first commit

2024-06-27 13:38:28 +02:00 · 2024-06-27 13:38:28 +02:00 · 6b2d206e07
commit 6b2d206e07
5 changed files with 219 additions and 0 deletions
--- a/.forgejo/workflows/nix.yaml
+++ b/.forgejo/workflows/nix.yaml
@ -0,0 +1,14 @@
+on: [push]
+jobs:
+  build:
+    runs-on: nix
+    steps:
+      - uses: actions/checkout@v3
+      - run: nix build -L .#runner
+      - name: upload image
+        run: |
+          docker login -u ${{ secrets.REG_USER }} -p ${{ secrets.REG_TOKEN }} ${{ secrets.CI_REGISTRY }}
+          export IMAGE_TAG=$(docker load -i result | grep -Po 'Loaded image.*: \K.*')
+          echo "Pushing image ${IMAGE_TAG}"
+          docker tag "${IMAGE_TAG}" "${{ secrets.CI_REGISTRY }}/${{ secrets.REG_USER }}/nix-runner:latest"
+          docker push "${{ secrets.CI_REGISTRY }}/${{ secrets.REG_USER }}/nix-runner:latest"
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,2 @@
+.idea
+
--- a/README.md
+++ b/README.md
--- a/flake.lock
+++ b/flake.lock
@ -0,0 +1,134 @@
+{
+  "nodes": {
+    "flake-compat": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1673956053,
+        "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
+        "type": "github"
+      },
+      "original": {
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
+    "flake-utils": {
+      "inputs": {
+        "systems": "systems"
+      },
+      "locked": {
+        "lastModified": 1710146030,
+        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "lowdown-src": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1633514407,
+        "narHash": "sha256-Dw32tiMjdK9t3ETl5fzGrutQTzh2rufgZV4A/BbxuD4=",
+        "owner": "kristapsdz",
+        "repo": "lowdown",
+        "rev": "d2c2b44ff6c27b936ec27358a2653caaef8f73b8",
+        "type": "github"
+      },
+      "original": {
+        "owner": "kristapsdz",
+        "repo": "lowdown",
+        "type": "github"
+      }
+    },
+    "nix": {
+      "inputs": {
+        "flake-compat": "flake-compat",
+        "lowdown-src": "lowdown-src",
+        "nixpkgs": [
+          "nixpkgs"
+        ],
+        "nixpkgs-regression": "nixpkgs-regression"
+      },
+      "locked": {
+        "lastModified": 1709813453,
+        "narHash": "sha256-8gNJlBlv2bnffRg0CejiBXc6U/S6YeCLAdHrYvTPyoY=",
+        "owner": "nixos",
+        "repo": "nix",
+        "rev": "0bd62229cd5c1b615be40ffd5597f76c0cd73828",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "2.18.2",
+        "repo": "nix",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1719426051,
+        "narHash": "sha256-yJL9VYQhaRM7xs0M867ZFxwaONB9T2Q4LnGo1WovuR4=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "89c49874fb15f4124bf71ca5f42a04f2ee5825fd",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-24.05",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs-regression": {
+      "locked": {
+        "lastModified": 1643052045,
+        "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "flake-utils": "flake-utils",
+        "nix": "nix",
+        "nixpkgs": "nixpkgs"
+      }
+    },
+    "systems": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
--- a/flake.nix
+++ b/flake.nix
@ -0,0 +1,69 @@
+{
+  inputs = {
+    nix.url = "github:/nixos/nix?ref=2.18.2"; # using nix 2.16.1
+    nix.inputs.nixpkgs.follows = "nixpkgs";
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; # and nixos 23.05 for our packages
+    flake-utils.url = "github:numtide/flake-utils";
+  };
+
+  outputs =
+    { flake-utils
+    , nix
+    , nixpkgs
+    , ...
+    }:
+    flake-utils.lib.eachDefaultSystem (system:
+    let
+      pkgs = (import nixpkgs) {
+        inherit system;
+      };
+    in
+    {
+      packages = rec {
+        # a modified version of the nixos/nix image
+        # re-using the upstream nix docker image generation code
+        base = import (nix + "/docker.nix") {
+          inherit pkgs;
+          name = "nix-ci-base";
+          maxLayers = 10;
+          extraPkgs = with pkgs; [
+            nodejs_20 # nodejs is needed for running most 3rdparty actions
+            docker-client
+            # add any other pre-installed packages here
+          ];
+          # change this is you want
+          channelURL = "https://nixos.org/channels/nixpkgs-24.05";
+          nixConf = {
+            substituters = [
+              "https://cache.nixos.org/"
+              "https://nix-community.cachix.org"
+              # insert any other binary caches here
+            ];
+            trusted-public-keys = [
+              "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
+              "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+              # insert the public keys for those binary caches here
+            ];
+            # allow using the new flake commands in our workflows
+            experimental-features = [ "nix-command" "flakes" ];
+          };
+        };
+        # make /bin/sleep available on the image
+        runner = pkgs.dockerTools.buildImage {
+          name = "nix-runner";
+          tag = "latest";
+
+          fromImage = base;
+          fromImageName = null;
+          fromImageTag = "latest";
+
+          copyToRoot = pkgs.buildEnv {
+            name = "image-root";
+            paths = [ pkgs.coreutils-full ];
+            pathsToLink = [ "/bin" ]; # add coreutuls (which includes sleep) to /bin
+          };
+        };
+      };
+    });
+}
+