oleks/angie-arm64
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a55f3823ef389e6d33f0b5c7a8fe4f34a77ea9c0
angie-arm64/.woodpecker.yaml
T
Oleks a55f3823ef Initial: Angie 1.11.3 OCI image build for aarch64 
Builds via dockerTools.streamLayeredImage from nixpkgs unstable's
pkgs.angie. Woodpecker pipeline pushes to git.oleks.space/oleks/angie
with both <version>-arm64 and latest-arm64 tags. Used by the
kotkanagrilli.fi staging Helm chart on the kotkan node (arm64) to
replace the upstream amd64-only runalsh/angie image.
2026-05-09 22:18:57 +03:00

67 lines
2.6 KiB
YAML
Raw Blame History

labels:
arch: arm64
clone:
- name: clone
image: woodpeckerci/plugin-git
environment:
CI_NETRC_MACHINE: git.oleks.space
CI_NETRC_USERNAME: oleks
CI_NETRC_PASSWORD:
from_secret: gitea_clone_token
PLUGIN_TAGS: "false"
PLUGIN_DEPTH: "1"
when:
- event: push
branch: [main, master]
- event: tag
ref: "refs/tags/v*"
steps:
- name: build-and-push
image: git.oleks.space/oleks/nix-ci:latest
environment:
GITEA_CLONE_TOKEN:
from_secret: gitea_clone_token
CI_REGISTRY_TOKEN:
from_secret: registry_token
backend_options:
kubernetes:
resources:
requests:
memory: 4Gi
commands:
# Bootstrap nix substituters and netrc — same as siblings in this repo.
- echo "79.76.48.244 git.oleks.space nix-cache-upload.oleks.space" >>/etc/hosts
- |
cat >>/etc/nix/nix.conf <<'EOF'
experimental-features = nix-command flakes
trusted-substituters = https://nix-cache-mirror.oleks.space https://nix-cache-custom.oleks.space/attic-infra-cache-k3s-1
substituters = https://nix-cache-mirror.oleks.space https://nix-cache-custom.oleks.space/attic-infra-cache-k3s-1
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= attic-infra-cache-k3s-1:qYSNK3DmttQXCFqn1t50qoWGtQNPRFWq9mgQjD05DeU=
EOF
- if [ -n "$GITEA_CLONE_TOKEN" ]; then echo "machine git.oleks.space login oleks password $GITEA_CLONE_TOKEN" >~/.netrc && chmod 600 ~/.netrc; fi
# Build the image (a script that streams the OCI tar to stdout).
- nix build .#default --print-out-paths --no-link
- VERSION="$(nix eval --raw .#version | xargs cat)"
- echo "Built angie $VERSION"
# Push to Gitea OCI registry under both the version tag and `latest-arm64`.
- mkdir -p ~/.config/containers
- |
printf '{"auths":{"git.oleks.space":{"auth":"%s"}}}\n' \
"$(printf 'oleks:%s' "$CI_REGISTRY_TOKEN" | base64 -w0)" \
> ~/.config/containers/auth.json
- |
nix run nixpkgs#skopeo -- copy --insecure-policy \
--authfile ~/.config/containers/auth.json \
docker-archive:<($(nix build .#default --print-out-paths --no-link)) \
docker://git.oleks.space/oleks/angie:$VERSION-arm64
- |
nix run nixpkgs#skopeo -- copy --insecure-policy \
--authfile ~/.config/containers/auth.json \
docker://git.oleks.space/oleks/angie:$VERSION-arm64 \
docker://git.oleks.space/oleks/angie:latest-arm64
Reference in New Issue View Git Blame Copy Permalink