo copy --dest-password "$UPLOAD_TOKEN" --dest-username "$USERNAME" docker-archive://$(realpath result) "docker://$IMG_URL:$(date --iso-8601)" && \ - skopeo copy --dest-password "$UPLOAD_TOKEN" --dest-username "$USERNAME" docker-archive://$(realpath result) "docker://$IMG_URL"' + skopeo copy --dest-password "$UPLOAD_TOKEN" --dest-username "$USERNAME" "docker-archive://$(realpath result)" "docker://$IMG_URL:$(date --iso-8601)" && \ + skopeo copy --dest-password "$UPLOAD_TOKEN" --dest-username "$USERNAME" "docker-archive://$(realpath result)" "docker://$IMG_URL" env: USERNAME: tamipes UPLOAD_TOKEN: ${{ secrets.UPLOAD_TOKEN }} diff --git a/README.md b/README.md index 4a280a5..a3c180c 100644 --- a/README.md +++ b/README.md @@ -7,21 +7,22 @@ As you cannot run a forgejo runner with `nixos/nix` due to it not having `node` ```bash USERNAME="tamipes" URL="git.tami.moe" + IMG_NAME="nix" nix build --extra-experimental-features "flakes nix-command" . docker load -i result - docker image tag nix "$URL/$USERNAME/nix:latest" + docker image tag "$IMG_NAME" "$URL/$USERNAME/$IMG_NAME:latest" docker login "https://$URL" - docker push "$URL/$USERNAME/nix" + docker push "$URL/$USERNAME/$IMG_NAME" rm result # don't forget to cleanup the GC root # I also tag with the date, but this might be unneeded - docker image tag nix "$URL/$USERNAME/nix:latest$(date --iso-8601)" - docker push "$URL/$USERNAME/nix" + docker image tag "$IMG_NAME" "$URL/$USERNAME/$IMG_NAME:latest$(date --iso-8601)" + docker push "$URL/$USERNAME/$IMG_NAME" ``` # Extra info -- This image is essentially still "based" on `nixos/nix`, but it builds it with nodejs included. Checkout the flake.nix! +- These image are essentially still "based" on `nixos/nix`, but it builds it with nodejs(+extras) included. Checkout the flake.nix! - it does not use `nixos/nix` as a base image, but uses the same build script and adds extra stuff - [nixpkgs manual](https://nix.dev/manual/nix/2.24/installation/installing-docker#docker-image-with-the-latest-development-version-of-nix) - [nixos/nix build script](https://github.com/NixOS/nix/blob/master/docker.nix) diff --git a/flake.lock b/flake.lock index 7478ea2..cfb7c71 100644 --- a/flake.lock +++ b/flake.lock @@ -24,11 +24,11 @@ ] }, "locked": { - "lastModified": 1733312601, - "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", + "lastModified": 1778716662, + "narHash": "sha256-m1Yf0wZ8j1OHjTc2UwHwyQRSnNeSgLJOd7q5Y45hzi4=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", + "rev": "f7c1a2d347e4c52d5fb8d10cb4d94b5884e546fb", "type": "github" }, "original": { @@ -48,18 +48,14 @@ "nixpkgs": [ "nix", "nixpkgs" - ], - "nixpkgs-stable": [ - "nix", - "nixpkgs" ] }, "locked": { - "lastModified": 1734279981, - "narHash": "sha256-NdaCraHPp8iYMWzdXAt5Nv6sA3MUzlCiGiR586TCwo0=", + "lastModified": 1778507602, + "narHash": "sha256-kTwur1wV+01SdqskVMSo6JMEpg71ps3HpbFY2GsflKs=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "aa9f40c906904ebd83da78e7f328cd8aeaeae785", + "rev": "61ab0e80d9c7ab14c256b5b453d8b3fb0189ba0a", "type": "github" }, "original": { @@ -78,11 +74,11 @@ "nixpkgs-regression": "nixpkgs-regression" }, "locked": { - "lastModified": 1768165334, - "narHash": "sha256-42bXWekwea6E+q00HVskzi7ggMQSr8g/7ApQaNd+mr0=", + "lastModified": 1780022537, + "narHash": "sha256-yhmkWBrvoIi0pSDmyBQZVNd4d1UZvWlgrXbUg8qZlnc=", "owner": "nixos", "repo": "nix", - "rev": "252aff5c8f1dcdea1046b03a8196ef63ecf3b112", + "rev": "9b03e7daa40b3d4d0a40a17d43bcc6c6d2b112ef", "type": "github" }, "original": { @@ -93,15 +89,15 @@ }, "nixpkgs": { "locked": { - "lastModified": 1763948260, - "narHash": "sha256-zZk7fn2ARAqmLwaYTpxBJmj81KIdz11NiWt7ydHHD/M=", - "rev": "1c8ba8d3f7634acac4a2094eef7c32ad9106532c", + "lastModified": 1778003029, + "narHash": "sha256-amc4Y3GF3+anUi7IJeLVzf7hVqLb3ZqCGzYtkVyp7Qw=", + "rev": "0c88e1f2bdb93d5999019e99cb0e61e1fe2af4c5", "type": "tarball", - "url": "https://releases.nixos.org/nixos/25.05/nixos-25.05.813095.1c8ba8d3f763/nixexprs.tar.xz" + "url": "https://releases.nixos.org/nixos/25.11/nixos-25.11.10470.0c88e1f2bdb9/nixexprs.tar.xz" }, "original": { "type": "tarball", - "url": "https://channels.nixos.org/nixos-25.05/nixexprs.tar.xz" + "url": "https://channels.nixos.org/nixos-25.11/nixexprs.tar.xz" } }, "nixpkgs-23-11": { @@ -138,11 +134,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1768127708, - "narHash": "sha256-1Sm77VfZh3mU0F5OqKABNLWxOuDeHIlcFjsXeeiPazs=", + "lastModified": 1779560665, + "narHash": "sha256-tpyBcxPpcQb8ukyNF7DoCwfSY3VPsxHoYwj00Cayv5o=", "owner": "nixos", "repo": "nixpkgs", - "rev": "ffbc9f8cbaacfb331b6017d5a5abb21a492c9a38", + "rev": "64c08a7ca051951c8eae34e3e3cb1e202fe36786", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 7163269..0b32008 100644 --- a/flake.nix +++ b/flake.nix @@ -6,16 +6,39 @@ }; outputs = { nixpkgs, nix, self }: let pkgs = import nixpkgs { system = "x86_64-linux"; }; in { - packages.x86_64-linux.default = import (nix + "/docker.nix") { - inherit pkgs; - extraPkgs = [ pkgs.nodejs ]; + packages.x86_64-linux = rec { + default = nix-with-tools; - Labels = { - "org.opencontainers.image.title" = "Nix"; - "org.opencontainers.image.source" = "https://git.tami.moe/tamipes/"; - "org.opencontainers.image.vendor" = "Tamipes"; - "org.opencontainers.image.version" = pkgs.nix.version; - "org.opencontainers.image.description" = "Nix container image with nodejs"; + minimal-nix = import (nix + "/docker.nix") { + inherit pkgs; + extraPkgs = [ pkgs.nodejs ]; + + Labels = { + "org.opencontainers.image.title" = "Nix (minimal)"; + "org.opencontainers.image.source" = "https://git.tami.moe/tamipes/forgejo-actions"; + "org.opencontainers.image.vendor" = "Tamipes"; + "org.opencontainers.image.version" = pkgs.nix.version; + "org.opencontainers.image.description" = "Nix container image with nodejs"; + }; + }; + nix-with-tools = import (nix + "/docker.nix") { + inherit pkgs; + extraPkgs = [ pkgs.nodejs pkgs.skopeo ]; + nixConf = { + extra-substituters = [ "https://nix-cache.tami.moe" ]; + trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "nix-cache.tami.moe:3jrWZ412K0YTFfKMJC6ftc4lsugeMVWDBiudFCAdDb8=" + ]; + }; + + Labels = { + "org.opencontainers.image.title" = "Nix"; + "org.opencontainers.image.source" = "https://git.tami.moe/tamipes/forgejo-actions"; + "org.opencontainers.image.vendor" = "Tamipes"; + "org.opencontainers.image.version" = pkgs.nix.version; + "org.opencontainers.image.description" = "Nix container image with more cli tools"; + }; }; }; };