Add Forgejo action to build Docker image
This commit is contained in:
parent
649566c8ab
commit
fe9488d31c
3 changed files with 101 additions and 31 deletions
|
@ -4,18 +4,21 @@ jobs:
|
||||||
runs-on: docker
|
runs-on: docker
|
||||||
container:
|
container:
|
||||||
image: git.kun.is/home/forgejo-nix-action:687d16c49ea7936068bac64ec68c480a9d681962
|
image: git.kun.is/home/forgejo-nix-action:687d16c49ea7936068bac64ec68c480a9d681962
|
||||||
env:
|
|
||||||
GIT_COMMITTER_NAME: Forgejo Action
|
|
||||||
GIT_COMMITTER_EMAIL: noreply@git.kun.is
|
|
||||||
GIT_AUTHOR_NAME: Forgejo Action
|
|
||||||
GIT_AUTHOR_EMAIL: noreply@git.kun.is
|
|
||||||
steps:
|
steps:
|
||||||
- name: Clone container-images repository
|
- name: Clone repository
|
||||||
run: git clone https://${{ secrets.RUNNER_TOKEN }}@${GITHUB_SERVER_URL#https://}/home/container-images.git container-images
|
run: git clone ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git src
|
||||||
- name: Update Nix input on container-images
|
- name: Setup Nix cache
|
||||||
run: nix flake lock --update-input blog-pim ./container-images
|
|
||||||
- name: Push changes to container-images repo
|
|
||||||
run: |
|
run: |
|
||||||
git --git-dir container-images/.git --work-tree container-images add -A
|
/bin/attic login local ${{ vars.ATTIC_URL }} ${{ secrets.ATTIC_TOKEN }}
|
||||||
git --git-dir container-images/.git --work-tree container-images commit --message "Bump blog-pim Nix flake input"
|
/bin/attic use ${{ vars.ATTIC_CACHE }}
|
||||||
git --git-dir container-images/.git --work-tree container-images push
|
- name: Build image
|
||||||
|
run: nix build --out-link image ./src#packages.x86_64-linux.container-image
|
||||||
|
- name: Push image to Nix cache
|
||||||
|
run: /bin/attic push ${{ vars.ATTIC_CACHE }} image
|
||||||
|
- name: Log into container registry
|
||||||
|
run: /bin/skopeo login --tls-verify --username ${{ vars.RUNNER_USER }} --password ${{ secrets.RUNNER_TOKEN }} ${GITHUB_SERVER_URL}
|
||||||
|
- name: Push image to container registry
|
||||||
|
run: |
|
||||||
|
/bin/skopeo --insecure-policy copy docker-archive:image docker://${GITHUB_SERVER_URL#https://}/${GITHUB_REPOSITORY_OWNER}/blog-pim:latest
|
||||||
|
gitrev=$(git --git-dir src/.git --work-tree src rev-parse HEAD)
|
||||||
|
/bin/skopeo --insecure-policy copy docker-archive:image docker://${GITHUB_SERVER_URL#https://}/${GITHUB_REPOSITORY_OWNER}/blog-pim:$gitrev
|
||||||
|
|
17
flake.lock
generated
17
flake.lock
generated
|
@ -18,6 +18,22 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"nginx": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1713277799,
|
||||||
|
"narHash": "sha256-VNDzQvUGeh54F3s6SIq6lBrp4RatURzJoJqVorexttA=",
|
||||||
|
"owner": "nginx",
|
||||||
|
"repo": "nginx",
|
||||||
|
"rev": "d8a849ae3c99ee5ca82c9a06074761e937dac6d6",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nginx",
|
||||||
|
"repo": "nginx",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1714076141,
|
"lastModified": 1714076141,
|
||||||
|
@ -37,6 +53,7 @@
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flutils": "flutils",
|
"flutils": "flutils",
|
||||||
|
"nginx": "nginx",
|
||||||
"nixpkgs": "nixpkgs"
|
"nixpkgs": "nixpkgs"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|
54
flake.nix
54
flake.nix
|
@ -4,9 +4,14 @@
|
||||||
inputs = {
|
inputs = {
|
||||||
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
|
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
|
||||||
flutils.url = "github:numtide/flake-utils";
|
flutils.url = "github:numtide/flake-utils";
|
||||||
|
|
||||||
|
nginx = {
|
||||||
|
url = "github:nginx/nginx";
|
||||||
|
flake = false;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = { self, nixpkgs, flutils }: flutils.lib.eachDefaultSystem (system:
|
outputs = { self, nixpkgs, flutils, nginx }: flutils.lib.eachDefaultSystem (system:
|
||||||
let
|
let
|
||||||
pkgs = nixpkgs.legacyPackages.${system};
|
pkgs = nixpkgs.legacyPackages.${system};
|
||||||
|
|
||||||
|
@ -21,9 +26,31 @@
|
||||||
dontUnpack = true;
|
dontUnpack = true;
|
||||||
installPhase = "install -Dm755 ${./patch-feed-date.py} $out/bin/patch-feed-date";
|
installPhase = "install -Dm755 ${./patch-feed-date.py} $out/bin/patch-feed-date";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
nginxPort = "80";
|
||||||
|
nginxConf = pkgs.writeText "nginx.conf" ''
|
||||||
|
user nobody nobody;
|
||||||
|
daemon off;
|
||||||
|
error_log /dev/stdout info;
|
||||||
|
pid /dev/null;
|
||||||
|
events {}
|
||||||
|
http {
|
||||||
|
access_log /dev/stdout;
|
||||||
|
include ${nginx.outPath}/conf/mime.types;
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen ${nginxPort};
|
||||||
|
index index.html;
|
||||||
|
location / {
|
||||||
|
root ${self.packages.${system}.static-website};
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
'';
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
packages.static-website = pkgs.stdenv.mkDerivation {
|
packages = {
|
||||||
|
static-website = pkgs.stdenv.mkDerivation {
|
||||||
name = "blog-pim";
|
name = "blog-pim";
|
||||||
src = ./src;
|
src = ./src;
|
||||||
sourceRoot = "src";
|
sourceRoot = "src";
|
||||||
|
@ -44,5 +71,28 @@
|
||||||
patch-feed-date --file _site/feed.xml > $out/feed.xml
|
patch-feed-date --file _site/feed.xml > $out/feed.xml
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
container-image = pkgs.dockerTools.buildLayeredImage {
|
||||||
|
name = "blog-pim";
|
||||||
|
tag = "latest";
|
||||||
|
|
||||||
|
contents = [
|
||||||
|
pkgs.fakeNss
|
||||||
|
pkgs.nginx
|
||||||
|
];
|
||||||
|
|
||||||
|
extraCommands = ''
|
||||||
|
mkdir -p tmp/nginx_client_body
|
||||||
|
mkdir -p var/log/nginx
|
||||||
|
'';
|
||||||
|
|
||||||
|
config = {
|
||||||
|
Cmd = [ "nginx" "-c" nginxConf ];
|
||||||
|
ExposedPorts = {
|
||||||
|
"${nginxPort}/tcp" = { };
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
Loading…
Add table
Reference in a new issue