ci: add GitHub Actions cron (#16)

* ci: add dependabot * ci: revamp logic Merge username and password as a single auth token. It doesn't make sense to split out the user and password since they are so tied together. Might as well treat the whole think as a secret blob. Remove Travis-CI. Travis is dead for OSS. Add GitHub Actions cron. Remove cachix as it's pushing too much stuff. Merge all of the CI logic into a single ci.sh script.
2021-02-10 12:25:01 +00:00 · 2021-02-10 12:25:01 +00:00 · bf1338907c
commit bf1338907c
parent 86f98e734f
10 changed files with 75 additions and 96 deletions
--- a/ci.sh
+++ b/ci.sh
@ -0,0 +1,50 @@
+#!/usr/bin/env bash
+#
+# CI specific build script.
+#
+set -euo pipefail
+
+channel=${NIXPKGS_CHANNEL:-nixos-unstable}
+registry=${CI_REGISTRY:-docker.io}
+registry_auth=${CI_REGISTRY_AUTH:-}
+image_prefix=${CI_PROJECT_PATH:-nixpkgs}
+
+if [[ $channel == nixos-unstable ]]; then
+  image_tag=latest
+else
+  image_tag=$channel
+fi
+
+export NIX_PATH=channel:$channel
+
+banner() {
+  echo "========================================================"
+  echo "  $*"
+  echo "========================================================"
+}
+
+cd "$(dirname "$0")"
+
+banner "Building images"
+# Build all the docker images
+nix-build \
+  --no-out-link \
+  --option sandbox true \
+
+if [[ $(git rev-parse --abbrev-ref HEAD) != master ]]; then
+  banner "Skipping push on non-master branch"
+  exit
+fi
+
+if [[ -n "${registry_auth}" ]]; then
+  banner "docker login"
+  ./docker-login "$registry_auth" "$registry"
+fi
+
+banner "docker push"
+./push-all "$registry" "$image_prefix" "$image_tag"
+
+if [[ -n "${registry_auth}" && $registry = *docker.io ]]; then
+  banner "docker metadata update"
+  ./dockerhub-metadata "$registry_auth" "$image_prefix"
+fi