diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml index 26d41ae..bcc4bf0 100644 --- a/.github/workflows/nix.yml +++ b/.github/workflows/nix.yml @@ -8,6 +8,7 @@ on: schedule: # Run once per day - cron: '0 0 * * *' + jobs: build: strategy: @@ -20,7 +21,19 @@ jobs: system: - x86_64-linux - aarch64-linux + registry: + - name: ghcr.io + image_prefix: nix-community/docker-nixpkgs + auth: "${{ github.actor }}:${{ secrets.GITHUB_TOKEN }}" + - name: ghcr.io + image_prefix: nixpkgs + auth: "${{ secrets.REGISTRY_AUTH }}" runs-on: ubuntu-latest + + permissions: + contents: read + packages: write + steps: - uses: actions/checkout@v4 - name: Set up QEMU @@ -33,13 +46,23 @@ jobs: extra-platforms = aarch64-linux - uses: DeterminateSystems/magic-nix-cache-action@main + - name: Log in to the Container registry + if: "${{ matrix.registry.name == 'ghcr.io' }}" + uses: docker/login-action@v2.1.0 + with: + registry: ${{ matrix.registry.name }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - run: nix-shell --run ./ci.sh env: - CI_REGISTRY_AUTH: '${{ secrets.REGISTRY_AUTH }}' + CI_PROJECT_PATH: '${{ matrix.registry.image_prefix }}' + CI_REGISTRY: '${{ matrix.registry.name }}' + CI_REGISTRY_AUTH: '${{ matrix.registry.auth }}' NIXPKGS_CHANNEL: '${{ matrix.channel }}' NIX_SYSTEM_NAME: '${{ matrix.system }}' - push-manifest: + push-manifest-to-docker-hub: needs: [build] strategy: fail-fast: false diff --git a/ci.sh b/ci.sh index 5712f05..3ac5ae7 100755 --- a/ci.sh +++ b/ci.sh @@ -45,8 +45,3 @@ fi banner "docker push" ./push-all "$registry" "$image_prefix" "$image_tag" - -if [[ -n "${registry_auth}" && $registry = *docker.io ]]; then - banner "docker metadata update" - ./dockerhub-metadata "$registry_auth" "$image_prefix" -fi