diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e35ff4c..5572c53 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -2,9 +2,6 @@ name: Build and Push docker image on: workflow_dispatch: workflow_call: - push: - branches: - - main jobs: buildAndPush: @@ -13,12 +10,15 @@ jobs: - uses: actions/checkout@v4 - name: Nix build run: nix build --extra-experimental-features "flakes nix-command" . + - name: Debug + run: echo $PWD - name: Setup skopeo run: curl -o /etc/containers/policy.json --create-dirs https://raw.githubusercontent.com/containers/skopeo/refs/heads/main/default-policy.json - name: Push Image run: | - skopeo copy --dest-password "$UPLOAD_TOKEN" --dest-username "$USERNAME" "docker-archive://$(realpath result)" "docker://$IMG_URL:$(date --iso-8601)" && \ - skopeo copy --dest-password "$UPLOAD_TOKEN" --dest-username "$USERNAME" "docker-archive://$(realpath result)" "docker://$IMG_URL" + nix shell --extra-experimental-features "flakes nix-command" nixpkgs#skopeo -c sh -c \ + 'skopeo copy --dest-password "$UPLOAD_TOKEN" --dest-username "$USERNAME" docker-archive://$(realpath result) "docker://$IMG_URL:$(date --iso-8601)" && \ + skopeo copy --dest-password "$UPLOAD_TOKEN" --dest-username "$USERNAME" docker-archive://$(realpath result) "docker://$IMG_URL"' env: USERNAME: tamipes UPLOAD_TOKEN: ${{ secrets.UPLOAD_TOKEN }} diff --git a/README.md b/README.md index a3c180c..4a280a5 100644 --- a/README.md +++ b/README.md @@ -7,22 +7,21 @@ As you cannot run a forgejo runner with `nixos/nix` due to it not having `node` ```bash USERNAME="tamipes" URL="git.tami.moe" - IMG_NAME="nix" nix build --extra-experimental-features "flakes nix-command" . docker load -i result - docker image tag "$IMG_NAME" "$URL/$USERNAME/$IMG_NAME:latest" + docker image tag nix "$URL/$USERNAME/nix:latest" docker login "https://$URL" - docker push "$URL/$USERNAME/$IMG_NAME" + docker push "$URL/$USERNAME/nix" rm result # don't forget to cleanup the GC root # I also tag with the date, but this might be unneeded - docker image tag "$IMG_NAME" "$URL/$USERNAME/$IMG_NAME:latest$(date --iso-8601)" - docker push "$URL/$USERNAME/$IMG_NAME" + docker image tag nix "$URL/$USERNAME/nix:latest$(date --iso-8601)" + docker push "$URL/$USERNAME/nix" ``` # Extra info -- These image are essentially still "based" on `nixos/nix`, but it builds it with nodejs(+extras) included. Checkout the flake.nix! +- This image is essentially still "based" on `nixos/nix`, but it builds it with nodejs included. Checkout the flake.nix! - it does not use `nixos/nix` as a base image, but uses the same build script and adds extra stuff - [nixpkgs manual](https://nix.dev/manual/nix/2.24/installation/installing-docker#docker-image-with-the-latest-development-version-of-nix) - [nixos/nix build script](https://github.com/NixOS/nix/blob/master/docker.nix) diff --git a/flake.lock b/flake.lock index cfb7c71..7478ea2 100644 --- a/flake.lock +++ b/flake.lock @@ -24,11 +24,11 @@ ] }, "locked": { - "lastModified": 1778716662, - "narHash": "sha256-m1Yf0wZ8j1OHjTc2UwHwyQRSnNeSgLJOd7q5Y45hzi4=", + "lastModified": 1733312601, + "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "f7c1a2d347e4c52d5fb8d10cb4d94b5884e546fb", + "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", "type": "github" }, "original": { @@ -48,14 +48,18 @@ "nixpkgs": [ "nix", "nixpkgs" + ], + "nixpkgs-stable": [ + "nix", + "nixpkgs" ] }, "locked": { - "lastModified": 1778507602, - "narHash": "sha256-kTwur1wV+01SdqskVMSo6JMEpg71ps3HpbFY2GsflKs=", + "lastModified": 1734279981, + "narHash": "sha256-NdaCraHPp8iYMWzdXAt5Nv6sA3MUzlCiGiR586TCwo0=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "61ab0e80d9c7ab14c256b5b453d8b3fb0189ba0a", + "rev": "aa9f40c906904ebd83da78e7f328cd8aeaeae785", "type": "github" }, "original": { @@ -74,11 +78,11 @@ "nixpkgs-regression": "nixpkgs-regression" }, "locked": { - "lastModified": 1780022537, - "narHash": "sha256-yhmkWBrvoIi0pSDmyBQZVNd4d1UZvWlgrXbUg8qZlnc=", + "lastModified": 1768165334, + "narHash": "sha256-42bXWekwea6E+q00HVskzi7ggMQSr8g/7ApQaNd+mr0=", "owner": "nixos", "repo": "nix", - "rev": "9b03e7daa40b3d4d0a40a17d43bcc6c6d2b112ef", + "rev": "252aff5c8f1dcdea1046b03a8196ef63ecf3b112", "type": "github" }, "original": { @@ -89,15 +93,15 @@ }, "nixpkgs": { "locked": { - "lastModified": 1778003029, - "narHash": "sha256-amc4Y3GF3+anUi7IJeLVzf7hVqLb3ZqCGzYtkVyp7Qw=", - "rev": "0c88e1f2bdb93d5999019e99cb0e61e1fe2af4c5", + "lastModified": 1763948260, + "narHash": "sha256-zZk7fn2ARAqmLwaYTpxBJmj81KIdz11NiWt7ydHHD/M=", + "rev": "1c8ba8d3f7634acac4a2094eef7c32ad9106532c", "type": "tarball", - "url": "https://releases.nixos.org/nixos/25.11/nixos-25.11.10470.0c88e1f2bdb9/nixexprs.tar.xz" + "url": "https://releases.nixos.org/nixos/25.05/nixos-25.05.813095.1c8ba8d3f763/nixexprs.tar.xz" }, "original": { "type": "tarball", - "url": "https://channels.nixos.org/nixos-25.11/nixexprs.tar.xz" + "url": "https://channels.nixos.org/nixos-25.05/nixexprs.tar.xz" } }, "nixpkgs-23-11": { @@ -134,11 +138,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1779560665, - "narHash": "sha256-tpyBcxPpcQb8ukyNF7DoCwfSY3VPsxHoYwj00Cayv5o=", + "lastModified": 1768127708, + "narHash": "sha256-1Sm77VfZh3mU0F5OqKABNLWxOuDeHIlcFjsXeeiPazs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "64c08a7ca051951c8eae34e3e3cb1e202fe36786", + "rev": "ffbc9f8cbaacfb331b6017d5a5abb21a492c9a38", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 0b32008..7163269 100644 --- a/flake.nix +++ b/flake.nix @@ -6,39 +6,16 @@ }; outputs = { nixpkgs, nix, self }: let pkgs = import nixpkgs { system = "x86_64-linux"; }; in { - packages.x86_64-linux = rec { - default = nix-with-tools; + packages.x86_64-linux.default = import (nix + "/docker.nix") { + inherit pkgs; + extraPkgs = [ pkgs.nodejs ]; - minimal-nix = import (nix + "/docker.nix") { - inherit pkgs; - extraPkgs = [ pkgs.nodejs ]; - - Labels = { - "org.opencontainers.image.title" = "Nix (minimal)"; - "org.opencontainers.image.source" = "https://git.tami.moe/tamipes/forgejo-actions"; - "org.opencontainers.image.vendor" = "Tamipes"; - "org.opencontainers.image.version" = pkgs.nix.version; - "org.opencontainers.image.description" = "Nix container image with nodejs"; - }; - }; - nix-with-tools = import (nix + "/docker.nix") { - inherit pkgs; - extraPkgs = [ pkgs.nodejs pkgs.skopeo ]; - nixConf = { - extra-substituters = [ "https://nix-cache.tami.moe" ]; - trusted-public-keys = [ - "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" - "nix-cache.tami.moe:3jrWZ412K0YTFfKMJC6ftc4lsugeMVWDBiudFCAdDb8=" - ]; - }; - - Labels = { - "org.opencontainers.image.title" = "Nix"; - "org.opencontainers.image.source" = "https://git.tami.moe/tamipes/forgejo-actions"; - "org.opencontainers.image.vendor" = "Tamipes"; - "org.opencontainers.image.version" = pkgs.nix.version; - "org.opencontainers.image.description" = "Nix container image with more cli tools"; - }; + Labels = { + "org.opencontainers.image.title" = "Nix"; + "org.opencontainers.image.source" = "https://git.tami.moe/tamipes/"; + "org.opencontainers.image.vendor" = "Tamipes"; + "org.opencontainers.image.version" = pkgs.nix.version; + "org.opencontainers.image.description" = "Nix container image with nodejs"; }; }; };