forked from github-mirror/docker-nixpkgs
Compare commits
4 Commits
push-to-gi
...
5ac99012e0
| Author | SHA1 | Date | |
|---|---|---|---|
| 5ac99012e0 | |||
|
30ea4a75cd | ||
|
|
ae6d994038 | ||
|
|
e9b6514e0e |
24
.github/workflows/nix.yml
vendored
24
.github/workflows/nix.yml
vendored
@@ -8,10 +8,6 @@ on:
|
||||
schedule:
|
||||
# Run once per day
|
||||
- cron: '0 0 * * *'
|
||||
|
||||
env:
|
||||
CI_REGISTRY: ghcr.io
|
||||
|
||||
jobs:
|
||||
build:
|
||||
strategy:
|
||||
@@ -20,25 +16,13 @@ jobs:
|
||||
matrix:
|
||||
channel:
|
||||
- nixos-unstable
|
||||
- nixos-22.05
|
||||
- nixos-22.11
|
||||
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
|
||||
- nixos-23.05
|
||||
runs-on: native
|
||||
container: pjjw/nix-flake-runner:1
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- name: Log in to the Container registry
|
||||
uses: docker/login-action@v2.1.0
|
||||
with:
|
||||
registry: ${{ env.CI_REGISTRY }}
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- uses: cachix/install-nix-action@v20
|
||||
- run: nix-shell --run ./ci.sh
|
||||
env:
|
||||
CI_REGISTRY_AUTH: '${{ secrets.REGISTRY_AUTH }}'
|
||||
NIXPKGS_CHANNEL: '${{ matrix.channel }}'
|
||||
|
||||
@@ -3,12 +3,12 @@ stages:
|
||||
|
||||
build:
|
||||
stage: build
|
||||
image: nixpkgs/nix:nixos-22.05
|
||||
image: nixpkgs/nix:nixos-22.11
|
||||
script: nix-shell --run ./ci.sh
|
||||
parallel:
|
||||
matrix:
|
||||
- NIXPKGS_CHANNEL: nixos-unstable
|
||||
IMAGE_TAG: latest
|
||||
- NIXPKGS_CHANNEL:
|
||||
- nixos-22.05
|
||||
- nixos-22.11
|
||||
- nixos-23.05
|
||||
|
||||
@@ -1,9 +1,5 @@
|
||||
# docker-nixpkgs: docker images from nixpkgs
|
||||
|
||||
> Docker recently requested that we start paying $420.-/year in order to keep
|
||||
> the organization. So we moved the images to GitHub. Sorry for the
|
||||
> inconvenience.
|
||||
|
||||
This project is a collection of docker images automatically produced with Nix
|
||||
and the latest nixpkgs package set. All the images are refreshed daily with
|
||||
the latest versions of nixpkgs.
|
||||
@@ -43,8 +39,8 @@ nixpkgs channel describes.
|
||||
|
||||
| Channel | Image Tag | Description |
|
||||
| --- | --- | --- |
|
||||
| nixos-22.05 | nixos-22.05 | only minor versions that include security updates |
|
||||
| nixos-22.11 | nixos-22.11 | only minor versions that include security updates |
|
||||
| nixos-23.05 | nixos-23.05 | only minor versions that include security updates |
|
||||
| nixos-unstable | latest | latest and greatest, major versions might change |
|
||||
|
||||
## List of images
|
||||
|
||||
17
ci.sh
17
ci.sh
@@ -5,9 +5,9 @@
|
||||
set -euo pipefail
|
||||
|
||||
channel=${NIXPKGS_CHANNEL:-nixos-unstable}
|
||||
registry=${CI_REGISTRY:-ghcr.io}
|
||||
registry=${CI_REGISTRY:-docker.io}
|
||||
registry_auth=${CI_REGISTRY_AUTH:-}
|
||||
image_prefix=${CI_PROJECT_PATH:-nix-community/docker-nixpkgs}
|
||||
image_prefix=${CI_PROJECT_PATH:-nixpkgs}
|
||||
|
||||
if [[ $channel == nixos-unstable ]]; then
|
||||
image_tag=latest
|
||||
@@ -31,10 +31,10 @@ nix-build \
|
||||
--no-out-link \
|
||||
--option sandbox true \
|
||||
|
||||
# if [[ $(git rev-parse --abbrev-ref HEAD) != master ]]; then
|
||||
# banner "Skipping push on non-master branch"
|
||||
# exit
|
||||
# fi
|
||||
if [[ $(git rev-parse --abbrev-ref HEAD) != master ]]; then
|
||||
banner "Skipping push on non-master branch"
|
||||
exit
|
||||
fi
|
||||
|
||||
if [[ -n "${registry_auth}" ]]; then
|
||||
banner "docker login"
|
||||
@@ -43,3 +43,8 @@ fi
|
||||
|
||||
banner "docker push"
|
||||
./push-all "$registry" "$image_prefix" "$image_tag"
|
||||
|
||||
if [[ -n "${registry_auth}" && $registry = *docker.io ]]; then
|
||||
banner "docker metadata update"
|
||||
./dockerhub-metadata "$registry_auth" "$image_prefix"
|
||||
fi
|
||||
|
||||
45
dockerhub-metadata
Executable file
45
dockerhub-metadata
Executable file
@@ -0,0 +1,45 @@
|
||||
#!/usr/bin/env bash
|
||||
#
|
||||
# Update docker hub image descriptions. The API is not documented and might
|
||||
# break in the future.
|
||||
#
|
||||
# Usage: ./dockerhub-metadata <user> <password> [org]
|
||||
set -euo pipefail
|
||||
|
||||
user=$1
|
||||
org=${2:-nixpkgs}
|
||||
|
||||
nix_eval() {
|
||||
nix-instantiate --strict --eval --json "$@"
|
||||
}
|
||||
|
||||
releases_json=$(nix_eval)
|
||||
|
||||
to_json() {
|
||||
local desc=$1 full_desc=$2
|
||||
jq -n \
|
||||
--arg desc "$desc" \
|
||||
--arg full_desc "$full_desc" \
|
||||
'.description=$desc | .full_description=$full_desc'
|
||||
}
|
||||
|
||||
echo "=== Updating Docker Hub project descriptions"
|
||||
|
||||
for attr in $(echo "$releases_json" | jq -r "keys[]") ; do
|
||||
echo "--- $attr"
|
||||
desc=$(nix_eval -A "$attr.meta.description" | jq -r .)
|
||||
|
||||
if [[ -f "$attr/README.md" ]]; then
|
||||
full_desc=$(< "$attr/README.md")
|
||||
else
|
||||
full_desc=$(< "README.md")
|
||||
fi
|
||||
|
||||
data=$(to_json "$desc" "$full_desc")
|
||||
echo "data: $data"
|
||||
url=https://cloud.docker.com/v2/repositories/$org/$attr/
|
||||
|
||||
curl -XPATCH -H "Content-Type: application/json" --user "$user" --data "$data" "$url"
|
||||
done
|
||||
|
||||
echo OK
|
||||
@@ -55,7 +55,12 @@ let
|
||||
shadow
|
||||
|
||||
# for the vscode extension
|
||||
gcc-unwrapped
|
||||
|
||||
# HACK: don't include the "libgcc" output. It has overlapping files with
|
||||
# the "lib" output, and that breaks the build.
|
||||
(gcc-unwrapped // {
|
||||
outputs = builtins.filter (x: x != "libgcc") gcc-unwrapped.outputs;
|
||||
})
|
||||
iproute
|
||||
];
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user