Add Forgejo action to build Docker image
All checks were successful
/ blog-pim (push) Successful in 59s
All checks were successful
/ blog-pim (push) Successful in 59s
This commit is contained in:
parent
649566c8ab
commit
fe9488d31c
3 changed files with 101 additions and 31 deletions
|
@ -4,18 +4,21 @@ jobs:
|
|||
runs-on: docker
|
||||
container:
|
||||
image: git.kun.is/home/forgejo-nix-action:687d16c49ea7936068bac64ec68c480a9d681962
|
||||
env:
|
||||
GIT_COMMITTER_NAME: Forgejo Action
|
||||
GIT_COMMITTER_EMAIL: noreply@git.kun.is
|
||||
GIT_AUTHOR_NAME: Forgejo Action
|
||||
GIT_AUTHOR_EMAIL: noreply@git.kun.is
|
||||
steps:
|
||||
- name: Clone container-images repository
|
||||
run: git clone https://${{ secrets.RUNNER_TOKEN }}@${GITHUB_SERVER_URL#https://}/home/container-images.git container-images
|
||||
- name: Update Nix input on container-images
|
||||
run: nix flake lock --update-input blog-pim ./container-images
|
||||
- name: Push changes to container-images repo
|
||||
- name: Clone repository
|
||||
run: git clone ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git src
|
||||
- name: Setup Nix cache
|
||||
run: |
|
||||
git --git-dir container-images/.git --work-tree container-images add -A
|
||||
git --git-dir container-images/.git --work-tree container-images commit --message "Bump blog-pim Nix flake input"
|
||||
git --git-dir container-images/.git --work-tree container-images push
|
||||
/bin/attic login local ${{ vars.ATTIC_URL }} ${{ secrets.ATTIC_TOKEN }}
|
||||
/bin/attic use ${{ vars.ATTIC_CACHE }}
|
||||
- name: Build image
|
||||
run: nix build --out-link image ./src#packages.x86_64-linux.container-image
|
||||
- name: Push image to Nix cache
|
||||
run: /bin/attic push ${{ vars.ATTIC_CACHE }} image
|
||||
- name: Log into container registry
|
||||
run: /bin/skopeo login --tls-verify --username ${{ vars.RUNNER_USER }} --password ${{ secrets.RUNNER_TOKEN }} ${GITHUB_SERVER_URL}
|
||||
- name: Push image to container registry
|
||||
run: |
|
||||
/bin/skopeo --insecure-policy copy docker-archive:image docker://${GITHUB_SERVER_URL#https://}/${GITHUB_REPOSITORY_OWNER}/blog-pim:latest
|
||||
gitrev=$(git --git-dir src/.git --work-tree src rev-parse HEAD)
|
||||
/bin/skopeo --insecure-policy copy docker-archive:image docker://${GITHUB_SERVER_URL#https://}/${GITHUB_REPOSITORY_OWNER}/blog-pim:$gitrev
|
||||
|
|
17
flake.lock
17
flake.lock
|
@ -18,6 +18,22 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nginx": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1713277799,
|
||||
"narHash": "sha256-VNDzQvUGeh54F3s6SIq6lBrp4RatURzJoJqVorexttA=",
|
||||
"owner": "nginx",
|
||||
"repo": "nginx",
|
||||
"rev": "d8a849ae3c99ee5ca82c9a06074761e937dac6d6",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nginx",
|
||||
"repo": "nginx",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1714076141,
|
||||
|
@ -37,6 +53,7 @@
|
|||
"root": {
|
||||
"inputs": {
|
||||
"flutils": "flutils",
|
||||
"nginx": "nginx",
|
||||
"nixpkgs": "nixpkgs"
|
||||
}
|
||||
},
|
||||
|
|
86
flake.nix
86
flake.nix
|
@ -4,9 +4,14 @@
|
|||
inputs = {
|
||||
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
|
||||
flutils.url = "github:numtide/flake-utils";
|
||||
|
||||
nginx = {
|
||||
url = "github:nginx/nginx";
|
||||
flake = false;
|
||||
};
|
||||
};
|
||||
|
||||
outputs = { self, nixpkgs, flutils }: flutils.lib.eachDefaultSystem (system:
|
||||
outputs = { self, nixpkgs, flutils, nginx }: flutils.lib.eachDefaultSystem (system:
|
||||
let
|
||||
pkgs = nixpkgs.legacyPackages.${system};
|
||||
|
||||
|
@ -21,28 +26,73 @@
|
|||
dontUnpack = true;
|
||||
installPhase = "install -Dm755 ${./patch-feed-date.py} $out/bin/patch-feed-date";
|
||||
};
|
||||
|
||||
nginxPort = "80";
|
||||
nginxConf = pkgs.writeText "nginx.conf" ''
|
||||
user nobody nobody;
|
||||
daemon off;
|
||||
error_log /dev/stdout info;
|
||||
pid /dev/null;
|
||||
events {}
|
||||
http {
|
||||
access_log /dev/stdout;
|
||||
include ${nginx.outPath}/conf/mime.types;
|
||||
|
||||
server {
|
||||
listen ${nginxPort};
|
||||
index index.html;
|
||||
location / {
|
||||
root ${self.packages.${system}.static-website};
|
||||
}
|
||||
}
|
||||
}
|
||||
'';
|
||||
in
|
||||
{
|
||||
packages.static-website = pkgs.stdenv.mkDerivation {
|
||||
name = "blog-pim";
|
||||
src = ./src;
|
||||
sourceRoot = "src";
|
||||
packages = {
|
||||
static-website = pkgs.stdenv.mkDerivation {
|
||||
name = "blog-pim";
|
||||
src = ./src;
|
||||
sourceRoot = "src";
|
||||
|
||||
buildInputs = [
|
||||
gems
|
||||
gems.wrappedRuby
|
||||
patch-feed-date
|
||||
];
|
||||
buildInputs = [
|
||||
gems
|
||||
gems.wrappedRuby
|
||||
patch-feed-date
|
||||
];
|
||||
|
||||
buildPhase = ''
|
||||
bundle exec jekyll build
|
||||
'';
|
||||
buildPhase = ''
|
||||
bundle exec jekyll build
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out
|
||||
cp -r _site/* $out/
|
||||
patch-feed-date --file _site/feed.xml > $out/feed.xml
|
||||
'';
|
||||
installPhase = ''
|
||||
mkdir -p $out
|
||||
cp -r _site/* $out/
|
||||
patch-feed-date --file _site/feed.xml > $out/feed.xml
|
||||
'';
|
||||
};
|
||||
|
||||
container-image = pkgs.dockerTools.buildLayeredImage {
|
||||
name = "blog-pim";
|
||||
tag = "latest";
|
||||
|
||||
contents = [
|
||||
pkgs.fakeNss
|
||||
pkgs.nginx
|
||||
];
|
||||
|
||||
extraCommands = ''
|
||||
mkdir -p tmp/nginx_client_body
|
||||
mkdir -p var/log/nginx
|
||||
'';
|
||||
|
||||
config = {
|
||||
Cmd = [ "nginx" "-c" nginxConf ];
|
||||
ExposedPorts = {
|
||||
"${nginxPort}/tcp" = { };
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
});
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue