mirror of
https://gitlab.com/TECHNOFAB/nix-gitlab-ci.git
synced 2025-12-12 10:10:06 +01:00
48 lines
1.4 KiB
Nix
48 lines
1.4 KiB
Nix
{
|
|
inputs,
|
|
system,
|
|
...
|
|
}: let
|
|
inherit (inputs) pkgs;
|
|
in rec {
|
|
setupScript = pkgs.writeShellScriptBin "setup_nix_ci" (builtins.readFile ./scripts/setup_nix_ci.sh);
|
|
finalizeScript = pkgs.writeShellScriptBin "finalize_nix_ci" (builtins.readFile ./scripts/finalize_nix_ci.sh);
|
|
image = pkgs.dockerTools.buildImage {
|
|
name = "nix-ci";
|
|
fromImage = let
|
|
hashes = {
|
|
"x86_64-linux" = "sha256-kJ7dqje5o1KPr3RDZ7/THbhMSoiCU1C/7HshDrNfwnM=";
|
|
"aarch64-linux" = "sha256-jz+Z3Ji+hy5d9ImOh/YOKCqy9P9/cseSov+5J/O95bg=";
|
|
};
|
|
# check digest of tags like nixos-24.11-aarch64-linux etc.
|
|
digests = {
|
|
"x86_64-linux" = "sha256:345f210dea4cbd049e2d01d13159c829066dfb6e273cdd49ea878186d17b19f7";
|
|
"aarch64-linux" = "sha256:66163fdf446d851416dd4e9be28c0794d9c2550214a57a846957699a3f5747f6";
|
|
};
|
|
hash = hashes.${system} or (throw "Unsupported system");
|
|
imageDigest = digests.${system} or (throw "Unsupported system");
|
|
in
|
|
pkgs.dockerTools.pullImage {
|
|
imageName = "nixpkgs/nix-flakes";
|
|
inherit hash imageDigest;
|
|
};
|
|
copyToRoot = pkgs.buildEnv {
|
|
name = "image-root";
|
|
paths = with pkgs;
|
|
[
|
|
gitMinimal
|
|
gnugrep
|
|
gnused
|
|
coreutils
|
|
diffutils
|
|
cachix
|
|
attic-client
|
|
]
|
|
++ [
|
|
setupScript
|
|
finalizeScript
|
|
];
|
|
pathsToLink = ["/bin"];
|
|
};
|
|
};
|
|
}
|