commit 6b2d206e07631b38eeecb235a877236464511e38 Author: Harald Hoyer Date: Thu Jun 27 13:38:28 2024 +0200 first commit diff --git a/.forgejo/workflows/nix.yaml b/.forgejo/workflows/nix.yaml new file mode 100644 index 0000000..843d729 --- /dev/null +++ b/.forgejo/workflows/nix.yaml @@ -0,0 +1,14 @@ +on: [push] +jobs: + build: + runs-on: nix + steps: + - uses: actions/checkout@v3 + - run: nix build -L .#runner + - name: upload image + run: | + docker login -u ${{ secrets.REG_USER }} -p ${{ secrets.REG_TOKEN }} ${{ secrets.CI_REGISTRY }} + export IMAGE_TAG=$(docker load -i result | grep -Po 'Loaded image.*: \K.*') + echo "Pushing image ${IMAGE_TAG}" + docker tag "${IMAGE_TAG}" "${{ secrets.CI_REGISTRY }}/${{ secrets.REG_USER }}/nix-runner:latest" + docker push "${{ secrets.CI_REGISTRY }}/${{ secrets.REG_USER }}/nix-runner:latest" diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..c6ef218 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +.idea + diff --git a/README.md b/README.md new file mode 100644 index 0000000..e69de29 diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..c05f8b9 --- /dev/null +++ b/flake.lock @@ -0,0 +1,134 @@ +{ + "nodes": { + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "lowdown-src": { + "flake": false, + "locked": { + "lastModified": 1633514407, + "narHash": "sha256-Dw32tiMjdK9t3ETl5fzGrutQTzh2rufgZV4A/BbxuD4=", + "owner": "kristapsdz", + "repo": "lowdown", + "rev": "d2c2b44ff6c27b936ec27358a2653caaef8f73b8", + "type": "github" + }, + "original": { + "owner": "kristapsdz", + "repo": "lowdown", + "type": "github" + } + }, + "nix": { + "inputs": { + "flake-compat": "flake-compat", + "lowdown-src": "lowdown-src", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-regression": "nixpkgs-regression" + }, + "locked": { + "lastModified": 1709813453, + "narHash": "sha256-8gNJlBlv2bnffRg0CejiBXc6U/S6YeCLAdHrYvTPyoY=", + "owner": "nixos", + "repo": "nix", + "rev": "0bd62229cd5c1b615be40ffd5597f76c0cd73828", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "2.18.2", + "repo": "nix", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1719426051, + "narHash": "sha256-yJL9VYQhaRM7xs0M867ZFxwaONB9T2Q4LnGo1WovuR4=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "89c49874fb15f4124bf71ca5f42a04f2ee5825fd", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-regression": { + "locked": { + "lastModified": 1643052045, + "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + } + }, + "root": { + "inputs": { + "flake-utils": "flake-utils", + "nix": "nix", + "nixpkgs": "nixpkgs" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..e769e7a --- /dev/null +++ b/flake.nix @@ -0,0 +1,69 @@ +{ + inputs = { + nix.url = "github:/nixos/nix?ref=2.18.2"; # using nix 2.16.1 + nix.inputs.nixpkgs.follows = "nixpkgs"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; # and nixos 23.05 for our packages + flake-utils.url = "github:numtide/flake-utils"; + }; + + outputs = + { flake-utils + , nix + , nixpkgs + , ... + }: + flake-utils.lib.eachDefaultSystem (system: + let + pkgs = (import nixpkgs) { + inherit system; + }; + in + { + packages = rec { + # a modified version of the nixos/nix image + # re-using the upstream nix docker image generation code + base = import (nix + "/docker.nix") { + inherit pkgs; + name = "nix-ci-base"; + maxLayers = 10; + extraPkgs = with pkgs; [ + nodejs_20 # nodejs is needed for running most 3rdparty actions + docker-client + # add any other pre-installed packages here + ]; + # change this is you want + channelURL = "https://nixos.org/channels/nixpkgs-24.05"; + nixConf = { + substituters = [ + "https://cache.nixos.org/" + "https://nix-community.cachix.org" + # insert any other binary caches here + ]; + trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + # insert the public keys for those binary caches here + ]; + # allow using the new flake commands in our workflows + experimental-features = [ "nix-command" "flakes" ]; + }; + }; + # make /bin/sleep available on the image + runner = pkgs.dockerTools.buildImage { + name = "nix-runner"; + tag = "latest"; + + fromImage = base; + fromImageName = null; + fromImageTag = "latest"; + + copyToRoot = pkgs.buildEnv { + name = "image-root"; + paths = [ pkgs.coreutils-full ]; + pathsToLink = [ "/bin" ]; # add coreutuls (which includes sleep) to /bin + }; + }; + }; + }); +} +