shithub Public

Watch 1 Fork 0 Star 0

Nix · 2899 bytes Raw Blame History

  
        1
        {
      
        2
          description = "shithub Actions default runner image";
      
        3
        
        4
          inputs = {
      
        5
            nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
      
        6
          };
      
        7
        
        8
          outputs = { self, nixpkgs }:
      
        9
            let
      
        10
              systems = [ "x86_64-linux" "aarch64-linux" ];
      
        11
              forAllSystems = nixpkgs.lib.genAttrs systems;
      
        12
            in
      
        13
            {
      
        14
              packages = forAllSystems (system:
      
        15
                let
      
        16
                  pkgs = import nixpkgs { inherit system; };
      
        17
                  checkoutHelper = pkgs.writeShellApplication {
      
        18
                    name = "shithub-shallow-checkout";
      
        19
                    runtimeInputs = [
      
        20
                      pkgs.git
      
        21
                      pkgs.coreutils
      
        22
                    ];
      
        23
                    text = ''
      
        24
                      set -euo pipefail
      
        25
        
        26
                      if [ "$#" -ne 3 ]; then
      
        27
                        echo "usage: shithub-shallow-checkout <repo-url> <sha> <dest>" >&2
      
        28
                        exit 2
      
        29
                      fi
      
        30
        
        31
                      repo_url="$1"
      
        32
                      sha="$2"
      
        33
                      dest="$3"
      
        34
        
        35
                      mkdir -p "$dest"
      
        36
                      cd "$dest"
      
        37
                      git init
      
        38
                      git remote add origin "$repo_url"
      
        39
                      git fetch --depth=1 origin "$sha"
      
        40
                      git checkout --detach FETCH_HEAD
      
        41
                    '';
      
        42
                  };
      
        43
                  imageRoot = pkgs.buildEnv {
      
        44
                    name = "shithub-runner-nix-root";
      
        45
                    paths = [
      
        46
                      pkgs.bashInteractive
      
        47
                      pkgs.cacert
      
        48
                      pkgs.coreutils
      
        49
                      pkgs.curl
      
        50
                      pkgs.findutils
      
        51
                      pkgs.gcc
      
        52
                      pkgs.git
      
        53
                      pkgs.gnugrep
      
        54
                      pkgs.gnused
      
        55
                      pkgs.gnutar
      
        56
                      pkgs.gzip
      
        57
                      pkgs.gnupg
      
        58
                      pkgs.gnumake
      
        59
                      pkgs.openssh
      
        60
                      pkgs.xz
      
        61
                      checkoutHelper
      
        62
                    ];
      
        63
                    pathsToLink = [ "/bin" "/etc" ];
      
        64
                  };
      
        65
                in
      
        66
                {
      
        67
                  runnerImage = pkgs.dockerTools.buildLayeredImage {
      
        68
                    name = "ghcr.io/tenseleyflow/shithub/runner-nix";
      
        69
                    tag = "1.0";
      
        70
                    contents = [ imageRoot ];
      
        71
                    maxLayers = 80;
      
        72
                    config = {
      
        73
                      Cmd = [ "${pkgs.bashInteractive}/bin/bash" ];
      
        74
                      Env = [
      
        75
                        "SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
      
        76
                        "GIT_SSL_CAINFO=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
      
        77
                        "PATH=/bin:${imageRoot}/bin"
      
        78
                      ];
      
        79
                      WorkingDir = "/workspace";
      
        80
                      Labels = {
      
        81
                        "org.opencontainers.image.title" = "shithub runner-nix";
      
        82
                        "org.opencontainers.image.description" = "Default container image for shithub Actions run steps.";
      
        83
                        "org.opencontainers.image.source" = "https://github.com/tenseleyFlow/shithub";
      
        84
                        "org.opencontainers.image.version" = "1.0";
      
        85
                        "org.opencontainers.image.licenses" = "AGPL-3.0-or-later";
      
        86
                      };
      
        87
                    };
      
        88
                  };
      
        89
        
        90
                  default = self.packages.${system}.runnerImage;
      
        91
                });
      
        92
            };
      
        93
        }

1	{
2	description = "shithub Actions default runner image";
3
4	inputs = {
5	nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
6	};
7
8	outputs = { self, nixpkgs }:
9	let
10	systems = [ "x86_64-linux" "aarch64-linux" ];
11	forAllSystems = nixpkgs.lib.genAttrs systems;
12	in
13	{
14	packages = forAllSystems (system:
15	let
16	pkgs = import nixpkgs { inherit system; };
17	checkoutHelper = pkgs.writeShellApplication {
18	name = "shithub-shallow-checkout";
19	runtimeInputs = [
20	pkgs.git
21	pkgs.coreutils
22	];
23	text = ''
24	set -euo pipefail
25
26	if [ "$#" -ne 3 ]; then
27	echo "usage: shithub-shallow-checkout <repo-url> <sha> <dest>" >&2
28	exit 2
29	fi
30
31	repo_url="$1"
32	sha="$2"
33	dest="$3"
34
35	mkdir -p "$dest"
36	cd "$dest"
37	git init
38	git remote add origin "$repo_url"
39	git fetch --depth=1 origin "$sha"
40	git checkout --detach FETCH_HEAD
41	'';
42	};
43	imageRoot = pkgs.buildEnv {
44	name = "shithub-runner-nix-root";
45	paths = [
46	pkgs.bashInteractive
47	pkgs.cacert
48	pkgs.coreutils
49	pkgs.curl
50	pkgs.findutils
51	pkgs.gcc
52	pkgs.git
53	pkgs.gnugrep
54	pkgs.gnused
55	pkgs.gnutar
56	pkgs.gzip
57	pkgs.gnupg
58	pkgs.gnumake
59	pkgs.openssh
60	pkgs.xz
61	checkoutHelper
62	];
63	pathsToLink = [ "/bin" "/etc" ];
64	};
65	in
66	{
67	runnerImage = pkgs.dockerTools.buildLayeredImage {
68	name = "ghcr.io/tenseleyflow/shithub/runner-nix";
69	tag = "1.0";
70	contents = [ imageRoot ];
71	maxLayers = 80;
72	config = {
73	Cmd = [ "${pkgs.bashInteractive}/bin/bash" ];
74	Env = [
75	"SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
76	"GIT_SSL_CAINFO=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
77	"PATH=/bin:${imageRoot}/bin"
78	];
79	WorkingDir = "/workspace";
80	Labels = {
81	"org.opencontainers.image.title" = "shithub runner-nix";
82	"org.opencontainers.image.description" = "Default container image for shithub Actions run steps.";
83	"org.opencontainers.image.source" = "https://github.com/tenseleyFlow/shithub";
84	"org.opencontainers.image.version" = "1.0";
85	"org.opencontainers.image.licenses" = "AGPL-3.0-or-later";
86	};
87	};
88	};
89
90	default = self.packages.${system}.runnerImage;
91	});
92	};
93	}