diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml index 26d41ae..2e8a6c6 100644 --- a/.github/workflows/nix.yml +++ b/.github/workflows/nix.yml @@ -8,6 +8,7 @@ on: schedule: # Run once per day - cron: '0 0 * * *' + jobs: build: strategy: @@ -18,9 +19,19 @@ jobs: - nixos-unstable - nixos-24.05 system: - - x86_64-linux - aarch64-linux + - x86_64-linux + registry: + - name: ghcr.io + image_prefix: nix-community/docker-nixpkgs + - name: docker.io + image_prefix: nixpkgs runs-on: ubuntu-latest + + permissions: + contents: read + packages: write + steps: - uses: actions/checkout@v4 - name: Set up QEMU @@ -33,13 +44,23 @@ jobs: extra-platforms = aarch64-linux - uses: DeterminateSystems/magic-nix-cache-action@main + - name: Log in to the Container registry + if: "${{ matrix.registry.name == 'ghcr.io' }}" + uses: docker/login-action@v2.1.0 + with: + registry: ${{ matrix.registry.name }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - run: nix-shell --run ./ci.sh env: - CI_REGISTRY_AUTH: '${{ secrets.REGISTRY_AUTH }}' + CI_PROJECT_PATH: '${{ matrix.registry.image_prefix }}' + CI_REGISTRY: '${{ matrix.registry.name }}' + CI_REGISTRY_AUTH: "${{ matrix.registry.name == 'ghcr.io' && '${{ github.action }}:${{ secrets.GITHUB_TOKEN }}' || secrets.REGISTRY_AUTH }}" NIXPKGS_CHANNEL: '${{ matrix.channel }}' NIX_SYSTEM_NAME: '${{ matrix.system }}' - push-manifest: + push-manifest-to-docker-hub: needs: [build] strategy: fail-fast: false diff --git a/ci.sh b/ci.sh index 5712f05..3ac5ae7 100755 --- a/ci.sh +++ b/ci.sh @@ -45,8 +45,3 @@ fi banner "docker push" ./push-all "$registry" "$image_prefix" "$image_tag" - -if [[ -n "${registry_auth}" && $registry = *docker.io ]]; then - banner "docker metadata update" - ./dockerhub-metadata "$registry_auth" "$image_prefix" -fi