backend/enh/docker-push-for-ci #25

Summary
Jobs
- build
Run details
- Usage
- Workflow file

Workflow file for this run

	name: CI

	on:
	push:
	branches: ["main"] # Only trigger on pushes to the main branch
	pull_request:
	branches: ["*"]
	workflow_dispatch:

	jobs:
	build:
	runs-on: x86_64-linux

	steps:
	- uses: actions/checkout@v4

	- uses: cachix/cachix-action@v15
	with:
	name: nammayatri
	authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
	skipPush: true

	- name: Build all flake outputs
	run: om ci

	- name: Login to GitHub Container Registry
	# if: github.event_name == 'push' && github.event.pull_request.merged == true
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Build and push Docker image
	# if: github.event_name == 'push' && github.event.pull_request.merged == true
	run: \|
	set -euo pipefail

	ARG1="${{ github.event.inputs.arg1 }}" # Change to pass an argument if needed
	shift 1 \|\| true

	# Do a git status, because the docker tag is based on working copy status
	git status
	docker load -i "$(nix build ".#$ARG1" --print-out-paths --no-update-lock-file)"

	IMAGE_NAME="$(nix eval --json .#packages.x86_64-linux."$ARG1".buildArgs \| jq -r '"\(.name):\(.tag)"')"
	echo "Built and loaded: ${IMAGE_NAME}"

	echo "Logging in to Docker Registry"

	# Use a temp directory as $HOME, because 'docker login' stores the password insecurely.
	HOME="$(mktemp -d)"
	export HOME

	# Remove the image so it doesn't eat up disk space over time.
	trap 'docker rmi "${IMAGE_NAME}"; rm -rf "$HOME"' EXIT

	echo "${{ secrets.DOCKER_PASS }}" \| docker login -u "${{ secrets.DOCKER_USER }}" --password-stdin "${{ secrets.DOCKER_SERVER }}"
	docker push "${IMAGE_NAME}"
	docker logout "${{ secrets.DOCKER_SERVER }}"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

backend/enh/docker-push-for-ci #25

Workflow file

backend/enh/docker-push-for-ci #25

Jobs

Run details

Workflow file for this run