add registry env #33
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "CI" | |
| on: | |
| # Run only when pushing to main branch, and making PRs | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| # https://github.com/orgs/community/discussions/25678#discussioncomment-5242449 | |
| - name: Delete huge unnecessary tools folder | |
| if: runner.os == 'Linux' | |
| run: | | |
| sudo rm -rf /usr/share/dotnet | |
| sudo rm -rf "$AGENT_TOOLSDIRECTORY" | |
| cd /opt | |
| find . -maxdepth 1 -mindepth 1 '!' -path ./containerd '!' -path ./actionarchivecache '!' -path ./runner '!' -path ./runner-cache -exec rm -rf '{}' ';' | |
| - uses: DeterminateSystems/nix-installer-action@main | |
| name: Install Nix | |
| with: | |
| extra-conf: | | |
| trusted-public-keys = cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= | |
| substituters = https://cache.garnix.io?priority=41 https://cache.nixos.org/ | |
| - uses: DeterminateSystems/magic-nix-cache-action@main | |
| - uses: cachix/cachix-action@v12 | |
| with: | |
| name: codosseum | |
| authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" | |
| - uses: yaxitech/nix-install-pkgs-action@v3 | |
| with: | |
| packages: "github:srid/nixci" | |
| - run: nixci build | |
| build-docker: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| permissions: | |
| contents: read | |
| packages: write | |
| attestations: write | |
| id-token: write | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: DeterminateSystems/nix-installer-action@main | |
| name: Install Nix | |
| with: | |
| extra-conf: | | |
| trusted-public-keys = cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= | |
| substituters = https://cache.garnix.io?priority=41 https://cache.nixos.org/ | |
| - uses: DeterminateSystems/magic-nix-cache-action@main | |
| - uses: cachix/cachix-action@v12 | |
| with: | |
| name: codosseum | |
| authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and publish Docker image | |
| if: ${{ github.ref == 'refs/heads/master' && runner.os == 'Linux' }} | |
| run: | | |
| docker load -i $(nix build .#dockerImage --print-out-paths) | |
| docker tag $(nix build .#dockerImage --print-out-paths) ${{ env.REGISTRY }}/${{ github.repository }}:latest | |
| docker push ${{ env.REGISTRY }}/${{ github.repository }}:latest |