mirror of
https://github.com/nix-community/docker-nixpkgs.git
synced 2026-01-11 20:30:37 -05:00
Compare commits
2 Commits
main
...
push-to-gi
| Author | SHA1 | Date | |
|---|---|---|---|
|
8aababdd97 | ||
|
|
c5d1be8214 |
68
.github/workflows/nix.yml
vendored
68
.github/workflows/nix.yml
vendored
@@ -2,13 +2,16 @@ name: Nix
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
- master
|
||||
pull_request:
|
||||
workflow_dispatch:
|
||||
schedule:
|
||||
# Run once per day
|
||||
- cron: '0 0 * * *'
|
||||
|
||||
env:
|
||||
CI_REGISTRY: ghcr.io
|
||||
|
||||
jobs:
|
||||
build:
|
||||
strategy:
|
||||
@@ -17,11 +20,9 @@ jobs:
|
||||
matrix:
|
||||
channel:
|
||||
- nixos-unstable
|
||||
- nixos-25.05
|
||||
- nixos-25.11
|
||||
system:
|
||||
- aarch64-linux
|
||||
- x86_64-linux
|
||||
- nixos-22.05
|
||||
- nixos-22.11
|
||||
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
permissions:
|
||||
@@ -29,54 +30,15 @@ jobs:
|
||||
packages: write
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v6
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
- uses: actions/checkout@v3
|
||||
- name: Log in to the Container registry
|
||||
uses: docker/login-action@v2.1.0
|
||||
with:
|
||||
platforms: arm64
|
||||
- uses: DeterminateSystems/nix-installer-action@main
|
||||
with:
|
||||
extra-conf: |
|
||||
extra-platforms = aarch64-linux
|
||||
- uses: DeterminateSystems/magic-nix-cache-action@main
|
||||
registry: ${{ env.CI_REGISTRY }}
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Push to Docker Hub
|
||||
run: nix-shell --run ./ci.sh
|
||||
- uses: cachix/install-nix-action@v20
|
||||
- run: nix-shell --run ./ci.sh
|
||||
env:
|
||||
CI_PROJECT_PATH: 'nixpkgs'
|
||||
CI_REGISTRY: 'docker.io'
|
||||
CI_REGISTRY_AUTH: '${{ secrets.REGISTRY_AUTH }}'
|
||||
NIXPKGS_CHANNEL: '${{ matrix.channel }}'
|
||||
NIX_SYSTEM_NAME: '${{ matrix.system }}'
|
||||
|
||||
- name: Push to GitHub Pages
|
||||
run: nix-shell --run ./ci.sh
|
||||
env:
|
||||
CI_PROJECT_PATH: 'nix-community/docker-nixpkgs'
|
||||
CI_REGISTRY: 'ghcr.io'
|
||||
CI_REGISTRY_AUTH: '${{ github.actor }}:${{ secrets.GITHUB_TOKEN }}'
|
||||
NIXPKGS_CHANNEL: '${{ matrix.channel }}'
|
||||
NIX_SYSTEM_NAME: '${{ matrix.system }}'
|
||||
|
||||
push-manifest:
|
||||
needs: [build]
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
channel:
|
||||
- nixos-unstable
|
||||
- nixos-25.05
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v6
|
||||
- uses: DeterminateSystems/nix-installer-action@main
|
||||
with:
|
||||
extra-conf: |
|
||||
extra-platforms = aarch64-linux
|
||||
- uses: DeterminateSystems/magic-nix-cache-action@main
|
||||
|
||||
- run: nix-shell --run ./ci-manifests.sh
|
||||
env:
|
||||
CI_REGISTRY_AUTH: '${{ secrets.REGISTRY_AUTH }}'
|
||||
NIXPKGS_CHANNEL: '${{ matrix.channel }}'
|
||||
NIX_SYSTEM_NAME: '${{ matrix.system }}'
|
||||
|
||||
@@ -3,12 +3,12 @@ stages:
|
||||
|
||||
build:
|
||||
stage: build
|
||||
image: nixpkgs/nix:nixos-25.05
|
||||
image: nixpkgs/nix:nixos-22.05
|
||||
script: nix-shell --run ./ci.sh
|
||||
parallel:
|
||||
matrix:
|
||||
- NIXPKGS_CHANNEL: nixos-unstable
|
||||
IMAGE_TAG: latest
|
||||
- NIXPKGS_CHANNEL:
|
||||
- nixos-25.05
|
||||
- nixos-25.11
|
||||
- nixos-22.05
|
||||
- nixos-22.11
|
||||
|
||||
14
README.md
14
README.md
@@ -1,5 +1,9 @@
|
||||
# docker-nixpkgs: docker images from nixpkgs
|
||||
|
||||
> Docker recently requested that we start paying $420.-/year in order to keep
|
||||
> the organization. So we moved the images to GitHub. Sorry for the
|
||||
> inconvenience.
|
||||
|
||||
This project is a collection of docker images automatically produced with Nix
|
||||
and the latest nixpkgs package set. All the images are refreshed daily with
|
||||
the latest versions of nixpkgs.
|
||||
@@ -39,8 +43,8 @@ nixpkgs channel describes.
|
||||
|
||||
| Channel | Image Tag | Description |
|
||||
| --- | --- | --- |
|
||||
| nixos-25.05 | nixos-25.05 | only minor versions that include security updates |
|
||||
| nixos-25.11 | nixos-25.11 | only minor versions that include security updates |
|
||||
| nixos-22.05 | nixos-22.05 | only minor versions that include security updates |
|
||||
| nixos-22.11 | nixos-22.11 | only minor versions that include security updates |
|
||||
| nixos-unstable | latest | latest and greatest, major versions might change |
|
||||
|
||||
## List of images
|
||||
@@ -52,11 +56,9 @@ All images are automatically built and published to Docker Hub, and served
|
||||
on our custom domain, courtesy of [Scarf](https://scarf.sh).
|
||||
|
||||
`> ./readme-image-matrix`
|
||||
|
||||
<!-- BEGIN mdsh -->
|
||||
| Image / Tag | Pull |
|
||||
| --- | --- |
|
||||
| [nixpkgs/attic](https://hub.docker.com/r/nixpkgs/attic)| `docker pull docker.nix-community.org/nixpkgs/attic` |
|
||||
| [nixpkgs/bash](https://hub.docker.com/r/nixpkgs/bash)| `docker pull docker.nix-community.org/nixpkgs/bash` |
|
||||
| [nixpkgs/busybox](https://hub.docker.com/r/nixpkgs/busybox)| `docker pull docker.nix-community.org/nixpkgs/busybox` |
|
||||
| [nixpkgs/cachix](https://hub.docker.com/r/nixpkgs/cachix)| `docker pull docker.nix-community.org/nixpkgs/cachix` |
|
||||
@@ -64,19 +66,15 @@ on our custom domain, courtesy of [Scarf](https://scarf.sh).
|
||||
| [nixpkgs/caddy](https://hub.docker.com/r/nixpkgs/caddy)| `docker pull docker.nix-community.org/nixpkgs/caddy` |
|
||||
| [nixpkgs/curl](https://hub.docker.com/r/nixpkgs/curl)| `docker pull docker.nix-community.org/nixpkgs/curl` |
|
||||
| [nixpkgs/devcontainer](https://hub.docker.com/r/nixpkgs/devcontainer)| `docker pull docker.nix-community.org/nixpkgs/devcontainer` |
|
||||
| [nixpkgs/devenv](https://hub.docker.com/r/nixpkgs/devenv)| `docker pull docker.nix-community.org/nixpkgs/devenv` |
|
||||
| [nixpkgs/docker-compose](https://hub.docker.com/r/nixpkgs/docker-compose)| `docker pull docker.nix-community.org/nixpkgs/docker-compose` |
|
||||
| [nixpkgs/hugo](https://hub.docker.com/r/nixpkgs/hugo)| `docker pull docker.nix-community.org/nixpkgs/hugo` |
|
||||
| [nixpkgs/kubectl](https://hub.docker.com/r/nixpkgs/kubectl)| `docker pull docker.nix-community.org/nixpkgs/kubectl` |
|
||||
| [nixpkgs/kubernetes-helm](https://hub.docker.com/r/nixpkgs/kubernetes-helm)| `docker pull docker.nix-community.org/nixpkgs/kubernetes-helm` |
|
||||
| [nixpkgs/maddy](https://hub.docker.com/r/nixpkgs/maddy)| `docker pull docker.nix-community.org/nixpkgs/maddy` |
|
||||
| [nixpkgs/nginx](https://hub.docker.com/r/nixpkgs/nginx)| `docker pull docker.nix-community.org/nixpkgs/nginx` |
|
||||
| [nixpkgs/nix](https://hub.docker.com/r/nixpkgs/nix)| `docker pull docker.nix-community.org/nixpkgs/nix` |
|
||||
| [nixpkgs/nix-flakes](https://hub.docker.com/r/nixpkgs/nix-flakes)| `docker pull docker.nix-community.org/nixpkgs/nix-flakes` |
|
||||
| [nixpkgs/nix-unstable](https://hub.docker.com/r/nixpkgs/nix-unstable)| `docker pull docker.nix-community.org/nixpkgs/nix-unstable` |
|
||||
| [nixpkgs/nix-unstable-static](https://hub.docker.com/r/nixpkgs/nix-unstable-static)| `docker pull docker.nix-community.org/nixpkgs/nix-unstable-static` |
|
||||
| [nixpkgs/pocket-id](https://hub.docker.com/r/nixpkgs/pocket-id)| `docker pull docker.nix-community.org/nixpkgs/pocket-id` |
|
||||
| [nixpkgs/yarr](https://hub.docker.com/r/nixpkgs/yarr)| `docker pull docker.nix-community.org/nixpkgs/yarr` |
|
||||
<!-- END mdsh -->
|
||||
## Adding new images
|
||||
|
||||
|
||||
@@ -1,39 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
#
|
||||
# CI specific build script.
|
||||
#
|
||||
set -euo pipefail
|
||||
|
||||
channel=${NIXPKGS_CHANNEL:-nixos-unstable}
|
||||
registry=${CI_REGISTRY:-docker.io}
|
||||
registry_auth=${CI_REGISTRY_AUTH:-}
|
||||
image_prefix=${CI_PROJECT_PATH:-nixpkgs}
|
||||
|
||||
if [[ $channel == nixos-unstable ]]; then
|
||||
image_tag=latest
|
||||
else
|
||||
image_tag=$channel
|
||||
fi
|
||||
|
||||
export NIX_PATH=channel:$channel
|
||||
|
||||
banner() {
|
||||
echo "========================================================"
|
||||
echo " $*"
|
||||
echo "========================================================"
|
||||
}
|
||||
|
||||
cd "$(dirname "$0")"
|
||||
|
||||
if [[ $(git rev-parse --abbrev-ref HEAD) != main ]]; then
|
||||
banner "Skipping push on non-main branch"
|
||||
exit
|
||||
fi
|
||||
|
||||
if [[ -n "${registry_auth}" ]]; then
|
||||
banner "docker login"
|
||||
./docker-login "$registry_auth" "$registry"
|
||||
fi
|
||||
|
||||
banner "generate manifests"
|
||||
./generate-manifests "$registry" "$image_prefix" "$image_tag"
|
||||
19
ci.sh
19
ci.sh
@@ -5,10 +5,9 @@
|
||||
set -euo pipefail
|
||||
|
||||
channel=${NIXPKGS_CHANNEL:-nixos-unstable}
|
||||
registry=${CI_REGISTRY:-docker.io}
|
||||
registry=${CI_REGISTRY:-ghcr.io}
|
||||
registry_auth=${CI_REGISTRY_AUTH:-}
|
||||
image_prefix=${CI_PROJECT_PATH:-nixpkgs}
|
||||
system_name=${NIX_SYSTEM_NAME:-x86_64-linux}
|
||||
image_prefix=${CI_PROJECT_PATH:-nix-community/docker-nixpkgs}
|
||||
|
||||
if [[ $channel == nixos-unstable ]]; then
|
||||
image_tag=latest
|
||||
@@ -31,12 +30,11 @@ banner "Building images"
|
||||
nix-build \
|
||||
--no-out-link \
|
||||
--option sandbox true \
|
||||
--argstr system "$system_name"
|
||||
|
||||
if [[ $(git rev-parse --abbrev-ref HEAD) != main ]]; then
|
||||
banner "Skipping push on non-main branch"
|
||||
exit
|
||||
fi
|
||||
# if [[ $(git rev-parse --abbrev-ref HEAD) != master ]]; then
|
||||
# banner "Skipping push on non-master branch"
|
||||
# exit
|
||||
# fi
|
||||
|
||||
if [[ -n "${registry_auth}" ]]; then
|
||||
banner "docker login"
|
||||
@@ -45,8 +43,3 @@ fi
|
||||
|
||||
banner "docker push"
|
||||
./push-all "$registry" "$image_prefix" "$image_tag"
|
||||
|
||||
if [[ -n "${registry_auth}" && $registry = *docker.io ]]; then
|
||||
banner "docker metadata update"
|
||||
./dockerhub-metadata "$registry_auth" "$image_prefix"
|
||||
fi
|
||||
|
||||
14
default.nix
14
default.nix
@@ -1,14 +1,4 @@
|
||||
{
|
||||
system ? builtins.currentSystem
|
||||
}: let
|
||||
_parts = builtins.split "-" system;
|
||||
arch = builtins.elemAt _parts 0;
|
||||
os = builtins.elemAt _parts 2;
|
||||
system' =
|
||||
if os == "darwin"
|
||||
then "${arch}-linux"
|
||||
else system;
|
||||
pkgs =
|
||||
import ./pkgs.nix system';
|
||||
let
|
||||
pkgs = import ./pkgs.nix;
|
||||
in
|
||||
pkgs.docker-nixpkgs
|
||||
|
||||
@@ -1,46 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
#
|
||||
# Update docker hub image descriptions. The API is not documented and might
|
||||
# break in the future.
|
||||
#
|
||||
# Usage: ./dockerhub-metadata <user> <password> [org]
|
||||
set -euo pipefail
|
||||
|
||||
user=$1
|
||||
org=${2:-nixpkgs}
|
||||
system_name=${NIX_SYSTEM_NAME:-x86_64-linux}
|
||||
|
||||
nix_eval() {
|
||||
nix-instantiate --strict --eval --argstr system "$system_name" --json "$@"
|
||||
}
|
||||
|
||||
releases_json=$(nix_eval)
|
||||
|
||||
to_json() {
|
||||
local desc=$1 full_desc=$2
|
||||
jq -n \
|
||||
--arg desc "$desc" \
|
||||
--arg full_desc "$full_desc" \
|
||||
'.description=$desc | .full_description=$full_desc'
|
||||
}
|
||||
|
||||
echo "=== Updating Docker Hub project descriptions"
|
||||
|
||||
for attr in $(echo "$releases_json" | jq -r "keys[]") ; do
|
||||
echo "--- $attr"
|
||||
desc=$(nix_eval -A "$attr.meta.description" | jq -r .)
|
||||
|
||||
if [[ -f "$attr/README.md" ]]; then
|
||||
full_desc=$(< "$attr/README.md")
|
||||
else
|
||||
full_desc=$(< "README.md")
|
||||
fi
|
||||
|
||||
data=$(to_json "$desc" "$full_desc")
|
||||
echo "data: $data"
|
||||
url=https://cloud.docker.com/v2/repositories/$org/$attr/
|
||||
|
||||
curl -XPATCH -H "Content-Type: application/json" --user "$user" --data "$data" "$url"
|
||||
done
|
||||
|
||||
echo OK
|
||||
@@ -1,25 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
#
|
||||
# Usage: ./push-all <registry> <image-prefix> <image-tag>
|
||||
set -euo pipefail
|
||||
|
||||
registry=${1:-docker.io}
|
||||
image_prefix=${2:-nixpkgs}
|
||||
image_tag=${3:-latest}
|
||||
system_name=${NIX_SYSTEM_NAME:-x86_64-linux}
|
||||
|
||||
releases_json=$(nix-instantiate --strict --argstr system "$system_name" --eval --json)
|
||||
|
||||
echo "=== Generating manifests for $registry"
|
||||
|
||||
for attr in $(echo "$releases_json" | jq -r "keys[]") ; do
|
||||
repository=$registry/$image_prefix/$attr
|
||||
target_image=${repository}:${image_tag}
|
||||
echo "--- attr=$attr target=$target_image"
|
||||
podman manifest create "$target_image"
|
||||
podman manifest add "$target_image" "docker://$repository:${image_tag}-x86_64-linux"
|
||||
podman manifest add "$target_image" "docker://$repository:${image_tag}-aarch64-linux"
|
||||
podman manifest push --all "$target_image" "docker://$target_image"
|
||||
done
|
||||
|
||||
echo OK
|
||||
@@ -1,10 +0,0 @@
|
||||
{ docker-nixpkgs
|
||||
, attic-client
|
||||
}:
|
||||
(docker-nixpkgs.nix.override {
|
||||
extraContents = [ attic-client ];
|
||||
}).overrideAttrs (prev: {
|
||||
meta = (prev.meta or { }) // {
|
||||
description = "Nix and Attic client image";
|
||||
};
|
||||
})
|
||||
@@ -14,7 +14,7 @@
|
||||
, gnutar
|
||||
, gzip
|
||||
, iana-etc
|
||||
, iproute2
|
||||
, iproute
|
||||
, less
|
||||
, lib
|
||||
, nix
|
||||
@@ -42,11 +42,7 @@ let
|
||||
nix
|
||||
|
||||
# runtime dependencies of nix
|
||||
# HACK: don't include the "hashed" output. It has overlapping files with
|
||||
# the "unbundled" output, and that breaks the build.
|
||||
(cacert // {
|
||||
outputs = builtins.filter (x: x != "hashed") cacert.outputs;
|
||||
})
|
||||
cacert
|
||||
gitReallyMinimal
|
||||
gnutar
|
||||
gzip
|
||||
@@ -59,13 +55,8 @@ let
|
||||
shadow
|
||||
|
||||
# for the vscode extension
|
||||
|
||||
# HACK: don't include the "libgcc" output. It has overlapping files with
|
||||
# the "lib" output, and that breaks the build.
|
||||
(gcc-unwrapped // {
|
||||
outputs = builtins.filter (x: x != "libgcc") gcc-unwrapped.outputs;
|
||||
})
|
||||
iproute2
|
||||
gcc-unwrapped
|
||||
iproute
|
||||
];
|
||||
};
|
||||
|
||||
@@ -130,7 +121,7 @@ let
|
||||
];
|
||||
Labels = {
|
||||
# https://github.com/microscaling/microscaling/blob/55a2d7b91ce7513e07f8b1fd91bbed8df59aed5a/Dockerfile#L22-L33
|
||||
"org.label-schema.vcs-ref" = "main";
|
||||
"org.label-schema.vcs-ref" = "master";
|
||||
"org.label-schema.vcs-url" = "https://github.com/nix-community/docker-nixpkgs";
|
||||
};
|
||||
};
|
||||
|
||||
@@ -1,11 +0,0 @@
|
||||
{ docker-nixpkgs
|
||||
, devenv ? null
|
||||
}:
|
||||
(docker-nixpkgs.nix.override {
|
||||
# only available since 24.05
|
||||
extraContents = [ devenv ];
|
||||
}).overrideAttrs (prev: {
|
||||
meta = (prev.meta or { }) // {
|
||||
description = "Nix and devenv image";
|
||||
};
|
||||
})
|
||||
@@ -1,6 +0,0 @@
|
||||
{ buildCLIImage
|
||||
, maddy
|
||||
}:
|
||||
buildCLIImage {
|
||||
drv = maddy;
|
||||
}
|
||||
@@ -1,10 +1,10 @@
|
||||
{ docker-nixpkgs
|
||||
, nixVersions
|
||||
, nixFlakes
|
||||
, writeTextFile
|
||||
, extraContents ? [ ]
|
||||
}:
|
||||
docker-nixpkgs.nix.override {
|
||||
nix = nixVersions.stable;
|
||||
nix = nixFlakes;
|
||||
extraContents = [
|
||||
(writeTextFile {
|
||||
name = "nix.conf";
|
||||
@@ -12,12 +12,7 @@ docker-nixpkgs.nix.override {
|
||||
text = ''
|
||||
accept-flake-config = true
|
||||
experimental-features = nix-command flakes
|
||||
max-jobs = auto
|
||||
'';
|
||||
})
|
||||
] ++ extraContents;
|
||||
|
||||
extraEnv = [
|
||||
"PATH=/root/.nix-profile/bin:/usr/bin:/bin" # Not sure how to just prepend
|
||||
];
|
||||
}
|
||||
|
||||
@@ -19,8 +19,8 @@ let
|
||||
|
||||
# Get nix from Hydra because the nixpkgs one is not fully static
|
||||
nixStaticBin = fetchurl {
|
||||
url = "https://hydra.nixos.org/build/305222051/download/1/nix";
|
||||
hash = "sha256-OahnvQ/OKnRhbXaIJ7iEQYu86ECGtUqwW8XrryVkXaM=";
|
||||
url = "https://hydra.nixos.org/build/181573550/download/1/nix";
|
||||
hash = "sha256-zO2xJhQIrLtL/ReTlcorjwsaTO1W5Rnr+sXwcLcujok=";
|
||||
};
|
||||
|
||||
nixSymlinks = [
|
||||
@@ -84,12 +84,11 @@ let
|
||||
mkdir -p libexec/nix
|
||||
ln -s /bin/nix libexec/nix/build-remote
|
||||
|
||||
# Enable flakes and parallel building
|
||||
# Enable flakes
|
||||
mkdir -p etc/nix
|
||||
cat <<NIX_CONFIG > etc/nix/nix.conf
|
||||
accept-flake-config = true
|
||||
experimental-features = nix-command flakes
|
||||
max-jobs = auto
|
||||
NIX_CONFIG
|
||||
|
||||
# Add run-as-user script
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
{ docker-nixpkgs
|
||||
, pkgs
|
||||
, nixUnstable
|
||||
}:
|
||||
docker-nixpkgs.nix.override {
|
||||
nix = pkgs.nixVersions.latest;
|
||||
nix = nixUnstable;
|
||||
}
|
||||
|
||||
@@ -11,7 +11,6 @@
|
||||
, openssh
|
||||
, xz
|
||||
, extraContents ? [ ]
|
||||
, extraEnv ? [ ]
|
||||
}:
|
||||
let
|
||||
image = dockerTools.buildImageWithNixDb {
|
||||
@@ -59,7 +58,7 @@ let
|
||||
"PATH=/usr/bin:/bin"
|
||||
"SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt"
|
||||
"USER=root"
|
||||
] ++ extraEnv;
|
||||
];
|
||||
};
|
||||
};
|
||||
in
|
||||
|
||||
@@ -3,7 +3,7 @@ throw ''
|
||||
This container doesn't include nixpkgs.
|
||||
|
||||
The best way to work around that is to pin your dependencies. See
|
||||
https://nix.dev/tutorials/first-steps/towards-reproducibility-pinning-nixpkgs.html
|
||||
https://nix.dev/tutorials/towards-reproducibility-pinning-nixpkgs.html
|
||||
|
||||
Or if you must, override the NIX_PATH environment variable with eg:
|
||||
"NIX_PATH=nixpkgs=channel:nixos-unstable"
|
||||
|
||||
@@ -1,6 +0,0 @@
|
||||
{ buildCLIImage
|
||||
, pocket-id
|
||||
}:
|
||||
buildCLIImage {
|
||||
drv = pocket-id;
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
{ buildCLIImage
|
||||
, yarr
|
||||
}:
|
||||
buildCLIImage {
|
||||
drv = yarr;
|
||||
}
|
||||
@@ -28,7 +28,7 @@ let
|
||||
];
|
||||
Labels = {
|
||||
# https://github.com/microscaling/microscaling/blob/55a2d7b91ce7513e07f8b1fd91bbed8df59aed5a/Dockerfile#L22-L33
|
||||
"org.label-schema.vcs-ref" = "main";
|
||||
"org.label-schema.vcs-ref" = "master";
|
||||
"org.label-schema.vcs-url" = "https://github.com/nix-community/docker-nixpkgs";
|
||||
};
|
||||
};
|
||||
|
||||
6
pkgs.nix
6
pkgs.nix
@@ -1,9 +1,7 @@
|
||||
system:
|
||||
# docker images run on Linux
|
||||
assert builtins.elem system ["x86_64-linux" "aarch64-linux"];
|
||||
import <nixpkgs> {
|
||||
# docker images run on Linux
|
||||
system = "x86_64-linux";
|
||||
config = { };
|
||||
inherit system;
|
||||
overlays = [
|
||||
(import ./overlay.nix)
|
||||
];
|
||||
|
||||
7
push-all
7
push-all
@@ -3,19 +3,18 @@
|
||||
# Usage: ./push-all <registry> <image-prefix> <image-tag>
|
||||
set -euo pipefail
|
||||
|
||||
registry=${1:-docker.io}
|
||||
registry=${1:-ghcr.io}
|
||||
image_prefix=${2:-nixpkgs}
|
||||
image_tag=${3:-latest}
|
||||
system_name=${NIX_SYSTEM_NAME:-x86_64-linux}
|
||||
|
||||
releases_json=$(nix-instantiate --strict --argstr system "$system_name" --eval --json)
|
||||
releases_json=$(nix-instantiate --strict --eval --json)
|
||||
|
||||
echo "=== Pushing images to $registry"
|
||||
|
||||
for attr in $(echo "$releases_json" | jq -r "keys[]") ; do
|
||||
file=$(echo "$releases_json" | jq -r ".\"$attr\"")
|
||||
src=docker-archive://$file
|
||||
dst=docker://$registry/$image_prefix/$attr:${image_tag}-${system_name}
|
||||
dst=docker://$registry/$image_prefix/$attr:$image_tag
|
||||
echo "--- attr=$attr src=$src dst=$dst"
|
||||
skopeo copy --insecure-policy "$src" "$dst"
|
||||
done
|
||||
|
||||
@@ -3,11 +3,9 @@
|
||||
# Usage: ./dockerhub-image-matrix
|
||||
set -euo pipefail
|
||||
|
||||
system_name=${NIX_SYSTEM_NAME:-x86_64-linux}
|
||||
|
||||
## Main ##
|
||||
|
||||
releases_json=$(nix-instantiate --strict --argstr system "$system_name" --eval --json)
|
||||
releases_json=$(nix-instantiate --strict --eval --json)
|
||||
|
||||
echo "| Image / Tag | Pull |"
|
||||
echo "| --- | --- |"
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
let
|
||||
nixpkgs = builtins.fetchTarball "channel:nixos-23.11";
|
||||
nixpkgs = builtins.fetchTarball "channel:nixos-22.05";
|
||||
pkgs = import nixpkgs { config = { }; overlays = [ ]; };
|
||||
in
|
||||
with pkgs;
|
||||
@@ -8,7 +8,6 @@ mkShell {
|
||||
dive
|
||||
jq
|
||||
skopeo
|
||||
podman
|
||||
] ++ lib.optional (pkgs ? mdsh) pkgs.mdsh;
|
||||
|
||||
shellHook = ''
|
||||
|
||||
Reference in New Issue
Block a user